Let's face it, the demand for data protection and legal security in online marketing simply doesn't fade away.

Quite the contrary, the issue gets constantly more attention in the media and the public eye.

The Singapore Government is considering a National Do-Not-Call Registry to protect consumers’ privacy by allowing consumers to opt-out of all unsolicited marketing like calls or SMS ads. If approved by Parliament, in 2012, companies will have to check the registry and ensure that they do not contact the registered numbers via calls, SMS or even fax, if they don’t want to risk a fine of up to One Million Singapore Dollars for not abiding by the rules.

Privacy in the technology sector has become, in general, an increasingly important issue in recent years. In many companies, especially in the areas of information technology, telecommunications and the internet as well as marketing and advertising, it has become an issue at CEO or board level. The reason for this lies in the technological change and the increasing importance of data, where data protection not only raises legal questions, but makes it the focal point of public awareness. Online and email marketing, social networks, geospatial data services as well as cloud computing are just a few examples that make data protection issues more and more crucial, as they are increasingly determining whether a particular business model works or not.

Surprisingly, recent studies show that data privacy protection doesn't always stand at the top of a company’s agenda. Many seem to underestimate the topic or simply don’t know enough about it and due to the still limited enforcement of data protection by supervisory authorities some companies, especially start-ups, deliberately take risks.

Well, it seems at least that the situation is different in most traditional businesses, since they have understood why the issue of data protection must be given attention. In particular, publicly listed companies and large companies in the B2C sector do take data protection very seriously, as part of their general compliance responsibilities. In times of crisis, however, many others still don’t seem to be interested in the issue, at least as long as they haven’t encountered any trouble with data privacy protection before.

Most specialized players have, in general, a very good understanding of data protection and often just need some advice because of unclear legal regulations, international aspects, and the attempt to explore boundaries.

In the past, companies were mainly focused on collecting data in marketing and CRM, as cause-related processing and the proper collection and administration of consents and data usage agreements in marketing was often rarely managed at that time. Well, be assured that this business style won’t do it any longer. Nowadays, the legally correct administration and systematical collection of a huge number of consents for a more sophisticated targeting have an important strategic role in marketing. Companies that don’t recognize this in time and get prepared will have a clear competitive disadvantage in the future, as this paradigm shift cannot be made ad hoc and often not even retroactively.

Companies simply risk losing substantial parts of their customer data for marketing, if they have not collected the data in a properly legal way – which is the real economic risk (and not individuals’ complaint, as is often erroneously assumed).

Awareness that knowledge about the customer - the customer data - represents the core business value isn't often really understood. Although not only the possession but the legal agreement for using such data in marketing is the critical point. Valid, timely and detailed customer data are part of the customer value, as they help to exploit and increase the customer lifetime value. Who puts it into practice will look after these values and deliver appropriate maintenance. Unfortunately, an overview and perspective on the legal position is often absent and therefore a shallow smattering on the do's and don'ts gets circulated.

Regarding the use of social media marketing there is currently a lot of legal uncertainty, although just considering a few simple rules can be very helpful:

  1. Transparency is needed and means to inform customers and other stakeholders of the concrete, obvious and clearly understandable guidelines before using their data.
  2. In case of doubt make default "opt-in", i.e. conscious and active consent of the person in the area of social media marketing. Deviations from this norm should only be considered after seeking proper legal advice.
  3. Do not cooperate, if you do now know what your partner will be doing with the data.
  4. Understand from a technical point of view what exactly happens and seek professional legal advice if needed. Privacy protection is probably the biggest legal issue in social media, and is one of the threats that can most easily produce a public relations meltdown.

Well, nobody’s perfect and errors can be embarrassing. Do try to stay informed, keep pace with changing rules and regulations in your industry to avoid risks.

By Daniela La Marca