Services List
The emergence of online marketing brings new privacy concerns. Marketing researchers can add value to the public policy discussion on privacy by adhering to the ethical collection, storage and dissemination of customer data. In this article, we unpack the importance of data privacy and the ethical use of contact records.
Customer data powers the engine rooms of business:
Customer data may well be the fuel that keeps the engine of business humming. That doesn’t necessarily mean, however, that your customers’ private information has been collected, stored, used, or shared in an ethical manner. Ethical customer data processes are deeply rooted in issues of ownership, transparency, consent, and equitable value exchange.[1]
According to Stéphane Hamel in her blog post “Why data ethics in marketing is important and what to do about it”, data ethics is a comparatively recent field and refers to ethical concepts around the collection, use and sharing of customer and personal data.[2]
Data ethics includes considerations concerning the exchange of information between marketers and customers and takes on the fair and responsible collection of data in order to safeguard the privacy of data subjects, as well as clear visibility about the way the data is used.
Marketing data ethics has gained traction because of the explosion in data that companies collect, how it is used and the wider ramifications for customer privacy, as well as the increased development of data analytics in marketing with its specific (and possibly unethical) targeting of consumers. In addition, there is a heightened risk for data breaches with the collection and storage of data – the new gold.[3]
Covered in this article
Marketing Data Analytics
Acts to consider when dealing with data
The Benefits Of Marketing Data Ethics
Ethical Data Considerations
Good Data Ethics Practice
Marketing Data Analytics
Zero-party data
Zero-party data is data given freely by prospects to marketers and brands. Seen as the most legitimate form of marketing info because it is shared voluntarily, and it comprises prospects’ behaviours, interests and preferences. Sources include polls, quizzes and surveys for conversion strategies.[4]
First-party data
First-party data is data retrieved about a prospect via communication with an owned property. The data accuracy may be called into question with tracking cookie limitations as a result of privacy concerns, and restrictions with GDPR, POPIA and PAIA governance.
The data may comprise a website (time on site, bounce rate, pages per session); a mobile app (opened notifications, monthly active users, retention rate); an e-commerce platform (order value, products purchased / number of purchases); customer relationship management (deal size, sales length, preferred communication channel); a social media profile (engagement rate, website clicks, time active) and a point of sale system (preferred payment method, purchase location, sell-through rate).[5]
Third-party data
This data is sourced from outside sources as marketers operate within the constraints of first-party data, with a forced reduction in requests for data and tracking focus. Marketers are leaning more toward third-party data to fill in the gaps, using sources such as research studies (social media use, preferred payment options); public demographic data (job title, age) and big data aggregators eg. N-iX and Elucidate.[6]
Acts to consider when dealing with data
GDPR
Under GDPR (General Data Protection Regulation 2018, EU) legislation, individuals have the legal right to access, amend, restrict, withdraw consent, and ask for their personal data to be erased. Requests for consent are to be explicit (not implied) and written in clear and understandable language, and consent must be as easy to withdraw as to give. There is a compulsory data breach notification of 72 hours for organisations to notify the national regulator. Consumers can transfer personal data from one company to the other, but only data provided by the customers themselves and in a machine-readable manner.[7]
Any national regulator can lead or take action across all EU member states. Companies outside the EU but processing data of EU citizens can face sanctions and be subject to individual claims. This also applies to citizens in the EU but not necessarily EU citizens. Penalties for non-compliance apply from €10 million or 2% of annual global turnover to €20 or 4% of annual global turnover. Data processors, as well as data controllers, are directly liable.[8]
The POPI Act
Under Section 69 of Chapter 8 in the POPI (Protection of Personal Information Act 2013, SA), the processing of the personal information of a data subject is prohibited unless the data subject has given their consent to the processing and who may refuse at any time to the use of their electronic details. Direct marketing communication from a marketer must have the identity of the sender or the person on whose behalf the communication has been sent, as well as the contact details to which the recipient may send a request for the communication to desist.[9]
The PAIA
