Blog

Privacy and data protection regulations impact the work of every advertising, marketing and PR communications professional around the globe – especially in healthcare and medicine. As the focus on privacy by consumers and regulators continues to increase, W2O’s team is tracking the most important news and changes that directly influence our industry, including the latest on legislation, new privacy technology, enforcement actions, analysis and thought leadership in privacy and data protection.

Here’s the news we’re paying attention to right now.

1. People wary of health technology over privacy issues

Recent research by Kantar shows that privacy and security concerns impact American’s willingness to use health technology. The survey included more than 1,000 adults and showed that while Americans believe that technology can help with their healthcare, only 38% believe there are proper safeguards in place. The findings indicate that adoption of health technology is hindered not by lack of innovation, but by lack of consumer trust.

Main TakeawayAs healthcare and technology become more interwoven than ever, the implicit trust that patients extend to their doctors and their medical organizations is being eroded by the arguably well-deserved privacy scrutiny that other industries are now receiving. Healthcare and medical organizations must think beyond HIPAA and embrace the privacy principles of transparency, choice, and accountability along with data protection and security.

2. Microsoft releases new service terms in response to Dutch GDPR investigation

An investigation by the European Data Protection Supervisor which identified “serious concerns” with Microsoft’s collection of data from Office 365 users has resulted in a change to the Microsoft Service Terms. The new terms and a Data Protection Addendum, which apply to all commercial customers globally, specifically exclude the processing of customer and personal data for the “purpose of profiling, advertising or similar commercial purposes”.

Main TakeawayMicrosoft has chosen to extend privacy tools and rights to all users, and not just European Users for the General Data Protection Regulation (GDPR), or California Consumers for the California Consumer Privacy Act (CCPA). Only four months after they launched new privacy tools in response to GDPR, the highest engagement with those tools came from millions of Americans. Brands with complex global operations should consider Microsoft’s example, including their embrace of privacy as a core principle and the extension of privacy tools and controls to all users, not just those in specific jurisdictions.

3. European Parliament discusses California’s CCPA for adequacy decision

The European Parliament recently discussed whether California could be considered for an “adequacy decision” under the General Data Protection Regulation (GDPR). The GDPR allows for the transfer of personal data to third countries where the commission has decided that third country ensures an adequate level of data protection. The question discussed was whether California could receive such an adequacy decision separate from the United States – which currently uses Privacy Shield as a transfer mechanism. The opinion from that group was that yes, the language of GDPR does allow for “territorial” application, and the CCPA could be considered for adequacy – although the scope of the hearing was not to actually determine that.

Main Takeaway Global marketing and communications professionals should be watching developments related to adequacy and Privacy Shield closely, as they govern the flow of data between the United States and Europe. The Advocate General of the Court of Justice has concluded that Standard Contractual Clauses (SCCs) are a valid transfer mechanism, and if Privacy Shield becomes invalidated, SCCs may have to become much more prevalent.

* The opinions expressed in this post do not constitute or represent legal advice. No liability is accepted by the authors or W2O Group for any action taken or not taken based on the information or any associated communications.


If you’re interested in learning about W2O, check out our About and Analytics pages.

Want to chat? Drop us a line.

Read More
Tags:

Few marketing communications disciplines have undergone as dramatic a transformation over the last 10 years as paid media. A decade ago, the most dominant form of media was linear television, with brands and agencies alike focused on advertising on cable and local television. Now, much of the content we consume is distributed via programmatic media and over-the-top (OTT) media services. Not only have the types of media changed dramatically, so have the technology and regulations. According to the latest Marketing Technology Landscape Supergraphic, 7,040 different technology solutions are available now for brands and agencies to buy. Ten years ago, we could never have imagined a world governed by the General Data Protection Regulation (GDPR) in the EU and the California Consumer Privacy Act (CCPA), which are fundamentally changing the way paid media is executed.

With great change, though, comes great opportunity. Paid media has never been riper for disruption. Increasingly, the conversation is shifting from “how much do we spend with the major networks in a given year” to “how do we leverage data and technology to reach our key audiences and deliver value back to the business?” This conversation shift is why W2O has rooted our paid media capabilities in being transparent, results-oriented, channel agnostic, global and agile so we can respond to changing market dynamics. These are all differentiators that clients want from a paid media agency partner.

