January 28 is Data Privacy Day, commemorating the Council of Europe Treaty known as Convention 108, the first legally binding international treaty on data protection signed on January 28, 1981. This "holiday" was originally celebrated in Europe where it is known as Data Protection day. But in 2009, the United States and Canada joined in the celebration. In the U.S., Data Privacy Day is sponsored by the National Cyber Security Alliance (NCSA) as part of its Stay Safe Online initiative.
This year, the NCSA encourages consumers to "Own Your Privacy," urging individuals to "help create a global community that respects privacy, safeguards data and enables trust." NCSA states that consumers can get involved by following actionable tips such as:
- At home: Talk with your family and friends about ways to stay safe online
- At work: Help employees and colleagues understand the role they play in making sure privacy is achieved and maintained
- In the community: Share your privacy knowledge by volunteering in a local school, senior care facility, or faith-based organization, for example
The Global Growth of Privacy Regulations
In the wake of 2018's General Data Protection Regulation (GDPR) from the EU, this year's California Consumer Privacy Act (CCPA), and new privacy and compliance regulations enacted in 107 countries across the globe, Data Privacy Day is the perfect opportunity for businesses to reflect on the need to respect consumer privacy and safeguard personally identifiable information (PII) in order to build and maintain consumer trust.
Digital customer identities are valuable assets, not only to the consumers who own the identities, but also to the businesses that benefit from them. Businesses use identity data to personalize customer experiences based on preferences, behavior, and demographics. While collecting identity data to personalize experiences has the potential to benefit both businesses and consumers, it has also increased the risk of data abuse and data breaches that are harmful to consumers and companies alike. For brands to adhere to the nuances of these growing regional data privacy regulations, they should implement a strategy that granularly collects, processes, and stores PII in accordance with appropriate laws.
What Should Businesses Do?
Consumers today have increasingly high expectations that their personal data be kept private and secure. The many publicized cases of data abuse, breaches, and identity theft have raised the bar for companies to be seen as trustworthy keepers of personal data. When customers store data with an organization, they are entering into a trust contract, and if that trust is breached, it is almost impossible to restore.
New privacy regulations allow consumers to give brands their consent to process their data if the company not only offers value in return, but also offers assurances that they can trust the brand with their personal data. For businesses, this presents somewhat of a conundrum. According to Accenture, 91 percent of consumers are more likely to shop with brands that recognize, remember, and provide relevant offers tailored to their personal preferences. However, Deloitte finds that 70 percent of consumers will avoid purchasing from companies they believe do not protect their personal information.
To satisfy these dual consumer expectations, companies should deploy privacy-assured marketing initiatives that build trust through transparency, empower consumers to take personal control of their PII, and ensure end-to-end privacy and data protection.
How to Achieve Privacy-Assured Marketing
Implementing privacy-assured marketing initiatives that comply with growing regulations can be a struggle for many businesses, even with the best of intentions. For the better part of its existence, the Internet has been the Wild West when it comes to privacy and data protection. Many companies' IT and marketing infrastructure were conceived and evolved in a largely unregulated environment.
It isan extremely complex task to transfer the paradigm shift we see in global regulations and consumer mindsets to a business's tech stack that processes personal customer data. Often, the goal of privacy-assured marketing seems like an impossible task. One way brands can achieve privacy-assured marketing is by implementing a centralized customer identity and access management (CIAM) solution. A properly implemented CIAM solution can tackle this challenge, without completely revamping the entire IT and marketing ecosystem.
CIAM systems can centralize the collection of personal data and ensure all of the other systems in the ecosystem only get access to data customers have consented to share. CIAM systems help businesses to:
- Demonstrate their brand's explicit commitment to security and privacy by putting a highly secure, privacy-oriented system at the heart of all customer data processing
- Compile consumer data into a unified view across all brands, channels, and touchpoints, which still allows the use of the data for personalization
- Use strong encryption for all data
- Store user consents and preferences alongside user data, which protects consumers' personal information and honors their consent and preference choices as data is being processed by the business
- Scope data access per application so systems and applications can only access consumer information at the data field level, which helps to prevent other marketing systems from mistakenly processing data not agreed to by the consumer
For more on data privacy, regulation compliance, and consumer trust, download our privacy-assured marketing infographic.
Akamai Identity Cloud
Identity Cloud is Akamai's CIAM solution, designed to provide what companies need to empower consumers to create personal accounts and securely login on websites, mobile apps, or IoT-based applications. Identity Cloud provides tools that can be used to support privacy compliance efforts, while still providing companies with a highly secure customer profile repository and enabling a 360-degree view of the customer.
Identity Cloud offers specific capabilities and user experiences that can help companies address growing regulatory requirements. Identity Cloud privacy and protection features include client registration, login, authentication, single sign-on, scoped access control, preference and consent management, and numerous other capabilities needed to collect, manage, and secure personal data.