Who is Responsible for Privacy Education?

Students taking a computerized exam

On the back-end of the Direct Marketing Association annual conference here in Chicago I sit in my room thinking about all the good questions we had to answer here on privacy and marketing. I spoke on a panel “Top Five Privacy Issues… Revealed” and one of the question asked by Ginger Conlon, Editor-in-Chief of DMNews and others here was – who is responsible for making the world aware of privacy practices? The question was aimed towards to the marketers in the room, but I took it down two different paths with my response.

First, I think we all know by now that marketers, people who collect data, and their companies are at foremost the people who are responsible for notifying, educating, and protecting their visitors and customers who data is collected.  This obviously means that we need to:

  1. Be hyper-transparent as to what data is being collected, for what purpose, how it will be used, shared with anyone, how the person can control it, and when it will be deleted (yes I said deleted). Pushing all these disclosures for uses into the bottom of a privacy policy isn’t enough though. We all know that majority of people don’t take time to read that. So what do you do then? Especially if as a data controller you are taking extra ordinary processing steps or sharing data in ways beyond what the average person wouldn’t understand, then you need to CLEARLY and CONSPICUOUSLY bullet those practices at the collection point of the information. For example: Say you are planning to sell the collected personal data to an unaffiliated third party at a later date; or use an individuals’ likeness in an advertisement or even show up at their door step to take a survey. Anything out of the ordinary needs to SPELLED out for them right in front of their eyes. Just as the quote from the beginning of “Message to the Grass Roots“, a speech by Malcolm X said “And during the few moments that we have left, . . . We want to talk right down to earth in a language that everybody here can easily understand.”
  2. The other part of being hyper-transparent and educational is that you send regular notices to your customers about their privacy rights. Reminding them of the promises you made with them and how they can access this information. By doing that you put into their minds to be more privacy aware. We see this with a lot of credit card and communications companies these days. By always putting “in their face” you make the consumer think more often before they just give information away.
  3. Are you checking for permissions with your customers on a regular basis especially when you change a process that will change the way your processing their information. Are you asking them if this is ok? Are you telling them clearly what those changes are and how it effect them? also in a manner that isn’t confusing. A side by side comparison.

My second answer was my favorite part and usually catches marketers off guard. I ask them if they have children, “What are you doing to teach today’s youth? your kids? how to protect themselves using mobile, social, and other digital communication methods and data capturing techniques?” Most look at me and give me the look of “OH YEA!”

  1. Are you as parents teaching your children the proper use of the Internet. That some things are appropriate and others are not. That when they get a social media account they need to think about what they are posting.
  2. Do you teach today’s youth that they need to be on the look out for notices and to read them or bring it to an adult to be read and explained to them. My twins today at 12 bring me pop-up notices on games and other items so I can review it with them, not for them, but with them so they understand what it means by this action we are taking
  3. Are you stepping up into your kids school as stewards of data and taking time to volunteer in say their middle school technology classes to speak about the dangers of to much information. Don’t leave this to the teachers. They will touch on it, but that’s about it. They won’t ingrain it into their minds I mean, I would LOVE it if today’s schools took out a lesson for a day to talk about security and privacy with our children. In my sons emerging technologies class I’ve signed up to give a talk to them and you can guess what it will be on.

Listen, it boils down to the fact of life. Life today is entrenched with the Internet. It is a daily part of our lives and like we would teach people not to steal or murder or hurt someone, we need to be also talking about the proper uses of information and Internet.

I would challenge you today on this. What has your company done to educate the public on the uses of PII? Nothing I bet.

No, having a privacy policy doesn’t count here. What have you done personally with your family members as the experts in data?  Probably nothing much.

I implore all of you to think for a moment on what you’ve done today, to better someone’s privacy – today.

Maybe instead of wasting a New Year resolution on going to the gym that instead you think about something more impactful for others vs. ourselves.


photo by: Extra Ketchup

Leave a Reply

Your email address will not be published. Required fields are marked *