These days, everyone is talking about data privacy. Several laws and regulations have been written, are being implemented, or are just being applied. Companies must be open and give contacts access to their data. The concept of consent is included in the realm of data protection. It is applied in various situations. Before to talk about the future, I suggest you take a quick look back at the consents’ past.
History
Express vs implied consent
Let’s first go over the distinction between express and implied consent. In the first scenario, the person is required to express consent by acting. This could entail completing a form, checking a box, or just nodding in agreement with the policies. People who haven’t engaged in one of these actions haven’t indicated their approval. This is a different action than implied consent, which grants the right to keep and use data, such as for email communications. In fact, in some nations (Canada in particular), it is possible to communicate with someone for a while after they submit their email address. This also applies when a call centre notifies you that your call might be recorded. You are indicating your agreement by continuing the call.
Concept of unsubscription
I first entered the field of relationship marketing more than 20 years ago. The idea of getting consent was nonexistent. In terms of email communications and telemarketing calls, we were then in a more opt-out mode (Do not call list). This best practice was mandated by us, and every message sent using our platform had to include an unsubscribe option. The methods of doing things have changed over the course of a few years with the introduction of marketing’s glut of channels.
Behavioral tracking
I also recall the time nearly 15 years ago when we introduced tools for tracking website visitors. I felt uneasy. Who would want to be recognized and followed in a physical store, I wondered. However, given the nature of the internet, these are effective tools that are simple to set up. They delivered the right message, at the right time, to the right person if used properly. Relationship marketing campaigns were in data heaven.
The future of consent
Today’s marketing teams are dealing with significant changes in their business strategies with regard to data access, use, and privacy. The market must now strike the ideal balance between maintaining its current practices and satisfying the demands of its customers for control and transparency. The management of the gathering and use of their personal data is first handled by marketers, according to a recent webinar. They are searching for morals and laws. Therefore, it’s critical to improve accessibility by establishing a consent manager that is simple for everyone to understand.
Consent centre
In order to honour various consents across various platforms, it’s crucial to keep in mind that a consent centre must be able to connect with your entire Martech ecosystem. The web is the best way to accomplish this because the form must also always be accessible. Finally, the procedure needs to be safe so that only the specific contact can execute the actions. To ensure easy access control, using double authentication via email or SMS could be a great option.
Essential sections of a consent centre
Here are the seven key components of a successful consent centre.
1. Identification data
A key component of privacy is being able to see and comprehend contact-recognizable information. This section may include email addresses, phone numbers, and physical addresses without being restricted to contact information. Added in accordance with the business’ requirements is any additional pertinent information (training, employer, etc.). Access to the data allows for modification, addition, or removal of the information.
2. Communication and subscription channels
The vast majority of businesses already have a procedure in place for customers to subscribe to and unsubscribe from relational communications. Nothing radically different needs to be done. Ordinarily, opt-in methods are adhered to. It’s possible to see a sample communication. An option to immediately unsubscribe from all relational mailings could be displayed if necessary.
3. Frequency optimizer
Another method for limiting data usage is to give contacts control over the communication frequency. You can specify the frequency at which data may be used for communication purposes using this feature. It can also be used to specify a shutdown period (6 months, 1 year, etc.).
4. Business relationship
A loyalty program, the use of a product or service, etc. are a few examples of factors that might affect the collection and use of data. You have consented to certain rules that are particular to this program as a member or customer. A link to the policy would appear here. This would explain how to leave the relationship program or end the business relationship in addition to giving a thorough explanation of the data collected and how it was used.
5. Data management
Two (2) separate components make up data management. The first is related to cookie-based behavioural data collection, and the second is related to data sharing with third-party service providers.
Collecting behavioural data
A significant change has occurred here, primarily as a result of Quebec’s passage of Law 25 (PL64). I support the #NoConsentNoTracking philosophy. I believe that the concept of behavioural tracking based on cookies or pixels should have already been included in our best practices.
In Quebec, you will have to formally request permission in order to conduct tracking on the website and through other channels as of September 2023. This will lead to a consent option, particularly in banner form, on your website and app. In our illustration, we only present one choice. However, some websites distinguish between analytical trackers and experience-personalization trackers. Again, it will be your responsibility to define and present the available consents in a clear manner. Just like with websites, it may be a good idea to get consent before collecting opening and click data at the level of the channels, primarily email.
Data sharing with third-party platforms
Asking your client whether or not he consents to the transfer of his data to third-party platforms with privacy policies that differ from your own will also be necessary in the interest of transparency. Particularly in the case of social media and advertising platforms. Adding components to your privacy policy doesn’t seem to be enough; you’ll need to make it explicit when you take action and want to share the data. The consent centre may include a general agreement that applies to all systems, a platform-specific agreement (e.g., social media vs. advertising), or even an agreement that is provided in a specific situation. It will be up to you to determine the best approach that relies on your business strategies.
6. Data mobility
A person must be able to understand which systems are sharing their data, which is already mandated by the GDPR. The user can ask to view or delete the data. The data sharing ecosystem’s technologies could all be displayed by the consent centre in this situation. Using a form that must be filled out and sent to your customer service, you can choose to view or delete the data. Under the new law, this will be necessary for Quebec starting in 2024.
7. Adoption of policies
The policy acceptance history, including the context, date, and time, may be very significant. Clear policies should outline your expectations for the gathering, use, and privacy of personal data. You do not need to formally request your current contacts’ consent to the privacy policies again. Keeping track of the circumstances surrounding the adoption of policies or the introduction of new ones, however, might be a wise idea.
Conclusion
Transparency and giving control over consent management still need to be attained. The most crucial thing is to continue acting with respect. If you have policies in place but feel uncomfortable sharing them, just don’t. Slowly but surely, we will get there, and ethical behaviour will become clear in the coming years. Attempt to foresee the trend and provide a secure setting where your contacts can work freely right away.
#NoConsentNoTracking: Recover the bare minimum, grant control, and be transparent.