Making sense of GDPR: data transparency, privacy and the future of digital marketing.
With the “pace of privacy” accelerating, and a global conversation centered on individual data rights continuing to grow, Monotype is working to ensure we are best prepared to help our clients navigate the new normal. In this guide, learn about our approach to privacy regulations and how brands can use them to their advantage.
The General Data Protection Regulation (GDPR) is a European Union (EU) regulation that expands requirements for how personal data privacy is handled, with enhanced rights for data subjects (any person whose personal data is being collected, held or processed), stricter penalties for noncompliance, and an enforceable obligation to report breaches. When it began being enforced in May 2018, GDPR marked a fundamental shift in the way brands and customers interact. Businesses are now obligated to provide EU citizens with complete transparency over where and how their personal data is being utilized.
While these new regulations pose a challenge to brands and marketers, they come amidst a larger global conversation surrounding data privacy. With platforms such as Facebook and Instagram adapting to provide greater protection to users, change is inevitable. As organizations evolve their marketing practices to comply with GDPR, we believe both consumers and brands will have a more authentic and positive experience.
The pace of privacy
GDPR and similar regulations represent a crossroads of sorts for society. We are grappling with profound concerns about privacy protection and data security, and at the same time conducting more and more of daily life online and on the go, from banking and grocery shopping to booking travel and buying furniture. The numbers tell the story: mobile data traffic is projected to increase sevenfold by 20211, and ecommerce is expected to account for 17%2 of all retail sales by 2022.
A spate of high profile security breaches and instances of unethical data sharing shows that more consumer protections are needed. In general, consumers don’t mind sharing their data, but want assurances their data won’t be exploited. That leaves governments, businesses, and individuals searching for an agreeable middle ground where privacy is protected and data are secure but commerce can operate effectively.
At Monotype, we expect this search for balance to be a defining trend of the next several years, and believe we are uniquely positioned to help brands navigate those challenges.
Enter the regulations
GDPR is the first major step in what will likely be a series of regulations aimed at striking that balance.
The regulation gives individuals control over which businesses can use their data and how, and in certain instances requires companies to obtain consent from consumers to use that data in marketing and other business functions.
The regulation applies to all EU citizens, so even non-EU companies must comply if they interact with individuals in the EU.
In addition to GDPR, the California Consumer Privacy Act (CaCPA) will have an impact on brands and consumers alike. The CaCPA is a similar set of regulations that took effect in 2020. CCPA gives consumers the right to know what personal information about them is being collected, how it’s being used, and to prevent that information from being sold.
These regulations will likely influence the way other states think about consumer privacy and how businesses market to all U.S. customers in the near future.
The modern consumer-brand relationship
GDPR and the broader discussion of privacy and data security hinges on one simple issue: Individuals should be able to maintain a greater sense of personal privacy and determine when and how their data is utilized. Of course, while emerging regulations are more broadly applied, they also have specific implications for how consumers and brands build relationships with one another.
Consumers want a balance of ease and independence. They want brands to be available everywhere all the time with prompt, personalized, and intuitive service, but also want to maintain boundaries against what feels like excessive or invasive access to or use of their personal data and time.
“While GDPR may have been a driving force behind this privacy sea change, the need to evolve the consumer-brand relationship to be authentic and transparent has been at the forefront of our technology and the way we work with brands from the start,” said Brett Zucker, Monotype CMO. “We hear from customers that they need to be efficient on the operations side and create campaigns that reach a broad, global customer base without incurring unreasonable costs. Brands want to respect those boundaries but also want to use data to create personalized experiences and an up-leveled degree of service. GDPR is a piece of that puzzle.”
At Monotype, we understand both sides of the privacy conversation, and steer our customers toward some guiding principles and best practices that we believe are most valuable to brands, and how we do business ourselves.
Make it human: At its core, GDPR requires brands to stop thinking of consumers as vast assortments of data, and instead think of them as individuals. The policy gives individuals more control over their data and encourages brands to adopt a more personalized approach. This aligns neatly with what customers already want and allows brands to reach customers with greater precision and effectiveness.
Be proactive: Data that is given is better than data that is gathered. Focus on gaining permissions from your users up front to facilitate smoother interaction going forward. Develop a clear, concise, reversible permissions process that allows users to set their own boundaries.
Take the lead: Tell the world you take privacy and data security seriously! Highlight your partnerships with companies focused on protecting users’ data, and share your stories of developing authentic, transparent relationships with your customers in the post-GDPR world.
We also believe that steps like this, and a proactive approach to data transparency and privacy overall, will lead a healthier connection between brand and consumer, and result in some of the following positive changes:
Relationships will be more authentic: The focus on proactive, transparent interactions will reduce the friction that could develop under the old model of data collection. Customers who willingly and knowingly share data are by nature more enthusiastic and engaged, and more likely to respond to outreach from the brands they follow.
Content will be better: As a result, content will be richer and more personalized, and brands can expect a more robust contribution of user-generated content.
Brands and consumers alike have been navigating uncharted waters for years, with both sides struggling to keep pace with the meteoric growth of digital commerce and communication. Perhaps it’s helpful, then, to think of GDPR as a kind of map, a way to understand each sides’ responsibilities, concerns, and hopes for the modern marketplace.
At Monotype, our goal is to empower brands with the tools and knowledge they need to deliver the experiences and security their customers demand. Like the brands we serve, GDPR served as a catalyst to rethink the way we communicate with our customers. That experience informs our products and our perspective, and we’re excited to share both in the exciting months and years ahead.