This year is already off to a rocky start for the reputation of our industry.    A number of recent and highly visible situations puts data-driven marketing under a harsh spotlight and converge into a storm of renewed regulatory and legislative attention. It seems that 2014 is already a year when marketers are perceived to be the bad guys in efforts to protect consumer privacy.

It matters little that WE know that responsible marketers are the good guys.  We all aim to collect and use data with respect, transparency, notice and choice.  However, marketing practices are under fresh scrutiny these days.

We’ve been blogging about a bunch of them:

  1. At the Senate Commerce hearings led by Senator John Rockefeller (D, WV) in December, Senator Rockefeller and his colleagues readily acknowledge the good value to consumers from relevancy, loyalty and other data-driven services.  Yet, Senator Rockefeller said, “I can’t put my finger on it exactly, but I know there is something evil there.”
  2. Senator Patrick Leahy (D, VT) reintroduced a Personal Data Privacy Security Act that he originally authored in 2005.
  3. Consumers are now on heightened alert about their data because of data breaches at two well-known retailers in December.  
  4. The President delivered an address at the Department of Justice in Washington, DC last week regarding changes to National Security Agency (NSA) programs.  The President also commented on the use of consumer data by the business community, noting that “there was a recognition by all who participated in these reviews that the challenges to our privacy do not come from government alone. Corporations of all shapes and sizes track what you buy, store and analyze our data, and use it for commercial purposes; that’s how those targeted ads pop up on your computer or smartphone.”

Companies with data-driven programs are under the microscope like never before, and often are presumed guilty before proven innocent.  Steve Smith, and editor at Mediapost, says in a recent column, “The public alerts of software, OS or browser vulnerabilities are branding exercises.  In many cases, the vulnerabilities detected […] are theoretical holes at best. They get publicized even if they haven’t actually been exploited yet. Journalists find themselves in a bit of a bind, because the threats may be real theoretically, but the story often is being driven by security firms that stand to benefit from heightened concern about security.”

Steve highlights a recent issue at Starbucks to prove his point.  “According to the researcher, the app, which stores loyalty points and gift cards used for payment at Starbucks locations, was keeping usernames and passwords in plain text in an area of the device accessible to a third party,” he says in the column.

The big hit for Starbucks was that the researcher tried in vain for two months to alert the company and couldn’t get past customer service, Steve reports.  “Starbucks, which admits it already knew about the username and password storage issue, only addressed it as a problem when the researcher’s blog post got picked up by the IT press” – and offered an app update and explanation in a a blog post.   Steve notes that he finds Starbucks approach overall to be reasonable and responsive.

The point is, data-driven marketing is both loved and feared by the people we most want to impress: Our customers.  Being responsible is not enough – we must communicate well, provide transparent access for stakeholders to understand what data we collect, use and share, and overall be vigilant.

As Steve says, “Like it or not, we are in world where perception of providing security may be at least as important as actually providing it. “