This week on NVTC’s blog, NVTC member company Kathy Stershic of Dialog Communications continues her Brand Reputation in the Era of Data series by sharing principle three: protect your customer data.


Here is the third of 8 Principles for Responsible Data Stewardship That Won’t Kill Your Customer Relationships, based on Dialog’s recent research.

There are few hotter topics these days than cybersecurity. Sadly, the state of affairs will probably not significantly improve in the foreseeable future. Estimates are that two new malwares proliferate every second. Even the best intrusion protection software cannot keep up with that. The reality is that no organizations are infallible, and despite your best efforts, you can and probably will get hacked.

Still, organizations must proactively do everything they possibly can to protect customer data. With new breaches in the news (and notifications in our mailboxes) so frequently, people are rightly very concerned about the security of their data. Organizations who are thought to not have taken adequate security measures become the target of lawsuits. For example, Anthem is facing multiple suits after admitting a massive breach last February.

While setting up digital protections is the realm of IT, there are many other sources of risk to customer data – such as employee negligence, being careless with physical documents, not securing file cabinets, not destroying data that is no longer needed, leaving unsecured computers accessible, malicious insiders and just plain old mistakes. An organizational culture of mindfulness about practices that may seem innocuous can go a long way toward keeping data secure. It’s everyone’s responsibility.

Our study respondents had many other data protection concerns as well: Hide my identity; don’t track (or reveal) my location – this is a particular concern for women who may face stalking threats; don’t use facial recognition to identify me in crowd scenes; don’t harm me or enable harm to me by sharing my data with others who discriminate or apply bias; don’t track health-related data and search queries; don’t share sensitive medical and financial information. Unfortunately technologies are rapidly proliferating to do all of these things, and faster.

Just one example – at a conference last week, I heard the Chief Privacy Officer for Acxiom say that their data analytics capabilities are advanced to where they can identify by name a large percentage of the U.S. male population who were likely to have a certain health condition that, let’s say, most would not want revealed. She had to call foul and was able to stop the general availability of these lists for purchase.

Clearly there are many facets to data concerns and data protection. Get your own house in order. Ingrain this into the culture. And be as transparent and reassuring as you can with your customers about how seriously your organization takes this. But then there’s beyond your organization, which will be addressed in my next post.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week on NVTC’s blog, NVTC member company Kathy Stershic of Dialog Communications continues her Brand Reputation in the Era of Data series by sharing principle two: be clear and accountable.


Here is the second of 8 Principles for Responsible Data Stewardship That Won’t Kill Your Customer Relationships, based on Dialog’s recent research.

For starters, how many times have you actually read the whole privacy notice of a vendor, financial institution, or app you put on a mobile device? Ever? The reality is that almost no one reads them. They’re generally long, filled with legal jargon, and published in tiny, hard to read font. They all vary according to applicable law. They can be hard to find on web sites. The ‘opt out’ link is even harder to find.

Not reading them is no excuse for consumers who willingly enter a business relationship to claim ignorance or victimhood – or is it? When you accept a service, you are bound by the terms. But it is widely understood that privacy notices are very challenging for average people. There is a legal concept of responsible use of personal data that at least one legal expert I’ve heard speak says the U.S. Congress knows is going to need to be legislated. But who knows when that will be?

It is safe to say that for now that privacy notices are generally not working as they should. One respondent in Dialog’s recent study (a polished professional in a responsible job) reacted passionately with ‘privacy policies stink!’ as his gut opinion on this issue. So how can they be made better? And why should marketers even care?

The privacy notice presented to your customers is a legal covenant made with them. It establishes a bond that is integral to your brand reputation. But that doesn’t mean it has to read like a dry legal brief. Done right, it should reflect your organization’s values, its attitude toward customers and its interest in helping them understand terms of the business relationship – simply, clearly and transparently.

While privacy notices (also called statements and policies) must be developed and approved by those with legal and privacy expertise, Marketing has the communication expertise to simplify the language, put a customer advocate hat on, and collaborate with the legal team to make this customer-facing document as clear and friendly as it can be. Put it in words that read like how people talk. Make the mutual responsibilities clear and transparent. Spell out ‘what this means for us’, ‘what this means for you’, and what actionable options people have to empower control.

Make the notice readily accessible. Some of Dialog’s study respondents even suggested reminding them of the covenant every time they interact with a site or an app. Right up front. Plainly. And if a policy changes, what has changed should be immediately pointed out, allowing customers to opt out of the new terms on the spot. (By the way, changes should never be made retroactive, but that’s for another discussion).

Then consumers – read them! As a few of Dialog’s respondents willingly owned, users have responsibility in this game. You get something for what you give up – money or information. But it’s a choice. You can always choose not to use an app or a service. Last year, when Facebook spun off Messenger, I went to add it on my smartphone to see a pending message. But then I read the notice of what I would be agreeing to in doing so – giving Facebook access to all of my non-Messenger text messages! (Why do they need that? How many of you saw that?) Messenger did not get added to my phone, and I still manage to communicate with my loved ones anyway.

Beyond your external notice, make sure you have clear internal privacy policies. Then make sure everyone in your business is trained on them. Remind employees often to act with responsibility and accountability. And apply those policies consistently. Breaking the established customer bond is a quick way to kill trust and damage your brand. Clarity and accountability will strengthen it.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS