[{"@context":"https:\/\/schema.org\/","@type":"BlogPosting","@id":"https:\/\/www.the-future-of-commerce.com\/2019\/02\/05\/consent-data-management\/#BlogPosting","mainEntityOfPage":"https:\/\/www.the-future-of-commerce.com\/2019\/02\/05\/consent-data-management\/","headline":"Consent data management is essential to the future of business","name":"Consent data management is essential to the future of business","description":"Companies around the globe are beginning to see enforcement actions around data privacy laws. Learn how a consent data management mitigates regulatory risk.","datePublished":"2019-02-05","dateModified":"2022-03-16","author":{"@type":"Person","@id":"https:\/\/www.the-future-of-commerce.com\/contributor\/ratul-shah\/#Person","name":"Ratul Shah","url":"https:\/\/www.the-future-of-commerce.com\/contributor\/ratul-shah\/","identifier":305,"image":{"@type":"ImageObject","@id":"https:\/\/secure.gravatar.com\/avatar\/18781ab115e32031df4d1cbc3baffb8fb9bc77288c20e05eb447f4e9739062f4?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/18781ab115e32031df4d1cbc3baffb8fb9bc77288c20e05eb447f4e9739062f4?s=96&d=mm&r=g","height":96,"width":96}},"publisher":{"@type":"Organization","name":"The Future of Commerce","logo":{"@type":"ImageObject","@id":"https:\/\/www.the-future-of-commerce.com\/wp-content\/uploads\/2023\/01\/logo-foc-schema-app-1.png","url":"https:\/\/www.the-future-of-commerce.com\/wp-content\/uploads\/2023\/01\/logo-foc-schema-app-1.png","width":172,"height":60}},"image":{"@type":"ImageObject","@id":"https:\/\/www.the-future-of-commerce.com\/wp-content\/uploads\/2019\/02\/thumbnail-ded60504a398e8bdf9ee903067a54d60.jpeg","url":"https:\/\/www.the-future-of-commerce.com\/wp-content\/uploads\/2019\/02\/thumbnail-ded60504a398e8bdf9ee903067a54d60.jpeg","height":375,"width":1200},"url":"https:\/\/www.the-future-of-commerce.com\/2019\/02\/05\/consent-data-management\/","about":["Consent data management",{"@type":"Thing","@id":"https:\/\/www.the-future-of-commerce.com\/customer-experience\/customer-data\/","name":"Customer Data","sameAs":["https:\/\/en.wikipedia.org\/wiki\/Customer_data","http:\/\/www.wikidata.org\/entity\/Q56278300"]},{"@type":"Thing","@id":"https:\/\/www.the-future-of-commerce.com\/customer-experience\/","name":"Customer Experience","sameAs":["https:\/\/en.wikipedia.org\/wiki\/Customer_experience","http:\/\/www.wikidata.org\/entity\/Q984142"]},{"@type":"Thing","@id":"https:\/\/www.the-future-of-commerce.com\/marketing\/marketing-general\/","name":"Marketing","sameAs":["https:\/\/en.wikipedia.org\/wiki\/Marketing","http:\/\/www.wikidata.org\/entity\/Q39809"]},{"@type":"Thing","@id":"https:\/\/www.the-future-of-commerce.com\/sales\/sales-general\/","name":"Sales","sameAs":["https:\/\/en.wikipedia.org\/wiki\/Sales","http:\/\/www.wikidata.org\/entity\/Q194189"]}],"wordCount":919,"keywords":["Consent Data Management","Customer Data","Data Privacy","GDPR","GDPR Fines"],"articleBody":"It\u2019s tempting to think of Google\u2019s recent GDPR penalty as a first. The $56 million judgement is the biggest GDPR fine to be issued by a European regulator, and the first time a tech giant has been found to be in non-compliance of the regulation.But a different story emerges after looking more closely at the EU\u2019s regulatory activity since GDPR enforcement began in May 2018. The Google penalty isn\u2019t the start of something new; on the contrary, it\u2019s the latest development in the EU\u2019s pursuit to make businesses more transparent about data collection and processing.This wider view also shows a clear trend: Regulators are primarily targeting a company\u2019s consent data collection and management practice in their investigations.What does this mean for your business? More than ever, consent data management is the front line for your GDPR risk exposure and your reputation as a transparent, trusted business.      Customer data strategy: Solving the direct to consumer puzzle                To optimize direct to consumer models and win against digitally native competitors, consumer products companies need a focused customer data strategy.      Transparency: The heart of the Google penaltyWhen CNIL, the data protection authority in France, announced Google\u2019s penalty, regulators described two main violations. In both instances, the company\u2019s efforts to be transparent about its collection and processing of personal data were deemed to be flawed.In the first violation, CNIL said users weren\u2019t able to fully understand the extent of Google\u2019s data processing operations across its ecosystem of products and services. In the second violation, CNIL said Google failed to validly obtain the user\u2019s consent to process data for ads personalization purposes.The regulators cited two reasons for the ads personalization violation:First, the consent was not sufficiently informed since information was spread across multiple documents and did not enable users to understand the extent of the processing operations.Secondly, they didn’t find consent requests to process data for ads personalization to be specific or unambiguous enough to meet GDPR requirements.CNIL felt these violations were enough to take unprecedented action: \u201cThe amount decided, and the publicity of the fine, are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information and consent.