Brands are being hit with a wave of new rules, thanks to laws like GDPR and CCPA. And they can’t expect sympathy from consumers who suspect them of “surveillance capitalism.”
The laws differ on some points. But all mandate two things: consumer access to data and consent for data usage, according to Winterberry Group’s new white paper: Marketing’s Privacy Mandate: Navigating A Fragmented Ecosystem of Solutions And Organizational Demands.
Of the firms polled by Winterberry Group and IAB, however, only 14% are well-prepared, while 5% are extremely prepared and 43% are somewhat ready. Another 15% are slightly prepared, and 15% are not prepared at all.
Part of the confusion stems from the fact that there are 200 vendors offering privacy solutions of varying quality. These tools are designed for different teams within an organization — i.e., legal, privacy and compliance; IT, data management and information security; and marketing and business.
At the same time, providers of other types are leaping into the fray, hoping to grab some of this business -- and they may be adding to the confusion. They include:
What does a company need to achieve full compliance? First, ask yourself if your firm has these tools for handling consent:
Marketers need to “assess their consent management complexity, understand where there are gaps, and determine whether a third-party solution is the most effective way to close the gap,” the study notes.
And if they need outside help, they have to determine whether it should be from a specialist CMP or an existing provider.
Now, ask yourself whether you’re ready to manage subject access requests. Do you have:
Once again, the firm has to decide whether third-party vendors can close the gap, or if existing providers can do it.
Here are some tips from Winterberry Group on how to proceed. We quote:
These findings are based on interviews with 40 marketing, business, privacy and product leaders.