You’ve heard the rumblings, accepted the cookie banners and been warned by that one friend who swears by Duck, Duck, Go that privacy laws were coming…but is now finally the time? Over the past year state legislatures have introduced an array of comprehensive data privacy bills, successfully passed by both Connecticut and Utah. As of 2023 these two states will join California, Virginia and Nevada as the five privacy protectorates with enforceable data privacy regulations in effect as soon as January 1st. As 2022 winds down to a close, many businesses are scrambling to assess whether these laws apply to them, and if so how to comply by this year’s ticking clock deadlines. Bluetext is no stranger to data privacy, as we are well versed in the variety of cookies and tracking techniques used across websites and relied upon by the digital-aged marketers. So let’s break down what this legislation means, who it applies to and more importantly how you can comply.
First, let’s dispel some legal myths and legends. You have all probably heard of GDPR (General Data Protection Regulation), which is the EU’s extensive data privacy protection program, which defines a set of laws enforced universally across all European Union nations. So who do these laws apply to? How does it impact American companies? The impact is much more significant than one would think, because GDPR applies to both companies within the EU and any company offering services or tracking behaviors of individuals within the EU. So if your company is already complying with GDPR guidelines, you’ve got a great head start to 2023 updates.
So does the United States have equivalent laws?
Short answer: no, long answer: yes. Here’s why: European and American philosophy around privacy and individual’s rights are very different. While the European legislature honors an individual’s right to privacy as a basic human right, the American Constitution leaves these topics purposely vague and open to state wide interpretation. But as digital behaviors are becoming more visible and accessible than ever before, many states are taking the cue from the EU to establish privacy laws of their own. Most recently Connecticut and Utah joined California, Colorado, and Virginia, to create a complex patchwork of state privacy laws, with fast approving compliance deadlines of January 1st, 2023.
What’s new in 2023?
Here are the recently enacted laws & upcoming deadlines:
Effective January 1st, 2023:
Effective July 1st, 2023:
Effective December 31st, 2023
California Privacy Rights Act (CPRA) – Effective Jan 1, 2023
The new CPRA amends the previous California privacy law to expand beyond the right to privacy notice, deletion of data and opt out of selling data. The new provisions include rights to:
- Correct their data
- Opt out of sharing their data for targeted advertising
- Port their data
- Limit the use and disclosure of sensitive personal information
The most significant impact to the digital marketing industry is expanded opt-out provisions. California consumers could already opt out of the sale of their data. But starting in 2023, consumers will now be able to opt out of the sharing of their data. This significantly clamps down on marketers ability to serve up cross behavioral advertising, or targeted advertising, as this hinges on the aggregation of user’s behavioral data across multiple platforms and contexts to serve a targeted ad. Businesses will need to post links on their website so consumers can opt out of both the selling and sharing of their data.
The new law also includes some other critical changes that businesses must comply with:
- Equivalent rights to employees and business contacts the same rights as any other California resident
- Expanded look-back period for businesses responding to data requests in California beyond the previous twelve months (which was the look-back period under the CCPA) (for any personal information processed on or after January 1, 2022)
- Regularly submitted Data Protection Assessments, known as “risk assessments,” which will need to weigh the benefits and risks to various audiences with the goal of restricting processing if the risks to the consumer outweigh the benefits to all stakeholders
These updates will be applicable to any companies (regardless of HQ state) which:
- Process the data of 100,000+ California residents OR
- 50% of their business revenue is derived from the sale/sharing of California residents’ personal data OR
- Have $25 million+ worldwide revenue
Virginia Consumer Data Protection Act (VCDPA) – Effective Jan 1, 2023
Compliance with Virginia’s privacy law is generally broad and a bit simpler for businesses than the CCPA; however, it is stricter on a few key issues. Like the CCPR, the law protects six main tenants of data privacy: the right to access, opt-out, correct, delete appeal and portability. But some key differences include exemption of all organizations subject to HIPAA or Gramm–Leach–Bliley laws, as well as non-profits and higher education institutes (while exempt from VCDPA, strict requirements do apply). Virginia’s law also excludes protection of employee personal data businesses collect and process under the law’s applicability. The sale of personal information is more tightly defined as “the exchange of personal data for monetary consideration by the controller to a third party.” Monetary consideration is the key phrase which the California equivalent CPRA lacks.
