Why Taking Control Of Data Collection Can Ensure Your Business Complies With Evolving Privacy Requirements
by Ciaran O'Kane on 8th Jun 2012 in News
The EU e-Privacy directive highlights the need for site owners to take control of how data is collected and handled on their sites. BrightTag chief executive Mike Sands discusses why sites should take control of data collection, and how such a strategy could future proof businesses for further changes in privacy legislation.
If you hate any word right now, it’s probably “cookies”. Twenty-seven different interpretations of the e-Privacy directive for 27 different EU markets, some of which are so unclear it’s difficult to see how you can comply with all of them.
Because regulations differ, the approach taken in the UK won’t be the approach that’s needed in other countries, even though the user may be visiting the exact same website.
But if some good has come out of that process, it’s the fact that the directive has highlighted the need for site owners to take control of how data is collected on their sites, and by whom.
Without such control, complying with the directive is impossible. How can any site owner ensure a third-party data collector is meeting the requirements?
Taking control means knowing that every organisation that collects data on your website is following the same rules and respects the consumer wishes.
To do this, site owners need to address the problem at its source and take control of the third-party tracking tags they place on their sites. Tags are what trigger the placing or activation of a cookie. Tags, a piece of code typically provided by a third party, can be a simple 1x1 pixel or image loaded with the web page, or they can be in the form of JavaScript code that allows for more advanced data collection.
These tags are proliferating to the extent that a typical e-commerce website could have any where from 50-150 third-party tags at any given time. With every tag representing a different data collection point, complexity and privacy issues arise for the site owner.
The real challenge of complying with the new directive is ensuring that each of these collectors is following the same set of rules that you are.
Our role at BrightTag, as a technology provider, is not to tell website owners how to comply with the new regulations, but to empower them to be able to deliver on their consumers’ choices and the policies to which they must adhere.
That policy could be a single one-size-fits-all approach designed to ensure every market meets the toughest conditions (like those defined in the German rules) or an adaptive approach that is sensitive to the different rules in each market (for example the broader approach of the UK).
The benefits of each approach depend on each site’s operations aims, business objectives and the countries in which they operate.
The bottom line, however, is that online privacy regulation will continue to evolve whether you do business in a single market or your business expands across the EU and is subject to different rules and regulations. It is also likely that the policy makers themselves will evolve their thinking over time. The best assumption you can make is that changes to your website will be necessary in the future.
BrightTag’s approach has been to provide enhanced and flexible privacy tools to ensure that companies don’t have to reconstruct their websites to comply with the current cookie consent requirement, or future variants down the line.
Ultimately, sites need granular-level control over the tag code that sets non-essential cookies on every page of their sites. Our solution dynamically manages which tags and cookies are delivered to a computer or device based on a user’s consent preferences, without the site owner having to do time-consuming and costly IT work.
We’ve added flexible policy set up and management options to allow the rules to change from market to market, default privacy options and granular controls that enable privacy settings to be varied from tag to tag and country by country.
Our partnership with TRUSTe, the global privacy management leader, is designed to ensure that consumers have access to a broad suite of compliance tools alongside BrightTag’s technology solution.
What’s critical is that businesses don’t simply complain about the complexity of adopting the new rules, but get on and work out a solution that’s right for them.
Putting in place a solution that can cope with future changes to the regulations means getting the fundamentals right. The fundamentals are not the cookies themselves but the tags that trigger the collection of the data.
Brands that take control of their tags will be better placed to deal with whatever rules regulators throw at them in the future.
Follow ExchangeWire