The new conversation advertisers are having about paid media requires a different type of leader – one who understands the old model and how it’s broken and can adapt to the changing environment. At W2O, that leader is Jake Vander Linden, who recently joined the firm after spending the last 20 years at various media agencies. He brings a fresh perspective to building the right paid media activation model for W2O’s clients. We asked him to share his perspective.

Tell us about your background in paid media.  

I have an atypical background for W2O, which is great because this is a place that welcomes different backgrounds. I’ve spent most of my career at big holding company media agencies supporting clients in the consumer-packaged goods, automotive, travel and luxury, and beer and spirits industries.

I spent nearly eight years working in Asia – in the Philippines, China and Singapore – and then in Berlin before returning to New York about five years ago. I have provided communications planning as well as strategy and agency and account leadership. In everything I’ve done, I’ve enjoyed building things, whether opening a new office or building a team for a new client win. I love pitching new business and have been part of some remarkable new client opportunities.

I most enjoy, and have been most successful at, stitching together various capabilities or parts of an organization to make the product bigger than the sum of its parts – such as analytics and media or content partnerships.

What trends in paid media activation should W2O’s clients be paying attention to?

One of the biggest trends – and this is by no means a “new” trend – is personalization at scale. As an industry, we’ve been building the infrastructure to handle identifying and messaging to the right consumer, at the right time, and in the right way for a while now but it’s not really been applied as a lead strategy. Rather, it’s been a nice element below traditional media like TV. And that’s been easy to defend – most measurement tools, especially for CPG – are biased toward big, blunt force instruments like television.

At W2O, we have a unique opportunity for our clients to build a very addressable and response-oriented paid media system on top of our robust analytics framework. This type of innovation  can have a sizable impact on a communications plan.

Additionally, we have lived in an epoch of continuous fragmentation for years, and there are many incidental trends that create new opportunities to connect with audiences and build relevance – from podcasting to voice search and sonic marketing to technologies in digital health.

Increasingly, paid media is serving as a silo buster. Communicators and marketers alike are buying different forms of media. How do you see paid media serving as an integral part of the overall paid, earned, shared and owned media ecosystem?

Paid media can’t exist only to amplify content. It’s often one of the larger line items in a marketing budget and creates the biggest opportunities for an audience to see a brand or message. Specialization is important, but the reality is that audiences don’t consider silos when they are experiencing a brand or product or service.

I think it is particularly attenuated in healthcare. The information we deploy has much more gravity to peoples’ lives as it is used to inform important decisions so it’s imperative that we are linked up and consistent.

At W2O, paid and earned/social integrate closely, and we make sure our processes, briefing documents and reporting are consistent. I think we’ll see more patient-centricity even if our audience is a healthcare provider, and a deeper strategic understanding of the audience journey in communications as a way to prioritize and build plans across paid, owned, earned and shared media.

Paid media activation has become a very tech/data driven discipline. What is the interplay between technology and data, and the need to balance the opportunity to creatively explore reaching our core audiences?

There are a couple different ways to think about the tension between creativity and technology. Many articles have been published in the trade press about how we’ve lost our way as an industry by prioritizing creating versions of banners rather than focusing on creativity. From my experience, the demise of the Big Idea has been greatly exaggerated. I can’t think of a recent experience that didn’t prioritize content over distribution. And that’s fine as long as the idea is media agnostic and we have the flexibility to execute in a way that reflects what we know about the audience.

To reiterate what I said before about the audience journey, for many of our clients, we need to understand the practical nature of how audiences are making decisions and what content our PESO plans need to deliver. A lot of what we do begins with search, but we also need to make sure insights from our data analysis inform the creative idea upfront, so the creative outputs are that much richer.

What similarities and differences have you seen in paid media activation between the U.S. and other markets? 

The biggest difference is the speed of innovation. The U.S. is a very cautious market whereas many ex-U.S. markets, particularly in Southeast Asia, are very quick to identify opportunities to test and scale. Some of it is cultural, but it’s important to remember that the size of the U.S. means that mistakes can be very costly.

Overall, all media are local. Local customs, insights and language skills must be prioritized and leveraged. Relationships are fundamentally important when activating anywhere.

What’s a fun fact about you that you’d like people to know?

I’m an identical twin.


If you’re interested in learning about W2O, check out our About and Analytics pages.

Want to chat? Drop us a line.

