As we move deeper into 2021, privacy leaders face increasing uncertainty in the marketplace in light of new privacy legislation, such as Apple’s new app-transparency policy. We held a small roundtable to bring together New York privacy professionals to discuss what they were doing to protect their companies and stay on-track amidst these new changes.
Best way forward
To start, companies should define for themselves what their long-term position on privacy is by taking a critical look at where the company is and comparing it with where the company wants to be.
“You might decide that your privacy position is user-choice and therefore you will spend more time creating a clear control experience for consumers. Or, you may be more focused on transparency, providing users with a clear understanding of what data is being used and how AI (artificial intelligence) and ML (machine learning) is informing their experience,” shares one professional.
“You may also decide to be in the middle of the pack by not raising any flags and blending in with the rest of the group,” they add.
Whatever you decide, ensure everyone is aligned on your long-term goal, because that will determine how you choose to comply.
Productize your privacy where possible
Tech professionals are familiar with the natural tension that occurs between product teams and compliance teams. One tends to want to push the limits while the other is always assessing for risk. Productizing your privacy is one solution to this age-old problem.
“Automate wherever you can, whether that’s data subject rights, access deletion, portability, etc. It reduces the burden for product teams and tension within your general compliance framework. Focus on providing consumers with clear notice and choice experience,” advises another privacy expert.
Long-term stability wins
Too many changes causes whiplash with your product team. Define a long-term position to serve as a North Star for all the other micro decisions you have to make as a privacy team within a company.
As a company’s position changes with regards to privacy, it has a downward impact on all the products that the teams are working on. It can be discouraging if a company changes positions without helping people understand why that's the case.
Identify overlaps in privacy laws and regulations and combine processes when possible. All privacy laws and regulations will have some version of the basic privacy principles (subject rights, access notice, & deletion portability).
Do you have a do-not-sell control if you are engaging in selling? Do you have an opt-out of processing of sensitive info, opt-out of advertising, opt-out of digital marketing, or a DAA opt-out? You just have to craft that positioning and have a clear requirements document for the product team that supports that long-term narrative so they don't feel you are wishy washy.
The future of ad-buying
The future of addressable identity on iOS is unclear. Chrome may be moving towards FLoC-based cohorts, but many companies are scrambling for solutions to maintain addressability once these major changes occur.
There’s a host of addressable identity solutions that are coming to market and different solutions will work for different types of buyers. Individual user-buying can be accomplished by finding specific users through custom audiences on Yahoo, TikTok, and Facebook. There is also pure contextual targeting from real-time signals that you will have to buy against. The most appealing company for advertisers will be the one that provides a solution at the ad targeting level that blends all those experiences together in the most convenient way.
Overall, the industry has deemed user-level targeting as a negative thing. Is ad-targeting at its core problematic?
“Ad targeting isn’t problematic,” says one attendee, but user-level or “micro-targeting” is becoming a bigger and bigger problem.”
“Privacy laws are starting to address that because civil rights groups have been very active— and there have been notable public privacy issues that have come to the forefront that have swayed political opinion against user-level targeting,” they add.
Regulators are beginning to go after companies for violations of well-known and obscure laws, and there are efforts at the federal and state level by different attorney generals to go after large tech companies for antitrust issues.
It’s best to look at privacy as a long-term journey. It’s not a destination you can get to in the short term. You have to constantly be improving, and it takes intentional effort over a long period of time.
Are you looking to hire privacy professionals in the New York area? Email us at email@example.com.
Did you find this article valuable? Don't forget to share: