Our Thinking

Leaks, loyalty, privacy, and the Cookiepocalypse

Leaks, loyalty, privacy, and the Cookiepocalypse

Data continues to create headaches for marketers and consumers alike. Richard Taylor asks how we can stop the pain.

Data continues to create headaches for marketers and consumers alike. Richard Taylor asks how we can stop the pain.

In October, one of the largest data leaks of personally identifiable information (PII) from a single source in history occurred. The data leaked contained names, email addresses, phone numbers, LinkedIn and Facebook profile information of 1.2 billion people.

It’s no wonder 79% of Americans are concerned about the way their data is being used. Most feel they have little or no control over how their personal information is utilised, are not confident that corporations are good stewards of the data they collect or that companies will admit mistakes and take responsibility if they misuse or compromise personal information.

Given the above, these concerns are justified but they create quite the quandary for marketers who are fast becoming hooked on the data drug.

I’m a firm believer in “mass personalisation”, the ability to send customers, or potential customers, a message relevant to their stage of the see/think/do/care journey.

In general, this type of behaviour marketing requires fair amounts of customer data. And the collection of it is no mean feat. Often marketers will call on data aggregators to make it happen which brings us back to that enormous data leak.

The information was tagged as coming from two different sources: 622 million records came from a company called People Data Labs (PDL), and the rest from a company called OxyData.Io (OXY). I wouldn’t be surprised if you’ve never heard of PDL or OXY before, I hadn’t either. So how did they get all that data? Well, they are data aggregators and enrichment providers. Their business involves supplying information on people they have collected from various sources to other companies. PDL’s website boasts that “with just a few lines of code, you can begin enriching anywhere from dozens to billions of records with over 150 data points”. It’s possible you have used such a service in your business.

You might say leaks like this are partly our own fault for making all of this information available in the first place, but according to Pew research, 63% of people say they have very little or no understanding of the laws and regulations that are currently in place to protect their privacy, and only 9% say they always read privacy policies before clicking “accept”. Not surprising when a New York Times review of 150 policies from major websites found that the average one takes about 18 minutes to read and requires at least a college-level reading ability.

The collection of data is integral to the way many businesses function today, particularly those with loyalty schemes. In December, the Australian Competition and Consumer Commission (ACCC) released its damning final report into Australian customer loyalty schemes with the report finding companies with loyalty schemes can use data to discriminate against customers by serving them up inflated prices. The report also found that consumers had little insight or control of their personal data in terms of how it is collected and shared with third parties. According to the ACCC, the average Australian carries four to six loyalty cards so this is an issue that affects pretty much everyone.

With an understandable level of distrust from the public, it’s no wonder that big tech companies are doing their best to be seen as the great protectors of privacy, announcing change after change to the way web browsers handle user tracking via cookie, such as Apple with its Intelligent Tracking Prevention (ITP), and Google’s SameSite privacy changes in the Chrome browser.

The problem is, like data collection, most people have misconceptions about what cookies are and what they do. Cookies are nothing more than a small piece if text stored by your web browser on your computer. Ever wonder how a website knows who you are the next time you visit or how items you put in the shopping cart of your favourite retailer stay there from one visit to the next? That’s all thanks to cookies which store your session token (so as you click through a website it knows who you are), user preferences, and so on.

First-party cookies belong to sites you actually visited in your browser. So, first-party is good. Third-party cookies (or tracking cookies) are generated from by a script embedded on the page, usually from advertising providers. These cookies are called “third-party” cookies because they are not set by the actual page you are visiting.

Recent Accenture research found that 65% of global consumers are more likely to buy from relevant and personalised advertising, so third-party cookies may seem like they’re good but it’s these cookies the tech companies are fighting against, causing what’s becoming known as “the Cookiepocalypse” – the (eventual) death of third-party cookies. So marketers shouldn’t become reliant on data sourced through third party cookies because they are not long for this world.

To deliver mass personalisation, the ideal scenario is a “single customer view” – a 360º vision of what a customer is doing which will serve to gauge their intent.

Recently I saw a presentation that argued a 360º view is essentially a marketer’s unicorn – a pipe dream and I have to agree.

In the online space things like third-party cookie blocking, incognito browsing modes, GDPR opt-in laws, the new California Consumer Privacy Act opt-out laws, and the increasing use of ad blockers makes a 360º view impossible, and that’s before we consider things like the inability to track foot traffic and consumer behaviour pre-purchase in physical locations. There will always be data missing from our customer view, and we need to be smart and able to work around that fact, using technology like Customer Data Platforms to make sense of what we do know.

There’s no question that mass personalisation can deliver wins for businesses, but to stay on the right side of the law, and more importantly our customers, we need to be mindful than ever of what data we collect, where we collect it from, and how we store and use it.

For consumers, it pays to be data aware. Know who you are giving your personal details to and familiarise yourself with how those companies use your information. Because despite the abolition of third-party cookies, the collection of data and utilisation of it by brands is only just warming up.