What percentage of consumers trust the marketing and advertising industry? In this episode of Two Gals and Some Data, join Lori and her special guest as they discuss this answer and the hot topic of data and security.
Lori Paikin: Hi everyone and welcome to our first podcast of 2020. Today's special guest is Jill Harrigan, the newest member of our growing business development team. Jill's background prior to joining NaviStone is largely focused on technology and security, having worked for Develop Intelligence and Iron Mountain. We thought it would be interesting to get her perspective on data and security given the heightened privacy environment that we're working in and living in today. Jill, thanks for talking with me today. Not just about data, but how our listeners can use data to make more money.
Jill Harrigan: Sure thing, thanks for having me.
Lori Paikin: I find your background so interesting and relevant in today's privacy sensitive environment. I'd love to start by asking you to share a little bit about your background. I think our listeners would really love to understand more about Iron Mountain in particular.
Jill Harrigan: Yeah, of course. Iron Mountain is an information management company. They're also a data protection company. They've been around since 1951 I think. They protect a company's data in a lot of different formats like paper records, backup tapes, and even within the cloud. They run some of the world's most secure data centers, and along with housing a company's data, they can also destroy it when it reaches end of life, what I really liked, all in an environmentally friendly way.
Lori Paikin: One thing that you had said to me offline that I thought was really interesting was how you said working at Iron Mountain causes security to become part of your DNA.
Jill Harrigan: Yes, absolutely. It's so true. If you go to Iron Mountain's website, they actually specifically state, "Data protection is in our DNA." After having been there for so many years, I really did start to feel that it became part of my own DNA, and because of that I really had to sit back and take into consideration if NaviStone took data security seriously before I really felt comfortable joining the team.
Lori Paikin: Yep. That is exactly why I was so excited for you to share your point of view on security, and quite honestly, privacy as well because the two really go hand in hand, especially in the advertising sector. We've talked many times on this podcast about the impact that consumer data has in making advertising meaningful and relevant. First with demographic and psychographic data, providing insights into who to target and how. Then with transactional data, using past purchase data to accurately predict future purchase data. And now, today, using intent data because it validates what the consumer is in market for at this very moment.
Lori Paikin: I know we're all in agreement, consumer data is a critical component in providing consumers with that individualized experience that they've come to expect, and quite honestly, that they deserve. In that context, I want you to finish this sentence for me, "Consumers are more and more comfortable providing access to their data provided blank."
Jill Harrigan: Well, I think advertisers say they're doing certain things in order to give the consumer a better buying experience. But honestly, I think we all know it's really about their bottom line. That said, it's totally okay with me when advertisers try to get the right ad in front of me at the right time. But what I'm really saying is, why not be upfront about it? "Dear consumer, let's work together so we both get what we want."
Jill Harrigan: An example of this is on Facebook, and something I think they do really well. For example, if you're scrolling through and you see a ad that you really don't want to see, you can say, "This is not relevant." For example, a vegetarian really doesn't want to see an ad about buying a bunch of steaks, and so they might prefer seeing an ad about a vegetarian alternative. Putting the consumer in the driver's seat, to me, is really the most important thing. And from what I have kind of gathered with talking to friends and so forth is consumers don't really seem to mind sharing somewhat personal information if it allows them to receive personalized advertising.
Lori Paikin: Yep, totally agree. Consumers are comfortable allowing access to their data, provided they receive a better experience with that brand. I want to go back though to one of the first things that you said. You said, "For advertisers, really, it's all about their bottom line." Am I misinterpreting your comment or do I detect a bit of cynicism?
Jill Harrigan: I mean, maybe a little bit. But it really goes back to what I said about being upfront with the data they're accessing and how that data's being used. I know that as a business you're focused on your bottom line, and as a consumer I want the most relevant and timely ad possible. Will you as the business want to access my data in order to provide the most relevant and timely ad to me? And that will of course lead to greater demand and a stronger bottom line. I want you to have access to my data so you can provide me with the most relevant and timely ad. Very specifically, a product or service I'm actually interested in, which will in turn lead me to buy and therefore improve your bottom line. We both get what we want. Let's just be transparent about what's happening. I want you to guarantee that the data I allow you access to is being kept secure, is being used for the intended purpose, and ultimately is being protected beyond that.
