Government is bearing down on data brokers and the data-centric digital ad industry, pressuring marketers to ensure the consumer information they collect and store is safe. But that doesn't mean it is. A report commissioned by the Direct Marketing Association reveals that obstacles such as cost considerations and internal operations stand in the way of comprehensive data governance for companies in an array of industries including auto, CPG, telecom, and even highly-regulated industries such as healthcare and financial services.
Nearly 90% of execs surveyed for the study say they are dependent on consumer data for their marketing efforts, and 79% said their firms "would benefit from more sophisticated, strategic data governance approaches." And, while marketers are gathering more proprietary data than ever through loyalty programs, social media and other sources, they don't always have measures in place for safeguarding that data.
"I do think that that's a problem," said DMA President-CEO Linda Woolley regarding the apparent lack of stringent marketing data security. Data governance encompasses methods for protecting data security and privacy, and can involve things as complex as responsibly merging data sets or as simple as rules like "don't email databases," said Ms. Woolley.
The study, "The New Rules of the Road: Marketing Data Governance in the Era of 'Big Data,'" conducted by Winterberry Group, found that 55% of respondents said challenges involving internal processes and marketing operations are barriers to getting their data governance ducks in a row. Cost is also a deterrent from implementing a comprehensive data protection strategy; 45% cited cost considerations as a barrier.
"They're having that revelation that this is expensive," said Paul Chachko, CEO of V12 Group, a marketing data provider. He added, they are also realizing, "We have to invest in our privacy or else we're going to get caught with our pants down."
Other issues preventing companies from a strong data governance strategy include a lack of executive level support, and a lack of the right staff to do the job.
Data brokers and companies that manage and sell data typically have stringent data governance processes in place, said Mr. Chachko, who said V12 Group has a privacy attorney and a staff of five people who evaluate the privacy policies of partners it acquires data from.
Small to mid-size brands "may have all the good intentions in the world, but they don't have the systems in place to do it well," he said.
A "major insurance marketer" stated in the report, "I don't think [at the corporate level] they think too much about data governance. I think there are privacy and protection protocols, but I don't think there's a universal approach to data." Names of the firms questioned for the report were not made public.
The highpressure atmosphere has some marketers too scared to make a move, suggests the report. "Some marketers complain that senior management has become effectively 'gun shy' about testing new data applications, even when a compelling business case exists to do so, because they fear they may ultimately be subject to a costly and unavoidable breach that would irreparably harm consumer trust in their brand."
A marketing manager from a "major retail network" is quoted in the report stating, "Following our breach we're hyper-cautious. In terms of marketing, there's always stuff that we could be doing better, but the company now feels at what cost? We're not willing to take the chance or risk the customer data or those relationships."
The Government Accountability Office, the Federal Trade Commission and the Senate Commerce Committee each are conducting inspections of data brokers. However, Ms. Woolley played down the influence of regulatory pressures. "Is this [report] driven by the regulatory landscape? No not really," she said.
The DMA launched a three-day data governance certification program about a year ago. "Not everybody passes it, I might add," said Ms. Woolley.
The report can be downloaded here.