The way that customer data are gathered, used, and regulated has changed tremendously over the past decade.
NB: This is an article from McKinsey & Co.
Tracking tools such as web cookies and Apple’s Identifier for Advertisers (IDFA) have opened the door for an enormous increase in the sophistication of advertisement personalization and targeting, but they have also enabled occasional privacy violations.
Regulators and tech companies are taking action to reassure customers. Government regulations, including the European Union’s General Data Protection Regulation (GDPR) and the California Customer Privacy Act (CCPA), have already begun to place limits on the use of customer data. In addition to the existing legislation in California and Delaware, privacy proposals in Hawaii, Maryland, Massachusetts, and New York may disrupt the current status quo as it relates to data.
This shift is expected to have profound implications for digital marketers, who may no longer be able to rely on cookies to boost the efficacy of customer outreach. Those marketers and companies that do not figure out a strategy to maintain—and even grow—their access to first-party data may have to spend 10 to 20 percent more on marketing and sales to generate the same returns.
A new approach to data-driven marketing should therefore be considered. This is not only about technical fixes or work-arounds. Instead, a strong, trust-based relationship with customers may be the key to a sustainable, effective data strategy.
This article lays out the four key components of this new approach, which we call data relationship management (DRM): data invitation, a data security center, data dialogue, and a data value proposition. Companies that can get this new data relationship right—and that have the people, processes, and technology to implement it effectively—may be able to develop a significant, long-term source of competitive advantage.
The evolution of customer data protection
Web cookies were invented in 1994 to enhance the user experience of the internet, but they quickly began to be used for marketing purposes as well. Furthermore, in 2012, Apple introduced its IDFA, a tool for the targeting and evaluation of advertising.
These developments, however, have also enabled third-party actors to take advantage of personal data. Our research suggests that only around 33 percent of Americans believe that companies are using their personal data responsibly (Exhibit 1). As a result of growing concern around data usage, government regulations have begun to limit the use of customer data; the European Union’s GDPR was the first in 2018, but others—including the CCPA, the California Privacy Rights Act (CPRA), and the Delaware Online Privacy and Protection Act—have followed.
Private companies are now following suit. In January 2020, Google announced that it planned to phase out support for third-party cookies in Chrome within two years. Chrome will be the third browser to make this restriction—Apple has already done so—which means that more than 85 percent of the browser market will block third-party cookies starting next year. Apple has also begun to limit the sharing of digital identifiers with intelligent tracking prevention in Safari, and the IDFA has required users to opt in to let advertisers see their data since April 2021.
Because customer protection is key, these developments will have a significant impact on digital marketing and should therefore be welcomed. But companies that are no longer able to personalize their outreach to customers at scale may have to spend around 10 to 20 percent more on marketing and sales to achieve their current level of returns.
As underscored in a recent study by McKinsey and the Interactive Advertising Bureau, advertisers therefore need to continue to build their first-party database. Keeping—and growing—access to customer data will partially be about technological fixes to improve data capture. It is likely that the more important component will be an entirely new approach to customer data.