Lori Paikin: Two things that you said really struck a note with me. First is the idea of providing consumers with that notice as to how data is being used. I think that the idea of providing consumers with that notice and choice is one that's been around since the '90s. The notion of intended purpose is a bit newer but equally as important. Consumers are sharing their data with the advertisers they work with, they want a relevant experience in return. Seems straightforward. I watch romantic comedies on Netflix. Netflix sees this, they make recommendations for movies I would like based on my past behavior. I purchase something on Amazon, they make recommendations for complimentary products. Again, using my past behavior to put appropriate offers in front of me. Even take NaviStone as an example. We use browsers intent behavior to put timely and relevant product offers in front of the consumer. This all seems straightforward to me.
Lori Paikin: But there are multiple levels of data and there's multiple levels of data sharing. Consumers are sharing PII, which is that personally identifiable information like who they are, and they're sharing PI, or that personal information, like the movies they watch or the products they browse and buy. I think where consumers struggle is when their PII, who they are, is made available in conjunction with that personal data, demographics, purchase data, browsing data. It's the combination of the two used without explicit permission that causes the greatest concerns and distrust from consumers.
Jill Harrigan: Agree.
Lori Paikin: That then brings us to the various levels of data sharing. Consumers are giving advertisers permission to use their data to provide that relevant experience. We know that. Sometimes advertisers will make that data, the consumers data, available to third parties to further enhance that experience. Fine. But sometimes the advertiser will make that data available to third parties for monetary reasons and that's a whole different level of sharing, and maybe not so fine with the consumer. This is where I think data security plays a big role. Yes, the value has to be there, that's a given. But advertisers have been entrusted with their customer's data and in turn need to be sure anyone who has access to it is using it for the intended purpose, and ensure that that data will be protected.
Lori Paikin: Earlier you mentioned Facebook in the context of something they do so well, using the data provided to improve consumer's advertising experience. On the flip side, I can't help but mention that many challenges have occurred with breaches in data security and transparency. The fact that the data being collected was being used in ways that the consumer was not aware of or gave permission for. So that leads me to our first trivia question.
Jill Harrigan: Okay.
Lori Paikin: I read a survey conducted by Pricewaterhouse Coopers last year, as part of their consumer intelligence series protect.me. Marketing and advertising industry is reviewed as the least trustworthy industry. What percentage of consumers do you think trust these types of businesses?
Jill Harrigan: I'm going to say like 15%.
Lori Paikin: Pretty close. The correct answer is 3%.
Jill Harrigan: Wow.
Lori Paikin: Why do you think this is? Definitely lower than you had expected, but extremely low. So I'm curious why you think that is.
Jill Harrigan: I guess maybe because consumers, like I kind of mentioned before, really think advertisers are only in it to make themselves rich. Maybe they don't consider the fact that advertisers-
Lori Paikin: There's that cynic in you.
Jill Harrigan: Yeah. Yeah, exactly. Maybe they don't consider advertisers really are trying to make consumers buying journey better, and consumers really do want advertisers just to be up front and tell us, "How are you using the data you're accessing?"
Lori Paikin: What impact do you think data breaches have on consumers? Let me just ask the question a little differently in the form of our second trivia question. In the context of Facebook, after the Cambridge Analytica scandal, trust in Facebook was impacted by what percentage do you think?
Jill Harrigan: I'd say at least 50%.
Lori Paikin: Close again. Actually, trust in Facebook fell 66% after this misuse of user data. But interestingly enough, even though trust declined, usage did not decline at the same rate. So in 2017, 67% of the U.S. population over the age of 22 used Facebook. In 2018, that dropped to 62%. And in 2019, to 61%. I would have expected that usage would have dropped more, but I think that speaks to the value that Facebook brings. So going back to some points we said earlier, if consumers are getting the value they want out of a product or service, they're not only willing to share more data but they're also more forgiving when things like this happen. Not that I'm supporting the misuse of data as long as value's there, but these statistics certainly suggest that when the value's there people are more forgiving.
Jill Harrigan: Agree. Definitely. Consumers want relevant and meaningful content. But here's the thing, I don't think consumers want any of this to feel sneaky on the part of the advertiser. And I think this is why the cookie notice, you know when you go to websites, is so important. "Don't just track my activity, tell me that you're doing it. Tell me how the data's going to be used. And definitely tell me if you're going to sell my data," that's a big one. Many companies track browsing activity all across the internet, but then they turn around and sell that data to other companies. And a lot of times, these companies, they hide this information within their very lengthy privacy statement and it's really not easy or obvious to find. This to me is what feels a bit sneaky.