\u201dThe first shot across adtech\u2019s bow: Consent data management becomes more important than ever to the future of businessEven before the Google penalty, CNIL had been aggressive in pursuing major investigations involving potential GDPR violations around the consent issue. In late October, they issued a decision against Vectaury \u2013 a French adtech firm \u2013 that is threatening the status quo of the entire adtech industry.In their investigation, CNIL found that Vectaury, and the consent framework they used, bundled consent for third-party data processing through partner contracts. The governing authority called for a halt to this practice and has required Vectaury to cease data processing as the legal case proceeds.Privacy activists and adtech firms took immediate notice of the decision. Bundled consent is at the heart of the online ad industry\u2019s real-time bidding (RTB) system. This system, which has displaced traditional models of digital ad selling, is growing at breakneck speed. It\u2019s estimated RTB digital advertising spend will reach $23.5 billion in the United States in 2018 compared to a $6.3 billion spend in 2014.When viewed in combination with other GDPR-based complaints about the RTB system, it\u2019s clear this pillar of the adtech industry is under regulatory assault. And, as the CNIL decision shows, regulators are willing to shut down a company\u2019s data processing operations if it finds it in violation of GDPR\u2019s consent requirements.At the source: Consent matters to consumersIt\u2019s important to realize these high-profile investigations and penalties originally started with consumer complaints. EU member states received a total of 42,230 GDPR-related complaints from the time enforcement began until October. Of those, Giovanni Buttarelli, the European Data Protection Supervisor, told TechCrunch that customer consent is the most pressing issue:\u201cIn cases in which it is indispensable to build on consent it should be much more than in the past based on exhaustive information; much more details, written in a comprehensive and simple language, accessible to an average user, and it should be really freely given \u2014 so no blackmailing.\u201d      The customer data revolution: CRM and CDP roles evolve                CDP solutions offer businesses an answer to the consumer privacy concerns that fueled data privacy laws and the customer data revolution.      Consent data management strategy is a mustIf your company serves customers in Europe, your consent data management strategy needs to be a priority. By developing a vision for capturing consent and preferences holistically across touchpoints, brands, and channels \u2013 for every instance when this data needs to be captured according to GDPR requirements \u2013 you can drastically mitigate regulatory risk.In addition, if you develop a reliable system for enforcing a customer\u2019s preference and consent choices to downstream applications and services, your business will avoid a major source of GDPR-based complaints.Moreover, honoring customers\u2019 preferences and consent choices helps build trust in this new age of consumer privacy and data protection. And this trust is the foundation of today\u2019s meaningful customer relationships. Without trust, customers jump to competitors and brand reputation takes a serious hit, as many businesses who are not managing preferences and consent data according to GDPR standards are about to find out.  Your competitionwants your customers.Is your brand built to keep them?Unlock strategies to power your enterprise HERE."},{"@context":"https:\/\/schema.org\/","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"2019","item":"https:\/\/www.the-future-of-commerce.com\/2019\/#breadcrumbitem"},{"@type":"ListItem","position":2,"name":"02","item":"https:\/\/www.the-future-of-commerce.com\/2019\/\/02\/#breadcrumbitem"},{"@type":"ListItem","position":3,"name":"05","item":"https:\/\/www.the-future-of-commerce.com\/2019\/\/02\/\/05\/#breadcrumbitem"},{"@type":"ListItem","position":4,"name":"Consent data management is essential to the future of business","item":"https:\/\/www.the-future-of-commerce.com\/2019\/02\/05\/consent-data-management\/#breadcrumbitem"}]}]