The data protection and privacy landscape is increasingly challenging for businesses and their digital marketing efforts. Most companies are familiar with GDPR and CCPA and similar measures to protect data and give consumers control over the data they share. And the European Union is in the process of introducing simplifications to GDPR to make the compliance burden easier for businesses trying to maintain their competitive edge. But, at the same time, privacy law is many tentacled and more than just GDPR. In the convoluted world of using the law creatively, enterprising law firms have applied existing, older laws to contemporary data protection problems to introduce lawsuits claiming that modern marketing tools, like pixels, cookies and chatbots, constitute violations of a variety of invasion of privacy statutes.
Data protection and privacy: More than GDPR
As regulations on collecting, using and sharing data shift, and managing common web technologies, such as chatbots, pixels and cookies, become targets for regulators and litigators alike, it might be time to do a deep dive on your business’s marketing strategies and tools. Making sure your data-driven marketing initiatives are in line with the law is a challenge, and even more so when it’s not just GDPR and similar data protection laws but also a number of older laws on wiretapping and consent-to-record communications. In cases where overzealous lawyers bring suit using such laws, having a robust data management strategy and robust cookie/consent management approach can be practical advantages in reducing risk, being able to audit data collection practices, and in managing compliance.
Intelligence firm JD Supra poses the question, “Will your business’s marketing tools subject you to third-party data sharing litigation?” – and that is what is partly at stake. The answer to the question goes beyond just “yes” or “no” and invites businesses to consider their entire risk profile with regard to how they market their solutions and what tools they use to do it. For example, can cookies and chatbot conversations be considered “recordings” that violate state consent laws requiring that both parties to a conversation consent to its recording? And what features and monitoring can be added to marketing tools to ensure that this consent is captured? In most cases, these kinds of legal motions.
Back to basics: Reducing privacy risks
If these litigation actions continue to proliferate and evolve, businesses can mitigate their risk by focusing on the very same actions that help protect them in GDPR, CCPA and similar data protection and privacy cases: Focus on consent and transparency. For cookies and similar technologies, companies can shield themselves by following best practices, such as:
- Getting clear, explicit consent from users, which is made easier by developing custom consent forms and cookie banners.
- Offering clear disclosure of data recipients, i.e., who will receive the data collected from users?
- Giving users clear opt-in and opt-out options.
- Knowing where user data is in order to comply with right-to-forget mandates and to secure said data.
- Keeping records to prove compliance and readying data for auditability.
- Paying attention to and managing/eliminating third-party risks.
Align with best practices – start by checking out your cookie and consent management posture today.
It’s easy to be compliant with CookieHub
Sign up today and create a custom cookie banner for your website
- 30 day free trial
- No credit card required