{"id":15163,"date":"2013-05-29T00:00:00","date_gmt":"2013-05-28T23:00:00","guid":{"rendered":"https:\/\/members.dataiq.global\/articles\/age-consent\/"},"modified":"2024-05-29T13:14:23","modified_gmt":"2024-05-29T12:14:23","slug":"age-consent","status":"publish","type":"article","link":"https:\/\/www.dataiq.global\/devstage\/articles\/age-consent\/","title":{"rendered":"The Age of Consent"},"content":{"rendered":"

\"DavidMost companies don\u2019t really know where they stand – they don\u2019t have consent rates as a key performance indicator. They have just been focused on getting people in through the doors.<\/strong><\/em><\/p>\n

One thing is clear – the balance of power in data is shifting. Where once organisations could rely on permission to use personal information, consumers are increasingly expecting to exercise more control. While that does not yet mean providing consent for each and every type or occasion of use, it does mean having access to controls to change permission if desired.\"Making<\/p>\n

This is likely to be enshrined in law under the proposals in the Data Protection Regulation, together with other changes that will further this power shift. That is why gaining a better understanding of what consent means to consumers and how it can be gained and managed right now will pay dividends.<\/p>\n

Fortunately, this year has seen the single biggest exercise in consumer education around data usage and data protection. Cookies may have been around for as long as there have been web browsers, but it took the ePrivacy Directive in 2011 and enforcement in 2012 (in the UK at least) to put them in the foreground. As a result, consumers have been seeing notices and links to further information which can only have raised their awareness of why companies collect data.<\/p>\n

As one source in a major financial services brand points out, \u201ccompanies that have done particularly well and gained cookies acceptance all use boxes across the bottom of the page.\u201d That ensures website visitors have a change to see privacy notices and make a choice, although the source adds, \u201cI don\u2019t think many people take the time to go through them all.\u201d<\/p>\n

While it is clear that awareness of cookies is now at an all-time high, it is also debatable whether the consent being given is genuinely informed. \u201cThe jury is still out on that one,\u201d opines the financial services marketer. What the industry can claim unreservedly is that it is making every effort to comply with the law.<\/p>\n

If consumers choose not to fulfill their side of the bargain by reading the information provided, that has to be considered their responsibility. \u201cIt ticks the box from a legal perspective, but whether it does so from an ethical perspective? That is still to be seen,\u201d he says.<\/p>\n

Cookies notices should be seen as a dry run for the much bigger exercise in winning consent that is likely to be required from 2014 onwards. If every consumer has to provide clear, explicit consent to their data being used for marketing, then all of the data currently held might be ruled unusable since it does not carry this level of permission.<\/p>\n

\u201cI have been talking to our lawyers about the data we hold and asking if we could use it. It is fascinating, because the lawyers say we can\u2019t use it for analysis if we haven\u2019t got permission to use it for marketing,\u201d says the source. The new regulations have proposed a separate, specific consent requirement for profiling (although this may yet get amended) which would bring to the fore a formerly backroom use of data in the same way as cookies notices have done.<\/p>\n

There is a real question as to whether requiring consent for profiling is for or against the consumer interest, since in marketing it is only used to filter communications and make them more relevant. That is an evident benefit to individuals with no real downside.<\/p>\n

\"don'tWhen it comes to pricing, the argument is more nuanced, with regulators concerned that individuals do not suffer any material impact on their lives from automated decisions made without human intervention. That is precisely what algorithms to set prices and premiums according to risk or demographic profile are intended to do. Telling the consumer this happens could seriously spook the marketplace without creating any real advances in consumer protection.<\/p>\n

\u201cWhen you look at an organisation like ours, it doesn\u2019t take any pricing decisions, it is all done by algorithm. That is why prices change,\u201d notes the financial services source. Across a global business with multiple products, each segmenting their marketplace and adjusting prices accordingly, the need for profiling consent would have a serious impact. \u201cWe can only hope the relationship with the customer means they will give that permission and also help us to keep their data clean,\u201d he says.<\/p>\n

It is not just commercial organisations that need to understand the rules and boundaries of this data exchange. Policy makers and politicians have to find the right balance between consumer concerns, business needs and ethical priorities. It is the job of governments after all to make choices which are sometimes unpopular or appear ahead of public opinion.<\/p>\n

That is one reason for the recent white paper produced by think-tank Demos, \u201cThe Data Dialogue\u201d, written by Jamie Bartlett and drawing on consumer research by O2 and Populus (see box). \u201cNone of the potential gains of the information revolution can be realised unless people are at the heart of any new settlement,\u201d he writes.<\/p>\n

\"Business\u201cFinding the right balance between guaranteeing the economic and social benefits of information sharing and ensuring consumer concerns are respected requires a sophisticated understanding of what people know and think about the subject. Knowing where the public stands, therefore, is vital to companies and policymakers,\u201d writes Bartlett.<\/p>\n

At the heart of this settlement has to be transparency about where and when data is captured and for what purpose. This may be one of the original eight principles of the UK\u2019s Data Protection Act, but technological developments have expanded activities way beyond\u00a0 its original conception.<\/p>\n

So the research revealed that 85% of consumers know their online purchasing history data is collected and used – this is made highly transparent through uses like the Amazon product recommendation engine, for example. Tesco Clubcard has had a similar effect on awareness, with 81% of consumers aware of supermarket loyalty schemes. Even some of the newer uses have been noticed, with 67% aware of Gmail-based advertising.<\/p>\n

