Why Privacy Is Not Dead For Your Customers

Why Privacy Is Not Dead For

Your Customers

Fatemeh Khatibloo, Senior Analyst

March 6, 2014

© 2014 Forrester Research, Inc. Reproduction Prohibited 2

Agenda

› Privacy’s Not Dead, No Matter What You’ve Heard

› The New Privacy Is All About Context

› Getting Started With Contextual Privacy

#ForrBigData


Agenda

› Privacy’s Not Dead, No Matter What You’ve Heard

›The New Privacy Is All About Context

›Getting Started With Contextual Privacy

#ForrBigData


Companies routinely collect more data than they need

#ForrBigData


Voluntary “data stewardship” is unreliable

#ForrBigData


And they look for ways to protect themselves

#ForrBigData

Source: September 20, 2012, “Understand The State Of Data Security And Privacy: 2012 To 2013” Forrester report

Companies’ privacy approach today is wrong


#ForrBigData

What if we changed the paradigm?

Source: September 20, 2012, “Understand The State Of Data Security And Privacy: 2012 To 2013” Forrester report


#ForrBigData

There are two reasons to

change how we do privacy.


#ForrBigData


› Regulation is coming, and it’s largely about transparency,

which most firms aren’t set up to do.

› It causes public relations headaches — globally, nationally,

and locally.

› Developers are breaking the advertising ecosystem.

The first is fear: Poor privacy carries risk

#ForrBigData


The other is opportunity: Privacy is a differentiator

#ForrBigData

The Body Shop created a

new market category in

sustainable personal health

products.

Milk industry builds trust by

eliminating the use of bovine

growth hormone.


Agenda

›Privacy’s Not Dead, No Matter What You’ve Heard

› The New Privacy Is All About Context

›Getting Started With Contextual Privacy

#ForrBigData


› Privacy (and its product, trust) is context-dependent:

• People trust banks to “hold” their life savings but may

not trust banks to keep their financial identities secure.

• People trust Amazon.com with home address and credit

card details and to provide targeted recommendations,

but they may not trust it with sensitive health data.

› Privacy must balance consumer desire and

organizational need.

The “new” privacy is all about context

#ForrBigData


› Privacy must be redefined to accommodate

smartphones, biometric sensors, geolocation, big data,

and “persistent recognition.”

› Context enables control, choice, and respect by putting

guardrails around:

• Data access and collection.

• Data use.

• Data sharing.

The “new” privacy is all about context (cont.)

#ForrBigData

•On the day of travel

•90 minutes before my flight

Temporal: When can I collect and use data about you?

•I’m in the airport.

•I’m NOT in the airport.

Spatial: Where can I collect and use data about you?

•For marketing (offers) purposes about this airline

•For marketing (offers) purposes about a partner of this airline

•For informational purposes about my flight, the terminal, and the airport

Functional: How can I collect and use data about you?

•I’m a frequent flyer traveling for work.

•I’m on vacation traveling with my family.

•I’m not the traveler, but I bought travel for someone else.

Identity: What persona are you when I interact with you?

•Let my car service know I’ve landed.

•Tell my personal assistant my flight is delayed, and let him make itinerary changes.

Social: With whom can I share information about you?

Contextual privacy addresses five questions


#ForrBigData


› Consumers get value in exchange for their data — value they can

control.

• The value exchange will lead to greater trust, more loyalty, and more

willingness to recommend businesses to others.

› Businesses assume less risk and recognize new business

opportunities.

• Better privacy practices reduce data storage risk.

• Businesses can be on the leading edge of privacy-friendly markets.

• The services they offer will be the right ones to the right customers.

The calculus for contextual privacy is simple

#ForrBigData


Agenda

›Privacy’s Not Dead, No Matter What You’ve Heard

›The New Privacy Is All About Context

› Getting Started With Contextual Privacy

#ForrBigData


› Practice a doctrine of “no surprises.”

• Based on what you’ve written in your privacy policy, would your customers be

surprised at how you use certain data?

• Do you explain what happens when customers opt out?

› Provide a choice for participating.

• Do you provide real options, or is it “my way or the highway”?

• Do you respect DNT headers? Do you make it easy to opt out/down?

› Treat more data as “personally identifiable.”

• Do you define PII? Is your definition too narrow for 2014?

• Do you address “new” types of data like social, device ID, etc.?

Adopt the rules of contextual privacy

#ForrBigData


› Unify treatment of customers’ profile data and settings.

• Do their privacy and communications preferences across

different touchpoints and web property silos match or clash?

• Can you implement single sign-on (SSO) to consolidate profiles?

› Consider which pieces of login data expose them and you.

› If you use SSO, consider letting users “uncheck” options.

• Do you really need the blanket right to all data or to post on

timelines?

Leverage identity management

#ForrBigData


Begin implementing a four-step road map

› Build a cross-functional privacy task force.

› Create an internal data privacy standard.

› Undertake an enterprisewide data audit.

› Draft a simpler two-tier privacy policy.

#ForrBigData


Next Steps

› Follow Fatemeh Khatibloo's blog

› Read a complimentary Executive Overview to see how our playbook framework helps you work step by step through your tough initiatives. Start by viewing all of our playbooks.

http://blogs.forrester.com/fatemeh_khatibloo?cmpid=mkt:soc:ss:ContextualPrivacy






http://www.forrester.com/marketing/playbooks-all.html?cmpid=mkt:soc:ss:ContextualPrivacy

http://www.forrester.com/marketing/playbooks-all.html?cmpid=mkt:soc:ss:ContextualPrivacy

Why Privacy Is Not Dead For Your Customers

Technology

Why Privacy Is Not Dead For Your Customers