Read More

The California Consumer Privacy Act (CCPA) comes into force in January 2020 (with proposed regulations released not long ago), and it gives California consumers and businesses both new rights and new obligations.

W2O recently held a webinar, moderated by Larry Dobrow, Senior Editor at MM&M, to discuss the Top 10 things organizations need to know about the CCPA.

Following is a recap of our recent webinar on the topic. You can also view the webinar recording here, or watch it below.

1. The CCPA applies to California residents. Specifically, it applies to “every individual who is in the state for other than a temporary or transitory purpose.” Most legal experts are assuming this means a resident as defined by the California tax code, although it’s not stated explicitly in the CCPA. There are a few possible methods of determining residency that organizations may consider, including using an IP address or a third-party verification service. Some organizations are simply treating all Americans as if they were California consumers.

2. Employees are mostly exempt – for now. In a last-minute amendment, CCPA has exempted all employees, job applicants and vendors of organizations subject to the CCPA until January 1, 2021. While organizations still must disclose to consumers the categories of information they collect, they do not yet have to respond to other requests such as requests to delete their personal data.

3. Not all businesses are subject to the CCPA. Only for-profit organizations that do business in California are impacted. The CCPA does not apply to government or non-profits. Also, at least one of three thresholds must be met – an organization must either exceed a gross revenue of $25 million, handle the personal information of 50,000 or more consumers / households / devices, or realize 50% or more of revenue from selling personal information.

4. The CCPA has new notice and disclosure requirements. Generally, this means that most organizations must update their privacy policies to include descriptions of new consumer rights, and disclosure of the categories of information they collect.

5. California consumers have new rights to their data. This includes the right to know what data is being held, what data is being sold, the right to request deletion of their personal data, and the right to opt out of the sale of their data. Those rights must be explained in an organization’s privacy policy, and businesses must enable direct consumer requests via a toll-free number, web form, email address and other methods.

6. Businesses must respond to consumer requests in a timely manner. Requests to know what personal data an organization holds and requests to delete that data must be acknowledged in 10 days and acted upon in 45 days. Requests to opt-out must be acted upon “as soon as possible” but no longer than 15 days.

7. Businesses must provide a specific opt-out of sale mechanism. That mechanism is prescribed by the CCPA to include a “Do Not Sell My Personal Information” link conspicuously displayed on the website, and a webform where a consumer can make that request.

8. Identity verification requires careful attention. Consumer identity must be verified, and the best case scenario is to use a secure customer account to do so. In the absence of an account, the regulations provide specific criteria. For example, requests to know categories of information must match two data points, requests to know specific detailed information must match three data points, and the consumer must provide a signed declaration that they are who they say they are. Verification for requests to delete personal data depend upon the sensitivity of that data.

9. Businesses using third-party information must ensure notice was provided by the source. Any organization using the data of a California resident that it did not collect directly from the consumer must either contact the consumer directly to provide notice or obtain an attestation from the source that notice was provided at the time of collection.

10. Collecting data from minors requires opt-in consent. The CCPA adds special rules for minors. The data of anyone under the age of 16 can only be sold with opt-in consent, or with the consent of a parent or guardian for anyone under 13 for both the federal Children’s Online Privacy Protection Act (COPPA) and the CCPA.

Bonus – 11. Privacy is good for business. Beyond simply compliance, privacy is now a key competitive differentiator. As privacy awareness has grown, consumers are actively seeking out brands they trust. Having a reputation as a business that protects consumers’ personal data will clearly differentiate a business from its competitors. When individuals know that their data is being used only in ways they expect, and in service of their best interests, the result is increased trust, loyalty and engagement.

While that trust is important in all industries, it’s particularly critical in healthcare. Delivering on the privacy promise at every stage of a relationship with a doctor and patient builds the trust required to make healthcare decisions – ranging the gamut from prescribing/taking a new prescription medicine to inserting/being implanted with a pacemaker or other life-saving medical device.

Healthcare and pharmaceutical companies must take proactive measures to build robust data privacy programs across every interaction and ensure that their audiences are aware of these steps. With marketing and communications now reaching so many patients and healthcare professionals, and with patient preference and marketing having a large impact on prescribing decisions, data protection and privacy has become one of the primary methods of building trust.

