Internal DEBATE

Posted on by Chief Marketer Staff

EXPERTS DISCUSS PRIVACY – AND WHAT CAN BE DONE ABOUT IT – IN A DIRECT ROUNDTABLE

MIXED OPINIONS ABOUT PRIVACY exist even within the direct marketing world. For example, executives disagree over how to protect consumers, and over just how good a job they’re doing. They are also split over whether the issue has affected their operations. With this in mind, DIRECT recently conducted a roundtable featuring experts from the industry. The discussion covered many subjects, including responsible use of information and the legislative outlook. One thing came through loud and clear: The consumer is now in charge. To make sure the consumer’s voice was heard, we invited Julie Brill, an assistant attorney general in Vermont, who did her best to keep the DM gurus on the spot.

Participants: Marty Abrams, Vice president for information policy and privacy, Experian, Allen, TX Julie Brill, Vermont assistant attorney general, Montpelier, VT Jerry Cerasale, Senior vice president for government affairs, Direct Marketing Association, Washington David Diamond, Chief vision officer, Catalina Marketing, St. Petersburg, FL Richard H. Levey, Senior writer, DIRECT Patricia Odell, Senior writer, DIRECT Ray Schultz, Editorial director, DIRECT

SCHULTZ: Is the direct marketing world letting down consumers on the privacy issue, and if so, in what ways?

BRILL: The direct marketing industry has clearly tried to address these concerns. Where the industry could do more would be to more actively disclose to consumers how information is collected and used, and provide them with a more consumer-friendly means by which to exercise choice over use of their information.

SCHULTZ: Would anybody like to respond to that?

ABRAMS: There’s been a technological revolution over the 1990s that’s taken us to an age where information is more actively collected and used, and the information brings more value to all parties involved. Some of that value is recognizable to consumers, and some of it is not. What has been brought front and center is this incredible conflict between the value that information brings to us all and an individual’s desire to define himself. And this whole question of control is about consumers truly trying to define themselves.

DIAMOND: In the world that I come from, packaged goods, we spent a lot of the last 15 to 20 years talking about the shifting of power from the manufacturer to the retailer. Now the shift in power is to the consumer himself.

CERASALE: There’s a shift in control toward the consumer, especially with e-commerce. But I do think there are a significant number of consumers who don’t know that. We have to do a good job of making consumers aware of what choices they have. Some education’s going to come from Gramm-Leach-Bliley [the law that allows banks to sell securities but which contains privacy provisions]. Financial institutions are going to have to provide some kind of notice by July 1, 2001, and we’ll see if that in its own right kick-starts educating consumers and helps get the word out about choice.

BRILL: I think the educational value of Gramm-Leach-Bliley would have been so much greater had there been an opt-in requirement rather than an opt-out. Then financial institutions would have been motivated to not only engage in whatever required notices there are under the law, they also would have wanted to really reach consumers to inform them of all the benefits behind those firms sharing information.

ABRAMS: The whole question of opt-in vs. opt-out is a problematic duality. This may be a case where we should think about consent – consent to a name use or a specific use. When you look at where [online privacy] notices are going and [consider] notices as very explicit contracts, it doesn’t allow for the flexibility that’s important in the marketplace. Let me give you a classic example. We use directory information and other information that is reported by credit grantors to a consumer reporting agency for authentication on the Internet. That’s what the lawsuits involved in Gramm-Leach-Bliley are all about, that directory information. Now, in a very narrow notice world, it would be very hard to use that information for authentication, because who, five or 10 years ago, would have anticipated the Internet and the need for authentication?

SCHULTZ: Opt-in is being pushed as the norm on the Internet, and increasingly we’re hearing about it even on the traditional side of the direct marketing business. I’m wondering if we’re going to end up with an omnibus bill at some point that mandates opt-in – and wouldn’t we be better off if we had an opt-out law about 10 years ago?

ABRAMS: We actually had an opt-in bill last year, the amendment that made the Drivers Privacy Protection Act opt-in. So this isn’t a hypothetical. We have a clear case of traditional marketing data becoming subject to opt-in. Age, which is probably the most important segment tool that we have after gender, disappeared from the marketplace and will increasingly disappear from the marketplace because of opt-in.

CERASALE: It actually disappeared. After 30 states went through the process of getting opt-out provisions, none have gone back to put in an opt-in. So that information is gone. It hasn’t affected the industry much yet, because the data that’s there is still pretty good, but it will in a couple of years.

