I had a blast moderating the privacy panel at my first Postback! And it truly was one of the best privacy panels I’ve ever been on – thanks to meaningful and engaging discourse with our experts: Janis Kestenbaum, Andrew Birnbryer and Michael McCullough.
Together, this collective brain trust provided thoughtful perspectives that captured the views of various stakeholders in the ecosystem – advertisers and brands, mobile ad networks, and regulators like the FTC and FCC. In fact, we got so caught up in the discussion on stage, that we didn’t get to the most important part of the panel – recommendations for the audience around good data collection and use practices.
But luckily, we wrote these important best practices down! I’m happy to be sharing them with you in this post.
Privacy Best Practices that Respect Innovation
As a group, we also crystallized around some basic best practices for marketers who want to continue using data in new and innovative ways to engage their users, while also respecting end user privacy rights (note: this is not legal advice, but some best practices to consider).
- Gaining user trust and building your “data relationship” with your users is as important as building the most awesome personalization engine. There’s no better way to do this than to demonstrate to your users how you respect their important privacy rights – notice, consent, opt-out, security and enforcement (for more, see my post on how to “step up your FIPs”).
- Providing the right notice and educating your users about the benefits of your service is an important first step. This is a great opportunity for you to tell your users how a specific type of data collection will enhance or personalize their experience.
- Next, make sure you are giving the end user the right amount of information to make their consent truly “informed.” As we discussed during our Postback panel, the first rule of privacy is to not “surprise” the user.
- Providing an end user opt-out of data collection is also something to consider – even if you aren’t a consumer facing company.
- Being accountable for your data collection is essential- especially when it comes to your data and security practices. The FTC has provided some specific guidance for mobile app developers on data security.
- Finally, consider whether there’s a self-regulatory program that you should be participating in. This makes sense particularly in the United States where much of privacy requirements are developed through industry frameworks like those provided by the Network Advertising Initiative (for companies engaged in online advertising) or the Digital Advertising Alliance (for companies engaged in targeted advertising online). In my view, industry based frameworks are better suited than a brightline law for prescribing privacy requirements in dynamic technology markets such as mobile.
There’s no better time than the present than to get your privacy practices in sync with your users’ expectations! I hope that our Postback privacy discussion, as well as these best practices, help give you a little more clarity as you navigate the complex and unique issues posed by end user privacy and data in the mobile ecosystem today.
You can see a replay of the Postback 2015 privacy panel here.
Like this article? Sign up for our blog digest emails.
Becky is the Senior Content Marketing Manager at TUNE. Before TUNE, she led a variety of marketing and communications projects at San Francisco startups. Becky received her bachelor's degree in English from Wake Forest University. After living nearly a decade in San Francisco and Seattle, she has returned to her home of Charleston, SC, where you can find her enjoying the sun and salt water with her family.