Privacy is no longer just a compliance issue. It is a business opportunity. CMOs who take privacy seriously can build customer trust and loyalty, create a more sustainable business model, and outperform their competitors. With the right approach, privacy is the key to unlock successful, durable AI-powered marketing which will increasingly underpin the business of the future. In light of the paradigm-shifting, impending changes to the privacy landscape, spearheaded right here in the EU, Dirk Melief and Daniel Ferreira from Artefact sat down with Google’s Kat Rutherford and Kate Adams to explore the business value of privacy and provide CMOs with a guide to building and implementing a privacy-centric marketing strategy.

Kat Rutherford: How do you define privacy in our industry? For example, in a business/legal/data context?

Dirk Melief: There are different ways of looking at it. From a user perspective, we see it as your right to control (accept, decline, delete) your user data (such as cookies and PII data) and preferences that brands and platforms are allowed to collect, store and use for analytics and (re-)activation purposes.

From an agency perspective, we help our clients (brands) navigate which technical setup facilitates what user information they are allowed to track within relevant legal boundaries. We also guide our clients on how to analyse and activate user information for various purposes such as marketing, sales, CRM, customer service, finance and product development.

From the advertiser perspective, it’s creating a competitive advantage through a considered, consented and first party data strategy that also improves your relationship with the end user.

KR: Do you offer privacy as part of your current proposition/services?

Daniel Ferreira: Yes we do. For us, it revolves around three pillars;

  • Legal liaising: Acting as a facilitator of information sharing between digital teams and legal (DPO), and as a translator showing what your modern data and tech stack should look like, given the current legal boundaries in our digital landscape.

  • Upskilling our clients’ digital teams: Helping them understand how they can make today’s tools work for them by leveraging relevant platform features, managing consent and preferences, and finding appropriate ways to automate the process, from collecting user consent and preferences to storage, analytics and activation.

  • Implementing the requisite data and technical setup: Facilitating key client use cases, such as activating first-party data for marketing re-engagement campaigns or feeding information into bidding algorithms to achieve a more favourable result.

The glue that binds these three together often also involves three key things:

1. Having a clear, aligned and measurable translation from business objectives to marketing objectives.
2. Building a strong business case with one or more key stakeholders that interconnects different business departments.
3. Good federated data governance structure.

KR: How do you see privacy evolving in the coming two to three years?

DM: Now that people are more familiar with the amount of data they generate as individuals and are beginning to understand what happens to that data, they will continue to push the privacy agenda and demand even more transparency and value for that data, as well as easy and accessible control over what user information they choose to share with external parties.

DF: We think that most people don’t shy away from handing over their data to brands they know they can trust, understand, and add value to their lives. It’s not a new concept: research was done on this back in 2015, yet most brands haven’t fully grasped the power of properly executing this. It requires mastering three key things:

  • Let your clients know what you are doing with their personal data;

  • Give your clients control over what happens to their personal data;

  • Deliver great value in exchange for their personal data.

The creative opportunities for brands to build trust, strong relationships and deliver great value in exchange for customer data are endless. For travel brands, think of more frictionless check-ins for customers or free comfort upgrades for longer-term customers. For fashion brands, give customers early access to your new collection or provide exclusive repair services to make clothing last longer as well.

KR: What are the main privacy issues that resonate with your clients?

DM: Brands are starting to understand that a durable data strategy is the fuel for AI-powered advertising, and it can give their business a competitive advantage and help them stay ahead of the curve. By having a business-led data strategy and governance structure, companies can gain insights that will help them make better decisions about their advertising campaigns. However, there can be challenges in building bridges between the marketing and legal departments when it comes to data strategy.

Most of the stakeholders we engage with on these issues have a legitimate interest in analysing and activating customer data. That’s why some of the key cases we discuss with clients include how to properly track web and app users within local legal boundaries, how to update consent and preferences, and how to synchronise customer data from a CRM platform with relevant marketing platforms.

So it’s common for us to see cases where we guide clients on how to manage user consent, how to set up their data collection, how to activate their first-party data, and how to measure the impact of using first-party data.

DF: It’s also important to tell the story of how we got to where we are now with attribution issues (cookie restrictions) and targeting, which includes excluding people who have just made a purchase. This example is always helpful when starting customer match solutions, since no one wants to show ads to people who just bought a product, but current targeting solutions require the use of first-party data for both exclusion and inclusion.

KR: Are there areas missing from these client realities that you think would provide additional business value?

DF: Our clients (and we ourselves) sometimes fall into the trap of doing things to fulfil a marketing use case, for example, without paying enough attention to what the value is to the customer on the other end.

In addition, privacy should be an organisation-wide topic, whereas we often see that either one or more business, sales or marketing stakeholders are leading the conversation because of what’s in it for them. Going back to one of our earlier points, this requires a strong business case that relates directly to a C-level sponsor and and involves the legal department (DPO) from the outset, rather than just before a use case is activated, suddenly asking “Are we actually allowed to do this?

DM: We also think additional perspectives would provide value. These should focus more on the following;

  • Privacy education: It should be for the whole organisation, not just marketing. Focus on getting stakeholders with different profiles around the table to voice their business needs and concerns and find common ground across teams.

  • Data governance components: How do you organise and process customer data properly while ensuring privacy? This often touches on issues of being able to access the data you need, being able to trust the data you have, and understanding if and how you can use it.

  • General marketing practices: Consider those that go beyond your own channels, such as improved CRM and paid social, etc. Don’t just focus on ‘enhanced conversions’ because it helps with +10% measured Google Ads conversions. Tell the full story for the C-level marketeer who oversees all channels, not just the Google Ads channel marketeer. This means also discussing conversion API solutions for other online channels.

  • High quality consented data is fuel for growth: As signals and cookies become more limited, brands need to start using advanced AI solutions to improve their advertising performance. AI-powered advertising can leverage high-quality first-party data to improve bidding, audience targeting, and measurement.

KR: What do you think should be a key takeaway for a CEO/CMO with regard to privacy and safe data collection?

DF: CEOs and CMOs should understand that privacy is not just a compliance issue, but also a business opportunity. By taking privacy seriously, brands can build trust with customers and create a more loyal customer base.

DM: Exactly. From our perspective, not taking action means losing out on two fronts;

1. Legal risks from not getting it right;
2. Failure to maximise the impact of marketing and sales budgets.

KR: What obstacles to demonstrating the business value of privacy have you previously encountered?

DM: Legal teams that just say no without any business rationale or because it’s about material that’s difficult to understand from a non-technical side. There is also the issue of EU vs. US law, especially when it comes to tech companies. While in some cases there are other data sharing practices in place with far less consumer control or proper governance.

DF: Recent media reports of ad tech companies unlawfully applying behavioural targeting make it more important than ever to ask for active opt-ins for ad personalization, as is currently available in Google My Ad Center for example.

KR: Is there anything else we should know about this topic?

DF: In addition to the points raised above, we believe that privacy is more than just compliance or technology. It is also about culture and values. Businesses need to create a culture where privacy is valued and respected. This means having clear privacy policies and procedures in place, and training employees on how to protect user privacy.

2024, in particular, is expected to be a transformational year, with several new regulations coming into effect and the disappearance of 3rd-party cookies and mobile identifiers. So while CMO’s are considering priorities and projects for next year, the impact of regulatory and technological changes on digital marketing should be high on the agenda.

DM: I’d just add that privacy is also about transparency. Businesses need to be transparent with users about what data they collect, how they use it and who has access to it. Users should be able to easily opt out of having their data collected and easily change their preferences. A proper preference management system instead of only cookie consent helps massively in this regard.

Let’s talk about what this means for your business!