“We value your privacy” is one of those meaningless marketing phrases, like “your call is very important to us” or “we’re all in this together”, where actions speak louder than words.
A Deloitte survey found that 91% of US consumers consent to terms of service without reading them. For younger consumers 18-35, this was even higher, at 97%.
Last year, an organization called ProPrivacy demonstrated this in a funny way. They offered $1 to people to take a survey, which asked them to read and accept a set of T&Cs. These included naming rights to their firstborn children, access to airspace over their properties for drone traffic, and permission to give their moms full access to their browser history. ProPrivacy found only 1% read the T&C’s closely enough to catch these clauses before accepting them.
This puts into context the current state of “notice-and-consent” privacy policies. Post-GDPR, most websites have turned into a minefield of privacy pop-ups no one really reads or understands.
This week, FTC Commissioner Rebecca Kelly Slaughter gave a speech on the state of digital advertising at the BBB National Advertising Division conference that could be a preview for the future of privacy compliance. She argued that “notice and choice is not enough” and that advertisers will have to shift to “data minimization.” As she put it:
“We are all surveilled, tracked, targeted … and too often our choices are manipulated and limited. This is not the result of the expression of informed preferences in a well-functioning marketplace.”
This is a good time for forward-thinking brands to prepare for what could come next.