Virginia’s privacy law applies to any business which:
- Control or process the personal data of 100,000 or more Virginia residents in a calendar year
- Control or process the personal data of 25,000 or more Virginians and derive over 50% of gross revenue from the sale of personal data
Starting on Jan, 1 2023 fines for violation can be up to $7,500 per violation (plus attorney fees). There is a 30-day cure period for businesses to fix any violations.
How Should Digital Marketers Prepare?
With the new year quickly approaching, many businesses are scrambling to determine if these new laws apply to them, and if so how they can comply. For businesses nationwide, compliance means increasing the transparency of their data collection process, not necessarily the complete elimination of these practices. Online web users need to be presented with cookies and tracking notices at the very start of their digital interactions, and given a clear opportunity to opt-out if they desire. Bluetext can help you implement all of the right tracking technology, collection settings and front-end user notices to make your business compliant with the changing privacy landscape. And even if you’re not yet applicable to the CPRA or VCDPA, regulations are only expected to rise. Over time more and more states are expected to get on board with recent data privacy protections with the goal of setting a universal expectation of ethical data collection practices within the United States. Bluetext’s recommendation? Regardless of whether 2023 privacy laws are applicable for your business, you may want to get ahead of the curve and implement smart, ethical and compliant practices across your website. Contact us today to learn how we can help.
Maybe you’ve seen one of those large banners across your Google Analytics property: “Universal Analytics will no longer process new data in standard properties beginning July 1st, 2023. Prepare now by setting up and switching over to a Google Analytics 4 property.” Seems problematic, right? Such a warning rings an alarm and raises several good questions to digital marketers, including: What is GA4? Should I switch now? Why is Google making me change? How do I switch? Will I still be able to access my data from previous years? If your mind is buzzing with these questions about your marketing analytics data you’re not alone. Luckily Bluetext has done its research and is here to answer some frequently asked questions and quell any lingering fears over this transition. This article will empower you to make an informed decision about Google Analytics 4.
Schedule a consultation today.
What are Universal Analytics and Google Analytics 4?
Universal Analytics (UA) is Google’s third iteration of its popular web analytics service. If you’ve logged on to Google Analytics in the past decade, you were more likely than not using UA. When UA launched in 2012, it was quite a technological leap, adding advanced features in cross-platform tracking and custom dimensions. It shaped Google Analytics from simply being a page view tracking platform to a robust data reporting and attribution tool that could compete against some of the largest web-oriented business intelligence platforms, like Tealium. Most importantly, Google provided nearly the whole feature set free of charge.
Google Analytics 4 (GA4) is simply Google’s newest iteration – think of it as a new generation of analytics technologies. The web has transformed significantly since the early 2010s, and Google is merely re-platforming analytics to match today’s realities. GA4 launched in 2019 to little fanfare but only recently gained significant traction in March of this year due to Google’s landmark announcement that GA4 will be the only analytics service it supports in 2023.
Why is Google Switching to Google Analytics 4 and Ending Support for Universal Analytics?
This is a complex question – with some good answers that Google will give you and some answers you’ll need to read between the lines to get. Google’s official statement is that GA4 better reflects the modern web. UA did a woeful job reporting on non-webpage-based metrics, such as those from web apps. It was also cumbersome if your reporting needs didn’t precisely match those of a traditional website experience – e.g., single-page or non-linear web apps. GA4 is more customizable and reflects modern data collection and attribution processes better.
