"I do think that that's a problem," said DMA President-CEO Linda
Woolley regarding the apparent lack of stringent marketing data
security. Data governance encompasses methods for protecting data
security and privacy, and can involve things as complex as
responsibly merging data sets or as simple as rules like "don't
email databases," said Ms. Woolley.
The study, "The New Rules of the Road: Marketing Data Governance
in the Era of 'Big Data,'" conducted by Winterberry Group, found
that 55% of respondents said challenges involving internal
processes and marketing operations are barriers to getting their
data governance ducks in a row. Cost is also a deterrent from
implementing a comprehensive data protection strategy; 45% cited
cost considerations as a barrier.
"They're having that revelation that this is expensive," said
Paul Chachko, CEO of V12 Group, a marketing data provider. He
added, they are also realizing, "We have to invest in our privacy
or else we're going to get caught with our pants down."
Other issues preventing companies from a strong data governance
strategy include a lack of executive level support, and a lack of
the right staff to do the job.
Data brokers and companies that manage and sell data typically
have stringent data governance processes in place, said Mr.
Chachko, who said V12 Group has a privacy attorney and a staff
of five people who evaluate the privacy policies of partners it
acquires data from.
Small to mid-size brands "may have all the good intentions in
the world, but they don't have the systems in place to do it well,"
he said.
A "major insurance marketer" stated in the report, "I don't
think [at the corporate level] they think too much about data
governance. I think there are privacy and protection protocols, but
I don't think there's a universal approach to data." Names of the
firms questioned for the report were not made public.
The highpressure atmosphere has some marketers too scared to
make a move, suggests the report. "Some marketers complain that
senior management has become effectively 'gun shy' about testing
new data applications, even when a compelling business case exists
to do so, because they fear they may ultimately be subject to a
costly and unavoidable breach that would irreparably harm consumer
trust in their brand."
A marketing manager from a "major retail network" is quoted in
the report stating, "Following our breach we're hyper-cautious. In
terms of marketing, there's always stuff that we could be doing
better, but the company now feels at what cost? We're not willing
to take the chance or risk the customer data or those
relationships."
The
Government Accountability Office, the Federal Trade Commission
and the Senate Commerce Committee each are conducting inspections
of data brokers. However, Ms. Woolley played down the influence of
regulatory pressures. "Is this [report] driven by the regulatory
landscape? No not really," she said.
The DMA launched a three-day data governance certification
program about a year ago. "Not everybody passes it, I might add,"
said Ms. Woolley.
The report can be downloaded here.