The research, which presents results from an online survey of nearly 2,100 Americans age 18 and older, found that nearly 45% of the respondents feel more comfortable with data exchange today than they have in the past.
Among millennial respondents, well over half feel more comfortable about data exchange today.
Indeed, the report concludes that most Americans are “data pragmatists”: people who are open about exchanging personal data with businesses if the benefits received in return for their personal information are clearly stated.
Nearly 60% of Americans fall into this category.
On top of that, another 20% of the survey respondents report that they’re completely unconcerned about the collection and usage of their personal data. Among younger consumers, it’s nearly one-third.
When comparing Americans’ attitudes to consumers in other countries, we seem to be a particularly carefree bunch. Our counterparts in France and Spain are much more wary of sharing their personal information.
Part of the difference in views may be related to feelings that Americans have about who is responsible for data security. In the United States, the largest portion of people (~43%) believe that 100% of the responsibility for data security lies with consumers themselves, versus only ~6% who believe that the responsibility resides solely with brands or the government. (The balance of people think that the responsibility is shared between all parties.)
To me, the bottom-line finding from the Acxiom/DMA study is that people have become so conditioned to receiving the benefits that come from data exchange, they’re pretty inured to the potential downsides. Probably, many can’t even fathom going back to the days of true data privacy.
Of course, no one wishes for their personal data to be used for nefarious purposes, but who is willing to forego the benefits (be it monetary, convenience or comfort) that come from companies and brands knowing their personal information and their personal preferences?
And how forgiving would these people be if their personal data were actually compromised? From Target to Macy’s, quite a few Americans have already had a taste of this, but what is it going to take for such “data pragmatism” to seem not so practical after all?
And what are the prospects for GDPR-like privacy coming to the USA anytime soon?
First off, let’s review what’s covered by the GDPR initiative. The GDPR includes the following rights for individuals:
The right to be informed
The right of access
The right to rectification
The right to be forgotten
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling
The “right to be forgotten” means data subjects can request their information to be erased. The right to “data portability” is also a new factor. Data subjects now have the right to have data transferred to a third-party service provider in machine-readable format. However, this right arises only when personal data is provided and processed on the basis of consent, or when necessary to perform a contract.
Privacy impact assessments and “privacy by design” are now legally required in certain circumstances under GDPR, too. Businesses are obliged to carry out data protection impact assessments for new technologies. “Privacy by design” involves accounting for privacy risk when designing a new product or service, rather than treating it as an afterthought.
Implications for Marketers
A recent study investigated how much customer data will still be usable after GDPR provisions are implemented. Research was done involving more than 30 companies that have already gone through the process of making their data completely GDPR-compliant.
The sobering finding: Nearly 45% of EU audience data is being lost due to GDPR provisions. One of the biggest changes is that cookie IDs disappear, which is the basis behind so much programmatic and other data-driven advertising both in Europe and in the United States.
Doug Stevenson, CEO of Vibrant Media, the contextual advertising agency that conducted the study, had this to say about the implications:
“Publishers will need to rapidly fill their inventory with ‘pro-privacy’ solutions that do not require consent, such as contextual advertising, native [advertising] opportunities and non-personalized ads.”
New platforms are emerging to help publishers manage customer consent for “privacy by design,” but the situation is sure to become more challenging in the ensuing months and years as compliance tracking the regulatory authorities ramps up.
It appears that some companies are being a little less proactive than is advisable. A recent study by compliance consulting firm CompliancePoint shows that a large contingent of companies, simply put, aren’t ready for GDPR.
As for why they aren’t, nearly half report that they’re taking a “wait and see” attitude to determine what sorts of enforcement actions ensue against scofflaws. Some marketers admit that their companies aren’t ready due to their own lack of understanding of GDPR issues, while quite a few others claim simply that they’re unconcerned.
I suspect we’re going to get a much better understanding of the implications of GDPR over the coming year or so. It’ll be good to check back on the status of implementation and enforcement measure by this time next year.
Lawmakers’ cringeworthy questioning of Facebook’s Mark Zuckerberg calls into question the government’s ability to regulate social media.
With the testimony on Capitol Hill last week by Facebook CEO Mark Zuckerberg, there’s heightened concern about the negative side effects of social media platforms. But in listening to lawmakers questioning Zuckerberg, it became painfully obvious that our Federal legislators have next to no understanding of the role of advertising in social media – or even how social media works in its most basic form.
Younger staff members may have written the questions for their legislative bosses, but it was clear that the lawmakers were ill-equipped to handle Zuckerberg’s alternatively pat, platitudinous and evasive responses and to come back with meaningful follow-up questions.
Even the younger senators and congresspeople didn’t acquit themselves well.
It made me think of something else, too. The questioners – and nearly everyone else, it seems – are missing this fundamental point about social media: Facebook and other social media platforms aren’t much different from old-fashioned print media, commercial radio and TV/cable in that that they all generate the vast bulk of their earnings from advertising.
