After Cambridge Analytica, brands must offer customers a new deal on data

The timing of the Cambridge Analytica scandal, coming just weeks before the EU General Data Protection Regulation (GDPR) takes effect, triggered a tipping point in the relationship between brands and their customers. Consumers are suddenly much more aware of how their personal data is being used by brands and, as a result, business models and behaviours that were well-known to marketers and advertisers are coming under close public scrutiny – in many cases for the first time.

Of course, brands have known for some time that GDPR was already going to bring about major changes in how they capture, manage and process consumer data. While digital markets have always had a responsibility to be clear about where data comes from, and the benefits that it provides to companies, GDPR now makes these values a legal requirement. What’s more, the new regulation will give consumers significantly more power over their data and more tools with which they can hold brands to account.

However, few of us could have anticipated the fallout from the recent Cambridge Analytica revelations, which catapulted the conversation about personal data on to the front pages and into the public’s consciousness. Consumers are now waking up to the fact that the myriad ‘free’ digital services they consume have been paid for in personal data, and that this data is being used in ways that they had not previously considered.

This newfound interest in the mechanics of personal data and online marketing, combined with the powers that the GDPR gives to individual consumers, has changed the game for all consumer facing brands. Any business that relies on customer data to drive revenues and decision-making should be focused, not on a minimal, compliance-led approach to GDPR, but on establishing trusted relationships by offering their users a ‘new deal’ on the data that they share.

Brands must lean-in to consent

With so many active services gathering personal data, only the most trusted brands will receive consent from customers to use their personal data, and we are likely to see individuals simply choosing not to interact with organisations that aren’t perceived to be trustworthy. Data-driven marketing strategies therefore need to be conceived that take into account consumers’ newfound sensitivity to privacy. The only way that that can be achieved is through a focus on transparency and engagement.

To build consumer trust, organisations need to adopt a new philosophy around personal data – one that involves the customer with their own data and empowers them with the option to dynamically control the amount and type of data that is shared.

Not only is this an invocation for marketers, web/app developers and CMOs alike to take a positive approach to consumer consent, but it also provides an opening for a new level of creativity with the way that they engage with their customers and potential customers.

Defining the new deal on data

It is particularly important for businesses to understand consumers’ perceptions of their digital identity, to build strong, positive data-sharing relationships that enhance their ability to profile their customers and maximise the value of their service. Because GDPR pushes the focus onto the individual, it’s paramount to ensure that consumers see interactions as mutually beneficial, and any personalisation has themselves at its heart.

Currently, consumers feel that they do not get good value for their data – research we conducted earlier this year found that just 17% of UK consumers feel that the data they share with brands is used to benefit themselves, compared to 41% who say it mainly benefits businesses.

In this increasingly connected world, consumer awareness of their digital identity is only going to grow and become ever more synonymous with their offline identity. To be trusted therefore, you need to put the customer in control, and create an opportunity for them to curate their identity which corresponds to their tastes and vision of the world.

Brands should aim to provide an intuitive, dashboard-style interface that allows users to get a single view of what data they have shared with that business, what it is being used for and what benefits they will receive in return. They then need to make sure that they live up to that promise by delivering real value to customers through context-driven, relevant insights, rewards and offers.

A new era

As the awareness of new consumer rights regarding personal data grows and users come to expect a different experience, those businesses that have truly put the customer in control of their data are likely to benefit. We are experiencing a definite shift from the established norm, where personal data is treated as a shared asset and used to the benefit of all.

There is a first-mover advantage for those businesses that can get this right: by delivering greater visibility and control of the data being managed, used, processed and shared, they can build trust and brand loyalty for the long-term.


By Nick Caley, VP of Financial Services & Regulatory, ForgeRock

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.