Retailers must navigate customers’ online privacy concerns

Online privacy-web

None of our business?

Smart retailers know their customers. Traditionally that knowledge was gained through personal interactions. If a shopper made several purchases over the years, the store owner learned her style and color preferences and the prices she could afford. Maybe he recorded this information in a notebook or file, along with her phone number, in case he wanted to call her with an offer she might like.

Today, savvy retailers capture data about customers online. Visitors to the store website are asked to leave an email address, and their browsing is mapped. This leads to creation of a profile. What products does the site visitor look at? What styles interest her? If she has a buying history at the store, what has she purchased, how much has she spent and how has she paid?

Through artificial intelligence computer programs, this new data can be saved, analyzed and used to build individual marketing plans for each actual and perspective customer.

Many consumers like, or even expect, that level of personal interaction, according to a global survey conducted in 2018 by Morar HPI, an independent research and creative constancy. Results were reported in January 2019 by Oracle Retail.

The survey of 15,500 adults found that “65 percent of global consumers reported that they browse online several times a week, and 47 percent of them indicated that it would be ‘awesome’ to receive real-time offers based on what they’ve been browsing.”

Once they purchase, Oracle Retail reported, “There seems to be an expectation among consumers that retailers should know the full history of their purchase, whether they visit the brand online, in-store or both. Shoppers are agitated when having to explain returns, discounts, special offers they might have utilized; they expect instantaneous, 360-degree knowledge of what they’ve bought and what promotions they’ve used when pursuing a return.”

While retailers should meet those expectations, they also must negotiate a tension that Oracle Retail described as “new possibilities that delight and disquiet retail consumers.”

Fatigue around sharing personal data has set in, prompting retailers to reassess brand transparency to offer a more anonymous shopping experience.

– Oracle Retail

What disquiets them are concerns about data security and online privacy.

Security is high on everyone’s list of worries, thanks to countless breaches by online hackers trying to steal credit card data and other sensitive information. One by one, U.S. states have enacted laws that require businesses to notify customers if their personal information has been compromised in any way. But such legislation, although needed, also alerts consumers to the fact that businesses do hold personal information about them – and many people aren’t happy about that.

“Across the globe, there’s been a growing disquiet about the way technology can be a clairvoyant as consumers go about their online life,” Oracle Retail noted. “This perceived encroachment on privacy has resulted in significant measures such as the General Data Protection Regulation (GDPR) legislation, illustrating consumers’ sensitivity and concern about the importance of protecting their privacy. Fatigue around sharing personal data has set in, prompting retailers to reassess brand transparency to offer a more anonymous shopping experience. Around the world, 86 percent of global consumers state they would ask brands to remove their personal data if a similar regulation was implemented in their region.”

GDPR is a European Union regulation that was echoed to some extent in a 2018 California law called the California Consumer Privacy Act (CCPA), which will take effect in 2020.

The CCPA applies to a business with annual gross revenues of more than $25 million; or that buys, receives, sells or shares (for commercial purposes) the personal information of 50,000 or more California residents annually; or derives 50 percent or more of its annual revenues from selling consumers’ personal information.

Regarding those businesses, it creates four “rights” for California consumers, defined as all residents of the state:

  • To know what personal information a business has collected about them, how it was collected, and how it’s used.
  • To bar a business from selling their personal information to third parties.
  • To demand that a business delete their personal information, with some exceptions.
  • And to receive equal service and pricing from a business even if they exercise the privacy rights granted by the law.

The California Consumer Privacy Act treats commercial information as personal.

Personal information under the act includes “commercial information” such as “records of personal property, products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies,” as well as “Internet or other electronic network activity information,” which would cover browsing and search histories on public websites.

Critics of the legislation, including business groups, point to several flaws, including broad definitions of who’s protected by the law and what is considered personal information.

If all residents are covered, that seems to allow employees to ask their employers to delete personal information about them, such as records of disciplinary actions. And putting “commercial information” in the same category as personal information seems overly protective to critics. Shopping histories and product preferences make up the kind of information many of today’s retailers find useful in compiling customer profiles and in turn creating individual marketing plans to appeal to shoppers. Past generations of merchants kept written notes with such information without violating anyone’s privacy.

The National Retail Federation hosted a meeting on the CCPA in Marina Del Rey, Calif., Jan. 23 to help educate members about the impact of the new law, both in California and nationally. It’s “an opportune time for retailers to look ahead as state legislative sessions begin and the consideration of federal data privacy legislation commences in Congress,” NRF Senior Policy Counsel Paul Martino said in a memo.

The California Chamber of Commerce, known as CalChamber, and other business groups will seek changes to the California law before it takes effect next year, but the U.S. Chamber goes further. It is urging Congress to act.

“Congress should adopt a federal privacy framework that preempts state law on matters concerning data privacy in order to provide certainty and consistency to consumers and businesses alike,” it said in a policy statement last year.

“Advances in technology have empowered businesses and consumers alike, and policies to address these changes should reflect both the significant impact of the tech ecosystem on the economy and the importance of the responsible use of consumer data,” Tim Day, vice president of the Chamber’s Technology Engagement Center, added.

The Chamber currently is drafting model legislation, but the prospects of congressional action are uncertain. Retailers should encourage their state and federal representatives to set consistent and reasonable standards that separate sensitive personal data from commercial information commonly used by businesses.

Retailers should work to earn customers’ trust.

In the meantime, retailers should proceed cautiously regardless of what laws require.

“It’s important to strike a balance with personalization so that your customer still trusts your company,” Jay Radia, co-founder and CEO of Yieldify, wrote in TotalRetail. Yieldify says it helps retail businesses create personalized e-commerce campaigns.

“First and foremost, be honest,” Radia added. “Let your customers know what kind of data you’d like to collect and allow them to approve or deny that request. It’s also important to show how you’re using that data to create the best shopping experience possible. Transparency is the new norm, so let your customers know that their data will be used to make their shopping experiences better, but also understand that privacy laws like GDPR allow consumers the ‘right to be forgotten.’

“Additionally, offer incentives in exchange for information like email address capture and location tracking. By offering free delivery or a discount on a first purchase following a request for email capture, consumers will feel like they’re getting something out of giving up a small piece of their privacy.”

There is no reason why individuals’ shopping preferences shouldn’t be used for the benefit of both merchant and customer – as has always been the case.

About the Author

Doug Clark
Doug Clark is content manager and government relations staff member for the Home Furnishings Association. Please contact him with story ideas or concerns at 916-757-1167 or dclark@myhfa.org