The Rise of the Chief Privacy Officer

Your company’s responsibility as a steward of consumer data is greater than ever. Advances in technology have made it extremely easy to access and collect sensitive consumer data from disparate first, second, and third party sources, analyze that data, and then use that data to build sophisticated consumer profiles which could impact how you engage with that consumer.

Welcome to the age of the Chief Privacy Officer.

As market capabilities have grown, so too has the breadth of what could be considered sensitive consumer data.  No longer is it just name, address, birthdate, and social security number.  Collecting personal information such as transaction data at the product SKU level, digital IDs, location, viewing history, etc. is not only very easy, but also quite common.

As is the ability to tie that information directly to an individual – across both identifiable and (seemingly) anonymous online and offline activities. The technology exists to build more sophisticated Device Graphs, which connect disparate signals to a single persistent offline ID which can ultimately can be associated with an person.  Anonymous cookie ID ‘123’ can be connected to mobile device ID ‘ABC’ which is tied to IP address 123.456.789.123. Once you’re able to associate any of those signals to a individual “offline” signal (for example, a name, postal address, email address, etc.), you’re able to align all of the behavioral data through each of those channels back to that same individual.

And the number of signals that can be used for identification continue to grown.   Recent studies have shown that a phone’s battery behavior as well as the characteristics of a phone’s audio hardware are unique enough to create an anonymous identity for the device.

The responsibility of how this data is collected, the notice and choice that is provided to the consumer, how consumers can access and alter this data, and how your organization ultimately uses that data falls directly on the shoulders of the Chief Privacy Officer.

Let’s use the example of Uber’s recent study on the price elasticity of Uber rides, which showed that consumers are more likely to pay a surge fee if their battery level is low.  In this case, Uber is clearly collecting through its app (among other things) the battery level of your phone.  The obvious concern would be the use of that data in determining the price of a ride.  Uber could theoretically increase fares of consumers based upon their then current battery level, giving consumers with lower batter levels higher prices (because, theoretically, they would pay it).  This could have negative PR and legal consequences.

What is the consumer’s responsibility?

The right to collect, associate, and use this data is buried within each provider’s privacy policy.  It’s up to the consumer to understand what data is being collected, and how it is being used.  It is also the consumer’s responsibility to proactively opt out of marketing channels.

Unfortunately, technology has not made this process simple.   What was once a relatively easy offline process of opting out of receiving direct mail either through the brand or the Direct Marketing Association, has become more challenging as the number of media channels has grown.  Each channel has its own opt out process.  For example, in digital display on a browser it is – ironically – an opt out cookie that alerts brands to not track the consumer, while other channels that don’t support cookies must offer different alternatives.

What is your company’s responsibility?

This isn’t just a legal question.  A key function of the Chief Privacy Officer role is to understand not only the legal implications of actions your company takes, but also the moral and branding implications.  Ideally, actions are decided based upon what is best for the consumer, best for your company, and in compliance with local and federal laws and guidelines.

While the Chief Privacy Officer function won’t achieve the rockstar status that Chief Data Scientist has, it is certainly just as important as your company’s role as a data steward evolves.

 

 

The Problem With Cookies Isn’t The Cookies …

There is quite a bit of debate going on about people based matching versus cookie based matching.  I thought that I’d take a minute to set the record straight.

Before I start, it’s important to have a basic knowledge of how the Internet and cookies work together.

WHAT IS A COOKIE?

A cookie is actually just a small text file, which sits on your device (like a laptop, a tablet, or a mobile phone).  Your device can store countless cookies from the various websites you’ve visited, and each is unique to  your device and in some cases your web browser.

Cookies are used to store information about your web browsing.  This information could be your name (so that the webpage can greet you … eg: “Welcome back Scott”, address, your username / password (to give you access to a specific website), the web pages that you’ve visited before,  etc.

Now to understand the importance of a cookie, you need to understand how a web server works.   

THE WEB SERVERS AND COOKIES IN BASIC TERMS

Imagine you’re at a hotel bar, and you’re charging drinks to your room.  Each time you go up to the bar for a refill, you have to repeat your room number because the bartender has a really bad memory.  Now imagine that the bartender can look up your room number using your room key.

This is how the Web Servers and cookies work together.  

Websites are hosted on Web Servers.  When you surf the web, each webpage is delivered to your device (phone, ipad, etc.) from the Web Server independently.   The Web Server is a “session state” environment, meaning that it cannot natively associate one request from a device to another.  In other words, it only “sees” (and remembers) each webpage request separately.  This is where cookies come in.  They help carry information to the Web Server, from one webpage request to another.

In the example above, you are the web browser.  The bartender is the Web Server.  The drink you order is the web page.   And your room key is the Cookie.

Cookies can also be used to target advertising.  An Ad Server (like a Web Server for advertisements) can be programmed to serve specific ads to specific cookies.  This is the technology used to deliver ads to specific people.

