Upload
icrossing
View
1.036
Download
7
Embed Size (px)
DESCRIPTION
Sam Zindel, Sam Fenton-Elstone, Caroline Roberts and Adam Lavelle present your Big Data Opportunity at iCrossing UK Client Summit 2012
Citation preview
#iCCS12
:
#iCCS12
State of Play
Source: Big Data Insight Group – Industry Trends Report March 2012
State of Play
Source: Big Data Insight Group – Industry Trends Report March 2012
10
11
apache.hadoop.org
17
18
iCrossing UK
Client Summit
Thursday, 17th May 2012
Caroline Roberts
Director of Public Affairs
The Direct Marketing Association
• Europe’s largest national trade association in the marketing and communications sector
• 920 corporate members –suppliers, agencies and clients who use dm
• Client members include major blue chip UK (or operating in UK) companies, e.g. Readers Digest, News International, Barclays Bank, American Airlines, Virgin Media, Save the Children, British Gas, the main political parties, Microsoft, Marks & Spencer PLC
• Supplier members include list brokers, email marketers, mobile marketers, social media, mailing and fulfilment houses, creative agencies, etc.
• Services include: lobbying; legal advice; events; research; self-regulatory mechanisms; business development opportunities
• 50 staff - offices in London, Edinburgh, Bristol and Manchester
Two major pieces of legislation on data use
• EU Draft Data Protection Regulation
– A proposal from the European Commission to
update EU Directive 95/46/EC now beginning its
passage through EU institutions
• Privacy and Electronic Communications
Regulations 2011
– EU Directive 2009/136/EC
– Enacted 26th May 2011
– Will be enforced from 26th May 2012
Draft EU Data Protection Regulation
• Where are we now
• Background to the proposal
• Key points in the proposed Regulation
• Influencing the legislation
Where are we now?
• European Commission published draft Data Protection Regulation 25th January 2012
• Consultation process since May 2009
• Ministry of Justice Call for Evidence Jan-Feb 2012
• Jan 2012 – 2014?? – European legislative process
• ?? 2016 – New Regulation in force
Why revise the law now?
1995 European Directive ( implemented into UK by 1998 Data
Protection Act ) showing its age due to:
1) Law doesn’t take account of new technologies – and more
complex information networks: interconnected data rather than
held in databases
2) Lack of common European law and differences in national
implementation
3) Consumer concern over privacy – high profile data security
breaches, etc.
Key points in the draft Regulation
Opt-in and opt–out - obtaining consent
• General rule for direct marketing – “explicit consent by clear
statement or affirmative action” . Much more prescriptive.
• Possible legitimate interests exemption ?
• Legacy databases – what about data collected under current law?
• At worst, if consent cannot be proved, whole databases could be scrapped.
• At odds with existing rules on voice calls, email and SMS marketing
• Would almost certainly lead to requirements for increased opt-in mechanisms
Increased burdens on business
Decrease in functionality of many consumer-friendly services
Key points in the draft Regulation
IP addresses and cookies
• Definition of personal data extended so could cover
some IP addresses and cookies
• But IP addresses identify a device not an individual +
some IPs are general, e.g. in a library or internet cafe
• Huge implications for digital marketers
• Web analytics & profiling made much more difficult, if
not impossible
• Interaction with new cookie rules
Key points in the draft Regulation
The right to be forgotten
• Right for individuals to request organisations to delete any information held on them
• Drafted with social media in mind – but goes beyond this
• For dm, there is an obligation to suppress, rather than delete, i.e. “need to keep to remember to forget”.
• Also problem of information which has already been passed on to third parties
• Possibility of misleading consumers by raising unrealistic expectations
• Need to strike more reasonable balance between consumer expectations and limiting use of data for legitimate business purposes.
• A possibility that dm might be OK - but this needs to be clarified
Key points in the draft Regulation
Data Breach notification
• Every organisation that suffers a data security breach
would have to notify Information Commissioner’s
Office and the individuals concerned within 24 hours
• Not always obvious if there has been a breach or how
extensive it is
• Problem of notification fatigue, so individuals could fail
to take action when it is necessary to do so.
• No threshold level specified.
