Understanding privacy laws should always be a priority for marketers.
With the official launch of the European Union’s Global Data Protection Regulation (GDPR) on May 25, 2018, having a firm grasp on how you can collect, use, and protect customer data is a necessity. Fines for GDPR non-compliance have the potential to be crippling for your business. On top of that, companies that fail to adequately protect data risk losing customers for life over a lack of trust.
Though the GDPR guidelines only apply to data collected on EU citizens today, companies working exclusively with a domestic audience should still get acquainted with U.S. data privacy laws to ensure their campaigns and the tools they use — including their data management software — are compliant.
The ReachForce team put together this post to help marketers get a better understanding of domestic and international privacy protection laws.
To start, let’s look at laws on the books in the U.S.:
A Brief Overview of U.S. Data Privacy Laws:
Currently, the U.S. lacks a comprehensive national policy regarding data protection. As it stands today, the U.S. system is made up of a combination of various state and federal laws that tend to spark confusion among marketers. Here are a few of the primary policies marketers should be aware of when dealing with U.S. data:
- The Federal Trade Commission Act. A federal law that protects consumers from unfair or deceptive business practices. The FTC has leveraged this law to come down on shady companies that fail to comply with their own privacy policies or disclose personal data without consumer consent. However, this is a law signed in by President Woodrow Wilson in 1914; it is far from comprehensive or up-to-date with current technology and access to consumer data.
- The Financial Services Modernization Act. In the financial services industry, this law regulates the collection, use, and disclosure of personal financial information. The law protects non-public consumer information while requiring financial institutions to notify consumers of their privacy practices and even offer an opportunity for customers to opt out of sharing their information.
- The Health Insurance Portability and Accountability Act (HIPAA). In the health services industry, HIPAA regulates medical information much like the previously mentioned law does for financial services. Various components of the law work to standardize the protection of medical data while also regulating how companies collect and use protected information.
As you can see, there is a lot of room for ambiguity in U.S. data privacy on a federal level. Contributing to that ambiguity is the fact that marketers also need to learn and understand state-level laws that may govern the way they collect, use, and disclose consumer data.
A Brief Overview of International Data Privacy Laws:
With 96 percent of the world’s potential customers living outside the U.S., it makes sense that most companies want to do business internationally. However, a failure to comply with data privacy laws around the world — many of which are dramatically different than U.S. policy — can have dire consequences for your business.
- GDPR. This is the big one. Many are looking at the EU’s GDPR as the new gold standard for data protection and officials have made it clear there will be no tolerance for non-compliance. Learn more about GDPR.
- China’s Cybersecurity Law. Enacted in June 2017, this rather strict law requires companies to store designated data types within China and gives Chinese authorities full access to a company’s data for regulation “spot checks.”
- Japan’s Act on the Protection of Personal Information. This act governs the types of data that can be exported outside of Japan and requires anonymization of some personal data.
Of course, these are just the tip of the iceberg and are in no way a comprehensive overview. The ReachForce team recommends you do some serious research into domestic and international privacy laws prior to launching your marketing plan.
ReachForce helps marketers increase revenue contribution by solving some of their toughest data management problems. We understand the challenges of results-driven marketers and provide solutions to make initiatives like marketing automation, personalization, and predictive marketing better. Whether you have an acute pain to solve today or prefer to grow your capabilities over time, ReachForce can unify, clean, and enrich prospect and customer lifecycle data in your business, and do it at your own pace.
To learn more about how ReachForce can help you optimize demand generation and your impact on revenue, get your free trial.