Data regulations are being strengthened across the APAC region, driven by privacy concerns held by more than two-thirds of consumers.
From Japan’s Act on the Protection of Personal Information (APPI) to Singapore’s Personal Data Protection Commission (PDPC), to Thailand’s Personal Data Protection Act and India’s Personal Data Protection Bill, new data laws are coming into force and existing regulations are being updated.
These changes, alongside regulatory shifts in the rest of the world, inevitably promote speculation around how the data privacy landscape will evolve and what’s likely to happen next.
But in truth, the shape of future privacy regulation is immaterial.
New regulations will continue to emerge, but rather than scrambling to maintain compliance with each one individually, businesses need to establish a robust data supply chain on which to build governance so that they comply with local regulations.
They must re-prioritize their data practices around transparency, communication and trust to satisfy consumer demand for increased control over personal data – whether they are compelled to by law, or not.
Transparency is the letter of the law in all data regulations, so the first step for any business is to understand its own data practices and ensure they are fully disclosed.
As a result of poorly integrated systems and disparate data silos, many businesses struggle with fragmentation and a lack of visibility into the data they collect as well as what happens to it.
They are also battling with the vast volumes of data continually being produced across multiple channels, with over a third of marketers in APAC citing difficulties in unifying different sources of data, a situation that will only be exacerbated by the roll-out of 5G connectivity across the region.
Businesses need to create a data map that clearly shows all data sources, the information that is collected, where it is stored, what it is used for, and where it goes.
At this point most companies will want to rationalize their data practices, maintaining only those that are deemed essential.
Once businesses understand how data flows through the organisation and who it is shared with, this will need to be explained to consumers using clear, concise privacy policies.
Businesses that manage to communicate their data practices simply, without legal jargon, will gain consumer trust and a reputation for transparency that can be used as a competitive differentiator.
In addition to effectively communicating data practices, businesses must also give consumers more control over what happens to their personal data.
This means putting mechanisms in place that allow consumers to access the data stored about them, to have it amended when it is inaccurate or incomplete, to request that it is deleted entirely, or to take it to another provider.
It also means giving consumers more of a say in whether their data is collected in the first place.
Some regulations require consumers to positively opt in to the collection of data for activities such as marketing, while others only compel businesses to provide a means of opting out, but gaining explicit consent is arguably the most effective way to engage consumers and gain their trust, and is likely to become a required practice in more data regulations.
The consent process can be a vital first touch-point in the user journey and an opportunity to explain the role the consumer’s data plays in improving their own experience.
Once a user has set their consent preferences via this initial interaction these must be stored centrally, applied uniformly across the entire business and managed throughout the lifetime of that individual’s data supply chain.
To assist with both understanding data flows and giving consumers more control, businesses are exploring a range of data platforms.
However, there is a great deal of confusion around the different tools available and the role they play in data management, not least because they are all known by similar three-letter acronyms.
First, there are Customer Relationship Management (CRM) systems, which are very effective solutions for storing transactional data but don’t necessarily offer insight into anonymous user behavior prior to a transaction taking place.
Next, there are Data Management Platforms (DMPs), which are largely used to collate and analyse anonymous website interactions and create audience segments to feed digital advertising technologies.
While these are both valuable tools in their own right, they don’t always integrate effectively with other systems used throughout the rest of the user experience.
The latest entrant to the data management market is the Customer Data Platform (CDP). They can be used effectively alongside both CRM systems and DMPs, meaning businesses don’t need to completely replace their tech stack.
CDPs bridge multiple sources of first-party data such as online and offline transactions, interactions on connected devices and conversations with call centers. They create a clean, centralized data foundation that delivers a single view of the customer which is accessible across the entire business.
Because data sources are unified to form a single view of the customer across all devices and channels, and because business rules can be set centrally to be applied across the organisation, CDPs help businesses establish a robust and transparent data supply chain to underpin governance and comply with local data regulations.
The data privacy landscape will continue to evolve, and people will always try to predict what future regulations will look like, but that’s not where businesses should focus their attention.
By taking a fully transparent, privacy-first approach to data management, businesses will be empowered to build valuable, long-lasting consumer relationships whatever shape future data regulations may take.
Catherine is Regional Vice President APJ Solutions for Tealium. She has spent 25 years in IT, marketing and digital development, specifically working with the data that drives these tools. Previously, Catherine held a number of regional roles with multinational organizations such as Oracle, IBM, Acxiom, Marketo, and as an independent digital consultant.
The post The shape of future data privacy regulation is immaterial appeared first on ClickZ.Reblogged 1 year ago from www.clickz.com