Key points in the draft Regulation
Subject Access Requests
• Data subjects to be able to request full information on
data held on them free of any charge
• Currently can levy a £10 fee – doesn’t cover cost but
deters time-wasters, frivolous or vexatious requests.
• Costs organisations £50 million p.a. now to meet SARs
• Proposal that can provide data in electronic form if data
subject agrees to this
Key points in the draft Regulation
- Marketing to Children
• General rule – parental consent required for
under 18’s
• Exception for online marketing to children
under age of 13
• No flexibility – a risk-based approach would
be better.
Key points in the draft Regulation
Compliance obligations
• Data protection obligations now shared between agencies
and clients, for example if holding client’s database
• Appointment of designated Data Protection Officer for
organisations with 250+ staff
• Accountability/Privacy by Design/Privacy by Default
• Increase in fines/sanctions – in stages, of up to 2% of
global turnover or 1 million euros
• International transfers of data outside EEA – law would
apply to any processing of data or EU citizens. Not always
possible to tell.
Key points in the draft Regulation
Further delegated legislation
• Much of the detail of the Regulation will be implemented through
additional delegated legislation – some 45 Delegated Acts are
mentioned.
• Details of this secondary legislation will not be clear until Regulation
passed
• These areas of secondary legislation will include:
• powers to specify further procedures
• technical standards for Privacy by Design/Default
• specification of lawful processing condition
• additional responsibilities for national data protection
authorities; etc.
• European Commission will be taking significant powers to itself away
from the national authorities - raises serious issues of subsidiarity and
accountability
EU Draft Data Protection Regulation
- DMA View
• DMA welcomes the Commission’s aim to reduce red tape and
simplify bureaucracy – but proposals do not achieve that:
overly strict, bureaucratic and unworkable
• Hard to say how Commission’s estimate of 2.3 billion euros
saving to businesses was calculated
• Needs to be a fair balance between privacy and legitimate
business interests
• Current proposals will stifle innovation, add considerably to
business costs and place unnecessary obstacle to e-
commerce jobs growth
• Will be particularly harmful to SMEs
Influencing the legislation
• DMA is:
– Lobbying UK Ministers in MoJ, DCMS, BIS who represent UK in EU Council of Ministers – now meeting in Working Group
– Leading UK Data Industry Group response to the proposed legislation & participating in CBI Group on Data
– Working with Federation of European Direct and Interactive Marketing Associations (FEDMA) in Brussels leading collective EU dm effort
– Lobbying MEPs – particularly on Civil Liberties Committee, and Internal Market and Trade Committees
– Working with US DMA to influence US administration, FTC,etc.
– Key research on consumer attitudes to privacy and on the economic value of the dm industry
PECR – the new cookies law The law has been in place since 2003
• required anyone using cookies to provide clear information about them and provide opt-out if desired.
• The 2011 Regulations dramatically tighten the rules
• now, anyone depositing cookies is required not just to provide clear information about them but also to obtain consent from users to store a cookie on their device.
• New ICO powers to issue monetary penalty notices of up to a maximum of £500,000 for serious breaches
• The EU's revised PEC Directive came into force on 26 May 2011 but ICO said would not fully enforce for one year to give business time to prepare.
The law doesn’t just cover cookies • The law covers all technologies which store information in the
“terminal equipment" of a user, and that includes so-called Flash
cookies (Locally Stored Objects), HTML5 Local Storage, web
beacons or bugs…and more
Two exemptions from consent requirement • “use of cookie is for the sole purpose of carrying out the
transmission of a communication over an electronic
communications network”
• “cookies that are strictly necessary for the provision of a
service” e.g. internet banking, online shopping carts,
website log-ins
The ICO’s advice 2 sets of Guidance on www.ico.gov.uk
• “It is not enough simply to continue to comply with the2003 requirement to tell users about cookies and allow them to opt out. The law has changed and whatever solution an organisation implements has to do more than comply with the previous requirements in this area.”
• “But, come 26 May…. when our 12 month grace period ends, there will not be a wave of knee-jerk formal enforcement actions taken against those who are not yet compliant but are trying to get there.”
