top of page

Why the privacy industry needs to lose the riddles to win your trust

This article was originally featured on New Digital Age

Jargon is contagious, and not even masks can save us. In business, there is a tendency to overcomplicate topics, to talk in acronyms, or to deliberately confuse. Perhaps it’s because the speaker isn’t a great communicator, can’t explain or is trying to appear cleverer than they are, but there is no doubt: once the jargon starts, it spreads fast.

But before we get stuck in, here’s a riddle for you to ponder: what occurs once in a hundred years and twice in thousands but never in a day or a year or a century? (I’ll share the answer later.)

Privacy is high on the digital agenda due to a culmination of factors. It makes business sense with 97% of companies agree they are gaining benefits such as competitor advantage or investor appeal from their investments in privacy (Cisco Consumer Privacy Survey 2019); privacy legislation including Europe’s GDPR, California’s CCPA and Brazil’s LGPD; and the fast approaching changes that Apple will make to its IDFA and Google will make to Chrome. It’s little wonder that the latest riddle-ridden raconteurs’ soapbox is privacy.

Privacy professionals must make the legislation easy to understand for our colleagues so that they can win customers’ hearts and minds. This Harvard Business Review article emphasises my point by talking about all the reasons why marketers need to keep abreast of data protection regulation, especially in current climates. “As the pandemic pushes companies to conduct more of their business online, the data privacy conversation launched by regulations such as GDPR and CCPA has taken on new urgency all around the world. To maintain compliance — as well as consumer trust — companies must invest in automation and analytics tools that safeguard customer privacy.”

Isn’t privacy just too complicated to simplify?

Privacy law, like other legislation, is seen as incredibly complex, difficult, and obstructive. The language is inaccessible, with words like Articles, lengthy legal clauses and complex reference numbers, for someone who doesn’t read legal documents regularly it needs some translation. And although it tells you what you have to do, it doesn’t always tell you how to do it, leading to more confusion. In industries such as AdTech, this new legislation stopped companies from making money the way they had done for years. And this really irked these companies. You can see how much by the strongly worded opinion piece in The Drum entitled “The day after tomorrow – when ad blockers and GDPR kill all AdTech and MarTech” and this reflective article in Mobile Marketing. Funny isn’t it, everyone claims to like change until it’s thrust upon them!

Of course, the GDPR is a piece of legislation containing 99 articles*, you’d have to be a privacy geek (like me) to read it voluntarily. Yet its raison d’etre or purpose is to provide a set of standardised data protection laws across all the member countries to make it easier for EU citizens to understand how their data is being used. So why make it harder than it is? Even the Google Privacy Sandbox initiatives and the AdTech industry resulting initiatives are a nest (sorry) of acronyms such as FLOC (Federated Learning of Cohorts) or PARRROT (Publisher Auction Responsibility Retention Revision Of Turtledove). Why don’t we JSWII (just say what it is)!

Companies make it harder for their customers with lengthy, hard to read privacy policies. According to Pew Research, only about 22% of Americans say they always (9%) or often (13%) read company privacy policies before agreeing to them. As these are people willing to complete a survey, I would suggest the real figure is even lower.

We must start presenting information in an easier to digest way such as summary videos, privacy policies summarised as audio, animation of data flows or mind maps, for goodness sake we work in digital let’s get creative and consumer-focussed!

For inspiration see the brilliant showing us how to get private creatively and the ICO’s animation, although of course, you have to accept a cryptic cookie policy as it is a third-party link to YouTube.

How can we change this?

As legal and compliance teams, we make it harder for our colleagues and clients with lengthy acronyms (see Google Privacy Sandbox) and unnecessary details, such as which Article we have based our recommendation on. In presentations and meetings, we don’t check if people are following us but prefer to keep an air of mystery with our complicated legalese. And to top it off, I’ve listened to colleagues arguing in meetings about whether the law-makers were right in making X or Y personal data or personal information. Absolutely we should lobby lawmakers and join industry groups to gain traction and influence lawmakers, but our energy at work is better spent working out how privacy can work for our business and how we can ignite trust amongst our customers.

A central principle of the GDPR is transparency, and as a result clarity and simplicity, it states “The controller shall take appropriate measures to provide any information ….relating to processing to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language”. In our desire to say everything, are we saying nothing at all?

So please, for the sake of our businesses, colleagues and customers, let’s park our egos, insecurities and confusion. Oh, and the answer to my riddle? What occurs once in a hundred years and twice in thousands but never in a day or a year or a century? The answer is S. Which stands for Simplicity, Straightforwardness, and Stop talking in riddles!

* An “article” is a separate and distinct paragraph or section of a legal document such as a contract, will, statute, law or constitution.

21 views0 comments


bottom of page