Thursday, December 21, 2006

Simple Reminder

I just came across an interesting story from yesterday’s Chicago Tribune. Seems a resident of Chicago’s West Side was able to pilfer some financial documents from a dumpster outside the offices of SFX Baseball. The story made the news because SFX Baseball handles contract negotiations and other financial matters for professional baseball players, and the suspect in this case had accumulated PII on 91 major leaguers, including stars Jim Thome, Moises Alou, and Pedro Martinez.

The story should serve as a reminder to everyone of the importance of shredding any and all documents that might provide ID thieves with a piece of your identity puzzle.

You’ve got to wonder what the folks at SFX Baseball were thinking when they didn’t shred. It’s one of the simplest ways to protect against data and identity theft. Shredders are cheap, and there are even shredding services that will come to your office to ensure proper disposal of documents.

Heck, in some places you can even find shredding kiosks where, for a little pocket change you can buy a few minutes of heavy-duty shredding.

I’ve gotten fed up with tracking each new data breach story. There have been so many that I’d end up with a terminal case of carpal tunnel syndrome if I commented on each one, but this one caught my attention, and because the holidays are a time when people seem to be handling more financial documents than usual, it was a convenient excuse to provide a simple reminder to shred.

It’ll be interesting to see SFX Baseball’s reaction to this boneheaded blunder.

Monday, December 18, 2006

Speaking Their Language

Recently, during a conference call in which I and a number of privacy luminaries discussed the challenges of integrating privacy-related strategies within marketing campaigns, the conversation turned to language.

I’ve discussed this phenomenon a few times in the past, but in this instance it became clear that successfully communicating privacy’s value is about more than simply expressing facts and figures to colleagues, but about understanding and speaking in their language.

What does that mean? Marketers want to know that what you are selling as a privacy advocate means higher conversion rates for their efforts. They aren’t as worried about compliance as you are because that’s a check box, not a strategic initiative. They need a compelling argument to convince them that they can be more successful at what they do. Making the case that following a few simple guidelines will establish a trust-based relationship, and that a trust-based relationship is a more profitable relationship is the key. Give them the data, such as studies by Ponemon and Yankelovich, then show how you will work with them to achieve desired results.

This is a challenge that extends well beyond the bounds of the privacy community, mind you. Seeing things from the other guy’s perspective, anticipating questions and taking the burden of proof upon yourself in order to establish the terms of debate is the way arguments are won.

Recommendation: Be sympathetic to the challenges your colleagues face and take the initiative to be a partner in solving problems. Don’t assume that, because you understand the issue, your colleagues will, too. Make your case, commit to working with them on their terms, then follow-through.

Friday, December 01, 2006

The Quest for the Holy Grail

A recent article in The NewStandard, which bills itself as an independent online newspaper untainted by the corrupting influence of corporate mammon, carried an article dated November 27 with a provocative headline:

"Marketers Still Free to Stalk Consumers Online"

Written by Megan Tady, the, article describes the activities of Internet companies and online marketers as “predatory behavior,” and reports that the US Public Interest Research Group (US PIRG) and the Center for Digital Democracy (CDD) have filed a 50-page complained with the FTC in an effort to enlist the aide of the feds to put a stop to their attempts to achieve one-to-one communications with consumers.

What a bunch of nonsense.

The complaint is based on the faulty premise that interactive marketing, by definition, requires that companies spy on consumers. It's ridiculous and dangerous assumption, and one that ignores the concept of customer choice. It also removes a huge incentive for companies to place a premium on treating customer information with respect.

I often shop for fly fishing gear at the online properties of Orvis, LL Bean. I have done business with both stores for years, I trust both to respect my personal information, and when they communicate with me, I’d rather they stick to telling me about the stuff I’m most likely to buy. And as long as that trust is not violated, I’ll continue to do business with both companies and to provide them with information about my preferences so they can better serve my needs.

Orvis and LL Bean don’t need to “spy” on me because they’ve earned my trust. That trust translates to a competitive advantage.

In effect the article attacks the holy grail of marketing by saying that companies, rather than target customers and potential customers with highly specific messaging, should instead go back to the mass mail model – send postcards to tens of thousands of "residents" in a particular zip code and hope for a strong enough return to make a profit off of the effort.

In marketing they call it “spray and pray,” and it is far more maddening than behavioral targeting. Regulating away a company’s ability to target based on behavior would be counter productive; it would eliminate an important tool that responsible companies are already using to provide consumers with better service.

Behavioral targeting isn’t about spying, it’s about two-way communication and it’s about achieving a positive one-on-one experience.