BRILL: I think it’s important to distinguish between what’s happening as a result of the DPPA and what could happen in a hypothetical opt-in situation where the consumers are making the choices not to provide the information. My understanding of the DPPA is that the states have not taken the necessary step to set up systems whereby consumers would opt in to have their information used. So I don’t think that’s a good test of how much consumers would choose to exercise an opt-in if such a system were already in place. The cutoff of information is not a result of consumers not opting in.

DIAMOND: I do think we have to recognize that the percentage of people who qualify as respondents will change significantly if you go from opt-out to opt-in and that we can’t truly pretend otherwise.

BRILL: Yes, I agree with that. But it won’t go from 100% data correction capabilities to zero percent because no one will opt in. I think it’ll be somewhere in between.

ABRAMS: I think the type of data that will be available will change. The predictive value of that data will change. A few years ago, the head of an automobile manufacturer – talking about re-engineering his company from being manufacturing-centered to service-centered – said, `I want to know the watch you wear and the coffee pot you use so that I can build the right car for you.’ That’s really where direct marketing is going. It’s less about selling existing product and more toward the creation of tomorrow’s products.

LEVEY: You touched on this in terms of the difference between online and offline uses of data: Do you feel that there will be more stringent restrictions placed on online or offline data?

CERASALE: The DMA guidelines basically say a privacy policy fits across media. The online world offers a few different things – for example, there’s the ability for a third party such as an advertising network to concurrently gather information on a Web site visit.

DIAMOND: What we’re seeing is that the new stuff provides a heightened awareness, which is leading to this systematic reconsideration of what the basic guideline is. I also want to comment on something Marty said that strikes me as very interesting. In the business we’re in, which focuses on supermarket targets, we find that the data you folks consider to be a cornerstone is actually insufficient. The fact that you’re a woman 18 to 25 with two kids isn’t enough for me to do some successful marketing. So we’ve ended up entirely on the other end of this: We’re all opt-in because we need the real behavioral data – what are you buying and when and how often. You’re not going to access that data without an opt-in situation.

ABRAMS: It goes to a very interesting different outlook. Different applications require different data, require different approaches.

BRILL: I actually think that one of the large differences between online and offline is the anonymity issue. When consumers surf online they think they’re surfing anonymously, and as a result their expectation is that information is not collected about them that could come back to them in a personally identifiable way. When that expectation proves false – I think that’s what led to the heightened concern that David was referring to. Consumers then transfer their heightened concern from the online world over to the offline world.

ABRAMS: I think we all agree that in some cases it’s not a matter of the organization’s intentional misleading. It’s that the organization didn’t anticipate where they were going and didn’t revisit the issues that they experienced. The whole question of how you manage change in an era when technology changes so quickly, and what the market wants in terms of value changes so quickly, is very important because the public does expect very robust uses of information.

SCHULTZ: Do you guys think the consumer trusts in the ability of industry to self-regulate on this?

BRILL: I think the issue of self-regulation and the consumer’s trust is a very interesting one given the new technologies we’re facing. The barriers of entry have dropped astronomically and with that you’re going to have more and more of these outsiders – companies that either are not members of the DMA or maybe are members that don’t understand policies or are not interested in following them.

ABRAMS: Julie, I absolutely agree that self-regulation is incredibly difficult to do. But legislation and regulation are also incredibly difficult to do in a period of rapid technology change. What we do know is this: When there is a market problem, self-regulation can create the appropriate parameters in a much quicker period of time than can legislation.

DIAMOND: I do have to take issue with this notion of lower barriers to entry. Right now we’re in a transitional stage on the Internet where there are remarkably low barriers to entry. But you’ve always been able to be a pocket direct marketer and post fliers in neighborhood community centers. As the Internet becomes much larger, the notion that you can use the Internet to reach a gigantic number of people without significant cost will be assigned to the historical period 1996-2000 because there’ll be so much clutter and stuff out there that it will be very hard to make that presence in a marketplace.

BRILL: You won’t be able to reach millions, but you’ll be able to reach hundreds of thousands and that’s a lot more than you will reach by posting a little notice on the corner.

DIAMOND: I don’t know if that’s necessarily true. I think the notion that the Internet changes all the technology is absolutely right, but [to say] that it changes the market dynamics may turn out to be a premature conclusion.

ABRAMS: In the B-to-B world I think it does make a difference. I think our ability, for example, to serve smaller customers is greater than it was in the past. We can do it in cost-effective ways. We have a market that gets better because of competition. But I don’t think we should come up with an approach to information use because we have more competition in the market.

