In recent years, brands have started to cross the line between convenience and privacy. Buyers love the convenience of the personalized experiences their data powers, but then horror stories like the Cambridge Analytica scandal make people skeptical about how much information companies should collect and share.
Basically it comes down to the identity of the underlying user, what data it contains, who generates that data, and where.
Here, we’ll discuss the implications for third-party tracking and data that have been most affected by recent privacy regulations and protocols. First of all, it is important to understand the different degrees of data privacy.
Degrees of confidentiality
Customers share their information either explicitly through forms and transactions, or implicitly through behaviors such as searches and click streams. Data explicitly provided by the user is considered zero-party data.
In e-commerce, this usually comes in the form of a sign-up, review, or purchase. This is used for communication, personalization and targeting tactics that the user primarily engages in when submitting their information. Check out the examples below of Forrester’s blog.
First-party data is different from zero-party data. The first part data is based on inferences collected from implicit or explicit events collected internally. User information or customization based on signals such as searches and clickthroughs are examples. The user is probably not aware of the type of behavioral information collected about him or how it is actively used. Users concerned about this tracking can turn off tracking and unsubscribe.
“Second party” data is essentially the first party data of another organization. Marketers frequently buy or share first-party data from another partner organization. Another common scenario in e-commerce is multi-brand or multi-site situations where the customer profile is shared between sites.
Data collection red flags
All of this brings us to “third party” data. Third party data is generally collected, used and implicitly shared by a third party on the sites. A third party system could use a combination of a remotely hosted tracker and third party cookies for the web or MAIDs (mobile advertising identifiers).
These have been used by ad networks to retarget the user across multiple touchpoints across the web. The end user is generally not sure what information is collected about them, how their information is used, or by whom. This raises a major red flag when it comes to privacy. Device fingerprint data is a good example of information that could be automatically shared without the user’s knowledge.
Of course, retargeting a user based on their interactions on other sites can help warm up a personalized experience and generate more relevant ads, but doing so without the user’s consent is a big no-no. . Regulations such as California Consumer Protection Act (CCPA) in the United States and General Data Protection Regulation (GDPR) in the EU to remedy this, in particular where personally identified information (PII) is involved.
It also prompted companies like Apple to incorporate significant privacy protection in their Safari browser in 2017, which has now become a standard in most major browsers. ITP not only restricts the tracking, but also the storage of user data in the form of third-party cookies or MAID. This has created a challenge for organizations relying on third parties for features like analytics and personalization.
Third-party data restrictions primarily affect e-commerce marketing, personalization, and analytics functions. For example, remarketing through an ad network based on cross-site behavior will be a challenge. Likewise, building campaigns around third-party audiences will no longer be possible.
From a personalization perspective, retargeting experiences based on cross-site behavior will no longer be possible. The collection of analytical data requiring third-party trackers will be blocked, as well as the ability to generate information using third-party data.
As more e-commerce experiences leverage Customer Data Platforms (CDPs), CDPs that are not based on first party data will no longer be useful. Finally, by storing all third-party PII data, you put your business at risk in performing audits such as SOC?, ISO 27001. etc.
Some known workarounds exist, including:
• Hosting a tracker locally, for example on a subdomain or your main domain so that all traffic and storage are treated as third parties
• Use of server side API interactions to exchange data
• Integrate additional customer touchpoint data both offline and online across your business to increase your customer intelligence
• Using only zero and first party data only
First party superiority
Here are the big five that make first-party data superior to others we’ve discussed:
• Control: dictate what data you want to collect and how to collect it
• Context: further enrich your data with additional surrounding and situational data specific to your touchpoints
• Freshness: important for continuous, real-time 1: 1 experiences across touchpoints
• Accuracy: collected directly from your customers compared to third parties
• Low cost: no need to pay a third party for the data
A balancing act
Consumers now expect personalization, but they don’t want their every move tracked. Numerous studies show that predicted experiments based on first party intent are significantly more effective than prescriptive approaches based on calculated third party intent. Predictive approaches are possible by associating first party data with ML-based models.
Regulations and protocols go a long way in protecting consumer privacy without restricting the ability of organizations to deliver a phenomenal digital experience. Invest in technology that can collect first-party data and turn it into insights to deliver a better digital experience, minus the creep factor.
About the essayist: Sanjay Mehtha is the Head of Industry and E-Commerce, at Lucidworks, a San Francisco-based e-commerce solutions provider that enables personalized search, navigation and discovery.
*** This is a Syndicated Security Bloggers Network blog by The last watchdog written by bacohido. Read the original post on: https://www.lastwatchdog.com/guest-essay-a-primer-on-the-degrees-of-privacy-tech-companies-assign-to-your-digital-footprints/