Data Ethics: Our Point Of View

Your customer’s digital footprint enables one-to-one personalized engagement, but it is important to be very mindful of data privacy issues. Respect your customers’ privacy and preferences to avoid being intrusive or creepy.

Recent data breaches have heightened customers concerns and global firms must be aware of differing privacy regulations in different countries – including GDPR in Europe.



As digital platforms increasingly become ingrained in our lives, the amount of data that is collected is exploding.  Consumers are generally aware that their digital activities are being monitored. They not only expect that companies that they do business with understand their needs and preferences, but use this knowledge to serve them better.  They also expect that their data will be protected and not abused.



When you send personalized messages to your customers, they understand that they are being watched. You don’t want to be perceived as being ‘creepy.’ You must clearly understand what information customers are willing to share and what they expect in return. This will vary by brand and the industry. Customers love receiving special offers for things that they care about as well as being made aware of services that are tailored to their specific needs. They will be loyal to companies who consistently meet their unique needs in a timely fashion on the platform of their choice.



Just because you can collect data doesn’t mean that you should.  You should have a firm understanding of the kind of data that your customers are comfortable sharing and the service level that they expect.  Then you must deliver on the promise of better service or else they will opt-out.  Also you should think hard about collecting and storing sensitive data that you don’t need to provide great service.  Leaking this type of data can harm customer relationships and too much data may limit your agility.



As industry and global privacy standards such as General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) continue to expand, organizations that aggregate, process, and store personally identifiable data must take ownership in protecting that data.

GDPR is the primary law regulating how companies must treat and protect the personal data of EU residents. It grants consumers significantly more rights and affects all departments within an organization, including legal, compliance, information security, marketing, engineering, and HR.

CCPA privacy laws are similar in many ways to GDPR. The four main consumer protections are the right to be informed – what data is being collected, from which device, the purpose, and how it’s being shared – the right to opt-out of data sharing, the right to be forgotten, and the right of fair treatment.

Some US-based multinational companies sought to ensure GDPR compliance on a global level in anticipation of a U.S. national law. This has included taking steps to let every visitor to a website now how their device is being tracked, what data they’re collecting and what they’re doing with that data. Heightened awareness over data privacy is introducing a lot of complexity to preference centers, in other words, and companies must know what to do with the data they’re collecting, whether first-party, second-party, or third-party data.