In addition to gains in audience trust and engagement, comprehensive data privacy and protection programs result in a plethora of other benefits. These include a reduced risk of data breaches, increased shareholder value, more desirable M&A positions, and higher operational efficiency, among others.

If your organization hasn’t yet embraced privacy as a fundamental value, now is the time to take action. The CCPA is the direct result of an increase in the public’s awareness, and it’s just the beginning. Multiple states have their own privacy bills coming soon, and a new and more robust ballot measure in California for 2020 is already being promoted for signatures. Organizations that take action now will be far ahead of their competitive set, winning audience trust and gaining market share.


If you’re interested in learning about W2O, check out our About and Analytics pages.

Want to chat? Drop us a line.

Read More
Tags:

Privacy and data protection regulations impact the work of every advertising, marketing and PR communications professional around the globe, and the focus on privacy by consumers and regulators continues to increase. W2O’s team is tracking the most important news and changes that directly influence our industry, including the latest on legislation, new privacy technology, enforcement actions, analysis and thought leadership in privacy and data protection.

Here’s the news we’re paying attention to right now.

  1. German Data Protection Authorities Create Fine Model – The German Datenschutzkonferenz (DSK), Germany’s joint data protection body, recently released a new model for calculating fines associated with the European Union’s General Data Protection Regulation (GDPR). The model is quite complex, with 24 pages of official explanation, and is likely to result in more frequent large fines near the top end of GDPR limits.

    Main Takeaway – While it is not yet clear if the high fines under the DSK model will be considered proportionate, large corporations that process large quantities of data – and particularly those that process sensitive data – should ensure their data protection and breach response programs are as robust and complete as possible.

2. Google Moves to Acquire FitBit, Raising Privacy Issues – Google’s multi-billion-dollar acquisition of FitBit will give it access to a variety of new personal health information. Google has stated it will not use Fitbit data for targeting ads, and privacy advocates are expressing concerns that the data could be used for other purposes. This acquisition will also likely increase federal and state regulators’ scrutiny of Alphabet for potential antitrust violations.

Main TakeawayGoogle has caused numerous privacy concerns over the last decade, due to excessive tracking and exposed data, which has eroded consumer trust. Brands that embrace data privacy and protection principles are building trust and getting ahead of their competitors. Marketers should consider data privacy a fundamental component of their key value proposition.

3. Another Federal Privacy Bill Proposed – A new federal privacy bill proposal from two California House Representatives would lead to the creation of a new Digital Privacy Agency to enforce rights. The bill, in some ways similar to the GDPR, would give consumers rights of access, correction and deletion. It would also prohibit the use of third-party data to reidentify individuals, and bar the use of “private communications” such as email contents and web traffic for advertising.

Main Takeaway – Multiple federal bills from both sides of the aisle have been proposed recently to consolidate existing federal laws and override the burgeoning number of different state laws, such as the California Consumer Privacy Act, but none have proceeded beyond the proposal stage. Brands and marketers should be prepared to deal with a patchwork of state-level privacy laws until federal legislation is passed.

* The opinions expressed in this post do not constitute or represent legal advice. No liability is accepted by the authors or W2O for any action taken or not taken based on the information or any associated communications.


If you’re interested in learning about W2O, check out our About and Analytics pages.

Want to chat? Drop us a line.

Read More
Tags:

W2O recently hosted our second annual, Marketing Science Summit. The purpose of this event is fairly straightforward: to create a space for pioneers in the market research, social analytics and digital marketing fields to share the latest trends in marketing science, with a focus on the healthcare and tech industries.

From leveraging to data to the evolution of AI, there were plenty of key learnings from this year’s summit. I summed up the five that stood out to me below.

1. In healthcare, we’re dealing with data that isn’t really clean, nor does it connect easily.

Liz DeMatteis, Chief Marketing Officer, Aetion made a great point about this notion. She highlighted that the quest should not be perfect data, but rather the perfect understanding of the imperfections of the data. Imperfect data can still be used to fuel effective decision making

2. There have been significant advancements in Artificial Intelligence over the past decade.

From robotics to voice recognition, AI has continued to rapidly develop according to Tom Mitchell, E. Fredkin University Professor of Machine Learning and Computer Science at Carnegie Mellon University. What we always wonder about is whether or not those advancements will slow? The reality is that the advancements in machine learning and AI are only going to accelerate the continued innovation in these areas.

