The intersection of privacy and customer experience reminds us of the importance of collecting and managing consent -- whether that involves collecting data to personalize an experience or marketing or another initiative we aim to pursue. We saw notable examples (Verizon Wireles, InMobi, etc) of how Federal Communications Commission (FCC) and Federal Trade Commission (FTC) actions in 2015 and 2016 converged on issues of consumer privacy and consent. In both cases, firms used tracking information to deliver targeted ads.
What can brands learn from this? Securing and protecting data is only one aspect of managing privacy. You must also:
1. Develop core capabilities for privacy oversight and accountability. Designating an individual in compliance or legal to decide what you can do with customer data based on regulatory requirements is insufficient. Instead, your firm will need to develop a set of capabilities to create, enforce, and assess policies and practices and thus manage consumer data privacy cohesively. This not only helps with efforts to meet compliance requirements, but also helps you build internal standards for privacy and data usage that align with corporate culture and values to balance data use innovation and risk.
2. Adopt contextual privacy practices to deliver desired customer experiences. One customer's terrific, personalized experience may feel deeply creepy to another. Individual interpretations of privacy matter. The new privacy is all about context. This means that your firm must allow customers to dynamically negotiate the collection and use of their personal data. As your firm designs its desired customer experiences, you must practice a "no surprises" doctrine (be transparent) regarding data collection and use, give consumers meaningful opt-in and consent options, and treat more data types as personally identifiable.