THE PROBLEM WITH COOKIES

A cookie, in and of itself, isn’t the problem.  The problem is the linkage.  How was a cookie associated with the person to whom the ad is being served.  As marketers, we need to make sure that we are reaching the right people with the right ad … and more importantly not reaching those people who have opted out.

This is especially true in the world of regulated data, where you need to know who you are targeting.  And cookie-based linkage is controlled by a handful of companies who 1) are walled gardens and don’t share how they link offline people to online cookies 2) they don’t collect this information directly.  They rely on other websites to gather PII, and connect it to their cookies.  In some cases, the data is very accurate (especially with transaction data).  In some cases, it is not (think websites that collect PII when giving surveys, offering coupons, etc.).

In short, in order for you to use cookies based targeting accurately, you need to have insight into the source of the base linkage data that was used to connect the offline consumer record to the online cookie.  And until that happens, the debate will continue to rage on. 

 

“I wouldn’t have signed it either”

Some of my friends have some pretty cool jobs.  Stuntwoman.  Actor.  Rocket Scientist.  Entrepreneur.

And there’s Dan.

Dan is in charge of advance work for key members of the Democratic party visiting Los Angeles and Las Vegas.  He travels with these Democratic VIPs, coordinating all of the important aspects of their trips such as where they go, with whom they meet, etc.

One afternoon years ago, Dan called me said that he was in Las Vegas and asked if I would like to meet President Bill Clinton the next day.  At this time, President Clinton had left office and Dan was accompanying him throughout the West coast on a series of speaking events. I immediately said “Yes” and “Thank You!” , then he asked me for my full name and social security number so that I could be vetted by the Secret Service.  Dan told me he’d call me back with more details.

Even though by this point in my life I’d become politically indifferent (I’d seen up close the ugly underbelly of politics, and didn’t care for it; I’d learned to care more about people and policies, rather than political parties), I was very excited about this once in a lifetime opportunity.   I called a few friends who were extreme Clinton fanatics – a few of whom had actually met the President themselves – and the message was consistent … “He’s going to impress you”.  I had no idea how true that statement would be.

That night I received word from Dan that I’d passed the background check, and was given instructions on where to meet him at the Bellagio the next afternoon.  Before I knew it, I was waiting in line with 20 other people to meet the President.

The process was rather sterile, and impersonal.  One person would walk up, Clinton would shake their hand, say a few words, turn to the camera, FLASH, thank them – and then greet the next person.  By the time I got to the front of the line, my heart was racing, I was sweating profusely, and all of the blood had run out of my face.  I wiped my hand on my suit pants, stepped up and introduced myself with a handshake that would have made my grandfather proud, said something unoriginal and unmemorable.  We both turned to the camera, FLASH, and then I was ushered out.

It was arguably the worst photo I’ve ever taken.

Dazed and relieved, I made my way to the main hall to get a seat to watch Clinton’s speech.  I found a seat in the back of a dark room, behind 500 or so of Clinton’s biggest Las Vegas supporters.  Clinton spoke from a well lit raised stage for about 45 minutes on a myriad of topics, all of which had nothing to do with politics except for stating several times that now that he was no longer in politics, he could speak freely and tell people how he really felt.  He was personable, humorous, and real.  And when he concluded, he gestured to two microphones set in between the three sections of seats, and invited the audience to ask him questions.

The second question came from an older man.  In a thick accent, he said (and I’m paraphrasing) :

“President Clinton, I’m so excited to be speaking with you.  I feel like I’m making love to a young woman for the first time.”

There’s an awkward silence from both the President, and the crowd.

“I want to thank you for all that you did to help my war torn country of Bosnia  *  ”

Clinton steps forward to the edge of the stage, and raises his hand to block the spot light on him so that he can better see the man who is speaking.  The house lights suddenly come up.  Clinton is locked on the man – as if he’s engaged in a private conversation.  The whole scene seems very contrived to me, and I’m immediately reminded of the movie Wag The Dog.

“Recently President [George W] Bush decided not to sign the international anti-land mine treaty, which would have banned the land mines that ravaged my country.  What do you think about that?”

The entire audience is silent, as President Clinton pauses for a minute to think.  Then he responds:

“I wouldn’t have signed it either”.

The air leaves the room. The crowd gasps, the old man is deflated standing in front of the microphone, and Clinton continues:

“Now that I’m not running for office, I can tell you how I really feel.  That treaty had loopholes, and it allowed certain countries to continue to produce land mines.  It didn’t solve the problem, and I wouldn’t have signed it either.”

Clinton then went on to talk about how he and then President Bush communicated often, and that they agree on some things and not on others.  Most importantly, they kept a respectful, open dialogue.

And isn’t that how everyone should be – whether they’re in politics, or not?

Several months later I received an envelope in the mail, with an 8 1/2″ x 11″ glossy color photo of a tanned former president with brilliant white teeth, standing next an extremely pale man with one eye that looks slightly larger than the other.  I look slightly better in the black and white version of the photo.

 

*President Clinton was instrumental is bringing military assistance to Bosnia, through “Lift and Strike