The Evolving Data Privacy Landscape
Online Tools Make Privacy Law Compliance Easier
August 12, 20193 min read
The world of data privacy continues to evolve and grow as each day passes.
Last year, the General Data Protection Regulation (GDPR), one of the most extensive data privacy laws, took effect. Next on the horizon: CCPA (California Consumer Privacy Act). Other data privacy laws are on the books, but these two have the sharpest teeth: hefty fines for non-compliance.
GDPR and CCPA differ slightly in requirements but share the common goal of enhancing consumers’ rights to control the use and processing of their data.
Working with Your Legal Team
Digital marketing teams need to work directly with their legal and compliance teams to ensure they provide visitors access to the rights these laws define and protect. Compliance can be challenging for marketers, who typically understand their MarTech stack but not the laws. Likewise, legal and compliance teams understand the laws but not the marketing. They must work together to understand each part of the MarTech stack and how the law applies to it.
Marketers should build a list of the places where their company collects and stores customer data or data that could be used to identify a customer or household. The likely places – but not the only places -- are:
- Analytics tools
- Forms – Databases used to store this data
- Marketing Automation
- Ad Tech
- Social Media Pixels
- Email Marketing Software
Describe to your legal/compliance team how customer data is stored and protected, and note who has access to that data. Tell them which internal team members, vendors, and third-party platform providers have access to this data. Once you and your legal team have a shared understanding of where your risks lie, you can start building and implementing a compliance plan.
Tools to Help You Towards Privacy Law Compliance
Managing online cookie consent through cookie consent managers, among the many solutions to various issues involving data privacy laws, is the most common way companies achieve compliance. Cookie consent managers give users control over your site’s settings for cookies, pixels, and other web trackers. It can help you make these technologies and your intent behind their use transparent to your visitors. That’s good for your users, and it’s also the sort of thing that such laws as GDPR require.
Tools that manage Data Subject Requests (DSR) also help site managers achieve compliance. These tools allow customers/visitors to contact you and invoke their rights, and they also help you manage these requests efficiently. A single, unified portal makes it easier for the customer and helps you streamline processing privacy rights request workflow.
Several third-party tools can help you manage cookie consent and DSR. Our team here at Northwoods suggests CookiePro by One Trust*. We have selected CookiePro for their robust feature set and streamlined user interface, including:
- A simple-to-use workflow builder for managing and processing DSRs. These workflows start with customized forms to help users assert their rights and let you know how they would like their data processed. Once a request is made you can manage it in a single portal - and have internal conversations across departments and communications with the user making the request, without leaving the portal. Workflows can be customized to make sure the same process is followed for every request, and steps are not being missed.
- A customizable cookie consent banner. Giving users a way to control what cookies are set on their computer is part of many privacy regulations. CookiePro provides an easily configurable banner that can be customized on a per-domain basis. It provides flexibility to meet the needs set forth by your compliance team while providing a simple-to-use interface for your visitors.
There are also many great resources available for keeping up with privacy laws. One of the firsts places that we begin our research for data privacy laws and regulations is at free.dataguidance.com, an excellent, up-to-date resource with in-depth analysis on many digital privacy laws and regulations from all around the globe, including GDPR, CCPA, HIPPA, Brazils LGPD, and more.
The landscape of data privacy will continue to change and evolve. Marketing and compliance teams will need to continue to work together to make sure they are always complying with each new law or regulation that is enacted. Finding tools that help will make the journey easier and allow for less work as new rules go into effect.
* Northwoods is an Agency Partner with CookiePro by One Trust
Interested in learning more? Join Northwoods' digital marketing experts and Godfrey & Kahn's data privacy attorneys for a free webinar, What You Need to Know to Comply with California's New Privacy Law (CCPA), on Wednesday, Sept. 18, 10-11 a.m. CST. Learn more and register today!
Related Blog Posts
Wondering how your business should prepare for the California Consumer Privacy Act? Find out how to ensure you remain in compliance.
We know it can be difficult to stay on top of the latest trends while handling day-to-day job duties. Beginning this month, the Northwoods Digital Marketing team will start publishing monthly digital marketing updates. Our first update focuses on the latest and greatest in digital marketing, and tips on how to respond to (or take advantage of) the latest updates.
GDPR is a new set of EU regulations going into effect on May 25, 2018. It provides citizens of the European Union greater protections and rights pertaining to what companies can do with their personal information. Discover what this law means for you and what you should be doing to remain compliant.
View All Blog Posts