Is Your Website Ready for the Next Wave of Digital Privacy Protections?

Ralph Otto author photo
Ralph Otto Director of Product
Digital Marketing

From understanding customer interests to streamlining website performance, your digital marketing efforts depend on user data. Modern analytics and ad targeting has introduced new possibilities for targeted campaigns fueled by gathering vital information about user browsing habits.

And, in a matter of months, it’s all going away.

Whatever the future holds, your marketing will always be powered by learning all you can about your customer. But the legal landscape around digital privacy protections has shifted dramatically in response to consumer demand. In 2018, the EU introduced the General Data Protection Regulation (GDPR), which required businesses receive consent before their website stores users’ personal information. Not long after, California issued its own protections, the Consumer Privacy Act (CCPA).

As more states follow suit, the companies that comprise the gatekeepers of the internet are issuing further protections that will shift digital marketing norms. For every business, the question is no longer whether you need to worry about new privacy protections. You have to ask whether your business is ready to adapt.

What Does the End of Third-Party Cookies Mean?

Early last year, Google announced that its Chrome browser would no longer support third-party cookies starting in 2022. Given Google’s market share, the news sent shockwaves through the digital community. With Apple and Mozilla having added similar protections, the move signals the end of a common information-gathering tool for marketers.

However, given Google relies on revenue from digital ads, the changes won’t happen overnight. Google is taking an incremental approach through an initiative the company called Privacy Sandbox. Working with developers and publishers, Google aims to ensure conversion metrics and personalization will remain possible without third-party cookies.

Understanding the Difference between First- and Third-Party Cookies

Long the foundation of digital advertising, cookies provide a means of identifying website users and enabling a more personalized experience. First-party cookies are created by your website and allow a user’s browser to remember site behavior such as viewing habits, shopping cart contents, and login details. Also a means of collecting analytics data, first-party cookies are accessible only while a visitor is using your website.

Third-party cookies, by contrast, are also loaded on your website but were created by a company other than your own. These cookies are recognizable by their different domains and can track users after they leave your site. In a common example, third-party cookies allow a product you’ve browsed online to “follow” you from site to site through ad-retargeting services. Third-party cookies are also used by social media plugins and live chat pop ups. Use of third-party cookies has been such a common practice that many businesses may not be aware they’re in place.

Not sure whether your site will be impacted? Arrange for a site audit. The right digital agency can recognize the tools you use to track user behavior and identify critical areas in need of adjustment.

Apple Moves to Empower Mobile Users with Privacy Protections

While Google looks to limit cross-site user tracking, Apple has launched new privacy measures with its mobile platform. Along with being ahead of Google in enabling privacy controls, Apple has been at the forefront of keeping users informed about how their data is used.

This spring, Apple’s iOS 14 required companies to receive consent before users’ behavior can be tracked across different apps or websites. Now, upon opening an app, users will see which apps have requested to track their behavior and adjust their permissions accordingly.

By providing users with more control over their information, Apple has introduced a new barrier for advertisers looking to track user behavior. Without this information, remarketing to users with ads based on browsing habits is far more difficult.

Consumer Data Protection Measures Are Growing More Prevalent

When GDPR took effect, businesses that hoped to attract a European audience were forced to scramble. If your site didn’t provide a means for users to deliver consent to track their behavior, then it was inaccessible in the EU. Plus, if companies gathering data weren’t in compliance with GDPR, they were subject to financial penalties. Google, for instance, was hit with a €50 million fine by French authorities.

With the passage of CCPA in California, businesses need to recognize that digital privacy is an ongoing factor in the U.S. as well. Companies found in violation don’t just risk a losing their audience; they risk incurring legal action.

Whether your organization is located in California or hopes to do business there, you can no longer track users’ data without their consent. Now, Virginia will be the next state to issue privacy protections with the Consumer Data Protection Act (VCDPA), which will take effect in January 2023.

Consequently, businesses based in the state are now under pressure. If you don’t conform with the law’s guidelines for data protection, you run the risk of incurring steep fines. Companies will have only 30 days to resolve compliance issues and face a possible $7,500 fine per violation.

But even if your organization has no ties to Virginia or California, the prevailing view among decision-makers is clear. Digital privacy will be an increasing priority going forward. It’s in the interest of your business to adjust its marketing and advertising approaches in advance.

How to Prepare Your Organization for Privacy Protections

When it comes to ensuring your organization’s compliance with privacy standards, you need to defer to the experts. Along with seeking advice from your agency partner about the viability of your digital tools, you should consult your legal counsel. With their help, you’ll better understand where your company stands with regard to the guidelines set by VCDPA or CCPA.

At a minimum, however, your organization needs to have a privacy and cookie policy in place. Tools like Iubenda offer a user-friendly, cost-effective way to evaluate your website. Once you’ve chosen from a menu of your current tools such as Google Analytics and AddThis, Iubenda generates a policy for use on your site.

Third-party compliance solutions also offer the advantage of remaining consistently up-to-date, which is critical. Given the pace of change with privacy protections – and the potential costs involved – falling behind is simply not an option.