Get to Know Consumer Privacy
Learning Objectives
After completing this unit, you’ll be able to:
- Describe the purpose of consumer privacy laws and regulations.
- Define which features are restricted.
- Describe how Mail Privacy Protection works.
Consumer Privacy
Trust is the #1 value at Salesforce. To live that value, we monitor laws and regulatory changes that may impact you and your customers. Privacy regulations that protect consumers are rapidly developing and changing. From CAN-SPAM to state-specific laws, it can be hard to keep up. And while these laws are great for consumers, as a marketer they can be hard to navigate.
With the increase in consumer expectations and expansion of global privacy regulations, companies need to put privacy at the center of everything they do. At Salesforce, our top priority is to create solutions that help you respond, act, and succeed in these new regulatory environments. In this module, we focus on current regulations and laws that impact marketers, what technological updates large companies are making, and how you can be proactive in your compliance journey.
Data Security
How many times have you entered your credit card information to buy something online? Or provided your birthday or driver’s license number? Regardless of how careful consumers might be, in today’s world it’s impossible to avoid providing sensitive data online. While most consumers feel it is safe to do so, it hasn’t always been the case.
Luckily, as access to data and surrounding technology began to evolve, governments and various organizations decided to find ways to protect individuals from the misuse of their personal data. Data encryption, SSL certifications, multi-factor authentication, and reCAPTCHA checks were put into place to help protect consumers from identity theft and fraud.
To learn more about how to protect your Marketing Cloud Engagement account and data, take the Marketing Cloud Engagement Security module.
Privacy Regulations
Security enhancements are just the beginning. Not only do consumers want their data to be secure, they also want it to be private. While marketers find data invaluable, consumers increasingly want more control over how their personal data is being used and processed.
Consumers generally want to:
- Know what personal data is being collected.
- Access any collected personal data.
- Delete their data.
- Know if their personal data is being sold and be able to restrict the sale.
- Require parental consent for data collection of minors.
The General Data Protection Regulation (GDPR) was one of the first large government-driven regulations established to overhaul and unify European privacy laws. State-specific privacy laws in the United States followed that lead, and in 2020, the state of California established the California Consumer Privacy Act (CCPA) to further protect the privacy of its residents. Many other states, including Virginia, Colorado, and New York, have added or proposed their own state-specific laws.
While each law is unique, in general, consumers want to have a say in how their data is used by companies. So, what’s the big takeaway for you as a marketer who gathers and uses consumer data? Transparency. Plan, define, and communicate how you intend to use customer data in your marketing efforts.
Want to learn more about specific privacy and data protection laws? Check out the trail Learn Privacy and Data Protection Law.
Tracking Consumer Data
In addition to laws and government regulations, companies, like Apple, began evaluating the use of functionality that tracks data about consumers. More and more companies and providers are allowing consumers to take control of data privacy by giving them the ability to restrict or block functionality on their devices. Apple’s App Tracking Transparency is an example of these restrictions. Apple’s feature allows users to turn off “Allow Apps to Request to Track” in their phone’s privacy settings. Meaning, marketers won't have access to app data for those users. With this shift, marketers and advertisers should consider the following.
No more cookies. Don’t worry, you can still eat delicious baked goods. However, third-party cookies used to track users across the internet are becoming a thing of the past. Many browsers are reviewing the use of third-party cookies and restricting or deprecating them.
Restricted unique IDs. Cookies are used to track consumer engagement across websites and they are linked to a consumer based on a universally unique identifier (or UUID). This data is used by advertisers and marketers to pull customer information from ad campaigns to be used for reporting and measurement. These include:
-
DoubleClick ID: Google Ad campaign unique ID
-
Android ID: Android’s unique advertising ID
-
Identifier for Advertisers (IDFA): The iOS device ID
As browsers restrict and deprecate cookies, universally unique identifiers could also become obsolete.
Bottom line: It’s a good idea to think beyond the cookie and tracking IDs, and focus on direct engagement with your customers.
The Future of Advertising
While regulations can limit consumer tracking, the concept of watching consumer behavior is not going away. Google is investigating alternatives that focus on consumer consent while also hiding a consumer’s identity. Two initiatives to be aware of include:
-
FloC (Federated Learning of Cohorts): A proposed browser standard that uses algorithms to track interests, without providing advertisers a consumer’s identity.
-
Gnatcatcher (Global Network Address Translation Combined with Audited and Trusted CDN or HTTP-Proxy Eliminating Reidentification): A proposed way for a person’s identity and IP address to be masked without impacting a website’s functionality.
Follow the Google Ads & Commerce Blog to keep up to date on their privacy-first initiatives.
Privacy-First Approach
While many of these regulations focus on advertising, Apple introduced features in its Fall 2021 iOS 15 release that impact email marketing. These changes allow customers on Apple devices (regardless of email domain) to hide their true email address and create new, unique emails and domains. Customers can also hide their location and behavior data. Let’s review two of these features in more detail.
Feature |
Description |
|---|---|
Mail Privacy Protection (MPP) |
MPP allows Apple Mail clients on iPhone, iPad, and macOS Monterey to proactively block the sharing of their IP address, location data, device details, deliverability, and email opens. |
Hide My Email |
This privacy feature allows users to share a random email address instead of their real email address in Mail and Safari. The feature is built into iCloud Settings, Mail, and Safari as part of iCloud+. Users who have current iCloud accounts automatically get access to these new privacy features. |
Next Up: Impact on Marketers
While data laws and regulations impact a wide range of professionals, as a marketer, your work is directly impacted by these changes. Given that privacy regulations are constantly changing, how can you be proactive? In the next unit, we discuss how you can prepare for these changes and future ones to come.
Resources
-
Trailhead: Marketing Cloud Engagement Security
-
Trailhead: Learn Privacy and Data Protection Law
-
Salesforce Blog: Apple’s Privacy Changes Will Force Marketers To Innovate – Here’s Where To Start
-
Salesforce Help: CAN-SPAM Requirements
-
Salesforce Blog: How Can GDPR Help Improve the Customer Experience?
-
External: Building a privacy-first future for web advertising
-
External: Apple advances its privacy leadership with iOS 15, iPadOS 15, macOS Monterey, and watchOS 8
