EXECUTIVE BRIEF Executive Summary HOW TO BALANCE PERSONALIZATION AND PRIVACY FOR OUTSTANDING CUSTOMER EXPERIENCES
CUSTOMERS EXPECT INTERACTIONS DRIVEN BY PERSONALIZATION AND PRIVACY Digital business introduces exciting opportunities to engage with customers anywhere and at any time. Mobile devices, the Internet of Things (IoT) and other channels your customers interact with offer new avenues to collect customer data that can be used to personalize their experiences. No matter where your customers interact with your brand, ensuring that you can provide seamless, secure and engaging experiences is critical. However, customers are often wary of how companies use and share their information, making them increasingly reluctant to share data beyond what is absolutely necessary. In a recent survey, 71 percent of consumer respondents said they believe brands with access to their personal data are using it unethically. 1 The same survey revealed that more than half of consumers haven t used a digital service because of privacy concerns. These attitudes, combined with a patchwork of evolving geographic, industry and corporate privacy regulations, are placing pressure on organizations to protect their customers privacy and take extra care when collecting and sharing customer data. Despite these complications, businesses still need to collect this data to deliver the engaging, personalized experiences their customers demand. Satisfying these opposing requirements is not as impossible as it may seem. Purpose-built customer identity and access management (CIAM) platforms deliver the capabilities needed to do both. The right solution can enforce customer datasharing consent and adhere to privacy regulations, while allowing businesses to store and manage preferences and other customer data that can be used for personalization. More than half of consumers say they haven t used a digital service because of privacy concerns. 2 02
BUSINESSES MUST DELIVER PERSONALIZATION-PRIVACY BALANCE When customers trust that an organization is a responsible steward of their information, they reward the business with loyalty and positive word of mouth. Organizations that lack ways to protect data from unauthorized sharing, data breaches and misuse stand to lose this trust. That translates into lost business. Privacy fears are also driving stronger, more complex mandates. Regulations can apply to geographies, industries, even An organization s approach to customer privacy is increasingly becoming a competitive differentiator. 3 -Forrester demographics. In Europe, the General Data Protection Regulation (GDPR) stipulates where the data of European citizens must be stored, how customer consent is enforced and how data is collected. Once it goes into effect in May of 2018, organizations will face fines of up to four percent of their annual revenue or ten million Euros for violations. To thrive in this increasingly complex landscape, organizations must carefully control which customer data attributes are accessible to applications. They must ensure that apps only have access to the attributes they need and, particularly for partner applications, that customers have consented to sharing data. Finally, they must make these consents intuitive. Lengthy privacy policies full of legalese are a thing of the past. Your customers expect user-friendly controls that let them manage their consents and clearly see who has access to their data. Centralized privacy management capabilities enable compliance with a growing number of dynamic privacy regulations. With centralized policies, you can confidently control how and where data is used. Without them, it s risky to embark on new initiatives to improve customer experience, and you risk tight restrictions from security, legal and compliance teams. Those are steep sacrifices in today s multi-channel marketplace, where competitive advantage lies in personalization. So how can organizations use customer data to build personalized experiences? First, let your customers explicitly state their preferences. Relying on assumed, implicit preferences derived from browsing history or marketing platforms can yield inaccurate assumptions. Then, rely on a secure, centralized repository to store and manage customer data and preferences from different applications and channels. Make sure it can handle the scale required for customer-facing deployments and that it exposes customer data through developer-friendly REST APIs. Without these critical pieces, you re likely to frustrate customers with inconsistent or inaccurate experiences across channels. 03
ENABLE PREFERENCE AND PRIVACY MANAGEMENT IN 1-2-3 Personalization and privacy management are critical for regulatory compliance and delivering seamless and secure customer experiences in the world of digital business. When evaluating a CIAM platform, ensure that it enables the following capabilities: 01 Unified Customer Profile Digital business generates and uses data across multiple customer engagement channels, devices and apps, as well as internal business units and third-party partners. Effective personalization and privacy management requires storing customer preferences, consent choices and other data into a secure, scalable unified profile that is accessible to all applications. A complete view of the customer consists of many different types of data, including structured information such as name, age and contact information, and unstructured data like purchase history and behavior patterns. CIAM platforms can help migrate or synchronize all of your existing data into a unified customer profile. Once it s there, you can manage customer data, including implicit and explicit preference information, to create a highly valuable profile that offers deep insight into who the customer is and what he or she wants. 02 Policy-based Data Governance Protecting consumer privacy and adhering to regulations is complex. It can require multiple layers of policy enforcement and control. Look for policy-based data governance capabilities that can adhere to regional, corporate or industry regulatory constraints and enforce customer consent. Your CIAM platform should also do more than just govern access to an entire customer profile; it should make fine-grained distinctions about what data attributes within the profile can be accessed. For example, a third-party marketing email service may need access to customer names, email addresses and opt-in preferences, but not payment information. Customers may also want to restrict certain attributes, such as their email address, from being shared with certain partner applications. Sharing data with third-party service providers and data brokering is becoming more common in the digital ecosystem. Policy-based data governance will ensure that you re adhering to regulations and giving customers control over and insight into where their data is being shared. 03 Consent Management Customers expect their experiences with your brand to be user friendly, including the experience of managing their privacy consent. Having a centralized profile to store privacy and consent preferences, that are in turn enforced by centralized policies, allows you to expose customers data to them on any channel. You can do this using intuitive controls that let customers see who has access to their data and manage which attributes they ve consented to share. This approach is far better than asking customers to consent to a lengthy, catch-all privacy policy. Taking the time to give customers this type of insight and control will reassure them that you re being a good steward of their data. 04
CONCLUSION Forrester states that modern digital business tactics particularly marketing initiatives like delivering seamless multi-channel customer journeys, behavioral targeting and location-based mobile marketing are forcing marketers to become more conscious of privacy challenges. 4 As digital technologies offer more ways to reach customers, we must be careful to not overstep boundaries into the territory of negative customer experiences. The personalization and privacy management capabilities of CIAM solutions enable us to confidently walk the fine line between leveraging customer data for personalization and adhering to privacy regulations. 1. Mindi Chahal, Marketers Overestimate Consumers Attitude to Data, Marketing Week, June 23, 2016, accessed July 17, 2017 at https://www.marketingweek.com/2016/06/23/marketers-overestimate-consumers-attitude-to-data/ 2. Ibid 3. Vendor Landscape: Privacy-Support Providers for Marketers, The Customer Trust And Privacy Playbook For 2017, Forrester Research, last updated Aug 25, 2016. 4. Ibid ABOUT PING IDENTITY: Ping Identity is the identity security company. We simplify how the world s largest organizations, including over half of the Fortune 100, prevent security breaches, increase employee and partner productivity and provide personalized customer experiences. With Ping, enterprises can securely connect users to cloud, mobile and on-premises applications while managing identity and profile data at scale. Visit pingidentity.com. #3164 v00d 07.17