On Compliance: Do You Focus on the ‘Art’ or ‘Science’ of GDPR Consent?

virtual lock around GDPR data
By Eric V. Holtzclaw

4 minutes

You’ll be ahead if you go beyond just collecting required permissions to offering members choices and opening conversations with them.

You’ve seen it before, the long form you must sign before participating in a potentially dangerous activity, the checkbox at the bottom of an end user agreement before you can use a new piece of software, the numerous documents that are part of every major financial purchase.

These arduous processes are developed by companies in response to a regulation, an issue or advice from a lawyer. Not surprisingly, organizations are responding similarly to growing regulatory concerns such as General Data Protection Regulation, the proposed ePrivacy regulation and the California Consumer Privacy Act

In hopes of addressing the new regulations quickly and efficiently, enterprises err on the “science” side of consent collection while ignoring the “art” of consent collection. This is an important distinction because customer consent is the key that unlocks customer conversation and insights that drive a more meaningful exchange.

What is the “science” of consent collection? It is the technology, data and regulations surrounding such collection. These elements are well-defined, understood across a company, trackable, and can be readily reported both inside and outside the organization. 

While there is nothing inherently wrong with viewing consent this way, by only approaching preference and consent management scientifically, enterprises are only “checking the box”—doing the bare minimum to achieve a passing grade. And just because a company deploys technology doesn’t mean it fully addresses customer and business needs or the intended spirit of the laws. In fact, a science-only approach prevents organizations from benefiting from the best aspects of what consent management can offer.

In European countries, companies are more mature in their view and further along on the timeline of allowing customers to provide consent. Organizations in these locales realize that to get a bigger return on collecting consent, they must marry preference with consent management to offer an incentive. If there is no perceived value to the individual providing consent, why would they willing provide it?

By adding preferences to consent, companies allow customers to be specific with the types of communications, the cadence and the mode that they receive communications. This increased specificity is a building block for trust between companies and customers, ultimately establishing and bolstering a long-term relationship.

To achieve the greatest return on investment for addressing mandatory compliance requirements, organizations should include a focus on the “art” of consent and preference management. In doing so, preference and consent management drives initial adoption and results in the greatest long-term benefit. 

Companies that approach consent with the goal of empowering customer conversations focus on deploying implementations that drive more granular preferences across business units, applications, products, communication channels and desired frequency. This long-term perspective leads to healthy and profitable customer relationships. Such factors as timing, placement and design drive adoption by both the company and by its customers.

Aspects of deploying consent artfully include:

  • Consent spot collection: Instead of requesting consent via a singular checkbox or a long comprehensive form, consent is spread thoughtfully through the customer journey. Consent and preferences are collected from the customer at points that are significant–during registration, when looking for new products, etc. Taking advantage of these “moments that matter” increases the likelihood the customer will understand what they are agreeing to and increase their willingness to provide consent.
  • Ability to opt down: After consent is collected and communications are received, organizations that think of consent in broader terms provide well-designed and tailored forms that allow customers to opt down from communications they are currently receiving. These forms should be easily accessible from any customer touch point. A sophisticated opt-down approach is a step toward turning a would-be global opt-out into a more useful and specific opt-in.
  • Proactive suggestion: Based on customer behavior, lack of engagement with outbound communications or customer-driven actions, companies may offer alternatives to current modes, frequency and types of communications. This prediction of a potential change in consent increases the likelihood of maintaining some level of consent for continued communications.

Privacy technology must be considered with industry-specific and problem-specific best practices. For example, a financial services company needs the ability to collect consent across multiple channels, such as in-person interaction, while an ecommerce-only company does not. A one-size-fits-all approach will fall flat and ultimately negatively impact a company’s consent collection initiatives. 

The best way to successfully combine the science with the art of consent and preference management is to review and evaluate implementations based on real-world use cases. Spend time on competitive websites, follow the “unsubscribe” link in emails and study customer engagement best practices. Combining this research with an understanding of why your customers provide consent in the first place and how they benefit from doing so over their relationship with your company is the foundation for a winning approach.

Eric V. Holtzclaw is chief strategist of PossibleNOW, leverages powerful technology and industry-leading expertise to enable companies to listen to customers, remember what they like and dislike and respond in useful, personalized ways.. He’s a researcher, writer, serial entrepreneur and challenger-of-conventional wisdom. Check out his book with Wiley Publishing on consumer behavior – Laddering: Unlocking the Potential of Consumer Behavior. Regardless of your organization’s approach to addressing consent, download The Forrester New WaveTM: GDPR And Privacy Management Software, Q4 2018 report. This provides insight into vendors equipped to solve your organization’s unique consent challenges across the spectrum of science to art.

Compass Subscription