Marketing consent is the law.

What does that mean for your organization?

What does marketing have to do with privacy law?

In the past two years, 18+ US states have passed privacy laws, data transfers between the EU and US are set to get a regulatory update, and new laws have been announced in the EU around AI. In fact, Gartner estimates that over 85% of the world population will be covered by modern privacy legislation by the end of 2024. As such, marketing teams need to make sure that users understand their data is safe. Now you might be wondering — safe data and marketing teams? Isn’t that a privacy team thing?Privacy compliance is no longer a siloed responsibility, only falling under the purview of a single team in an organization. Each department needs to be aware of the data they’re collecting, the regulations around that data, and be in lockstep with their legal, privacy, and security teams to ensure they’re following best practices and staying compliant.When collecting data, your marketing team needs to ensure that customers feel safe, secure, and excited about the experience they will receive — from collection to activation, from purchase to post-purchase. Personalization and value-added experiences are now an expectation, one that you need to meet while balancing today’s evolving privacy regulations.Think about the brand experiences you have today. No matter what industry you’re in, all of these experiences run on the same fuel — data.

Customers who feel comfortable giving you their data = Your marketing team using that data to better understand audiences and create personalized experiences

Neil Tolbert, Sr. Global Director of Consent & Preferences at OneTrust, shares the role that consent has in harnessing the power of customer data.

Where in the (consent) world is your organization?

Take a look at where your customers are located — which country or region, and what the applicable privacy regulations in these regions are. Regarding data collection, privacy regulations are nearly always going to fall into one of two buckets: opt-in or opt-out mechanisms.

According to privacy law, there are also different categories of data use that customers should be given the opportunity to opt in or out of, including the following:

Sale or share of data
Targeted advertising
Behavioral profiling
Universal opt-out signals
Sensitive data processing

Use the table to map the jurisdictions your organization is present in to the appropriate opt-out mechanism, as well as the categories of data processing that need to be shared with your customers. And note… this is only the intricacy between opt-in / out!After understanding the breadth of the consent requirements that your organization needs to be aware of, it’s time to take a look at how you’re going to interact with your customers about consent. The journey of a thousand personalized experiences begins with a single step. And that step is data collection.

	Opt-out*	Opt-in
California, Colorado, Utah	✓	〇
Virginia, Connecticut	〇	✓
Bill C-27 (Canada)	✓	✓
GDPR (EU)	〇	✓
PIPL (China)	〇	✓
LGPD (Brazil)	✓	✓

The first step to differentiating your brand

We’ve all experienced countless cookie banners when visiting websites, and classifying that interaction as a pleasant one may be a stretch. But one thing it does do is give you an opportunity to let the business know what type of data you’re okay with sharing and it builds confidence that these choices are being honored.Before customers give you any identifiers, such as their email address or name, they are considered “anonymous” users tied to device IDs. At this stage, you can understand what these users are okay with regarding their data and use the opportunity to succinctly explain why giving you permission to use their data is actually going to provide a beneficial experience. Data transparency and control are the two main benefits that need to be clear to users at the collection stage.You need to be able to definitively answer the question — “What’s in it for me?”, when it comes to data collection. Communicating the purpose of data collection, or purpose-based consent, is the best way to convey this information to your prospective customers.

Once they can form the link between sharing data with you and receiving curated lists, better offers, and an overall better experience with your brand, your job as a marketer becomes much easier. As a customer spends more time on your website as an anonymous user, possibly looking at different products or services, this activity can be used to suggest different resources or related products that may interest them as well. This can also be a gateway to the initial step of collecting first-party data or turning them into “known” users.Obtaining an email address, phone number, and/or first and last name are identifiers that can help you strengthen your relationship with these customers. This journey starts with a great experience for the anonymous user that builds enough trust so they will provide your business with identifiers to help you develop personalized experiences.