When visitors to a brand’s website or online platforms share their personal information with businesses, they are entrusting them with highly sensitive data. These visitors are trusting you to keep their data protected from cybercriminals and hackers, and they are trusting you to use their data for legitimate, legal and reputable purposes.
Many organizations understand this unspoken trust agreement, but not all businesses are scrupulous to begin with. Constant data leaks and scandals have led governments across the globe to pass data protection laws that give people more control over their personally identifiable information (PII).
European GDPR regulations are currently pioneering the field of online data security by laying out strict laws to govern the way that personal information is handled. It’s expected that by 2023, more than 65% of the world’s people and their data will be similarly protected in a legal sense, according to Gartner.
What Exactly Is Personally Identifiable Information?
The first step to becoming compliant with PII as a digital marketer is to understand how to identify and class personally identifiable information.
This can be challenging, as definitions of PII often vary by region. Some personally identifiable information, like names, addresses, phone numbers, and identification numbers, are obvious to identify as PII. However, many jurisdictional laws reach further. CCPA, California’s new privacy act, defines PII as including elements such as biometrics, geo-location data, IP addresses, network logs, and account numbers.
Instead of focusing on the specifics of PII, it may be simpler to grasp the gist of most privacy laws and work from there. Essentially, PII is universally defined as any information that can be used alone or along with other data to identify an individual. Conversely, any element of data that cannot be linked to a specific individual is not PII.
How to Use PII for Marketing Efforts
In most cases, there are no laws that prevent companies and their digital marketing agencies from collecting and using PII for online marketing and advertising. However, it’s important to understand that most companies do not use PII for advertising purposes.
The reason why advertising firms don’t use PII and marketing firms do is because in order to launch a digital display advertising campaign and optimize SEO efforts, advertisers will need to share user data with third parties. This means that they would need to obtain consent before any consumers could view a page containing ads, which is an understandable hindrance.
Marketing segmentation for digital marketers allows for the use of PII for digital campaigns because personal data does not need to be shared with ad networks and exchanges to achieve this.
What Does the Future Hold for PII Compliance?
Countries around the world already have stringent privacy laws in place or are currently developing them. Many countries, for example in Europe, may adhere to a wider bill like GDPR, but then add further national conditions to their data processing privacy laws as well.
It’s expected that we will see two new trends emerging in data privacy legislation in the near future.
- Extension. Many regions will implement new privacy laws or tighten their existing legislature.
- Reconciliation. It can be difficult, if not virtually impossible, for businesses and digital marketers to deal with dozens of varying laws on PII. This means that data security laws will likely be aligned with one another to create a more globalized approach to protecting personally identifiable information.
How Digital Marketers Can Remain Compliant
It is nearly impossible to predict future changes in regional compliance laws. Many of these changes will rely on unpredictable factors like the results of elections and the efforts of digital privacy campaigns.
However, you can still remain compliant to the best of your ability while designing digital marketing campaigns for your clients by:
- Understanding the forms of PII you work with. Every business needs to be accountable for the PII it gathers and stores. Identify the types of PII your marketing campaigns will be gathering on behalf of your clients and understand exactly how their networks and systems share and store private information.
- Use PII with integrity. People that hand over PII will be expecting it to be used for a specific purpose – a good example would be an eCommerce website visitor that hands over their name and email address to receive future deals via email. However, this doesn’t mean that they automatically consent to be included in locale-based analyses and analytics tracking efforts. When in doubt, err on the side of caution.
- Give people full control over their information. Participants in your marketing campaigns should be provided with clear, honest privacy policies that include details on how to opt out of tracking and analytics. If possible, request that your client designs self-service portals for their customers that allow them to make amendments and keep their personally identifiable information updated.
- Keep PII secure at all times. As a digital marketer, you may need to work with your client’s IT team to ensure that securing customer data is a priority, and that unauthorized parties cannot access people’s private information. Work together to implement role-based access restrictions that ensure that employees can only access data relevant to their jobs, and that suspicious third parties cannot access any PII at all.
- Refrain from storing PII once it has been used. Most of the world’s privacy laws give people the right to request the deletion of their data at any time. It’s advisable to delete any PII from your system that is no longer required for your marketing efforts. Storing old, used PII information is a constant privacy risk that adds no value to your campaign generation processes.
The Bottom Line
Digital marketers will find themselves working with a wide range of personally identifiable information while crafting effective marketing campaigns for their clients. This is why it is essential for every digital marketer to adhere to PII compliance regulations.
PII best practices like giving people control over their data and not storing it longer than necessary will help to ensure that your clients can retain the trust of their customers and remain aligned with new data privacy laws like the GDPR.
Rae Oliver is a freelance content creator. Her published work covers a vast range of topics, from SaaS to lifestyle and fitness. Like many other 20-something professional digital nomads, she has a passion for travel, social media, and digital marketing.