The underlying message here, though, is that of data privacy. Since UA launched nearly ten years ago, fundamental shifts have occurred over how people and the law treat data privacy on the web. Think of Edward Snowden, GDPR, and the countless data breaches over the last decade. At its core, Google realizes that this enormous cache of web data collected from millions of websites, even if not strictly Personally Identifiable Information (PII), is a huge security risk to the company. GA4 is an attempt to offset some of that risk, either removing entirely or at least offloading it to individual companies. GA4’s data collection methods are more anonymized, and data retention is limited to 14 months. Overall, this is a calculated move by Google to push its analytics customers to use tools that won’t put Google in hot water.
What’s similar between Google Analytics 4 and Universal Analytics? What’s different?
While the actual end-user experience may look starkly dissimilar, the foundation remains the same. GA4 will remain an incredibly flexible web analytics platform suitable for most websites today – regardless of whether it’s a personal blog, an online retailer, or a corporate website. Most day-to-day tasks like page view tracking, user attribution, and measuring bounce rates will remain the same. GA4 merely stores these metrics and measurements in alternative locations.
That isn’t to say everything is identical. The significant differences you’ll notice every day are rooted in the architectural shift in hit types. UA treated things like page views, events, and e-commerce tracking as separate entities or “hit types.” GA4, on the other hand, treats them all as “events”. Any tracking item will now be an event: resource downloads, page scroll, form submits. Google is thus simplifying the old event architecture by putting everything on the same level – everything is an event with associated customizable event parameters.
For example, under UA, a resource download event might have looked something like this:
- Event Category: Downloads
- Event Action: Resource Download
- Event Label: resource_file_name.doc
- Event Action: Resource Download
Note that regardless of whether it was necessary, Events always took on this three-stage hierarchy. GA4 removes this rigid hierarchy. Instead of having the arbitrary “Event Action” and “Event Category” dimensions, GA4 lets one create as many custom event parameters as necessary to communicate an event’s nature fully. GA4 can track the event instead as:
- Event: Download
- Download Type: Resource
- File Name: resource_file_name.doc
Sessions are also changing. By default, UA defined the end of a session by identifying 30 minutes of inactivity since the last event. GA4 measures the period between the first and last events in a session. GA4 also doesn’t create a new session when a user’s campaign parameters are changed. The major takeaway of these changes is that session numbers will likely be lower in GA4 than in UA.
Aside from these two critical areas, there are many other minor changes. While lesser in scope, these changes may affect your reporting, depending on what kind of features you currently rely upon regularly. For example, customizable views for properties are going away in GA4. If you depend on different views, you’ll likely have to experiment with custom audience building to replicate the reporting. As mentioned before, GA4 will also only store data from the previous 14 months.
Documenting every change is beyond the scope of this blog post. If interested in getting into the nitty-gritty, read through Google’s documentation on the significant changes.
Do I Need to Switch to Google Analytics 4?
Google states that no further data will be processed after July 1st, 2023 (Customers of 360 Universal Analytics get a small extension to October 1st, 2023). While Google may extend to a further date, make no mistake, Universal Analytics will eventually be completely deprecated. If your business relies on web analytics in any form, you need to start planning soon on what your migration plan looks like – hopefully well before July of next year.
How Can I Switch to Google Analytics 4?
For most websites, merely enabling dual tracking will be sufficient. Google has made an easy setup wizard for GA4. To access it, go to the admin panel for your UA property and click the “GA4 Setup Assistant” link. You can follow Google’s instructions here, but within a few clicks, you’ll have a tracking setup that collects both UA and GA4 data. You’ll already have nearly a year’s worth of GA4 data to review once UA goes offline next year. As noted previously, be aware that no historical data will be present in GA4, even if you use this wizard. That said, it will give an excellent basis of comparison to see the reporting differences, especially as you can compare each month between GA4 and UA up until the cutoff date.
Custom events and e-commerce will require a more personalized and custom approach. We’ll cover these in future guides here at Bluetext, but for now, you can consult Google’s guides on the matter here.
