The Tricky Balancing Act of Privacy and Personalization

Apr 23, 2019
Will Devlin

Everyone agrees that personalization is important for any messaging strategy — Consumers expect it, and marketers see consistent positive results. When 79% of consumers say they’re more loyal to brands that understand them, there’s no going back. So, personalization is here to stay. If there’s one marketing prediction we can be confident in right now, it’s that marketing messages are only going to get more highly tailored rather than less for the foreseeable future.

Don’t be creepy

But, when personalization is done poorly — or sloppily — it can go wrong in a hurry. There has to be a balance between making a message relevant to the recipient, and getting so personalized that the message can feel like a breach of privacy. In a recent survey by InMoment, 75% of consumers said they had encountered personalization they found to be creepy. That’s a reminder that, just because you have data points available to you doesn’t mean you have to use them for personalization.

It can be tempting to utilize every piece of information at our disposal in this highly competitive world — They handed it over to us freely, after all — but you have to put yourself in the recipient’s shoes. If you received this message, would you question the sender’s motives and judgment? Would you cringe and wonder why they had that information in the first place? Running any even remotely questionable campaign across multiple sets of eyes in house — of multiple backgrounds and perspectives, when possible — can help to guard against this problem.

Breaches can be a killer

While being creepy is a problem, data breaches are a much bigger and more serious issue when they occur. There have been numerous high-profile data breaches in recent years, and these not only launch weeks of embarrassing headlines but can do lasting damage to consumer trust in your brand.

It’s a big enough risk that many businesses with large amounts of sensitive personally identifiable information (PII) — those that handle medical or financial information, for instance — don’t personalize anything they send out for fear of having it fall into the wrong hands. But the data woes of Facebook show you don’t have to deal in information as obviously sensitive as health records or bank accounts in order to have data privacy become a major issue when using it for targeting.

How can you personalize safely?

One of the challenges many Super Senders face is that the bulk of their data lives safely behind their firewall, but marketers have to copy some of that data and send it up to their ESP’s cloud environment in order to build campaigns. And, no matter how secure your own database is, once it leaves your firewall, you have far less control over how protected it is. Many I.T. departments will completely lock down certain PII, saying they can’t be used for personalization because the risk of letting them leave the company’s secure database is too high. This is especially common among companies that have endured a data breach in the past.

Here are some steps you can take to continue personalizing messages while maintaining a high bar for data security:

  • Obviously, the first step is to ensure your own database is as secure as possible. Setting up a firewall and encryption is a good security measure that will help you feel confident about the data you control. You should also invest in keeping your data organized — perhaps using a CDP or modern data warehouse, depending upon size and need — so you know where it is and have full control over it at all times.
  • Only collect data that’s relevant to your business and the messages you’re going to send. If you run a chain of restaurants, you probably don’t need to know if your customers have recently purchased insurance. Limiting your data asks to information that’s relevant both builds trust with your customers and keeps your exposure lower if something does go wrong. Don’t ask for information just in case you want to use it later. Carefully consider any new asks, and proceed with caution if you do.
  • Don’t trust your ESP to keep the data safe on their end. This is too important, and consumers will lose trust in you if they know their data was stolen, even if it was through a third party. One solution is to use an ESP that sits within your firewall, next to your database, so your data never leaves your safe environment. It’s as safe when you’re building personalized campaigns as it is at any other time.

While personalization is essential for any sophisticated messaging strategy, data security needs to be top of mind for any responsible marketing team. The balance isn’t always easy, but a few smart steps can help to ensure you can reap the benefits of personalization while still respecting the responsibility of being trusted with your customers’ information.

About the Author

Will Devlin

A 20-year email marketing veteran, Will has focused on marketing strategy and execution for MessageGears since 2014. He has extensive experience on both the retail customer and service side of email marketing, and he’s interested in helping businesses better understand how they can make the most of the work they put into their email campaigns.