Finding the E-Privacy Middle Ground: Address Customers’ Concerns While Still Gaining Valuable Tracking Data
The enactment of e-privacy legislation in the European Union (E.U.) is right around the corner. For many U.S. companies that sell products online in both continents, the new rules must be followed by their E.U. operations. For U.S.-only businesses, however, the Obama administration is tightening its focus on e-privacy, and the E.U. laws offer a precedent for how to meet customers’ desires here at home. Despite the fact that there are different legislative/regulatory regimes in the E.U. and U.S., the practical solutions are really quite similar: "Do-Not-Track," tag management, consent mechanisms, ad choices, industry self-regulation and end-user education are all part of the mix.
The E.U. legislation isn't a simple textbook law to follow. The law is complex and has many sides to it that can cause confusion around how it should be implemented. However, in the medium term, while effective policing of the legislation is being worked out, browser Do-Not-Track will play a large part in the solution. In the immediate term, given the lack of clear guidance from regulators, any legitimately reasonable presentation of cookie information and an opt-out mechanism is a good way to show necessary good intentions to regulators should they ask.
To help marketers get started, while giving U.S.-only companies some guidance on how to bring e-privacy into their online marketing strategies, below is a guide to several online industry self-regulation best practice initiatives and key steps online marketers can take to appease customers.
1. Conduct a cookie audit. Engage the right internal (technology, marketing, business, legal) and external (lawyer, cookie audit specialist, privacy/compliance consultant) teams and start by assessing exactly what vendors, tags and cookies are deployed across website pages, how they work and why they're there. Next, perform a risk assessment to determine how "intrusive" each is as well as its value to the organization (see below).