I hope this guide relieved some worries and cleared up some unknowns regarding Universal Analytics and GA4. There’s a lot to cover about GA4, and this guide only covers the surface. If you have any further questions about UA4 and GA4, be it migrating data, specific differences, or a transition plan, contact us to learn more about Bluetext’s analytics capabilities.
With 2022 already in full swing, companies are faced with the challenge of looking ahead to what the future might bring. Enlisting the help of a digital marketing agency like Bluetext can ensure that your company is not just reacting to trends, but thoughtfully adapting to the best practices in marketing and staying ahead of the curve. Here are 6 key predictions on how brands will bolster their marketing efforts in 2022:
1. Selling Your Brand, Not Your Product
The importance of brand recognition is nothing new, but the significance of strong brand identity will continue to increase. The modern-day user is inclined to invest in the companies they want to support, not just the products they want to buy. Especially in saturated markets, such as cybersecurity and technology, there are a million and one companies that sell the same or similar products. The skill of storytelling will be imperative in this upcoming year as firms will need to convey strong brand identity and powerful messaging to capture customers. Hiring a marketing firm could help your brand tell its story with seasoned marketing expertise. A consistent messaging strategy or compelling video content crafted by marketing professionals could be what sets your brand apart. Bluetext has a growing portfolio of brand videos that showcase how media can be used to create granular, compelling content to best tell your story to the market.
2. Being Prepared for Change in the B2B Sector
The B2B landscape in marketing is rapidly changing as a result of long-term disruptions caused by the global pandemic. As remote work has become a more permanent reality for many businesses, the reduction of in-person interactions is causing a shift in lead-generation strategies for B2B marketers. A digital and mobile-first marketing approach is more important than ever before, as many B2B buyers prefer remote interactions rather than personal experiences with sellers. In-person events are now mostly hosted in online environments instead, which have brought challenges to traditional lead generation. To remedy this, more B2B companies are capitalizing on social media as an important lead generation channel. A leading social media marketing agency like Bluetext can provide strategic and creative communications that engage with corporate customers through the most effective online touchpoints.
3. Responding to Increased Sensitivity to Marketing
Public awareness has become increasingly attuned to issues of diversity, equity, and inclusion. As companies are competing for attention in this space, firms can use marketing techniques to promote their core values while supporting the causes they stand for. This will help to gain trust and respect from customers who are expecting brands to be active in their communities.
4. Preparing for Marketing to Become Tougher
As consumer behaviors and privacy policies change, the platforms that host advertisements are changing as well, which creates challenges for marketers to navigate these spaces. Increasing regard for customer privacy will continue to make it difficult to obtain data and insights from online campaigns. In addition, platforms are updating their algorithms to respond to market changes, leaving advertisers to adapt to their new preferences. For example, Google’s changes in SEO ranking and Instagram’s shift to prioritize video content have already created challenges for marketing efforts in 2022. Businesses should expect to continue seeing these sorts of shifts, and be proactive in utilizing these platforms. Getting ahead of these changes and pivoting campaign strategies will accelerate prepared companies to becoming frontrunners of their pack.
5. Teaching Rather than Selling
One of the most important ways a company can gain respect from their audiences in 2022 is by addressing topics that are top of mind in their industry. Focusing your online presence on content marketing can help promote your brand’s expertise without explicitly advertising competitive advantages or product details. In the coming year, companies should be working to share more thought leadership pieces like blogs, whitepapers, and video content to bolster their online brand and increase their search ranking.
6. Utilizing AI/ML
Effective digital marketing campaigns must continue to utilize emerging technologies, one of the greatest tools in 2022 being artificial intelligence. Machine learning can ensure the productivity and effectiveness of your marketing efforts. You can bolster performance by accurately tracking KPIs and budgeting, while also personalizing and optimizing digital ad campaigns. Harnessing the power of machine learning applied to brand marketing will be a necessary skill for companies looking to thrive in 2022.