3. Digital data can be used effectively to understand physician behaviors.

We can all agree that digital and social information serves as a really effective data source. However, in order to truly understand physician behavior, we need to triangulate multiple data sources. Audun Utengen, Chief Executive Officer of Symplur noted, it’s important that we don’t overly rely on a single source of data when we’re making decisions.

4. Usage and data collection is still in its infancy.

We still have varying stages of maturity with data, the data doesn’t always connect very easily. Additionally, we consistently are getting more and more data, there are new decisions that can be made with the data, there is new legislation and other key factors. Once we solve one potential issue another pops up, so it’s important we work together to solve these challenges.

H/T: Joerg Corsten, Global Medical Information Leader of Roche

5. Data can fuel creativity.

We at W2O talk a lot about following the data to get to the point. While we advocate and practice for data driven creativity, one point that’s worth accentuating is that data is a guide, it isn’t a vice. Thank you Ellen Gerstein, Director of Digital Content, Pfizer and Mary Michael, Vice President, Patient Advocacy and Stakeholder Management of Otsuka, for highlighting that point.

That’s a wrap for the 2019 Marketing Science Summit! Thank you to our speakers and attendees for making this event a success, we look forward to seeing you next year.


If you’re interested in learning about W2O, check out our About and Analytics pages.

Want to chat? Drop us a line.

Read More

Contributions by Kathrin Harhoff

When it comes to digital maturity, there is no more reassuring concept than a well-conceived roadmap. Roadmaps are designed to bring clarity to an inherently uncertain process. A roadmap also suggests a specific destination, but, as we’ve already discussed in the first section of this series, digital maturity is an ongoing process.  

In practice, a roadmap can be very different. Often a grand vision is presented to senior leadership as a roadmap, leaving the team on a path forward that is difficult to negotiate. Conversely, a roadmap can become overrun with minutia to the point where it’s unreadable and susceptible to the smallest pivot. 

We advise clients on drafting a roadmap that is clear enough to communicate the vision of digital maturity, but flexible enough to hold up to any changes in environment, priority, or technology.   

1. Start with Goals, Strategic Initiatives, and Tactics

In last week’s section of this series, we discussed how to set up goals. Conveniently, these goals, strategic initiatives (SI), and tactics will inform your roadmap directly. Start by laying out your high-level goals and prioritizing them. Assign SI to the goals they support. If you do not think your current set of SI will complete your prioritized goal, don’t worry, you’ll have an opportunity to add more in later. Here is an example of what one digital maturity goal might look like.  

Goal 1. Move approval process from paper to digital  

SI 1Complete RFP of digital approval vendors 

SI 2Onboard vendors 

SI 3Pilot with one department 

SI 4Roll out 

2. Create a Backlog

You may hear a backlog referred to in different ways, but the general idea is that you need a place to store ideas that are not fully formedYou’ll regularly go back to the backlog and flesh out these conceptsTo put meat to the bones of these ideas, you will need the major stakeholders and the people executing the digital maturity to work in one room. We often see that these sessions can contain a lot of back and forth, but the end result is an entire team that has a single vision of the path forward. Once this is achieved, these new items can be inserted into the roadmap. 

3. Be Flexible

The number one mistake when constructing a roadmap is locking a team into a year’s worth of work that is likely to change in three months time. To avoid this, make sure to align the specificity of the roadmap item with the timing of its execution. In the example above, the high-level goal of “Move approval process from paper to digital” can be scoped out to twelve or eighteen months. However, specific tasks under any of the SI, for example, “Open ticket with IT” will only be brought into the roadmap weeks in advance. The result will be constant goals with SI that span a few months and tasks that quickly come into the roadmap before they are completed.  

4. Socialize with Frequent Updates

Once the roadmap is in good shape, it should be socialized with management to gain alignment. Additionally, we often work with clients to use roadmap socialization as an opportunity to gain excitement with other internal stakeholders. Because the roadmap is updated frequently, it should also be shared on a regular basisusually quarterlyto show how the digital maturity journey is evolving. In this way, the roadmap becomes not only the path forward for the team(s) involved in digital maturity efforts, but also the main socialization vehicle.   

Key Takeaways:

  • Formulate a clear plan that is flexible enough to tolerate any unforeseen changes. 
  • Establish goals, strategic initiatives, and tactics. 
  • Create a backlog of underdeveloped ideas that can be revisited and enhanced. 
  • Frequently share updates with interested parties.  

