Who owns customer data? The companies collecting information or the people giving it to them? The balance of power in this relationship may be changing, according to research from Forrester. Brands need to be prepared for consumers to demand “personal identity management” (PIM).
Brands such as Jaguar Land Rover, Nectar, Ideal Shopping Direct and Last.fm are already responding to these trends, putting new systems in place to manage PIM. The need for this is clear: more than $2bn is spent in the US alone on third-party data, and the research reveals that consumers will increasingly demand more control over how their data is used.
Jeremy Henderson-Ross, legal director at Nectar’s parent company Aimia, which has responsibility for all data regulatory matters for the loyalty scheme, says his company’s own research confirms that 75% of people would like a portable privacy profile that they could take to multiple brands.
“Consumers are sharing more data but at the same time, they have greater awareness of privacy issues,” he says. He agrees with Forrester’s assertion that people want to be involved in how their own data is managed and expect more in return for handing it over.
People will also anticipate more relevant and targeted content offers or discounts, and want brands to be much more transparent about what data is held and how it is protected, says the report.
Consumers have realised they are paying for nominally ’free’ content with their data and many are not happy. A 2010 Gallup poll revealed that 61% of internet users would give up free content for maintaining their privacy. They understand that their personal information and shopping habits have a value; and they want marketers, data aggregators, retailers and data compilers to work harder for it (see chart below for the four types of personal data).
Jaguar Land Rover’s data and analytics manager Quintin Hunte says his company has seen the effect of the PIM trend around corporate transparency and portability. As a result, the automotive industry is creating more online ownership portals where consumers can keep manufacturers up to date with changes to their personal information and needs.
The company works with data-management company Occam and has a reward card scheme linked into its dealer network. Customers can visit an online portal to see their points tally and check the available offers.
“Eventually we’ll move to digital service records, which can be played back through these portals where a conversation about data can take place with the customer,” says Hunte. “We will say: ’This is what we think we know about you and this is the history of the interaction you have had with our brand.’ They become a partner in helping us fill in the blanks and the relationship builds around trust and transparency.”
Jaguar Land Rover is progressive in its approach; many customers are still handing over data without thinking too much about it. Just 18% are concerned about the security risk in submitting their information, but Forrester predicts this will grow considerably.
Some 88% of people who use social networks have shared information that could be used to commit identity fraud, such as their address or date of birth.
Meanwhile, only 57% of people verify emails or calls from organisations before responding, according to a CIFAS survey. Around 4 million people 7% of the population have been victims of identity fraud. The average cost to each is £1,190.
It’s not just consumers who are losing out by being too slow to take a PIM approach, says Forrester. It’s companies too, because they need to be careful that consumers are not leaving a data footprint across their channels that can be misappropriated.
A study of data breaches in Australia, France, Germany, the UK and the US revealed that the average incident costs companies $214 per customer. The recent breaches to Sony’s PlayStation Network and Sony Online Entertainment divisions will cost the company a reported $171m to put right.
The future is likely to see government-led or “personal” data lockers holding various data sets governed by agreed standards that the consumer controls. These could be commercial data lockers that charge consumers for identity verification but would also charge companies a fee for accessing information. Forrester predicts the creation of web and app-based portals that will provide a visual dashboard of an individual’s personal data lockers.
Ultimately, marketers face a future where authorised managers will control the data that identifies individuals, such as national insurance details, behavioural and derived data and any analysed data around credit scores.
Large online retailers, such as Amazon and Tesco, could become the favoured behavioural data locker for most consumers who embrace a single sign-on and see a simple way to access and modify their data as and when they want to.
This could mean the timing of marketing campaigns change with consumers expecting to be compensated for sharing data, resulting in ever-more attractive reward programmes, which could push marketing budgets upwards.
Aimia’s Henderson-Ross says there is still much confusion in this area for people managing brands. “Until we know how much time people will give to managing their data, there remains a lot of uncertainty for marketers,” he says.
Nectar is developing its own set of data values based around transparency, added value, control and trust to help its brand partners make the right data choices. “This should guide the Nectar brands so they are using data in a consistent way,” says Henderson-Ross.
He claims the company’s research from Harris Interactive into how Generation Y consumers (19to 29-year-olds) in the UK and North America will want to share and manage their data in future has shown that consumers are open to giving their information over to brands if the right relationship can be found.
The 19to 29-year-olds are keen on swapping data for rewards, with two-fifths (41%) willing to promote products or brands through social media in exchange for rewards. More than half (52%) are more likely to share personal data about purchases, lifestyle, age, income and personal preferences when a company offers them rewards, compared with 40% of other consumer groups.