You may already be aware of these trends and the implications they could have for your business but unsure of how to start addressing them. Bluetext has the expertise and industry experience to help you grow your brand and implement effective changes to your marketing strategy. To learn more about our offerings, contact us today.
Just like you can’t judge a book by its cover, you can’t trust a search by your top results. But how is that so? It contradicts all we believe to know about search engines, and cracks the inherent trust users put into “Googling it.” The truth is, even the most tech-savvy digital marketers don’t know the exact rhyme and reason behind Google’s search algorithms. So, what do search engine marketers know? It is widely known and confirmed that keywords and a handful of other core factors are being prioritized by crawlers in organic search rankings. We know the golden rule is relevancy, and various content and technical signals determine a relevant match to a user’s keyword search and top-rated results. But recent news has revealed you can’t take everything for face value, as even the tech giant itself is susceptible to hacking campaigns.
The latest trend in malware has been termed SEO poisoning, or “search poisoning”. This attack method relies on optimizing websites using ‘black hat’ SEO techniques to rank higher in Google search results. These ‘black hat’ optimized websites are in fact malicious, but due to a high SERP ranking deceive victims into believing these sites are legitimate and clicked by visitors looking for specific keywords.
SEO for Ransomware
According to the findings of the Menlo Security team, SEO poisoning cases are on the rise. Notorious ransomware groups, SolarMakers and REVil, are thought to be attributed to some recent attacks. Their campaigns used SEO poisoning to serve malicious payloads to their keyword-seeking targets. After optimizing sites with keywords that cover over 2,000 unique search terms, the sites appear top in a user’s search results page (SERP). These sites appear in search results as PDFs, and when visited, prompt a user to download the document.
When a user clicks the download button, they are redirected through a series of websites that ultimately drop a malicious payload. The threat actors use these redirects to prevent their sites from being detected and removed from Google search results for malicious content.
In the two most notable campaigns, Gootloader and SolarMarket, the actors didn’t create their own sites but instead hacked legitimate WordPress sites with strong Google search rankings. How? By abusing an undisclosed flaw in the ‘Formidable Forms’ WordPress plugin, which the hackers used to upload malicious PDFs. B2B websites were the most heavily targeted, as they are known to naturally host a large library of downloadable PDF resources.
So What Does This Mean?
For users, do your due diligence. Not all is as it appears online, even on trusted sites like Google. Exercise caution, keep up with your antivirus programs and monitor for suspicious links or potential phishing scams. A cybersecurity hack could result in breached sensitive data or require a ransomware payout.
For businesses, beware. Hackers have learned targeting high-value companies can yield much higher payouts (millions compared to the measly hundreds in consumer ransoms), especially if there is a high likelihood their attack will affect many users. Maintaining a healthy website entails regularly updating plug-ins, installing preventative security measures, and conducting frequent tests.
Does your website need a check-up? Or perhaps a new fitness regime to keep website health goals on track? Contact Bluetext to learn how our website development, optimization, and maintenance services could cure your security concerns.
Data privacy features can be overwhelming. Every time you visit a new site, you’re immediately prompted with the same spiel: “Hey! Is it okay if we take your data?” You probably click ‘yes’ just to get rid of the annoying pop-up.
But what happens when you click yes? How are publishers using your data? How are we — the consumer AND the advertiser — affected by these data protection policies?
Understanding Data Protection Policies
Data protection policies really started to emerge and take force in the past several years. The most widely known data protection policy is the General Data Protection Regulation (GDPR), which was implemented in 2018. GDPR, in short, is “a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union.” You can learn all about GDPR and what exactly the regulation covers on the official GDPR site.
But say you are an American-based company, are you affected by data privacy regulations? Just months after GDPR was enforced, the California Consumer Privacy Act (CCPA) was launched. Similar to GDPR, “CCPA outlines how businesses can collect, store and transfer consumer data from Californian residents.” You can find out more about what the Act covers on the official CCPA site.