If you’re interested in learning about W2O, check out our About and Digital pages.

Want to chat? Drop us a line.

Read More

If you were to ask a marketer or a communicator today to define their role you might likely hear one or all of the following responses:

My job is to protect the reputation of the company.

The primary function of marketing and communications is to build the brand

It is very important that we focus marketing and communications on generating sales

It’s all digital.  So, we must conflate several roles when it comes to translating data into insight to better connect with customers

Obviously, there are several variations within each of those statements, but if we were to simplify it even further the traditional role of marketing and communications is to protect the reputation of the company, build the brand and grow the business. This has been the case for decades, even as the number of channels they use in order to do those three things has proliferated at an incredible rate of speed.

But that was yesterday.  In 2019, the world is officially digital.  Customers and employees direct the relationship. As such, reputation, while important, is no longer the measure of organizational sustainability.

One of the reasons is that channels have grown exponentially. It is not hyperbole to say that digital media (in all formats) has fundamentally changed how we reach our customers. Not only that, it has fundamentally disrupted business model after business model. In the last 15 years, 52% of companies listed on the S&P 500 have disappeared. It is predicted that, by 2027, 75% of those companies currently listed will also disappear. One would imagine the companies that have disappeared had marketers and communicators focusing on protecting reputation, building the business and the brand, right?

So, if that’s the case, why are they no longer in business?

It’s our perspective that in a social/digital world companies that are not connecting or engaging with customers, consumers, employees meaning they lost relevance with the people who could shape the brand and move the business. As digital consumers, which is almost all of us these days, we know we are constantly bombarded with content from all sorts of companies. Keeping track of it all is next to impossible, unless what those companies are delivering to you is relevant to your interests. The companies that maintain a high level of relevance with their key stakeholders are constantly mindful of closing the gap between what they want to say and what their stakeholders want to hear.

As part of this year’s Chicago Ideas Week, we wanted to further explore this concept with two companies, Horizon Therapeutics and Walgreens, that excelled in driving relevancy with its key stakeholders. Representing these two companies were Kelly Rothschild Jansen, Director of Corporate Communications & Content Strategy for Horizon, and Suzanne Barston, Director of Digital Communications and Corporate Storytelling for Walgreens. During the session, both shared their perspectives on how each of their organizations is driving relevancy and gave tangible tips for other companies who may be just starting their relevance journey.

While it’s always difficult to distill a 60-minute presentation down to a few takeaways, there were three key themes from Suzanne and Kelly that bubbled to the surface:

Suzanne’s Key Takeaways:

  1. In order to be relevant to key stakeholders, organizations need to let of the things that could go wrong. If you are waiting for the perfect moment, you are likely missing an opportunity to test and learn what your stakeholders find relevant.
  2. Driving relevancy is about understanding the data, specifically understanding what your organization is putting out into the market versus what your stakeholders want to hear.
  3. For companies that are looking to be more relevant, it’s about identifying the intersection between reputation and relevance.

Kelly’s Key Takeaways: 

  1. When we think about driving corporate relevancy, the critical things that matter are authenticity, connection and storytelling.
  2. Organizations need to be thinking about relevance as a journey. Things like creative, bold and compelling storytelling take time to develop.
  3. If there were one key to driving to driving relevance it would be telling stories.

Walgreens and Horizon are two organizations that really understand what it takes to be relevant. If your organization is just starting its relevance journey, you would be well-served to connect with Kelly and Suzanne to get their tips!


Want to learn more about W2O? Check out our About page and Service page.

Read More

Privacy and data protection regulations impact the work of every advertising, marketing and PR communications professional around the globe, and the focus on privacy by consumers and regulators continues to increase. W2O’s team is tracking the most important news and changes that directly influence our industry, including the latest on legislation, new privacy technology, enforcement actions, analysis and thought leadership in privacy and data protection. 

Here’s the news we’re paying attention to right now.  

  1. California AG Releases Proposed CCPA Regulations 

The California Attorney General has released proposed regulations for the California Consumer Privacy Act (CCPA). The AG will now hold a series of public hearings to hear statements and comments, and has indicated that final rules are not expected until the spring of 2020, with enforcement beginning July 1, 2020. The regulations cover new notice requirements, deadlines for dealing with requests and more.