Awareness does not necessarily translate into acceptance, with Demos claiming a \u201ccrisis of confidence\u201d among consumers. It found that only 27% are comfortable with their behaviour data being used by Tesco Clubcard – remarkably low given the billions of pounds in rewards claimed by shoppers from that scheme. And when it comes to Google scanning the content of Gmail in order to insert contextual ads, just 10% of consumers are happy that this happens.<\/p>\n

Bartlett\u2019s conclusion is that, \u201cdata and information sovereignty is the next big consumer issue. There is a danger that this loss of confidence will lead to people sharing less information and data, which would have detrimental results for individuals, companies and the economy.\u201d<\/p>\n

Part of the solution lies in providing greater control to consumers and a \u201cnegotiated concept that changes with technology and culture\u201d. That is appealing to policy makers and regulators, but harder for commercial organisations to implement since they have to build processes and assumptions that are tolerably future-proof.<\/p>\n

At the heart of the new age of consent will undoubtedly sit a new generation of data collection procedures and privacy notices. As the DMA\u2019s Data Tracker research has discovered, different wordings can reduce the level of opt-out by up to 30%, proving the importance of testing different concepts.<\/p>\n

\"Thinking\u201cIt is difficult when you just ask the consumer to look at opt-outs and opt-ins out of context,\u201d says Rosemary Smith, managing director of Opt-4. \u201cOne of the critical techniques is the brand tone of voice used in the statements so it doesn\u2019t put people off.\u201d Most consumers are attracted to brands through emotional qualities. When it comes to registering and providing personal data, the exchange shifts into a rational frame. This can create a jarring dissonance, unless that sequence is also warm and appealing (while remaining compliant).<\/p>\n

She argues that the data industry needs to urge the European Commission not to use opt-in as the default mechanism for gaining explicit consent from consumers. \u201cThere could be a lesson to learn from email where opt-in is applied in the UK in a literal way, although not in other European countries. If you collect data for the purposes of a sale, you can use an opt-in which looks like an opt-out. A lot of brands are doing that,\u201d she says.<\/p>\n

This is reassuring because of the familiarity of the mechanism, which should reduce the drop-off by consumers at that point in the engagement. But it is less reassuring when you consider the low proportion of customers on most databases who have a permissioned email address. (Although it is significant that in the latest wave of the DMA\u2019s Data Tracker research, consumers were more likely to offer their email address than a postal address.)<\/p>\n

Asking the consumer to enter their email address and using that as the opt-in is another mechanism which generates decent agreement rates. \u201cWhether that will conform to the explicit consent requirement is an open question,\u201d notes Smith.<\/p>\n

Apart from new methods of capturing consent and refined data capture notices, organisations will also need to rebuild their data management systems. A requirement of the new Data Protection Regulation will be to record when, where and in what circumstances consent was gained. That may require being able to show what wording was used and will certain involve far more dynamic flagging of permissions within data.<\/p>\n

\u201cToo many brands roll everything together, yet we all know there are different levels of consumer objection to each channel,\u201d says Smith. For example, while 79% of consumers do not want to receive outbound telemarketing calls, only 25% object to direct mail. \u201cIf you don\u2019t split that out in your database, you lose all channels,\u201d she says.<\/p>\n

It is fair to say that this shift will be a major wake-up call for companies. As Smith says, \u201cmost don\u2019t really know where they stand – they don\u2019t have consent rates as a key performance indicator. They have just been focused on getting people in through the doors.\u201d<\/p>\n

With a lot of marketers looking towards social networks to initiate (and even maintain) relationships with consumers, this could open up an even bigger gap in databases. There is a lot of mis-understanding about what data can be extracted from social and just how legitimate it is to use it for marketing.<\/p>\n

While currently a grey area, it seems likely that regulators will soon start to get tough on practices like data scraping. If you doubt this will happen, just consider how European data protection authorities, led by the French regulator CNIL, are going after Google for its unified privacy policy. When one of the biggest digital companies becomes a target like that, it shows that things have got serious.<\/p>\n

For consumers, the good news is that data protection is going to become more transparent, controllable and fairer. It will be more obvious why information is being requested, what it is used for and how they can control that. For organisations, the bad news is exactly the same – consumers are gaining more rights and they will want to see them respected. That is what will define the new age of consent.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

Most companies don\u2019t really know where they stand – they don\u2019t have consent rates …<\/p>\n","protected":false},"author":15,"featured_media":15164,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","_searchwp_excluded":"","footnotes":""},"categories":[129,398],"tags":[171,85],"pillar":[],"class_list":["post-15163","article","type-article","status-publish","format-standard","has-post-thumbnail","hentry","category-editorial","category-public","tag-data-governance","tag-strategy"],"acf":[],"publishpress_future_action":{"enabled":false,"date":"2026-05-21 05:01:27","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category","extraData":[]},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/article\/15163","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/article"}],"about":[{"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/types\/article"}],"author":[{"embeddable":true,"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/comments?post=15163"}],"version-history":[{"count":0,"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/article\/15163\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/media\/15164"}],"wp:attachment":[{"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/media?parent=15163"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/categories?post=15163"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/tags?post=15163"},{"taxonomy":"pillar","embeddable":true,"href":"https:\/\/www.dataiq.global\/devstage\/wp-json\/wp\/v2\/pillar?post=15163"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}