The launch of these two acts threw many users and advertisers for a loop. For starters, if users are visiting your site from California or Europe, your site must be compliant. And let’s not forget one of the hallmarks of the “worldwide web” — the ability to connect users across physical boundaries. Remember the pop-up boxes and prompts we talked about earlier? Those were implemented across sites based on these new data privacy laws. In order for websites to be compliant, there has to be an explicit opt-in consent message that appears as soon as users visit a site, and no data can be collected unless the end-user opts in. This is a change from traditional advertising regulations in America, which required the option to opt-out (does the “unsubscribe” button sound familiar?). If a company fails to comply with these policies, it could “face a fine. In most serious cases, this fine could be up to 17 million euros or 4% of a company’s annual turnover.”
Data privacy acts are no joke! It’s imperative that companies follow the correct guidelines to ensure sites remain compliant — both for the company’s sake and the consumer’s sake.
What Consumers Should Consider
Another less obvious example is user experience. Websites will use consumer data to help create a more seamless experience for the end-user by understanding what the user is most interested in. We say this is ‘less obvious’ because when done right, you might think that the website is answering all your questions and solving your problems intuitively. Maybe it is — or maybe it’s the data talking.
How Advertisers Should Navigate
As mentioned above, when it comes to data privacy and data protection policies, advertisers should prioritize consumers’ safety. In order to establish yourself as a trustworthy brand or company, make sure that you’re complying with all data regulations and are transparent with users about how their information is collected and used.
As long as you’re complying with data protection laws, you still have the same targeting capabilities. Here are some ways of leveraging data to build your brand’s digital presence:
- Create retargeting lists across platforms to follow-up with users who visited the site but didn’t convert, placing a more targeted ad in front of those end-users.
- Leverage compliant 1st party data to inform content development, predictive analytics, addressable advertising, and more.
- Learn and improve your site based on analytics data. If one of your most-visited landing pages has a high bounce rate and a low avg. time on page, work to determine why users are leaving the page, and update the UX to create a better landing page environment.
- Use the data you’ve collected from current users to reach new users who share similar digital attributes, also known as ‘lookalike audiences.’ Create lookalike audiences across paid media platforms such as Google Ads, Facebook, Twitter, and more.
The list can go on and on! But first: make sure your site is compliant, and make sure you’re putting the end user’s safety first.
Bluetext has learned a lot about data protection policies and data privacy over the years. We’re constantly adapting our site to make sure it’s up-to-date to remain compliant with data policies, ensuring consumer data is always safe. Visit our site to learn more about how we have achieved success while remaining compliant. And don’t worry, we won’t collect any data unless you’ve opted in!
For businesses with users outside of the United States, being aware of the General Data Protection Regulation (GDPR) and similar legislation is an essential consideration. The GDPR has created strict provisions for EU web users’ privacy and data rights, which extends to US browsers. As global privacy legislation evolves, North American businesses that handle global users’ data must comply with current regulations and build with an eye on future compliance. Top digital marketing agencies advise and design campaigns and websites with these policies in mind to provide frictionless engagements.
What is the GDPR?
The GDPR goes beyond earlier regulation, focusing on personal data protection regardless of the type of data and how companies must document user consent in a transparent fashion. These protections apply to all persons browsing within or originating from the European Union.
The term “personal data” is not synonymous with “personally identifiable information”, or PII. PII has traditionally been a legal concern for American businesses, and it refers to a more defined set of information than the GDPR model. PII does not have to be context-specific to be regulated, in contrast, the GDPR emphasizes the consumer risks of data aggregation.
My business isn’t located in Europe, why should I care?
