How Can Brands Navigate Consent And Compliance? 

Consent management platforms simplify data compliance for marketers across geographies, build brand trust and ensure consumer data is protected. When Uber suffered a data breach in October 2016, they hushed it by paying the hackers to delete the data. Eventually, news of the breach came to light in November 2017, resulting in financial penalties for […]


  • Consent management platforms simplify data compliance for marketers across geographies, build brand trust and ensure consumer data is protected.

    When Uber suffered a data breach in October 2016, they hushed it by paying the hackers to delete the data. Eventually, news of the breach came to light in November 2017, resulting in financial penalties for not following the data breach protocol of notifying the authorities within 72 hours of the incident. But the more serious and perhaps unseen fallout came in the form of broken customer trust. According to calculations by cybersecurity companies, consumer perception dropped by over 140 per cent that year. Brands have since wisened up to the growing importance of data privacy and the link to consumer loyalty.

    According to Edelman’s Trust Barometer survey conducted in 2019, over 80 per cent of consumers said that they need to trust a brand to buy from them. Another survey by McKinsey in 2020 observed that 71 per cent of people would stop doing business with a company if it gave away personal data without their permission. The pandemic may have pushed more people to buy online, but it’s also brought to the fore concerns of data privacy. Brands must now navigate the line between delivering a better customer experience and transparency regarding how it uses customer data.

    Trust and transparent data privacy are two sides of the same coin. Customers need to know that you’re protecting their privacy and keep them informed about the brand planning to use their data. They are more likely to willingly share data under the right circumstances. After all, consumers want personalised products, offers and a unique experience. But at a cost that doesn’t leave their data vulnerable, exposed or misused.

    Also Read: How Can AI Help Content Marketers?

    Evolving data laws

    It may seem overwhelming for brands, especially considering the constant amendments in laws to safeguard citizens across different local and international geographies. For example, Qatar was one of the first countries in the Middle East to introduce a standalone data protection law in 2017 called the Personal Data Protection Law (PDPL). In November 2020, the Compliance and Data Protection Department (CDP) of the Ministry of Transport and Communications issued 14 regulatory guidelines in addition to the PDPL. Bahrain was quick to follow suit with its data privacy law in 2018 based on international best practices set up by the GDPR.

    Until now, the position in most MENA jurisdictions has been that the privacy of an individual and the safeguarding of their personal data are provided under general provisions of the law. This is soon changing, with data protection becoming increasingly in focus in a post-pandemic world. Case in point, in September, H.E.Omar Bin Sultan AL Olama, UAE’s Minister of State for Artificial Intelligence, Digital Economy and Remote Work Applications announced a new federal data protection law — the first federal law of its kind in the UAE. As per this, the regulation of data protection differs between free trade zones and the remaining mainland areas of the UAE. Here is where it gets complicated — mainland areas are under federal jurisdiction, while the free trade zones are empowered to create their own legal and regulatory framework for all civil and commercial matters.

    Currently, the Dubai International Financial Centre, Dubai Healthcare City and Abu Dhabi Global Market have formal data protection regimes. Earlier in September, the Saudi Cabinet approved the Personal Data Protection Law that will take effect from March 13, 2022. The law protects the rights related to processing personal data, regulates how it is shared between entities and prevents its misuse.

    With all that’s at stake, there is significant demand for professional and technological support to help brands protect their consumers and adhere to data laws. Consent management platforms (CMP) leverage software to legally document and maintain a record of consent choices before collecting, sharing or selling user data. These platforms can integrate with sources such as websites and apps that use cookies, embedded videos and other tracking technologies. For the consumer, it provides a detailed report of how their online behaviour may be tracked, the purposes for which that information is collected, and the specific vendors and entities requesting to use the information. They also manage choice for users through explicit consent forms that ask users to opt-in or out. Users may grant, refuse or revoke consent. They can also set their preferences about how certain data can be used.

    A CMP provider has a legal basis to store user consent data. Both legal and marketing teams are involved in choosing this provider and deciding the level of protection and the terms of use. Within the organisation, integrations include interoperability with CRM, CDP and marketing automation systems. Outside the organisation, the CMP solution facilitates communication with third parties like advertising, publishing and other partners before lawful data processing. It coordinates with these partners to allow or disallow access based on the user’s consent information.

    Exciting new players

    It’s hard to imagine anything today that could hurt a brand’s reputation more than a data breach. In 2020, the average cost of a data breach worldwide was $3.86 million, according to IBM’s Cost of a Data Breach report. This is perhaps the reason why the consent management market, which was pegged as a $317 million industry in 2020, is estimated to more than double in value in the next four years.

    In September, Zeotap launched a Consent Orchestration tool that makes it easy for marketers to activate data at scale. If a brand were to constantly verify choices before taking action, it could cause a slow down in the marketing messaging reaching the user which has a significant impact on its effectiveness. With the increasingly competitive landscape where brands attempt to deliver real-time, empathetic marketing, timing is everything. Zeotap manages consent for an individual customer across multiple touchpoints and can differentiate access for different activation channels so marketers can act with speed.

    It is notable that leading CMPs Usercentrics and Cookiebot joined forces earlier this year. Bringing together Usercentrics’ enterprise expertise with the scanning technology of Cookiebot, the new entity will offer a plug-and-play Consent Management Platform. Data permission tool Qonsent announced two significant partnerships—with Ketch, a platform for programmatic privacy and TransUnion, a consumer information and insights company. Together, they created a product called SmartQontract, which functions as a  dynamic ledger with clearly stated terms of use that the consumer can change at any time.

    The large funding rounds are a clear indication of investor interest in the growth of this market. In July, CMP Didomi raised $40 million in a series B round of funding. Developers can integrate Didomi through a number of ways, including software developer kits (SDKs), application programming interfaces (APIs), and pre-built connectors built for Adobe, Google, HubSpot and Salesforce Marketing Cloud.

    Also Read: Shaping Customer Behaviour For Normal 2.0


    The first step for companies on their journey towards consent management is to conduct a thorough data privacy audit. Find out exactly what data your company collects, how it’s stored and used and who has access to it. The more data your brand collects, the greater the liability to store or use it correctly. These are prerequisites to signing up for a CMP solution.

    The need for privacy as a function that is managed within the company has become more important with brands increasingly leveraging first-party data. Social scientists refer to this phenomenon as the age of “information flows”. Users are demanding more control over their data. In turn, companies need to be upfront about their data policies and the measures they are taking to protect consumers. It creates a domino effect of users being more willing to share data which leads to building better user experiences and higher acceptance rates for marketing strategies. Ultimately, companies can expect high consumer lifetime values.


    More Like This