Customer privacy is now more important than ever.
Over the years and across the world we have seen privacy regulations such as General Data Protection Regulation (GDPR) come into play, strengthening privacy rights by enforcing obligations onto businesses that collect customer data.
In Australia, the Privacy Act 1988 imposes similar obligations to APP Entities defined on the OAIC website. In general, APP Entities consist of government agencies and/or businesses with over $3M in turnover (unless they provide health services or deal with personal information for the purpose of profit). It can also apply to organisations outside of Australia that store or process data of Australian citizens. There are 13 privacy principles that set standards, rights and obligations, including:
- The collection, disclosure, and usage of personal data
- Governance and responsibilities requirements
- Integrity of stored personal information
- An individual’s right to access their personal data
While the Privacy Act only applies to APP entities, we believe one of the founding principles is valuable to all businesses. Why? Because ensuring privacy enables you to build trust with customers, especially as this is becoming increasingly important issue for many customers in their selection of services that they will use.
Here at Proto Innovation, there is one principle in particular within the Australian Privacy Act that we believe is relevant to all Aussie businesses, regardless of their size. That is the APP 2 — Anonymity and pseudonymity principle.
What is APP 2 — Anonymity and pseudonymity and how does it impact customer privacy?
APP 2 – Anonymity and pseudonym states that individuals must have the option, when signing up for or using services, of dealing anonymously, or by pseudonym, unless the information is required to deliver the service (or meet compliance obligations). This is important because the concept of anonymity has a strong influence on customer experience and can be applied to both offline and online interactions. Let’s say, for example, a customer wishes to enter your store and browse through your products. Under such circumstances, should they be required to provide personal information? No. Because the collection of personal information is not necessary to deliver the service. Now if we extend this to the online world, the same concept can apply to online browsing. A customer should not have to provide personal information to be able to navigate your website or search the web, they should be able to do this anonymously in the same way they can in the physical world.
You may be wondering what the difference is between anonymity and pseudonymity? Well anonymity would be where a customer does not provide any personal information or identifiers so the business should not be able to identify the consumer at the time of the dealing or subsequently. In contrast, pseudonymity means that a customer may use a name, term or descriptor that is different to their actual name, for example an email address that does not contain their actual name. Unlike anonymity, the use of a pseudonym does not necessarily mean that a customer cannot be identified and they may choose to divulge their identity, or to provide the data necessary to identify them, such as an address
What does APP2 and customer privacy mean for businesses?
Regardless of which country you conduct your business, when it comes to digital collection and storage of customer data, regulatory bodies tend to provide guidance on how your business should manage consent and comply with disclosure standards.
In the ever-growing digital world, consumers want to control how their data is used and when it is used. For organisations, data is one of their most valuable assets, so it makes sense as to why customers wish to control their data. In particular the data that has been collected without consent.
To keep up with consumer demand and to instil trust, leading digital service providers such as Google, Apple, Facebook etc have, or will be, adjusting their products and services to enable greater privacy for their users. The Facebook-Cambridge Analytica data scandal highlighted and marked the important role a service provider plays in protecting customer data, especially when third party apps are plugging into their service. The aftermath of the scandal resulted with Facebook announcing significant changes to their platform quoting:
“We’ve made major changes to our platforms, in consultation with international regulators, to restrict the information available to app developers, implement new governance protocols and build industry-leading controls to help people protect and manage their data,”
We have also seen as part of the privacy evolution, Google announcing the removal of third party cookies from their Chrome browser by 2022. Whilst this is not the first browser to remove the use of third party cookies, it is by far one of the more substantial players, accounting for over 60% of market share worldwide.
Google’s decision to remove 3rd party cookies from their Chrome browser is another example of how businesses are moving towards strengthening privacy and building trust. The move stops businesses having the ability to track customers through to third party sites, also known in the industry as ‘online stalking’. By blocking 3rd party cookies, Google is protecting their user’s privacy. The loss of contact tracing means businesses will have less information about their customers and digital advertising performance, which will affect how they market and the success of their marketing efforts.
Why is anonymity and pseudonymity so important to customers?
In the digital world we love to track our users so that we can gain valuable insights and personalise their experience. However, we forget that the ability to transact, or engage with anonymity enables individuals to exercise control over how much they share with a business; the same way they would in the physical world. This is an important aspect to feeling safe in their environment, in particular if it is a new environment which they have not come to trust yet.
When we neglect to give customers an option to transact or engage anonymously, we risk lowering customer satisfaction, loss of customer loyalty or loss of interest in products and services our business offers. Understanding the reason ‘why’ customers may wish to transact or engage in this manner helps us determine how we can provide value, build trust and enable access to our products and services.
Some reasons an individual may prefer to deal anonymously include:
- Does not trust your business or brand, therefore they are not ready to build a relationship with your business until they explore further, within their own time and at their own pace and within a safe environment.
- Desire to be ‘left alone’ during or after engaging with your business (i.e. avoid their contact information being used in marketing).
- Wishes to keep their whereabouts or interests and engagements a secret from colleagues, friends and family.
- Wants to access private services like counselling or health services without their loved ones, or others, knowing.
- Wishes to express views in the public arena without being identified and/or attacked.
Regardless of the reason a customer wishes to engage anonymously, there are advantages for businesses that enable anonymity.
Allowing customers to control privacy means that they may be more likely to inquire about products and services. For example, if you sell engagement rings and a customer is browsing online, 3rd party cookies and retargeting techniques could expose the customer’s plans to propose to their partner if they share the same computer. In such circumstances enabling anonymity ensures that your services can reach customers who prefer privacy.
What can we learn about the Privacy evolution?
The Privacy evolution reminds us to care about our customers and why we started our businesses in the first place. In a customer-centric business model, it means the consideration of how we interact and provide value to our customers always comes first. It’s crucial that businesses apply this customer-centric methodology to the data that they collect just as much as to every other aspect of their business.
Remember that the foundation of every business is to build trust and engage in meaningful transactions. So while addressing return on investment (ROI) and reporting targets are important components of running a business, in particular to reduce costs and optimise transactional performance, these things should not trump building connections with customers. Privacy teaches us that we need to recognise and value a customer’s preferred way of transacting with our business. We also need to recognise that building trust takes time and can be easily tarnished if we collect personal information without consent.
Respecting privacy prior to consent does not stop a business from being able to build viable products and services. Prior to tracking capabilities businesses have always been able to build success by delivering products and services that meet customer needs. It is also important to remember, more often than not, when a customer is ready they will provide consent to share personal information with a business. This is provided they receive value in exchange for the personal information.
The bottom line is, always provide your customers with value and respect their choice for privacy. In an exchange for valuable data, remember to give value to your customers as consideration for the exchange. As a result, the data given to you becomes primary (or first party data) and Privacy laws as well as the evolution of technology protecting customer data will have little impact on your business. Why? Because you do not rely on ghosting your customers and your customers give you that information freely. With consent.