Data Privacy: Navigating the New Norm

By : Camille Hayward

5/19/21

This is the first in a series of posts where we unpack key themes covered in The Essential Guide to Signal Loss for Digital Marketers. First, we take a closer look at some of the changes taking place across the data privacy landscape, and how that impacts advertisers.


Consumer Data Privacy is a hot topic for regulators and businesses right now. With multiple new laws either already in place, or set to go into effect, marketers now face new challenges when it comes to working with consumer data. That includes how they approach information that’s long been used, among other things, to personalize the customer experience, and for ad targeting purposes.

Personal Data Comes of Age

First, it’s worth noting that consumer data — someone’s unique personal identifiers — has been useful to businesses for a while now. It’s how marketers have built brands, products, and experiences tailored to their audience.

As the digital advertising ecosystem grew, personal data was collected using a virtual web of third party cookies and device IDs. As vast data banks filled with this information, it became an increasingly valuable resource for digital marketers looking to optimize their ad performance. This gave rise to programmatic advertising, and personalized ads that (for better or worse) seemed to track a user’s every digital move.

However, it wasn’t long before growing scrutiny over the world’s digital marketplaces raised questions in the minds of consumers and regulators about how personal data was being used.

The result is an evolving legal landscape that impacts how marketers can interact with consumers, but is also designed to help consumers to place greater trust in their favorite brands’ business practices going forward.

The Evolution of Data Privacy Regulation

So how did this all come about? Despite the current regulatory trend for ensuring personal data stays just that, things didn’t happen overnight. The forerunner of today’s privacy laws was enacted back in 2002, when a new regulation — commonly referred to as “The Cookie Law” — was adopted across the European Union (EU).

The Cookie Law prevented website operators from storing, accessing, and using data on a consumer’s computer without their consent. It also drew attention to the topic of data privacy among consumers, the business community, and other regulators by extension.

The law also set the precedent, among other things, for more sweeping privacy regulations in the region, known as the General Data Privacy Regulation (GDPR), enacted in 2018. The trend for increasing scrutiny over the use of personal data was born.

Soon, regulators around the world were adding their own twists to the Cookie Law’s blueprint, resulting in a patchwork of national and regional laws. Many of these laws apply to businesses based anywhere, so long as they collect, store, or share consumer data:

As you can see, regulatory authorities around the world have been busy creating a rich fabric of legislation. The table above is a starting point for exploring local legal changes, and how they apply to your brand.

In the US, privacy regulations relating to consumer personal data have largely been left to each individual state. In the absence of overarching federal legislation, US marketers will need to familiarize themselves with an increasing number of state-level regulations. Major new laws in bellwether states —like California’s wide-ranging CCPA and CPRA— have incentivized other states to join the privacy bandwagon.

Positioning Brands as Privacy Champions

At the same time as they limit access to customer data, these regulations have also created an opportunity for forward-thinking brands to become privacy champions. After all, at a time when consumers care more about their digital privacy, being seen to actively celebrate, raise awareness, and to show respect for that trend is a great way to demonstrate brands have got their back.

For marketers, Data Privacy Day is the perfect opportunity to do just that. Launched back in 2007, the EU established January 28 as annual Data Privacy Day, and it’s now observed in over 50 countries.

This year, for example, the National Cyber Security Alliance (NCSA) ran a high-profile initiative highlighting the state of the global data privacy landscape through the lens of the pandemic and other major events that have changed how people live, work, and interact. Now, as the world’s tech giants draw attention to their privacy policies alongside regulators, brands have a chance to highlight how their working practices safeguard consumers too.

Whatever your take on that, one thing’s for sure: as global regulation continues to evolve, this topic is set to stay top of mind for consumers and businesses for some time to come.


Privacy regulations are designed to protect personal data, and something all brands need to be aware of. Up next, we’ll take a look at the different kinds of data marketers typically work with, and how new restrictions on third party data are likely to influence what’s of most value going forward.

Ready to get deeper into the world of signal loss? Download the full eBook.