BRILL: A perfect example of what Marty was talking about is described very well in the June 24, 2000 Los Angeles Times story, “For Sale: Your Personal Data Cheap, Easy Online.” It notes how the Internet has allowed companies like Experian – where they used to sell lists only to purchasers of large numbers of names – to be able to sell lists as short as one name for $1.

ABRAMS: We’re trying to create techniques that provide more cost-effectively service to the smaller market. But we have not put aside our responsibility to assure that the information is used in an appropriate fashion.

SCHULTZ: What does a good corporation owe the people it has data on? Dave, we’ve heard that you believe in destroying data that you’re not using.

DIAMOND: There can be a tendency to collect data for the sake of collecting data. We’ve tried to be disciplined about this, saying OK, are we going to use this, is there a reason why we’re either asking for it or keeping it? I’ll give you an example. We started deleting data that was more than 65 days old because we didn’t have the storage for it. We realized that there’s no marketing value left in it but there could be some destructive value in it. So why keep the liability? We don’t keep data that we’re confident we’ve reached the point of not using anymore, because data can be destructive in the wrong hands.

ABRAMS: I think it goes to understanding what you believe about information as an organization and decisions you make about it. We too at Experian acquire data because we know there’s a purpose for data. There’s a whole process to determining what the appropriate use of that data is. In our world it’s harder to say what the time period is, other than that negative information that’s seven years old needs to be removed from the file for regulatory purposes. The important thing isn’t that you destroy the data at 65 days. The importance is that you understand the data that you collect and store, what the appropriate purposes are and what the right governance of that data is.

DIAMOND: I absolutely agree with Marty. If I said 65 days, that’s not meant to be a standard for anybody except myself because it happens to be the one that works for me.

ABRAMS: Right. It’s because you understand your data and the use of it.

DIAMOND: Exactly.

CERASALE: One thing I don’t think we touched on is use of information and trying to restrict it. We’ve been told that credit card fraud on the Internet is twice as great in Europe as it is in the United States. That’s because in Europe they can’t check the billing address – that’s an impermissible use of the information you gave the credit card company. You can do that in the United States. So information, in fact, is being used in the United States to combat fraud, to help prevent identity theft. So there’s a balance.

ABRAMS: Security is a very important issue. Security is about protecting information. You can have a secure system and bad privacy policies but you absolutely can’t have good privacy policies and bad security. One of the points that Jerry gets to is that for the first time we really have a conflict between what you need to do to be secure and the consumer’s interest in privacy, because authentication on the Internet requires so much data. And I think that’s one of the things that it’s going to be increasingly hard to wrestle with in a network environment – the conflict between security and privacy.

SCHULTZ: Where is it all going to go in another five or 10 years? What do you think, Julie?

BRILL: I think there will be efforts to enact national legislation that, to my mind, will be technology-specific. Over the next couple of years I think there will be some kind of Internet privacy legislation. Obviously, it depends on what happens in November. I think the states will continue to address the issue as well. So I think you will continue to see the federal approach in that it will be dealt with both in Washington and various state capitals.

DIAMOND: I don’t think my end really kicks in much in five years, but the beginnings of it will be seen. I think the whole nature of the discussion will change because the nature of advertising will change. Mass advertising will genuinely begin to recede. Over time, the consumer will be the driver of the transaction. The consumer will be seeking out the information he or she wants. And the consumer will be communicating very directly to the manufacturers of the product he or she is interested in.

ABRAMS: We’re technology drivers in a demand economy where the demands of individuals drive the market and drive the processes that exist in the market. Information becomes much more important in a demand-driven economy. We need to revisit the basic principles that we use in order to look at what policy should be. But it needs to get on the table very quickly.

CERASALE: I agree with Julie in a sense that I think there are going to be some major pushes in the short term for some type of privacy legislation both on a federal and state level. Some are going to be successful and some won’t be. New business models are going to crop up that are going to meet the needs that consumers are asking for. The hope that we have is that governments don’t come in and try to stop it. We can deal with abuses if they crop up, but they shouldn’t try to stop the process. This is a train that’s going [ahead] and what’s happening today is nothing like what’s going to happen in just five years.

More

Related Posts

Chief Marketer Videos

by Chief Marketer Staff

In our latest Marketers on Fire LinkedIn Live, Anywhere Real Estate CMO Esther-Mireya Tejeda discusses consumer targeting strategies, the evolution of the CMO role and advice for aspiring C-suite marketers.

View More 
	
        

        
Call for entries now open

    

        

        
		
	             
        

 

 








CALL FOR ENTRIES OPEN




















                

                    

        

	
SIGN UP FOR UPDATES!
 Fill out the fields below to receive the latest news and special announcements from Chief Marketer.