The Promotion of Access to Information Act (2001, SA) gives the right to access any data kept by a public or private body/person when it is needed for the exercise/protection of any right; however, the right is subject to limitations, such as grounds for refusal. In the case of a record request from a public body, the requester is excluded from access to personal information records concerning her or him, but in the case of an access request from a private body, the opposite is true.[10]
Personal information under PAIA refers to data such as a home address, names and photographs, but does not apply to a person who has been dead for more than 20 years.[11]
The Benefits Of Marketing Data Ethics
The principle that the customer comes first still holds sway, especially regarding the use of their data by marketers. Ethical customer centricity makes good business sense, increasing prospect and customer trust in brands, products and services, and ensuring repeat business. Keeping the wants, needs and interests of customers top of mind bolsters the bottom line.[12]
As Stéphane Hamel notes, ‘a data ethics approach to digital marketing puts the user’s needs and interests above all else, ensuring that they’re always treated fairly and with respect.’ The ethical approach to data in business builds strong long-term relationships between companies, marketers and customers by putting ethical emphasis on the way data is collected, stored, used and shared.[13]
Mitigating legal risk is not the only motivation that marketers and companies should keep in mind. Marketers and companies do not exist in a socioeconomic vacuum. Just as there is increased focus on legislation to stem the tide of online abuse (eg. ad hominem attacks on social media) and misinformation (eg. climate change denialism), data security and integrity have come to the fore asc
Data ethics has become the norm in digital marketing – it is brand equity, on par with gender inclusivity and environmentally green business practices. Data ethics has become the great product/service differentiator – a brand with a clear track record of careful data and strict privacy measures will always have the advantage over one with a poor track record of data carelessness, lax privacy standards and unethical data use.[14]
Ethical Data Considerations
It is unlikely that marketers and businesses can entirely prevent data breaches and misuse, but much can be done to mitigate risks. Customers should be made aware by marketers and companies about what particular data is being collected, how it is being used, and the procedures in place to protect their privacy.[15]
Responsibility for harvested data lies with the company collecting it. It bears mentioning that data should be purely collected for legitimate business purposes, and housed in secure digital locations. Companies are obliged to adhere to customers opting out of their data collection at any time after opting in, and keep being aware that the selling of customer data represents a clear breach of law.[16]
Hygienic data ethics also posits that consumers should retain full control of the zero-party data they are willing to share with what brands, and for how long. There should be less reliance on cookies and more focus on building customer trust in the first place so that prospects are more willing to create an account, and feel more confident about their willingness to give their consent to their data use.[17]
There is a trend in ethical data practice for data minimisation, which is collecting and using the minimum amount of data necessary to achieve a specific purpose. Its importance lies in the reduced chances of data violations and the increased protection of individual privacy.[18]
Good Data Ethics Practice
The best practice data ethics procedure would be to revise the data collection process and consider what kind of data is being collected. Ceasing the collection of data that can’t be justified with an actual, practical use case is advisable because unnecessary, unneeded and additional data creates more business complexity. Instead of being overly concerned with data that is unobtainable and unrelated to the product or service, the focus should be placed on the data that is freely available, such as the performance of marketing content, what engages the audience the most, and which kind of content is the most shared.[19]
It is essential that companies recognise the vast ethical and financial value of customer data, and undertake the duty of ensuring the highest ethical standards are used to acquire, store and collect that data. Ethical data practice ensures that the customer owns their own data. Collaboration between analysts, technologists, marketers, legal teams and other stakeholders guarantees that best practice data standards are upheld throughout the customer data management lifecycle.[20]
Reference List
‘Beyond Law: Ethical culture and GDPR’, Institute of Business Ethics, London, Institute of Business Ethics, 2018, https://www.ibe.org.uk/resource/beyond-law-ethical-culture-and-gdpr.html, (accessed 22 December 2022).
Dopson, E., ‘The ultimate guide to marketing data analytics’, Supermetrics [web blog], Helsinki, Supermetrics, 11 May 2022, https://supermetrics.com/blog/marketing-data, (accessed 21 December 2022).