The analyst behind the Forrester report, Fatemeh Khatibloo, cites the success of Facebook Connect, which lets consumers collate all their social media accounts in one place, as evidence that this move is already under way.
Khatibloo accepts that Personal Identity Management is in its early stages but predicts that soon consumers will ask brands five questions in future before sharing data:
- Privacy Is my data respected and am I convinced I can trust you?
- Security Is my data protected?
- Transparency What data do you have and what will you do with it?
- Portability Can you let me have a copy of the data you hold about me?
- Economy Can you provide me with value for sharing my data?
With this in mind, there is some way to go for marketers to convince customers that giving over their data can actually lead to better services and products. Head of e-commerce at Ideal Shopping Direct, Mark Russell, says that as a retailer, the company must be seen as credible and ethical by consumers using its website.
“Permission-based marketing has to win through,” he says. “There are a lot of scare stories in the media about how data is lost, so we must be on top of our game as a brand.”
Ideal Shopping Direct uses customer-experience management data provided by software company Tealeaf to identify any customers who have added products to their basket. The call centre staff then contact customers within three hours if they have abandoned their shopping carts. Call centre agents now recover 40% of abandoned transactions for customers deep inside the conversion funnel.
“We must show we are using consumers’ data to their advantage by adding value, such as showing them what other people with similar purchasing habits have bought,” Russell says. “The next wave of consumers will accept that we all have to share data to be in a multi-channel environment but brands must look after it and use it well or trust will disappear.”
Last.fm’s data ’griot’ Matt Sheret says his brand is also aware of the need to market just how important data is to personalising services. The online music recommendation service has almost 4 million registered users in the UK and relies on people being prepared to share data each time they listen to a song.
They send what is called a ’scrobble’, which is a tiny bit of data that helps the site define their listening habits. Last.fm uses this information to suggest other bands, music festivals or events they might be interested in.
The percentage of users who want to hide their data is less than 10%, according to Sheret. “We are absolutely transparent and people know they have complete control of their data and can put personal information on their public profile, link it to their own music chart or publish to Facebook, or they can keep it to themselves,” he says.
“Eventually we want a relationship where we can inform people about their listening habits and show them how many new bands they have listened to this year and what genres of music they have listened to. The analysis will surprise them.”
As the mobile marketing area grows, there is also an emerging challenge for companies targeting consumers on their handheld devices. Managing director of the Europe branch of the Mobile Marketing Association Paul Berney, says getting consumer permission will be central to building trust and helping people manage their own data.
The number of people accessing the mobile web is set to exceed 1 billion by 2015, with mobile advertising revenue reaching $3.3bn (£2bn) by the end of this year, according to Strategy Analytics figures.
“At the moment, much of the permission-based mobile marketing is delivered through the messaging channel, but this will shift towards using apps, the mobile web and other mobile functionality, which will allow for rich media and more interactivity,” says Berney.
With more power over consumer data lying ahead, there are challenges for both marketers and individuals to adapt. Brands must spend more time convincing their potential customers of the benefits that sharing their data can bring them. Meanwhile, consumers must also accept more responsibility for how their information is used and how secure it is.
The brands that help people to stay in control but still reward their customers for sharing valuable information are set to gain long-term loyalty, as well as short-term sales.
Oxfam is certainly aware of personal identity management (PIM) because as an organisation, we are all about accountability and transparency and we need to take the same approach with consumer data.
In October, we began to look at making changes to our privacy statement to make it clearer to our supporters what data we hold and how we use it. Oxfam GB is part of many Oxfam organisations around the world, so there is an abundance of data.
Things had to change because there was an agreement that if a supporter from the US buys something from our website, we wouldn’t market to them because they were based in an affiliate country. This gave the impression we weren’t talking to someone who interacted with us in the UK and that was not ideal.
We will have a revamped website in the new year, which will take into account amendments to the UK’s Privacy and Electronic Communications Regulations, which require organisations to gain consent before collecting user data or storing tracking programs, such as cookies on users’ computers.
We are trying to be more proactive so consumers trust us as a brand when sharing data with us. We are updating the My Account section on the website so people can control what data they share.
The value exchange for consumers’ data is crucial because Oxfam needs supporters to share their details so we can ask for and receive donations. We reassure them that their information is secure because people give us money as well as their data.
Oxfam wants to encourage people to share more information to help our campaigns. We hold legal preferences and know what people want to receive but we need it to be more targeted, so people can tell us if they are more interested in some of our work than others.
This would help us target specific supporters if there is an emergency and funds are needed urgently. We have a massive duty of care not to misuse people’s data and we make it clear we don’t pass it on to third parties; we just communicate clearly what information we need.