Making a new or stronger connection with customers is what business is all about. As discussed on In Partnership With, there are certain approaches, mindsets and nuances required to be effective. Approaching relationships with these insights in mind are often the first step but there’s more to the story. Effective marketing means not just building relationships with communications but doing so in a legitimate and legal manner. Nowhere has this been more contentious (and perhaps confusing) over the last few years in Canada than with digital marketing.
Dissecting the regulations and various oversight and regulatory bodies often requires a keen attention to detail. In practice, it means going over the legislation with a fine-toothed comb and being able to explain it in plain language. In this article, In Partnership With discusses the digital marketing and privacy landscape in Canada with Derek Lackey. Derek is a trusted advisor with over 40 years experience and is the Managing Director of Newport Thomson. In addition, he is the Chairman of the Response Marketing Association. Let’s see if we can make more sense of the various changes over time and what their impact is for both businesses and consumers.
Building a CASL in the Sky
Derek’s primary focus is keeping up with the new data protection and privacy regulations for today’s business executives. These include support and consulting services for the main areas of focus, including CASL, CCPA, PIPEDA, CAN-SPAM and GDPR. They’re often inter-related and overlapping for both the intent and the spirit of the legislation. Let’s start with email marketing since it has often been the more complex (or at least visible) aspect of digital privacy protection.
First, Derek argues, it’s helpful to start with the premise:
With CASL (Canada’s Anti-Spam Legislation), the goal is to protect consumers and businesses from the misuse of digital technology, including spam and other electronic threats.
This is a worthwhile and important project, argues Derek. CASL came into force in 2014 during a consumer activism-focused stint from federal government. Embedded in the legislation was a private right of action that was scheduled to come into force in 2017. Derek reminds us that the private right of action provision allows anyone to sue individuals and organizations that violate CASL by either their action or omission. Many organizations were upset over this inclusion and the federal government indefinitely postponed this primary enforcement tool.
Many organizations are not in full compliance with CASL but Derek believes there is limited interest in pursuing offenders. He reports that the CRTC has issued only three fines / undertakings since 2017.
Prior to 2017, organizations were scrambling for compliance. But not many marketers are giving the matter much thought today beyond their basic compliance measures set up in 2014. Derek argues that’s potentially an ethical problem and it’s fairly unique to Canada.
GDPR Has Focus and Teeth
Facing many of the same issues that Canada experienced, European parliamentarians decided to go a different route in 2016. What’s different there is that the problem of junk email and other privacy issues online were approached with a unique lens. Their answer was the General Data Protection Regulation (GDPR). In creating this legislation, Derek suggests that clarity and purpose was primary for both businesses and consumers.
When you look at how GDPR was written, implemented and enforced, it is 100% to provide data protection for its citizens. In Canada, we have that goal, but we also don’t want to make it inconvenient for business. So it’s serving two masters.
GDPR has come to the rest of the world, whether we like it or not, says Derek. If anything, it has created expectations, if not legislation, for protecting consumers. The GDPR is based on the seven principles of ‘privacy by design,’ which is explicitly mentioned in that legislation.
7 Principles of Privacy by Design
1. Lawfulness, fairness and transparency
2. Purpose limitation
3. Data minimization
4. Accuracy
5. Storage limitation
6. Integrity and confidentiality (security)
7. Accountability
In short, Derek advises that GDPR requires users of data to be transparent, honest and open to tell people what you’re doing with the data. That’s not fully required in Canada, suggests Derek. And that’s a problem as we’ll see.
Digital Marketing Concerns In Canada – A Case Study
You may have heard about the controversy with Tim Hortons tracking people everywhere they went with their loyalty card app on their phone. Derek believes that the average consumer – when they sign up for that program – would expect to be tracked relevantly (with their consent). That may mean when they’re in or around a Tim Hortons store, what they order, how often, whether they go in store or drive through and that sort of thing.
That’s the customer context. That’s what they think they’re giving permission for when they sign up for the card or download the app. It’s not the company tracking customers when they’re in Morocco on a vacation, knowing every hotel you stay at and whatever port you landed in.
Derek says most people would say “whoa, wait a minute.” It was also discovered that the company was tracking to see if customers using the app were going to Starbucks instead of Tim Hortons. Since Tim’s is owned by a global brand, it became known that they were also tracking to see if customers were going in a McDonald’s instead of a Burger King.
Derek is clear: most consumers would say that’s none of their business.
Most people would say “you can track me when I’m in Tim Hortons. But that’s where it ends.” The GDPR refers to this as “purpose limitations.” When consent is collected properly, there is a clear statement of purpose – how this data will be used.
Digital Marketing Done The Right Way
As we’ve seen, these are big, weighty challenges. Derek believes we got into some bad practices and bad habits by not thinking it through early on in our collective digital adoption. The consumer’s privacy rights were trampled in the rush to take advantage of technology and digital marketing. And that’s the change that we all need to make now, says Derek.
Derek suggests the best question when deciding about data privacy and digital marketing is “would this be okay with our customers?”
If you get a positive on that, then you can start going down the road and ask a few other questions. In the case of Tim Hortons, Derek notes that he would have first asked if you think customers would be okay if the company tracks them. Yes? Okay. Next. “Do you think they’d be okay if we tracked them outside of Tim Hortons?” Not so much.
Derek suggests the data collection project would have ended right there. This is since he believes that any marketing team in an organization is best suited to represent the voice of the consumer internally. He also believes most marketers have forgotten (or never learned) this critical element of marketing.
Know Before You Go
Customers often make choices that demonstrate they don’t truly understand what that brand is going to do with their data. Derek sees this especially with online services and social media.
If Facebook truly told you what they did that the data, fewer would sign up for Facebook, Derek argues.
Derek sees it’s that ugly if you peel it back. The friendly, ambiguous statements they make when you want to get the account signed up are concerning. It’s a problem since consumers don’t read and understand the terms and conditions they just agreed to. No one does. Consumers just want the “free” service. In the meantime, they have just surrendered their data to the company and have effectively become the service. The GDPR takes the position of “if you don’t know what you signed up for, consent is NOT assumed.”
Next Steps for Digital Marketing
It’s clear, according to Derek, that we’re going to see a lot more people using our own data on us. That is, if we don’t start to become aware of it. So what does that mean for the average consumer?
Derek believes that what is happening – and will continue to happen – is that the largest companies in the world will continue to grow.
Google, Amazon, Facebook and the rest – some of the largest companies in the world – are built squarely on your digital marketing data.
Of course, consumers are free to use their services, whatever way they like. Derek believes it’s a matter of actually understanding the impacts of the choices they are making. And that’s a tall order. Sure, these organizations have changed our lives in immensely positive ways, making us more productive, connected and engaged. If we can set the rules for engagement going forward – and clearly government has a role to play – then we may see a stronger opportunity for creating legitimate and informed business connections well into the future.
In Partnership With
Derek Lackey is a trusted advisor with over 40 years experience and is the Managing Director of Newport Thomson. He is also the Chairman of the Response Marketing Association (formerly the Direct Marketing Association of Canada). To support client understanding, Derek wrote the authoritative book on CASL Compliance: A Marketer’s Guide to Email Marketing to Canadians.
Tim Bishop, CM is a multi-disciplined executive with a proven record of optimizing strategic efforts to expand the influence of leading organizations, such as the Canadian Marketing Association, Cineplex Entertainment, Lavalife.com, IMI International and Northstar Research Partners. In Partnership With is his latest focus to curate Canadian marketing experts to celebrate the power of strategic partnerships in a perspective-based content series.