by Peter Matthews of nucleus
This week the French data regulator, CNIL, fined Google €50m for not obtaining a valid legal basis for processing user data. Now we know GDPR has teeth, so how should marketers balance their addiction to personalisation with compliance to the new regulations?
“Lack of transparency, inadequate information and lack of valid consent regarding ads personalisation” were CNIL’s reasons for levying the record fine, laying out a clear warning to others for subsuming specific customer consents required by GDPR in long scrolling pages of terms and conditions.
Here is the marketer’s dilemma positioned in a banking context. Retail banks have masses of data about all of us, especially our spending habits and financial health, but have been useless at using it for our benefit to improve user experiences, or even to help them understand their customers better.
Instead they have relied on credit rating agencies who, on the other hand, have compiled unflattering profiles of each of us that may actually penalise us for a single misdemeanour for up to six years.
Do you remember ever giving them consent? I wonder whether the regulators will now ask where they asked for our consent? Google isn’t alone, banks and credit card companies are also good at hiding their terms in pages of ts&cs.
If you have ever transgressed, don’t think your spotless record with your bank will help, because your third party credit score will define whether you are ‘prime’, ‘near-prime’ or ‘sub-prime’. If either of the latter, they probably won’t lend to you and you’ll be forced into the hands of a high interest sub-prime lender.
Fintechs and challenger banks have spotted the opportunity to use streamlined digital platforms to leverage data to segment the market in more meaningful ways and also, across the board, to improve customer experience. The big banks need to catch up and learn to use their data, responsibly.
So, with national regulators now dishing out substantial fines, how should brands use personal data to improve their offers and personalise brand experiences, while also meeting the consent requirements of GDPR and other obligations?
The answer has to be a personal contract with customers that rewards specific consent to use personal data with useful and valued personalisation. Back in the context of a bank, timely predictive advice when your account balance isn’t going to meet your month-end obligations, suggestions about rebuilding your credit score, or prompting a savings account that would earn you interest on current account balances are all things that would bring value and strengthen brand loyalty. These days, robo advisers can even help with managing investment portfolios.
With so much personal data already held by big brands and regulators beginning to flex their muscles when consent is taken for granted, brand marketers need to balance the golden allure of big data with its risks, and recognise the need for transparency, security and trust. Only when they do will we see personalisation valued by both brands and customers.