Following years of prominent data breaches, privacy scandals, and large-scale ransomware attacks, the internet has begun to take its privacy and security seriously. Concerns about the sheer volume and specificity of personal data held by tech giants such as Google and Facebook – as well as its potential misuse – have finally left the realm of the paranoid and filtered into the public consciousness. Now more than ever, users are beginning to scrutinize the websites they visit, the permissions and policies they agree to, and the information they’re willing to surrender on a daily basis.
In the wake of this cultural and political shift, businesses of all sizes have been pushed to re-evaluate how they collect, store, and use consumer data. Most companies have been taking proactive steps to eliminate poor practices and encourage trust in their user-base.
Amongst the hardest hit in this field is the internet marketing industry. In part responsible for the rise in unhealthy attitudes towards data collection in the first place, digital marketers are seeing a growing obligation to secure the data of their company, their clients, and their visitors, and a shrinking pool of raw data with which to target their campaigns.
Marketers are now forced to work with far less information, be discriminate with what they request, and find a compromise between performance and privacy. Large volumes of detailed personal data allow for highly-targeted and tailored advertisements; but this data has to be obtained in a functional and unobtrusive way, and must be protected thereafter.
In this article, we’ll cover three marketing-related privacy and security issues likely to impact the efficacy of your digital marketing work and the types of data you can collect.
Updated Browser Security
With more than 65% of Americans using Apple’s iOS, Safari is now the most popular mobile browser in the US – snagging almost double the user base compared to Android, and even pulling ahead of Google Chrome.
In keeping with consumer concerns, Apple has begun reducing the number of ways its users can be tracked through its flagship browser. Recent updates to the Mac, iPhone, and iPad’s operating systems have introduced a default block preventing 3rd party sources – such as cookies and social sharing tools – from tracking you unless you explicitly consent.
In addition, Safari will reduce the amount of device-related data it provides to websites in an effort to prevent advertisers from ‘fingerprinting’ users. These fingerprints are used as a unique marker to identify a person and their device in order to construct a more robust targeting profile.
Google Chrome – the most popular desktop web browser in the world – has been making similar changes to encourage a safer web. In July of this year, it began visibly marking websites as “Not Secure” if they are suspicious or unprotected by an HTTPS certificate. In competitive areas, this flag could easily drive prospective consumers away.
Adding a secure certificate will help avoid these flags and ensure your visitor’s data is secure. You may also benefit from ranking improvements and potential speed increases.
General Data Protection Regulation
With the arrival of Europe’s General Data Protection Regulation (GDPR), ‘privacy by default principle’ is now a legal obligation. According to this legislation, websites are now required to build user privacy principles into all of their projects. These laws are applicable to all businesses that collect or process the data of European citizens.
This means that if the website or product you’re promoting is going to be used by residents of the EU, you’re obligated to comply – even if you’re based outside of Europe.
Almost all of the foundational principles of the GDPR ruling will affect the practices of digital marketers. Sites are now required to specify the purpose for which they’re collecting data, and cannot use, retain, or disclose this information outside of its intended purpose. All businesses serving EU consumers must offer strong defaults, granular privacy settings, and clear privacy notices. Only the information that is explicitly necessary can be collected.
Guidelines for third-party data are also being tightened. A large number of marketers use information from external vendors to help them with targeting, rather than collecting customer data themselves. With these new restrictions in place, they must now ensure these vendors are compliant with the GDPR criteria. Vetting these third parties is expensive and time-consuming, so it’s likely most marketers will move towards using fewer vendors of a higher quality.
Ultimately, this legislation will be a huge impediment to the large-scale, indiscriminate commercial data collection we’ve seen in recent years. Broadly minimizing the amount of data we must surrender day-to-day should be commended; it represents a great stride for consumer rights and a newfound autonomy over our digital footprint. That being said, the effect on user profiling will mean marketers must find new ways of targeting and influencing users in their chosen channel.
Changes in Consumer Behaviour
For several years, websites have operated with a ‘just-in-case’ attitude, asking for more than is necessary because they can, or in case it proves profitable in the future. As users have caught on to this attitude, it’s become clear that each request for information is likely to decrease the conversion rate of your site and in turn the performance of your product or service.
This isn’t the only noticeable shift in consumer behaviour. Changes to legislation such as allowing ISPs to sell browsing data, the repeal of Net Neutrality, and high-profile scandals like Cambridge Analytica have spawned a huge rise in use of consumer-focused privacy software.
Fuelled by a lack of faith in governments and Big Tech, tools like tracking blockers, proxies, and VPNs have seen explosive growth in the past year. Recent reports show that the VPN industry is set to reach a market size of $35 billion by 2022 — a 75% projected increase in just over 3 years. Popular providers such as Hotspot Shield and TunnelBear already report user bases of over 650 million and 20 million consumers respectively.
For digital marketers, the popularity of this software presents a problem. Anonymising tools can interfere with the ability to create functional user profiles and target consumers in specific locations. A VPN can make it appear as if a user is in Canada when they’re really in the US, rendering local ads ineffective and negatively influencing conversions. As the use of this software rises, marketers using IP-based targeting through ad networks may have to find other approaches to their work.
How Will These Changes Affect Me?
The majority of these changes will restrict or completely eradicate data sources used by advertising platforms, hugely impacting how well marketers can target and retain specific audiences. Given many of these changes are still ongoing, it could take months or even years to see their full effect.
As paid advertising is jeopardized by these cultural and technological movements, more companies will begin to rely on social media, email outreach, and organic search in attempts to influence their target audience. If you’re in the industry, it’s important to consider how your strategy will have to adapt once these changes begin to take effect.
William Chalk is a researcher for Top10VPN.