Recently, we reported on the outlook for state and federal data privacy regulations. The changing regulatory landscape we find affects the retail industry directly in several ways.  Often caught in the middle, merchants scramble to comply with changing data privacy laws while striving to build customer trust and maintain a competitive edge.

The digital revolution that empowers consumers with many shopping choices has fundamentally changed the retail business model. In response to changing consumer attitudes, retail industry leaders now seek a federal privacy framework to bring order and predictability to the evolving patchwork of state data privacy laws.

Proposed Data Privacy Law Guiding Principles

The stated position of the Retail Industry Leaders Association (RILA) on consumer privacy is that “data should be used responsibly to benefit customers.” They encourage policymakers to follow that principle when considering the practical impact on consumers of such a national privacy framework.

RILA’s Proposed Elements of a Practical Approach to Data Privacy Laws

  1. Customers should have reasonable control, access, correction, and deletion rights of their personal information.
  2. Preemption of state laws to set clear expectations for all consumers and reduce state-level burdens on interstate commerce.
  3. Accountability for every sector within the data ecosystem by enshrining responsibilities to consumers in law.
  4. A risk-based approach to privacy. Critical to this approach is a precise and targeted definition of personal information.
  5. Incentives like safe harbors for good faith actors to go beyond baseline privacy requirements.
  6. Retailers support fair, consistent, and equitable enforcement of privacy laws by an empowered Federal Trade Commission and State Attorneys General.

If accepted and incorporated into future federal data privacy laws, this approach would reduce uncertainty and simplify compliance for retailers. It would also clarify accountability for data breaches and empower consumers to control their own data. The overall effect on the industry should be increased consumer trust, a positive outcome for retailers.

Changing Data Privacy Laws

Finding the Privacy/Customer Experience Middle Ground

As always, retailers seek to gain and maintain a competitive edge. So, merchants who work with their payment service providers (PSPs) and industry partners to achieve compliance must also consider the customer experience to remain competitive. Their success depends on customers having the best possible omni-channel experience.

Providing that integrated experience across platforms and locations requires lots of data. Thus, how much of that data remains accessible to retailers will greatly affect the customer experience. So, it’s a tradeoff.

Privacy concerns push for less data while the customer experience that retailers seek to provide demands more. Hopefully, a reasonable middle ground can be achieved.

It comes down to data security, usage transparency and which data elements can be accessed and used to cultivate relationships with consumers. Retailers who rely on access to online buying, browsing, and purchasing behavior to personalize customers’ experiences must also retain their trust with effective retail data governance.

How Retailers Approach Changing Data Privacy Laws

A recent study by Deloitte surveyed retail executives and grouped respondents into three categories of their corporate approach to privacy:

  • Trust-focused, consumer centric leaders (32%). With a prominent, strategic privacy policy, they prioritize consumer privacy protection to build and maintain trust.
  • Adopters who test and aspire (41%). Working to increase their focus on privacy, the level of focus varies within the organization.
  • Process-focused, tactical laggards (27%). With immature and highly tactical controls, consumer privacy is not a business priority. They think of privacy as a legal and compliance issue and operate accordingly.

Changing Data Privacy Laws

Transparent Data Access and Control

Today’s consumers expect seamless experiences yet are wary of providing the data required to create them. Perhaps this is due to perceived and real data security threats. Hopefully, greater access and control over their data will enable retailers to maintain the data access they require.

With consumers more aware and educated to the data privacy issues and more states jumping on the privacy regulation bandwagon, the stakes are high.

What privacy rules state lawmakers will adopt is uncertain. But what consumers and retailers seek—transparent data access and control—is clear. Thus, merchants and regulators must work together to provide it. In the process of doing so, both groups’ interests remain protected and consumer trust grows.

Retail Technology and Data Privacy Experts

With decades of data privacy law and retail technology experience, Messaging Architects, an eMazzanti Technologies company, occupies the unique position of being qualified to assist retailers with both. So, count on our compliance and technology experts for help with important data governance and retail technology initiatives.

Also, look for eMazzanti Technologies at the NRF2021 Virtual Retail’s Big Show!

Download Article PDF