Whizardries Inc’s Post

Transcript

You know that feeling when you discover a company has been sharing your data without permission. That pit in your stomach, the sense of betrayal. Now imagine thousands of your customers feeling that way about you and your business. Today on Arcana , we're exploring why Data Privacy Day matters to your bottom line. How a single privacy misstep can cost you revenue. And more importantly, how building a culture of trust. can become your strongest competitive advantage. Welcome to Arcana, Wizardries' podcast for email deliverability and privacy. Here's a sobering reality from recent research. According to Tableau, 48 percent of users have stopped shopping with a company over privacy concerns. Not because of price. Not because of product quality. But because they lost trust in the company's ability or willingness to respect their privacy. According to IBM's latest research in their Cost of a Data Breach Report released last year, a single data breach costs companies an average of $4.88 million, but the real damage goes beyond that immediate financial hit. It's the long term loss of customer trust and the revenue that walks out the door. In today's digital economy, trust isn't just something that's nice to have. It's the foundation of consumer relationships and sustainable revenue. Every email you send, every piece of data you collect. Every third party integration that you implement either builds or erodes that foundation. Next week, we'll have Data Privacy Day on January 28th. And as we celebrate Data Privacy Day for 2025, we're facing a business landscape where privacy isn't just a compliance checkbox to be ticked, it's a core business differentiator. Eight new comprehensive state privacy laws are taking effect this year. Delaware, Iowa, Nebraska, New Hampshire, and New Jersey all just have laws come into effect on January 1st. Minnesota has a law coming into effect in June, and Tennessee follows in July with Maryland in October. Each one of these new state laws brings new consumer rights and new liabilities with stricter data protection required for businesses. For example, Maryland's new law will restrict data collection to what's "reasonably necessary" providing your service. While several states will require formal impact assessments before processing sensitive data. Let's talk about something that I call the "trust premium," the measurable business advantage that comes from being known as a privacy-respecting company. Recent research shows companies investing in privacy can see up to $2 and 70 cents returned for every dollar spent. They're spending less on customer acquisition because trust drives referral. They're seeing higher email engagement rates because recipients trust their messages. They're closing deals faster because prospects trust the company's data handling practices. What does this trust look like in practice? Research from the Institute of Customer Service found that 81 percent of people consider trust a very important factor in deciding whether to use a company. And 95 percent are more likely to remain customers of a business they trust. According to MediaMath's research, 74 percent of consumers More likely to trust brands that take a privacy safe approach to handling personal information. And, according to PricewaterhouseCoopers, companies that build trust see both higher customer retention rates and an increased willingness to share relevant data for personalization. But you can't fake trust. It has to be built into everything you do. From how you collect email addresses, to how you handle unsubscribed requests. Each interaction that you have is an opportunity to either strengthen or weaken that trust. So, how do you build that trust? It starts with what you can call the "Trust Trinity:" transparency, control, and accountability. Transparency means that you make your privacy practices crystal clear. Your privacy statements shouldn't need a law degree to understand. Think about this. According to Pew Research's findings, 69 percent of Americans view privacy policies as just something to get past. More than half admit to clicking agree without even reading them, and 61 percent say these policies are not effective at explaining to them how their data will be used. Why? Because we've made privacy unnecessarily complex and meaningless to the average person. Control is about giving your customers real power over their data. When someone wants to update their preferences or opt out of communications, make it simple. Last week's Spamtacular post talks about this from the standpoint of considering compliance with the CAN-SPAM Act. That law, simply stated, in its enforcement by the FTC, by rule, says you can only ask. for a subscriber's email address and their opt out preferences. When you do more than that, you're taking a risk. But even more important, you have someone who wants to opt out of communications and you've made it difficult. That's not how you give people control over their data. When they request access to their data, provide it promptly. If they ask you to delete their information, actually delete it. And perhaps most importantly, let them choose what they share with you in the first place. Remember, forced trust isn't trust at all. Accountability means doing what you say that you are going to do consistently. It means conducting regular privacy impact assessments to understand how your practices affect your customer. It means having clear procedures for handling data and training your employees to follow those processes. It also means carefully vetting your vendors and holding them to your standards. Most importantly, it means owning up to your mistakes when they happen. Real trust comes from consistently doing the right thing, especially when it's inconvenient. Practically speaking, how do you build trust in your organization? Start by looking at your data collection touchpoint, not just your email sign up forms, but everywhere you gather customer information. Are you clearly explaining why you're collecting that data? Are you telling people how you're going to use it? This isn't just about legal compliance. While many laws do require you to say what you're going to do with information, how you're going to use it, it's also about setting clear expectations with your future customer. Your forms should tell a story. Instead of just saying enter your email, take some time to explain what subscribers will receive and how often. Instead of a simple checkbox for phone numbers, clarify if you'll send SMS updates or if you're just going to use it for account security. Every data point you collect should have a clear stated purpose. Next, examine your preference center through your customer's eye. The easier you make it for people to control their data and communication preferences, the more they will trust you with the information that you're asking them to give you. But many preference centers fail at the basics. Hard to find. Difficult to navigate. Some force customers into an all or nothing decision that erodes trust. A well designed preference center should be easily accessible from every email you send. It should offer granular control over frequency and content. A well designed preference center should allow opt down preferences instead of just complete opt outs. And a well designed preference center should remember those preferences across channels. It should also confirm changes immediately. While something like the CAN-SPAM Act does require that action be taken within 10 days understand things that happen on the internet happen much faster than that. When someone asks to opt down or opt out, the purpose of that 10 day window is, I think, more about what happens if someone has to mail in a request. Well, you have to have time for that to go through the post office, and arrive at an office, and be opened, and then someone to read it and act on it. And that takes days to accomplish. But when you're dealing with forms on the internet, those changes can happen immediately. 82 percent of data breaches now involve data stored in the cloud with breaches that span multiple environments. So when we talked a while ago about the IBM Cost of a Data Breach Report, understand that that's where a lot of that money comes from. Breaches that span multiple environments cost companies an average of four and three quarter million dollars. Best way to protect data is to not have it in the first place. If you don't need it anymore, let it go. This means implementing clear data retention policies. You should have regular audits of stored customer data so that you know what you have. You should have automated purging of outdated information, with clear processes for handling data deletion requests. You should have documentation that says what you're going to keep, and you should regularly review retention period. Your vendors are an extension of your trust relationship with customers. Take time to understand how your ESP and your other partners handle your customer's data. Their practices reflect directly on your trustworthiness. Ask tough questions about their security measures, data handling practices, and breach notification procedures. Remember, in your customer's eyes, there's no difference between your vendor's practices and your practices. It's your name that's on the line. What do we do now? Well, for this week, I want you to look at one customer touch point with fresh eyes. Maybe it's your newsletter sign up form or your preference center. Don't look at it through what you want and the things that you want to do. Look at it from your customer's perspective. Is it clear? Is it honest? Is it the type of thing that builds trust in you and what your company is trying to do? And then make one improvement that increases transparency or gives customers more control over their data. Then sit back and see how that might affect your engagement rate. Remember, privacy isn't just about compliance. It's about building lasting customer relationships based on trust. As we celebrate Data Privacy Day, remember every privacy decision is a business decision. If you found this episode valuable, please take a moment to rate and review Arcana on your favorite podcast platform. Your feedback helps other professionals find these insights. This has been Arcana. Visit us at wizardreads. com for more information about how we can help you get your mail.