Is Consumer Privacy an Existential Threat to Geomarketers?
The conversation about consumer privacy and ad targeting wasn't ended by Europe's GDPR. It's just beginning, writes the LSA's Greg Sterling.
The two hottest issues in digital marketing right now, arguably, are privacy and location. In a sense they are two sides of a coin; they are also on a collision course.
Mobile user location has evolved into a sophisticated tool to track and improve online and traditional media performance. I probably don’t have to reiterate to this audience that store visitation and real-world behavioral insights from mobile location data yield better ad targeting, retargeting and (offline) attribution than other methods. There are also increasingly creative combinations of mobile data and traditional media, such as TV, direct mail and out-of-home.
In the majority of these location scenarios, the data being captured by technology providers and marketers is presented as “aggregated and anonymous.” Often in my conversations with location intelligence companies, that’s as much time as we devote to privacy. The methodology is said to be “privacy compliant” and the conversation is essentially over.
It’s becoming increasingly problematic that most of the location data collection is happening behind the scenes, without the awareness of the vast majority of mobile users themselves. This, despite the fact that users can deny location to their apps and turn off location services on their phones.
The recent AP story about how Google continued to use consumer location after location history was turned off sparked a great deal of secondary coverage and debate. Google was still using location for maps and search even when phone owners had consciously turned off location services. Google did disclose it was doing this, but that fact wasn’t easily discovered. (Google amended its online help pages subsequent to the article.)
The point of view of the AP article was that Google was doing something sneaky. I didn’t exactly see it that way, but I understand those who did.
Since the 2016 presidential election, Cambridge Analytica and a steady stream of online data-related scandals, privacy has moved from a seemingly settled issue to the front burner. When Facebook CEO Mark Zuckerburg opined that privacy was a declining social norm, back in 2010, he certainly did not foresee where his company would be today.
The general American public has become much more conscious and concerned about privacy in the past couple of years. Another reason for this is Europe’s General Data Protection Regulation (GDPR), which was implemented this May and requires explicit opt-in consent for use of personal data, including location.
Two European location-data providers, Fidzup and Teemo, that collect location data from third party apps and resell it to brands and retailers were recently cited by French privacy regulators, who asserted that the two companies were non-compliant under GDPR. Even though French users were opting to share their location with the app publishers, they weren’t informed the location data would also be used for other purposes – even though at an “aggregated and anonymous” level only.
This model is widely used in the U.S. market: data is sourced by third party data companies from primary providers (e.g., apps) and then utilized for business intelligence, ad targeting and attribution.
Data is a foundational element of the digital ecosystem. That’s why most technology companies are opposed to the recently passed California Consumer Privacy Act, which has similarities with GDPR. Among other things it gives people in California the right to block the sale of their personal data to third parties and creates civil liability for companies that violate its provisions. It will also have national reach and impact.
Fearing this law and a patchwork of state-level privacy laws, tech companies have now mobilized to lobby for uniform federal privacy legislation that will exempt them from a potential cacophony of state privacy regulations. The outlook for federal action is unclear, but the California law will go into effect in January 2020.
Despite all this, most marketers are not as concerned as they should be about privacy. A recent CMO survey found that 70 percent of respondents planned to increase their use of customer data but only 10 percent of respondents were “very worried” about data use raising consumer privacy problems. One could argue they’re in denial about the seriousness and immediacy of privacy as an existential issue, with location data collection as a central issue in the privacy conversation.
That’s why at this year’s Place Conference, on September 13 in New York, we’ll have two critical privacy discussions in addition to showcasing the full range of location intelligence use cases. One is about consumer consent and data, “The Future of Digital Identity: Countdown to 2020.” The other will discuss “Location & Privacy: The Way Forward.”
It’s imperative we find a way forward that that enables the industry to obtain the (location) data it needs while giving consumers confidence their personal information is not being used without their knowledge. It’s not entirely yet clear how to do this but it must be done nonetheless.
*Greg Sterling is VP of Strategy & Insights for the Local Search Association (LSA). He frequently writes and speaks about location intelligence and its impact on digital media and marketing. Previously Sterling was as a senior analyst for Opus Research and The Kelsey Group (now BIA/Kelsey). He founded The Place Conference in 2014.