The GDPR’s reach is far greater than the medley of privacy protections in effect across the United States. Violators of the regulations risk penalties of €20 million ($22.6 million as of writing) or 4 percent of global annual revenues for the preceding fiscal year, whichever is greater. Comprehensive legislation at the state level in the U.S. has been varied, many forward-thinking businesses are beginning to take steps to adapt their practices to comply with the California Consumer Privacy Act (CCPA). Ultimately every website will have to comply with some set of standards, so it is wise to be proactive and implement privacy protection now. Top digital marketing agencies such as Bluetext are taking steps to protect against potential violations of the CCPA and GDPR by changing cookie collection practices, recommending new data collection practices, and designing clear consent forms.
Changing privacy policies impact sites from the bottom up, starting with development and design
In a digital-first world, data is a critical component of many businesses online and offline strategies. With the implementation of the GDPR, marketers and web developers must be more diligent about what data we collect, the means by which we collect it, and how we handle sensitive information. When building or updating websites, web developers, and digital project managers should take this as an opportunity to rethink how sites can be more transparent and adopt the Privacy by Design framework.
The Privacy by Design framework highlights design-thinking approaches to development prior to launch to eliminate the need for post-hoc privacy fixes once a project is live. Solutions such as making privacy the default setting for site visitors, making privacy standards visible and open, and giving users specific privacy information notices are easy considerations to add to the development plan.
If your site is already live, consider a development sprint focused on auditing areas of potential weakness. In assessing your data hygiene, your team can look for unsafe or unnecessary modules that can be disabled, particularly those found in APIs and third-party libraries. Adtech integrations may help source leads and retarget with better precision, but validating that their pixels and tracking are in alignment with GDPR best practices is essential.
The aesthetic design of websites is also impacted by changing privacy practices. GDPR consent requires clear and explicit opt-in notices to users. Designers, user experience experts, and marketers should work collaboratively to update existing landing page components to incorporate new disclosure features. One simple mantra to internalize in the design phase? Offer accessible, clean choices around cookies and pixels.
When building clear user permissions for data capture, the GDPR requires that websites define data retention and deletion plans for all the personal data collected. Adding GDPR conscious logic to scripts at the code level of your site can save time for site custodians and business analysts alike in the future.
Updating best practices for common marketing tactics and tools
Many businesses use cookie tracking to better measure the impact of their marketing strategies, and they combine tracking with other user data to build user personas. While this has been an accepted practice in the past, the new regulation now requires clear permission from European users to collect this information, whether the site is for an American or French company. As noted in the impact of GDPR on design, cookie usage has to be explained on either the homepage or a second-level page on the navigation. This immediate opt-in should allow users to understand how their data is collected, the purpose of the data, and how long they are consenting to these cookies.
As a website operator, sites must withhold all cookies and trackers on your website until you have received clear and explicit user consent on each type of cookie and tracker. This consent has to be given freely, described in explicit plain language, and users must have the ability to withdraw consent. The rights of users under the GDPR are extensive — to comply, website custodians must update their privacy policies and opt-in tools.
This sounds like a lot of work, why should I care?
Ultimately, thoughtful privacy policies, development, and design provide a safeguard for both businesses and users. The GDPR gives consumers new rights to access and manage their data on digital platforms, and businesses that do not adapt to meet these regulatory requirements can face steep fines. While these changes can seem overwhelming, a top digital marketing agency such as Bluetext can guide your business through the murkiness of data privacy design and compliance.
We recently launched our Top Marketing Trends 2019 series, that will take a close look at what digital marketers should expect for next year. We started with privacy because of a sea change in consumer attitudes about their online privacy over the past 18 months – much of it the result of huge changes in policy around the world, like the European Union’s GDPR requirements, as well as data breaches that put a massive number of Americans at risk. In our post last week, we dove into what GDPR means for marketers here in the U.S.
In today’s post, we will examine changes resulting from Facebook’s sale of its data to Cambridge Analytica, which used the information on Facebook users for controversial political targeting. Why is this a top marketing trend for 2019? Because the realization of how social media platforms like Facebook are using consumer information has had a significant impact on Facebook’s users and financial status, a trend that will extend to other social media outlets in the coming year.
