Companies can do more to protect consumers’ data privacy, and it’s in their best interest to do so. Learn the requirements of GDPR, CCPA, and LGPD.
Today we’re going to discuss what my brain spent a large part of the last week obsessing about. There’s also a little bonus at the end.
First, and to make my editor – wondrous Jenn – happy, let’s talk privacy a little.
Data privacy: A long and winding road
I’ve been a staunch advocate for privacy for a while. If I had a time machine, I’d go back in time when Andreesen and friends met in the early days of the Web and someone said, “How are going to pay for this? End user subscription or advertiser-funded via tracking?” to make sure the right decision was made. Definitely not the one we made, that’s for sure.
I’ve followed for a long time the issues of identity and management on the internet from back in the 1990s when I met (serendipity or happenstance, your choice) Kim Cameron while doing some research on Kerberos (this goes more into the memory banks that I am able to access in my old age) and had an amazing discussion on data ownership and identification.
This was followed by great discussions with Doc Searls on VRM (vendor relationships management, how users manage vendors and not the other way around) and deep discussions on data sovereignty with good friend and Doc’s collaborator Nitin Badjaita. Many other things interspersed – including a short startup on identity, reputation, and anonymity in the mid aughts (too early) – but I am building credibility as having been involved in all these topics for a while.
I was one of the very happy people when I heard we’re moving away from third-party tracking, cookies, etc. for identifying users online because it means that one of the above, or a combination, has a chance to succeed. Then again, not really – right?
I came across the federated token model that Google is promoting as a replacement for cookies and I must say – I am shocked, I tell you, shocked they allow gambling in this establishment. The Electronic Frontier Foundation (EFF) did a fantastic job of taking them down, so won’t repeat that here (but read it, it’s very good and comprehensive) – but all this led to the deep thinking of why we need privacy and how do we build experiences around it. This, I believe, will be a key topic for the next decade, and not just driven by compliance with items like GDPR and the many others popping up.
Without privacy, kiss your customers goodbye
How do you build privacy into experiences? If we subscribe, and you know that I do, that users build their own experiences at every interaction, then how much information is necessary to have, access, manipulate, process, and track to enable them to do that – and retain a certain sense of permanence (or state) to the conversation?
Do I need to know who they are? What they need? The context of their situation? The intent under which they reached out? How much of that I process and discard and how much of this I retain? How do I manage rights and responsibilities? Access and layers? You get the point.
I don’t have all the answers (and I won’t, likely, for a while) and I know that my colleague Adrian Nash and our team at SAP CDP have been doing this for a significantly longer time and he has a few more answers (and questions) than me, but here is my proposal.
What is a customer data platform? A customer data platform is software designed to make sense of your customer data so you can engage with them on a more personal, effective (and valuable) level. But what does that mean for marketers? Executives? Customers? How do CDPs change their experiences? Instead of getting into the weeds…
If you are going to build any sort of customer infrastructure, as part of providing interactions for customer experiences, you have to include these topics art the core of that infrastructure. This is core platform level stuff, not an add-on via privacy or security laws and definitely not something you can subjugate to a partner who handles cybersecurity – this is core principles.
Privacy, content, access and roles, rules and responsibilities must be accessible to everyone, and must be customizable to each individual organization level of risk, comfort, compliance, and definitely – customer engagement. This is something that predates any technology or integration need or priority.
This, as an organization or vendor, you must do as elementary level of respecting the trust the customer places in you and your ability to generate and engender that trust towards engagement. If you don’t support and respect privacy as a right of the customer/consumer, you won’t have engagement with them. End of story.
(More on this in future installments; there’s only so much I can share in 1,200 words or so per post.)
Introducing the consolidated experience model
As for the second topic, I want to talk about experiences. I know, shocker… (I cannot do the same joke twice, so be informed that this may have been a good place to quote Casablanca also, and imagine the link is there as well).
My good friend and fellow evangelist Vala Afshar (I just like name-dropping to make myself important, he probably doesn’t want to acknowledge he knows me) and I have been chatting over last few months as I started building my position as evangelist. He tells me I should find and define a model that helps me identify the conversations I want to have. While the privacy discussion above is something near and dear to my heart, it must be used within a framework to make sense and be actionable; otherwise, any potential needs and actionable items will be lost.
And I have been trying to define that model (rather models, as I have to be conversational on five product pillars, and one overall idea of customer experience). The more I read, the more I come across overlapping areas of experience happening at different levels in the company, and the more I end up trying to reconcile them into something more interesting than separate projects. After all, what good is it to the organization if you spend a lot of time working on – say – customer experience, but then try to pretend that employee experience is totally detached from it? Right?
Well, as it turns out – experience is experience is experience (this is the culmination of two decades research on human behavior, so pay attention to the preceding sentence </sarcasm>). But seriously, folks.
True be told, Customer Experience, Consumer Experience, and Employee Experience all follow the same principles and they all (basically) require similar levels of research and implementation (and NONE of them are technologies; rather, they use technology as an aid). The same happens to apply to Stakeholder Experience (partners, governmental compliance, and other unidentified experience actors).
Thus, I am thinking (and this is very early days for this idea) that instead of having four different initiatives, you can create a program, a movement aimed at consolidating these four strategic initiatives. I’d like to call it (because we all need a TLA to make ourselves famous) Mu-X (or multiple experiences, similar to the discussion on multi-cloud, but actually useful and doable, unlike multi-cloud — that is an aberration).
Picture below is an early chart on this. There’s more behind it, but that’s next week’s installment.
For now, I’d love to get your thoughts on the above – please reach out?
(Bonus: Graham Hill is a long-time sparring partner online – we met IRL, and he is a nice chap as well – on matters of JTBD and SD. I have linked to conversations I had with him before in this column. He is doing a weekly-ish series on design journeys that is marvelous and great discussion. Have not had a chance to comment on this week yet, maybe by the time you read it, but here is a great post on the use of analytics (my perspective) in his discussion. Do read it.)