Skip to Main Content
Grip on Consent Management

How to Get a Grip on Consent Management

Have you heard about “privacy tech?” You probably haven’t, but you will because the way we manage data privacy and develop systems to respect the rights of people is rapidly changing. Privacy tech is technology that helps protect the privacy of users—a critical tool as businesses scramble to become compliant with new privacy guidelines and regulations.

Any business with an online presence must anticipate the cascading effects of data privacy regulations to prepare for what’s next. For now, to adapt to the changes, there are some things you have to do, should do, and could do to prepare for what’s next.

Our assumptions need to change

In recent years, data privacy laws have been enacted to regulate how information is collected, how data subjects are informed, and what control a data subject has over his information once it is transferred. These laws gave way to a series of requirements for managing individual-level preferences and consent. For instance, General Data Protection Regulation (GDPR) Article 7 outlines conditions for consent. “Where processing is based on consent, the controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data.” [1]

These laws protect us from potential abuses. It’s the easiest fix (aside from not collecting data in the first place), but it may not be the most thorough.

There is debate about whether or not informed consent is really possible, given so few of us would understand an “End User License Agreement” if we stopped to read one. Even if we did, is it fair to say that so long as a company asks for your permission, they can do whatever they want? Thus far, no one truly understands how consent management is going to evolve. Businesses haven’t had to worry about it because it was never a requirement—until now. And it’s forcing many to rethink what they know and want to know about customers.

After 20 years of trying to go from unknown to known, today the goal of the privacy movement is to figure out how to make the customer “unknowable” before you earn the right to their data. Many haven’t yet figured out how to do this.

Nothing to hide

“We do not need privacy because your actions as a person are questionable. We need privacy because our judgement is flawed.”

Max Kirby

Getting a handle on consent

In the old days, users would click on what they wanted to read or see. Now the web clicks back. The internet is now a scalable distribution network mashed together--a self-participatory way of testing problems. Chatbots and other AI-based interactions prove the internet is quickly becoming a well-paved two-way street. 

Data privacy recognizes the new nature of the relationship and places necessary guardrails to ensure that businesses do not objectify customers. The rules protect individuals and their individual dignity. But just as the internet turned into something we never would have expected, so will data privacy. These are the steps you can take to get ahead of what’s next:

Adopt a privacy mindset

When we used to talk about adopting a digital mindset, no one knew what that meant. We had to pause and digest the changes that were occurring at rapid speed. Fast forward and “digital mindset” is no longer a vaporous concept. It is now a regular way of thinking.

A privacy mindset will evolve in the same way. What was once foreign will become familiar, and we have to be open to new ways of thinking. The user is no longer an object to simply be acquired and retained. They are now becoming a “who.”

Look at how you expose information

As noted above, the internet is in a different form than it used to be. Before, it was like being on a safari (no pun intended), looking out from the vehicle at a vast land of users in the wild. Now, the user is in the room with you. This proximity doesn’t mean it’s easier to acquire them either. They can leave, they can force you to forget them, and they can stop you from tracking them down.

It means you have to get inside their mind on their terms. What information would they want you to know about them? What reasons are you giving them to want you to know it? You have to be polite and empathetic. Would you want your 13-year-old surveilled by a company and their data sold on the open market? Likely not. 

Don’t sell out

People are watching what you do with (their) data. Are you capturing customer data then selling it to other businesses to tap into a new revenue stream? Such disregard for your customer’s identities may tarnish your own brand identity, which has been your cornerstone of trust. Respect the data privacy rights of your customers because they expect it and they (and you) deserve it. If you don’t, they may choose a business that will. According to the Pew Research Center, more than half of adults in the U.S recently opted to not to use a product or service because they were worried about how much personal information would be collected about them.[2]

Data privacy is forcing a step change in consent management and the underlying technologies that help you gather it. Businesses must think about what they need to do to adopt new thinking, protect privacy, and respect how data is used and shared. As the privacy mindset becomes part of digital business, brands who lead the change will win the trust of consumers who have more at stake than ever. Expect to hear more about privacy tech.


Max Kirby
Max Kirby
Director of Digital Identity