Lori Paikin: That's actually a good segue into talking about what I think is on everyone's mind regarding privacy, and that is that the CCPA has just gone into effect. Without oversimplifying the provisions of the regulation, in addition to notice and choice, something that's been around and addresses that issue of sneakiness, the CCPA requires advertisers to provide consumers with access to their own data, the right to edit that data, the right to be forgotten, meaning the deletion of that data upon request, and no penalty if a consumer does decide that they want that data deleted or not shared. Do you think that the advertising industry is taking the right steps to keep consumer data secure?
Jill Harrigan: I mean, in the past you just had to notify people that you're using it, but really now the conversation is around how will you protect that personal information.
Lori Paikin: Do you have an opinion on whose responsibility it is to protect that data? Is it the responsibility of the government to put regulations in place to protect the data? Is it the responsibility of the advertising industry to self-govern? Is it the responsibility of the business?
Jill Harrigan: I absolutely think it's the government's responsibility to put regulations in place to ensure consumer privacy, but I also believe businesses should really be thinking several steps ahead of the government. The government regulations will definitely ensure everyone falls in line, or at least it will help. However, businesses who self-regulate in the meantime really will end up in a better situation in the end, not having to scramble to put things in place just because it's the law.
Lori Paikin: I think we're pretty much aligned. I mean, ultimately I do think that it's the responsibility of the business to respect the data provided by their customers and to use that data for the intended purpose, but I also think that it's difficult to do that without some clear guidelines to follow, which is where I think industry and government regulation does come into play. Let's go back to something you said earlier. Because security is in your DNA, you had to be sure that NaviStone felt similarly about data security and its role in protecting consumer data.
Lori Paikin: How so?
Jill Harrigan: Well, for one, we don't leverage client's data to create an identity graph, we utilize a third party to get those postal names and addresses. Yet, we never see the data, our clients never have access to the targeted audience that we create, and we never sell or resell consumer data. When you think about it, other companies allow the target audience to be shared with advertisers, which, I don't know, in my opinion it's just not great in terms of privacy.
Jill Harrigan: For example, if a company leverages clients' data to create an identity graph, and then they turn around and sell that data to a third party, I don't know, I'd say data security isn't really being taken seriously. But I'm definitely not new to data security, but I'm very new to the industry, so to be honest, I'm actually really interested to hear what your opinion is on the matter.
Lori Paikin: Well, I have been in the data business for a long time, I've been in the data sharing business for my entire career working at the various co-ops, and I do think that most businesses take data security seriously. The vast majority of data aggregators have given notice and choice, and require the data contributors to give that notice and choice to consumers. I also think the vast majority use that data for the intended purpose. Unfortunately, in the instances where there is a breach or a misuse, it becomes highly publicized casting a negative perception around the industry in general and how they think about security. But generally speaking, I do think that this industry takes security very seriously. And one other thing to consider, there are constantly being new ways to use data and new regulations for how you can use data. So the advertising sector, as much as they are taking it seriously today, I do believe that they need to take it even more seriously moving forward.
Lori Paikin: I like the points that you made about how NaviStone thinks about data, how we treat the consumer's data to ensure privacy. I don't mean to get into a NaviStone pitch here, but it's my podcast, and I actually think how we do what we do is quite relevant. Our technology was engineered from the ground up with consumer privacy and data security at the foundation. As you had mentioned earlier, while we do have personal information, that browsing history, it is only associated with a pseudonymous connector, so we don't actually have any PII. So that kind of security breach, where people's names and addresses can get released, cannot happen. Security is part of NaviStone's DNA as well.
Lori Paikin: In a podcast that aired back in 2017, NaviStone CEO Larry Kavanagh made a point that I want to close with. "For marketers and technology companies offering services based on data, the critical lesson isn't just to keep improving the value of using that consumer data, but to also keep that data safe, and really, keep that whole idea of safety and security out of consumers' minds. Data security needs to be table stakes."
Lori Paikin: That will do it for today's episode of Two Gals & Some Data. Jill, thank you so much for joining me today.
Jill Harrigan: Thank you.
Lori Paikin: If you want to read more from us, check us out at navistone.com. And if you enjoyed today's show, head over to iTunes and leave us a five star review. Thanks for listening.