• by Gary Ng , Columnist, June 7, 2018

Fake news, rigged elections, identity theft — these are all outcomes of compromised consumer data. In each case, individual digital users are exposed, and in every instance the need for a stronger model of protecting personal data is clear. Even more disconcerting for consumers, while they have tools that allow them to keep their own virus and malware defenses updated on their own personal devices, they remain vulnerable when it comes to how their digital footprints are protected by the brands and agents with which they engage. 

The days of this dynamic being even somewhat acceptable are over. It’s time for a massive shift in our approach to consumer personal data; to achieve that transformation, we need a better model.

Transforming the Consumer-Data Dynamic

Historically, consumer data has been collected and maintained by what amounts to a siloed, trusted, third-party regime. Under this model, customer information forms the core of a data-driven advertising ecosystem, one that unfortunately forces people to leave a massive information trail across nearly every service and website. Three factors, however, are pushing the industry ever closer to an ecosystem-wide change. 

• First, organizations tasked with gathering, managing, and protecting consumer data have been unable to protect the troves of information they gather. 

• Second, GDPR enforcement, which began May 25, 2018, is already changing the data-focused European marketing landscape, and it’s creating pro-consumer, pro-protective energy in other regions as well. 

• Third, and perhaps most importantly, consumers are actively demanding more transparency and safety when it comes to their data, and more accuracy and meaningfulness when it comes to the experiences their granted personal information is used to create. 

The opportunity before us? To explore what a decentralized and better-secured ecosystem can do differently for the consumer. Let’s look at how such a model would work.

Modeling a Decentralized Data Future

Envision a digital profile that is stored and explicitly managed on users’ devices. The profile would be encrypted and could be synced, via cloud services, with multiple devices. The consumer could now dictate which personal details and interests to include, and they would also decide which relevant targetable attributes should be shared with brands as part of giving consent. 

The model for permissions we’re exploring would be achieved through either a decryption key to consented sectors, or an identifier that represents specifically the agreed-upon targetable attributes. For added security, these keys and identifiers could be rotating codes similar to those used in two-factor authentication, and the consent services could be offered via neutral and stateless mediation services. Under this proposed system, if a provider wants to derive further targetable attributes and insights, it could be done directly with the user’s consent — the results would be visible, vetted by the consumer, and stored on the user’s device. 

This model is similar to the peer-to-peer sovereign identity model that Timothy Ruff has proposed, and there’s room to think about roles for distributed ledger technology as well. For now, think of the model as shifting from our familiar industrywide approach —fanning-out (advertisers cast the net to mostly anonymous consumers) — to fanning-in (so that consumer-declared interests and selections that drive brand messages become the new normal). 

Bottom line, there would be no centralized pool of consumer information to be hacked into, stolen, sold, or leaked. If a provider does want a pool of consumer information, the consumer would decide whether to opt-in to that pool — but opt-in would no longer be the default. Instead of footprint tracking and data stitching without the user’s knowledge, advertisers would leverage only the consent-granted knowledge that devices have always held — i.e., how often a consumer uses certain apps, visits certain websites, whether there was a post-view purchase, etc.

At the same time, for service and content providers, anonymously pooled metrics could still be aggregated daily and monthly. This new model would mean less wasted spend — and advertisers would reap more accurate campaign ROI assessments in the end. 

The time for a new approach to consumer digital privacy and data protection is now. Starting with this decentralized approach, we can create a future that promotes better engagement, more meaningful moments, and a data-for-value exchange in which all parties can confidently place their trust.