Here are out three key takeaways from the Facebook fiasco that will have a significant impact on digital marketers:
The challenge with marketers who want to leverage platforms like Facebook to reach their target audiences is that the social media companies themselves are just now putting in place consumer safeguards about how their data is being used- in the face of serious public and political pressure. We all know that consumers want an easy experience when looking to research or purchase on the internet, which is what we marketers want, as well. Now that consumers see that this convenience comes at a cost, they want more control over how their personal information is used.
Our first takeaway for 2019: There’s a big difference between serving the consumer’s interest and using that same data when it doesn’t benefit that individual. Our recommendation is to take a close review of how you use your customer data and make sure it actually serves the customer.
Our second takeaway for 2019: Give visitors to your website real choices that they can understand over how their information is used. One idea that is making headway is having a privacy dashboard that is readily accessed by visitors, where they can make their own decisions about their data.
Finally, we all need to know who we are dealing with when it comes to third-party vendors. The issue with Cambridge Analytics was not simply that Facebook was providing data to an outside entity – after all, that is its business model, and in our opinion, there is nothing wrong with that when used appropriately. The scandal was that the outside firm was using the data for ways that Facebook users would never have sanctioned – to influence how they vote in elections.
Our third takeaway for 2019: Make sure you know your partners, including data brokers and ad buyers, and exactly what they are doing with the information. Ask them if they are acquiring personal data without the user’s permission. It won’t be enough to claim ignorance about your third-party vendors.
In our next post on top marketing trends 2019, we’ll look at website design and build, and what to expect next year.
Learn how Bluetext can help you make the most of the top marketing trends for 2019.
It’s time again for our top marketing trends 2019, Bluetext’s annual look at what trends are going to drive digital marketing come the new year. In this and subsequent blog posts, we will discuss additional trends for 2019, including the public’s change of attitude towards social media platforms, and then assess what to expect next year in website design, digital marketing, branding, and public relations.
For 2019, identifying an over-arching theme that will drive a significant part of the marketing industry is not hard. Privacy, ranging from significant new regulatory requirements, massive industry failures, and changing consumer expectations, wasn’t merely a distraction (or some might say annoyance) – it was a bludgeoning that top marketers had to take repeatedly, as changes to successful digital strategies got turned on their head over and over throughout the year due to changes in privacy rules as well as blow-back against platforms that appeared to disregard privacy.
First and foremost for us marketers was the General Data Protection Regulation, better known as GDPR. The regulation, which took effect in the European Union on May 25th, is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union. Of course, since just about every brand either does business now in the EU or wants to do business there, it is a framework that impacts every organization that interacts with our friends across the pond.
GDPR in and of itself tells you everything you need to know about how privacy is becoming the driving force behind changes to digital marketing. In a nutshell, the regulatory framework behind GDPR places personal information back in the hands of the individual, and removes it from the control of private companies, because it requires the explicit informed consent of an individual to make their information public. There are other requirements as well in the regulation, but it essentially requires marketers at every company that does business in the EU to obtain the “opt-in” consent from their customers (and non-customers). And because few people can be expected to give that permission, it is drastically changing how marketers can use the types of behavioral data that we generally collect for marketing (and other) purposes.
Here’s how Inc.com summarized the impact of GDPR on digital marketers:
“(A) s a digital marketer, you are going to have to be transparent any time you wish to collect data on someone. You will have to communicate very clearly that you want to collect data, and explain explicitly how that data is going to be used. You then have to gain consent while also informing consumers about their right to refuse or withdraw their consent. This means that you might have to get a lot more creative when trying to convert a website visitor into a lead.”
GDPR presents some very real challenges to digital marketers, who are going to be held to a higher standard than pre-GDPR. But it’s also forcing fresh thinking and more creative strategies, and ultimately it should help build better relationships between businesses and their consumers that are built on trust and transparency.
Next in our Top Marketing Trends 2019 series: How privacy blow-back to top digital platforms is changing digital marketing.