Media, tech and marketing industries must develop respectful interactions with consumers

Australia might be lagging on consumer data privacy legislation, but several local companies will still need to comply with global legislation, the latest of which is the rollout of the California Consumer Privacy Act (CCPA) on 1 January 2020.

This week, Twitter confirmed it's updating its global privacy policy to give users more information about what data advertisers might receive, and is launching a site to provide clarity on its data protection efforts. The changes are designed to comply with the CCPA, and follow the October announcement that Twitter found phone numbers and email addresses used for two-factor authentication may inadvertently have been used for advertising purposes.

Interactive Advertising Bureau (IAB) Australia CEO, Gai Le Roy, expected the rollout of CCPA will see more technology players expanding the control and transparency consumers have in regards to their own data. The California law requires large businesses to give consumers more transparency and control over their personal information, such as allowing them to request their data be deleted and to opt out of having their data sold to third parties.

“Even though the Act is relation to data on Californian residents, with so many of the key tech companies based in the state as well as it being such a large economy in its own right, we will see some of the changes implemented for CCPA rolled out across products for their whole customer base,” Le Roy told CMO.

Social media companies, including Facebook and Alphabet’s Google, have come under scrutiny on data privacy issues, fuelled by Facebook’s Cambridge Analytica scandal in which personal data was harvested from millions of users and used without their consent.

At the same time, several global customer data privacy laws, such as Europe's General Data Protection Regulation (GDPR) and the CCPA are putting more pressure on organisations globally to improve the way they manage and provide access to customer data.

“During the rollout of GPDR in Europe approximately 18 months ago, many Australian companies started to review their data policies and if their businesses were used by European citizens made the necessary changes," Le Roy commented.

In a number of ways, CCPA is slightly less onerous for many international businesses with minimum criteria set, she continued.

"This means it is only applicable for businesses that meet one of the following: Buy, sell or share data from at least 50,000 Californian citizens, earn more than 50 per cent of revenue from the selling of personal data, and have revenue of more than $US25 million per annum," Le Roy said. 

“Companies that fall into one of those buckets must clearly give consumers an option that clearly states 'Do not sell my personal information'. So while it is an opt-out system, this message is likely to drive many people to consider this path."

As privacy regulations pop up across the globe, Le Roy pointed to different approaches by various governments with added nuances in terms of law interpretation in different markets. However at the heart of all the policies is giving consumers control and transparency on the collection and use of their own data.

"The media, technology and marketing industries must continue to develop respectful interactions and communication with consumers that clearly articulates the value exchange that they receive if their data is collected and used,” she concluded. 

As part of its latest data efforts, Twitter said it will move the accounts of users outside of the United States and European Union previously contracted by Twitter International Company in Dublin, to the San Francisco-based Twitter operations. The company said this move would allow it the flexibility to test different settings and controls with these users, such as additional opt-in or opt-out privacy preferences that would likely be restricted by GDPR.

“We want to be able to experiment without immediately running afoul of the GDPR provisions,” Twitter data protection officer, Damien Kieran, told Reuters. “The goal is to learn from those experiments and then to provide those same experiences to people all around the world.”

The company said it is also working to upgrade systems and build privacy into new products. Twitter’s new privacy site, dubbed the Twitter Privacy Center, is part of the company’s efforts to showcase its work on data protection and will also give users another route to access and download their data.

Fellow social media platform, LinkedIn, is also updated its terms of service from 6 January 2020. The changes impact its privacy policy, user agreement and cookie policy and again are designed to help give users more data choices, the company stated in a blog post.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, follow our regular updates via CMO Australia's Linkedin company page, or join us on Facebook: https://www.facebook.com/CMOAustralia.