7 Privacy UX Tips From a Privacy and Marketing Expert
Do we need to have an award for a better Privacy UX?
With the Association of National Advertisers’ acquisition of the Data & Marketing Association last year came new ownership, too, of the International ECHO Awards. As a lover of data-driven marketing (and an ECHO Governor), it’s very exciting to see brands recognize the strategic role of data in driving more relevant consumer (and business) engagement, and the myriad ad and data partners that brands rely on to make this engagement happen.
It’s not just agencies — but ad tech and martech companies, data providers, analytics firms and even management consulting firms that are in the data-driven mix. These are the facilitators of today’s consumer intelligence that forms the basis for smarter and more efficient brand communication. Some folks even eschew the term “advertising” as we move into a world where branded and even non-branded content underlie data-inspired storytelling that are hallmarks of today’s forward-thinking campaigns.
By the way, the call for entries for this year’s ECHO Awards (to be presented March 2020 as ANA moves what was the DMA conference from this Fall to next Spring) is happening soon — though the entry portal is now open. Let me know if you’d like an invite to the launch party in New York (Wednesday, May 22, in the afternoon).
An Important Part of Brand-Consumer Dialogue — Privacy Notices
One category that won’t be part of this year’s ECHOs is related to privacy-specific communication from brands.
You’ve seen it. I’ve seen it. Again and again — all over our smartphone and laptops … communications asking for our consent for cookies, for newsletters, for device recognition, for terms and conditions — all in an effort to help enable data collection to serve the brand-consumer value exchange and subsequent dialogue.
Some of this is mandated from Europe’s General Data Protection Regulation, with halo impact in other nations and markets. Others are anticipating such notice requirements from California’s forthcoming privacy and advertising law. Still others are simply adopting heightened transparency (and choice) as part of self-regulatory and best practices regimes, where no laws may yet exist.
All of this devoted to one objective: getting a consumer (or business individual) to say “yes” to data collection about them, their devices and digital behaviors, in an effort to serve them better.
This week, during the International Association of Privacy Professionals’ Global Privacy Summit 2019 in Washington, DC, one expert — Darren Guarnaccia, Chief Product Officer, Crownpeak — offered some research insights from some 17 million preference experiences that Crownpeak has helped to facilitate on behalf of its brands. These experiences are focused on Europe in light of GDPR, but the findings offer good counsel to any brand that is thinking through its privacy UX.
Some Privacy Communications Concepts to Test
Here are just a few of the tips Guarnaccia reported:
- Privacy Notices are Not Just a Matter of Compliance: Yes, they may be legally required in some jurisdictions – but more vitally, they should be treated with the same discipline and care of any other branded communication. Because the ultimate goal is to earn trust — going beyond compliance and permission. As a result, the whens, wheres and hows of such notices are vital to test and perfect.
- Avoiding Legal Penalty Is Table Stakes — We Ought to Design Such Notices for Higher Purpose: To extend the previous point on consumer trust, there’s a higher price to pay if a privacy notice simply meets a legal expectation, and nothing more. Many consumers have gone “stealth” — using ad blockers and going incognito on browsers. We must remind, convince or persuade consumers of the value a brand seeks to offer in exchange for permissions and consents for data collection, analysis and application. Are we extending such notice in plain language at the right time?
- 'Brand' the Privacy Communication: This may seem obvious — but it’s often overlooked. Does the privacy notice look like it’s coming from the brand — or from somewhere else (such as a browser or ad tech partner)? In gaining consent, it’s always superior for the notice to be owned, cared and looked after by the brand itself — even if a third-party (such as an ad tech provider) is facilitating the notice. Does the creative of the notice match the colors, fonts and point sizes of the brand content behind it? By extending brand requirements to such communication, a brand is taking “ownership” of the data collection, consent and trust-building directly — as it should, in the eyes of the user.
- Earn Before You Ask: Oftentimes, the consumer is presented with a cookie or related privacy notice upon entering a brand’s digital property — first page, upon entry. Test giving consumers a more anonymized experience for the few page visits, and then present a notice — “Are You Enjoying What You’re Seeing?” where a data collection permission is then sought. This allows the consumer to indeed value what’s on offer in information on the site.
- Give Consumers Both an 'Accept' and a 'Decline' Choice or Button: Many sites offer only an “accept” button, leaving the consumer with an impression that they can “take it or leave it,” with no sense of real control. Test offering both an accept or decline offer — just seeing the word “decline” reminds consumers they are in control — and the actual decision to “decline” becomes more apparent for those consumers who indeed wish to be stealth.
- Test Progressive Consent: Not every Website (or app) may need immediate access to user data for all purposes of consumer engagement. For data minimization purposes, perhaps ask visitors permission to collect only basic information (say, for contact, site optimization or customer recognition purposes) first. Then, only when necessary for utility, ask permissions for location data or other data categories, alongside the rationale for such collection and consent, as those needs arise. Asking for everything, upfront, all at once, can be a real turnoff — especially if a user is “new” to a brand. Consumers love — and frankly, need to know — the context for the permissions they give (or deny).
- Test Privacy Notices by Market: Did you know users in the United Kingdom, for example, are 1.4 times more likely to give consent than those in France and Germany? How notices are worded and rationales explained — how transparency is conveyed — can have a big impact between markets, so it’s best to test notices by individual market (and language) to optimize consent rates. In short, national cultures and language nuance matter, too, in privacy communication.
In summary, there’s more payback than just permission. Consent rates in Europe can go as high as 60 to 70 percent — and hurtling over cookie walls at 80 to 90 percent — when privacy communications are optimized. Crownpeak offered far more tips (and real-market examples) in its session — about search engine optimization, personalization, analytics disclosures and other related topics. But there’s also lifetime value, and indeed consumer trust in the balance. We have an entirely new area for many marketers to test, working with their counsel and technology colleagues.
Who knows? Maybe the best such privacy-focused campaigns could still win a 2020 ECHO — based on compelling strategy, creative and results toward an earn-their-trust purpose. Is there a courageous brand ready to show us how? After all, this is one area where we all benefit from ways to raise consumer trust in advertising by sharing successful case studies. We shall see.