Main Takeaway  While the regulations are not yet final, brands should be taking action to prepare for compliance now, starting with a full audit and creation of a data map along with a review of vendor agreements and the development of operational privacy processes. While many organizations do not yet have a robust privacy practice, studies are already showing that those who embrace privacy will be ahead of their competitors.

2. Senator Ron Wyden Proposes Data Privacy Bill

While there have been a few attempts at a federal privacy law in congress this year, few have garnered much attention – until October 17th when Senator Ron Wyden, a democrat from Oregon, proposed legislation called the “Mind Your Business Act”. It is an update to a proposal Wyden made last November, and is partially a reaction to the FTC’s $5 billion Facebook fine, which many considered a slap on the wrist. This new proposal now includes a 4% of annual revenue fine, similar to the Europe’s GDPR, and include 10 to 20 years in prison for senior executives.

Main TakeawayWhile Tech and other industries have lobbied congress for (somewhat lax) federal privacy legislation, proposals like Wyden’s are getting more and more punitive, rather than less. While it may still be some time before a federal law comes into force, the court of public opinion is becoming ever more strongly in favor of privacy protection. Brands who choose to invest in privacy are clearly seeing business benefits as a result.

3. European Data Protection Supervisor (EDPS) Findings Indicate Microsoft not in Compliance with GDPR

The EDPS, which monitors the processing of personal data in European institutions in cooperation with country-level data protection authorities (DPAs), released initial findings this week from an investigation into Microsoft. “Though the investigation is still ongoing, preliminary results reveal serious concerns over compliance of the relevant contractual terms with data protection rules and the role of Microsoft as a processor for EU institutions using its products and services. The investigation began in November 2018, the Netherlands DPA claimed that over 25,000 events with personally identifiable information were recorded by Office 365 and sent to Microsoft servers.

Main Takeaway Regulators across Europe are starting to hand out larger fines. Organizations both large and small that have not done so should be developing robust data privacy programs that not only reduce the risk of non-compliance, but also acts as a key competitive differentiator. 


If you’re interested in learning about W2O, check out our About and Analytics pages.

Want to chat? Drop us a line.

Read More
Tags:

Contributions by Kathrin Harhoff

This is part four in our seven-part series on digital maturity. If you’d like to start from the beginning, find the first article here. 

Goals are often one of the most talked about, and least defined, topics within any organization. When it comes to digital maturity, goals can be an even more nebulous concept than in many other areas of the business. This is because digital maturity itself is often difficult to define. While there are many frameworks for establishing goals, our experience has been that a simple Goals, Strategies, and Tactics (GoST) framework is the most efficient and effective.  

Goal Setting and Strategies 

In this framework, a team starts with one or two highlevel goals. In the case of digital maturity, this could be something like, transition department to omni-channel marketing.” Goals should be ambitious but achievable, well defined, and measurable. Each goal should have a rough timeline of about a year to accomplish. If goals take longer than a year, they should be re-confirmed annually and aligned with all stakeholders.  

Strategies are large initiatives that directly support the defined goals. They should encompass an entire deliverable that is independent of other initiatives. An example of strategies could be implement a training program for new marketing software.” These strategic initiatives (SI) should provide value in and of themselves but also combine with other SI to contribute more broadly to digital maturity. They should take anywhere from three months to one year and be aligned by stakeholders who are directly impacted.  

The Importance of Tactics 

Tactics are the individual actions that support each SIThey should:  

  • Be well defined in terms of ownership, timeline, and success criteria.  
  • Be assigned to individual team members and, when taken together, they complete the SI. Examples of tactics are map consumer journey or finalize creative assets.”  
  • Have a timeline that is no longer than a month.  
  • Be aligned by the stakeholders of the SI they support. 

Many times, organizations have multiple existing goals, strategies, and tactics in place by the time they start on their digital maturity journey. Our suggestion is to plug these items into the GoST framework and see how/if they support your organizations digital ambitions. Next, work with the entire stakeholder team to modify and/or replace items that do not help progress digital maturity. Lastly, fill in all goals, SI, and tactics for the next twelve months. We find that guiding clients through a workshop is the most efficient way to complete this process.  


If you’re interested in learning about W2O, check out our About and Digital pages.

Want to chat? Drop us a line.

Read More