It’s true that in addition to advertising revenues, print publications usually charge subscribers for paper copies of their publications. In the past, this was because 1) they could … but 2) also to help defray the cost of paper, ink, printing and physical distribution of their product to news outlets or directly to homes.
Commercial radio and TV haven’t had those costs, but neither did they have a practical way of charging their audiences for broadcasts – at least not until cable and satellite came along – and so they made their product available to their audiences at no charge.
The big difference between social media platforms and traditional media is that social platforms can do something that the marketers of old could only dream about: target their advertising based on personally identifiable demographics.
Think about it: Not so many years ago, the only demographics available to marketers came from census publications, which by law cannot reveal any personally identifiable information. Moreover, the U.S. census is taken only every ten years, so the data ages pretty quickly.
Beyond census information, advertisers using print media could rely on audit reports from ABC and BPA. If it was a business-to-business publication, some demographic data was available based on subscriber-provided information (freely provided in exchange for receiving those magazines free of charge). But in the case of consumer publications, the audit information wouldn’t give an advertiser anything beyond the number of copies printed and sold, and (sometimes) a geographic breakdown of where mail subscribers lived.
Advertisers using radio or TV media had to rely on researchers like Nielsen — but that research surveyed only a small sample of the audience.
What this meant was that the only way advertisers could “move the needle” in a market was to spend scads of cash on broadcasting their messages to the largest possible audience. As a connecting mechanism, this is hugely inefficient.
The value proposition that Zuckerberg’s Facebook and other social media platforms provide is the ability to connect advertisers with more people for less spend, due to these platforms’ abilities to use personally identifiable demographics for targeting the advertisements.
Want to find people who enjoy doing DIY projects but who live just in areas where your company has local distribution of your products? Through Facebook, you can narrow-cast your reach by targeting consumers involved with particular activities and interests in addition to geography, age, gender, or whatever other characteristics you might wish to use as filters.
That’s massively more efficient and effective than relying on something like median household income within a zip code or census tract. It also means that your message will be more targeted — and hence more relevant — to the people who see it.
All of this is immensely more efficient for advertisers, which is why social media advertising (in addition to search advertising on Google) has taken off while other forms of advertising have plateaued or declined.
But there’s a downside: Social media is being manipulated (“abused” might be the better term) by “black hats” – people who couldn’t do such things in the past using census information or Nielsen ratings or magazine audit statements.
Here’s another reality: Facebook and other social media platforms have been so fixated on their value proposition that they failed to conceive of — or plan for — the behavior inspired by the evil side of humanity or those who feel no guilt about taking advantage of security vulnerabilities for financial or political gain.
Now that that reality has begun to sink in, it’ll be interesting to see how Mark Zuckerberg and Sheryl Sandberg of Facebook — not to mention other social media business leaders — respond to the threat.
They’ll need to do something — and it’ll have to be something more compelling than CEO Zuckerberg’s constant refrain at the Capitol Hill hearings (“I’ll have my team look into that.”) or COO Sandberg’s litany (“I’m glad you asked that question, because it’s an important one.”) on her parade of TV/cable interviews. The share price of these companies’ stock will continue to pummeled until investors understand what changes are going to be made that will actually achieve concrete results.
One of the news items that’s been bounding about the web and on the airwaves in recent days concerns an admission by Google that it “screwed up” by gathering private wireless data while taking pictures for its Street View mapping initiative.
The mishap came to light first in Australia, where Google was caught capturing 600 gigabytes worth of wi-fi data from personal and business wireless networks without owners’ permission. Google has since been accused of unauthorized interception of user personal data including e-mails, audio and video, which potentially could be linked to specific addresses.
Google insists that the personal data were “inadvertently” collected during the street sweeps by its large fleet of vehicles cruising cities in more than 30 countries.
[For those who are unfamiliar with Google’s Street View mapping tool, you can view an example here by vicariously sauntering down quaint, quiet Robinwood Avenue in Detroit’s North End – home of the late, lamented Marabel Chanin, the most famous inner city resident you’ve never heard of.]
Some observers may be content to take Google management at its word that personal data were “mistakenly” gathered during its street sweeps – despite the fact that this blunder was evidently repeated in Germany, Italy, France, Denmark, Austria, Ireland, Belgium, Spain, Switzerland and the Czech Republic … as well as here in the U.S. in states like Connecticut and Missouri.
Consumer Watchdog calls Google’s action “a flagrant intrusion into consumers’ privacy.” And the Connecticut and Missouri attorneys general are now weighing in as well with their own investigations.
Perhaps the biggest takeaway from this story is not whether Sergey Brin, Larry Page and the other honchos at Google might or might not have nefarious plans for the use of personal wi-fi data. It’s the realization that such information can be collected at all.
And the next time, it might not be by such a benign organization.
What’s the latest news in this juicy story? Google reports that it has deleted only the personal data it collected in Ireland, Denmark and Austria. For the time being, it’s holding onto the rest.