Gunning, E., ‘South Africa: Data Privacy: The Delicate Balance Between PAIA And POPIA’, Mondaq, London, 2022, ENSafrica, https://www.mondaq.com/southafrica/privacy-protection/1213916/data-privacy-the-delicate-balance-between-paia-and-popia-, (accessed 23 December 2022).
Hamel, S., ‘Why data ethics in marketing is important and what to do about it’, Supermetrics [web blog], Helsinki, Supermetrics, 25 May 2022, https://supermetrics.com/blog/data-ethics-marketing, (accessed 21 December 2022).
‘Section 69 Direct marketing by means of unsolicited electronic communications’, Protection of Personal Information Act, South Africa, 2022, The Accessible Law Company, https://popia.co.za/section-69-direct-marketing-by-means-of-unsolicited-electronic-communications/, (accessed 22 December 2022).
Wise Marketer Staff, ‘Determining the Best and Most Ethical Use of Customer Data’, The Wise Marketer, Florida, The Wise Marketer Group, 2022, https://thewisemarketer.com/data-and-privacy/determining-the-best-and-most-ethical-use-of-customer-data/, (accessed 21 December 2022).
[1] Wise Marketer Staff, ‘Determining the Best and Most Ethical Use of Customer Data’, The Wise Marketer, Florida, The Wise Marketer Group, 2022, https://thewisemarketer.com/data-and-privacy/determining-the-best-and-most-ethical-use-of-customer-data/, (accessed 21 December 2022).
[2] S. Hamel, ‘Why data ethics in marketing is important and what to do about it’, Supermetrics [web blog], Helsinki, Supermetrics, 25 May 2022, https://supermetrics.com/blog/data-ethics-marketing, (accessed 21 December 2022).
[3] Hamel, ‘Why data ethics in marketing is important and what to do about it’.
[4] E. Dopson, ‘The ultimate guide to marketing data analytics’, Supermetrics [web blog], Helsinki, Supermetrics, 11 May 2022, https://supermetrics.com/blog/marketing-data, (accessed 21 December 2022).
[5] Dopson, ‘The ultimate guide to marketing data analytics’.
[6] Dopson, ‘The ultimate guide to marketing data analytics’.
[7] ‘Beyond Law: Ethical culture and GDPR’, Institute of Business Ethics, London, Institute of Business Ethics, 2018, https://www.ibe.org.uk/resource/beyond-law-ethical-culture-and-gdpr.html, (accessed 22 December 2022).
[8] ‘Beyond Law’
[9] ‘Section 69 Direct marketing by means of unsolicited electronic communications’, Protection of Personal Information Act, South Africa, 2022, The Accessible Law Company, https://popia.co.za/section-69-direct-marketing-by-means-of-unsolicited-electronic-communications/, (accessed 22 December 2022).
[10] E. Gunning, ‘South Africa: Data Privacy: The Delicate Balance Between PAIA And POPIA’, Mondaq, London, 2022, ENSafrica, https://www.mondaq.com/southafrica/privacy-protection/1213916/data-privacy-the-delicate-balance-between-paia-and-popia-, (accessed 23 December 2022).
[11] Gunning, ‘South Africa: Data Privacy’.
[12] Hamel, ‘Why data ethics in marketing is important and what to do about it’.
[13] Hamel, ‘Why data ethics in marketing is important and what to do about it’.
[14] Hamel, ‘Why data ethics in marketing is important and what to do about it’.
[15] Hamel, ‘Why data ethics in marketing is important and what to do about it’.
[16] Hamel, ‘Why data ethics in marketing is important and what to do about it’.
[17] Hamel, ‘Why data ethics in marketing is important and what to do about it’.
[18] Hamel, ‘Why data ethics in marketing is important and what to do about it’.
[19] Hamel, ‘Why data ethics in marketing is important and what to do about it’.
[20] ‘Determining the Best and Most Ethical Use of Customer Data’.