Online Marketing and Data Protection: Dos, Don’ts, and a hint for a way forward
We have seen how marketing campaigns can backfire when common sense and CRM – MDM are missing from the mix. To err is human of course, so we should be forgiving both as IT professionals and as consumers, provided that we see tangible recognition of errors and a commitment to make amends. In this post, we see a couple of examples from both sides of the fence, and hint to an alternative approach to the data protection issue.
Use case 1 – Do: Respect your customer’s personal data. Make yourself accountable and provide the fullest audit possible in case of misuse. Provide a concrete list of actions to prevent future incidents.
Dydra is a powerful graph database in the cloud. I have been a (beta) user of their platform, granted access as i was evaluating it as the backend for product development. At some point, i received an email in the account i used to registed with Dydra from a purported third-party Dydra add-on, advertising their offering. I did not pay too much attention, as i do not check that email very often these days, however within 2 business days i received an email from Dydra’s CEO James Anderson in which the following was included:
- A recap of the incident, stating that the 3rd party email was sent without Dydra’s knowledge or consent and was in violation of their policy which is to never sell or provide customer information to 3rd parties.
- A plausible explanation on how the originator got access to Dydra’s users email addresses (exploiting a members contact feature in Dydra’s platform)
- Specific measures implemented by Dydra to prevent such incidents from happenning again in the future.
- A full and official apology for the incident and a call to address any questions or comments to Dydra.
I found this perfectly convincing and was left with a renewed sense of trust in Dydra. It was timely, thoroughly researched and backed up, genuine, and provided proof of specific measures implemented to ensure this would not happen again in the future.
Use case 2 – Don’t: Send unsolicited messages. Make claims you cannot back when confronted. Be elusive as to the origins of your data and the actions to prevent similar incidents in the future.
Feedspot is a Google News + Google Reader replacement. I had neither used the platform nor heard of the name, until the day i received an email in my personal account from their CEO, Anuj Agarwal, advertising their product and inviting me to join their beta program. Naturally, i was perplexed as to how and why i was chosen and (unsolicitedly) contacted, so i sent a brief reply inquiring about this. Here are the highlights of the ensuing email exchange:
- Feedspot replied by claiming to be sending invitations on behalf of their users, so “one of your friend might have invited you to Feedspot using your email address”.
- Replying to this i pointed out that the email i received did not seem to indicate this at all, but was rather sent directly from the CEO’s personal account. However, if that was the case, i would expect to see an audit of the invite based on their logs.
- The reply to this was that they tried checking their referral system to include the name of my friend, “but since we are just a startup with a minimum viable product in place, we are yet to have a storage structure for this. I will still find the referrer in your case using the logs and try to get back asap”
- After indicating that this would be a requirement for them going forward, i received no reply and had to ping them again. The reply i received was that “We have a Feedspot user whose name is ‘Ups’. He signed up via his/her Facebook account”.
Uhm..oops? As i pointed out to Feedspot, this leaves a lot to be desired. At the very best, assuming their story is true, they should phrase their messages in a way that is not misleading and keep a full audit to show for when asked to. At the very worst, this leaves them open to allegations of spam and purchasing email addresses from dubious sources. Do you think this is growth hacking? Think again.
Both cases are in line with the growing trend- marketing becoming more strategic and increasing its reach. Thus, some marketers will stop at nothing to get access to what they perceive as a wider audience. You know what though? Consumers and marketers perceptions differ, and bigger does not necessarily mean better.
I understand how marketing automation is used as a tool to extend marketing efforts to a degree previously unattainable by manual labor alone, and have no expectations to be treated as a unique asset by every company i interact with on a sporadic – remote basis: no matter how carefully a message may be phrased, mass emailings are a giveaway.
But that’s ok. What’s not ok is bending common sense, ethics and rules to get to consumer personal data. If you want my data, well, why don’t you ask for it? Personal data can have tremendous value -and not just for marketers- so maybe it’s time consumers get a piece of that too. But more on this to follow.
Disclaimer: I am not affiliated with any of the companies mentioned in this post. Company descriptions are in their own words, and content is based on original email exchanges.