How to comply with the new rules
Follow the ICO’s guidelines:
1. Check what type of cookies and similar technologies
you use and how you use them.
2. Assess how intrusive your use of cookies is.
3. Decide what solution to obtain consent will be best in
your circumstances.
In conclusion • Issues surrounding implementation of regulation for email and mobile
marketing still a grey area.
• DMA Countdown to Cookie Compliance
– 10 Steps
– Guide for Email marketers
– Guide for Mobile marketers
• ICO guidance + will be issuing more in next 2 weeks
• ICC Guide on cookies issued this month
• Getting it wrong could result in adverse commercial impact – and regulatory intervention?
• The rules of engagement online WILL change – how is up to you.
Aren’t we there already?
op·por·tu·ni·ty
noun, plural op·por·tu·ni·ties.
1. an appropriate or favorable time or occasion: Their meeting afforded an
opportunity to exchange views.
2. a situation or condition favorable for attainment of a goal.
3. a good position, chance, or
prospect, as for advancement or
success.
Media buying has changed.
Inventory booked far in advanced.
Post campaign optimisation.
Audience defined by placement.
Huge wastage…
…and search took all the budgets.
The clearest display of intent?
Users displaying intent, in real-time.
Highly targeted, precise distribution system.
Only reach users who want to find you brand.
Massive efficiency.
…and data became personal and real-time.
Data is already at the heart of media buying.
Technology has changed the way we buy
media.
Data has changed the way we buy media.
Scale audience from your own customers. 3rd Party Data
3rd party pixels
It’s the results that matter…
The Value of data lies in the improvements in ROI it can provide but…
A lack of transparency & standards.
Removing the “noise” is difficult.
Data is expensive and available to everybody
Insight sits with media buyers.
…raises the question of “how much value does 3rd party data bring to my business?”
IT’S GOOD, BUT IT COULD BE BETTER.
Insight should be at the heart of your media buying.
Exclusivity of data is key.
Blend 1st party and 3rd party sources to see
your brands audience.
Look for people not cookies.
It is your audience.
DMP is the emerging hub for digital marketing
Attribution
modeling
Social
data
3rd
party
data
Youtube
Intent data
Device data
Look-a-likes
Social
campaigns
SEO
campaigns
Spot cable
TV buying
Direct
marketing
Call center
systems
Brand Standards/
Governance
Data Security
The Audience Management Platform For the digital age
But the opportunity for brands is significant
Source: Forrester Research, Inc.
The Red Aril platform provides a full solution…
3rd Party Data
Offline Data e.g. CRM, POS
Ops Sales
Marketing Platforms
• Ad Servers
• Inventory/Yield Optimizers
• Content Management
• Site Personalization
• Creative Optimization
• Ad Networks/DSPs
• Mobile Networks
• Ad Exchanges/SSPs
• Data warehouses
Data Monetization
• Data Exchange
• Private Exchanges
Integrated Data Portfolio
Marketing
Website Data
Mobile Data
Social & Life Data e.g. Registration, etc.
Analytic & Insight
Digital Data e.g. Email, Search
Browser
Real–Time Processing Audience Development
Audience Optimization
Audience Verification
Audience Extension
Closed-Loop Optimization
API
Batch
Custom
Event Classification System
Application Interface Client
Self-Service
Red Aril
Full-Service
Audience Management
Data Integration Data Integration
1st, 2nd, 3rd – Online, Offline (CRM)
Data
Ma
nag
em
en
t
Data Protection
Data Analysis
Data Rights
Data Inventory
Inside the sausage factory
DATA PROCESSING & AGGREGATION
REPORTING & ANALYTICS
DATA INTEGRATION LAYER
Log Connector Server-to-Server Browser Based
1st Party Data 3rd Party Data
Website Online Data
Providers
Offline Data
Providers Models Offline CRM Publisher
Data Ad Server
Relational DB
Connectors
API / Native
Connectors
AUDIENCE & MEDIA MODELING
Data Normalization Data Cleansing Segmentation Qualification
INTELLIGENT DATA DISTRIBUTION LAYER
Search
AUDIENCE DISTRIBUTION &
DECISIONING ENGINE
DATA DELIVERY LAYER
API Server-to-Server Browser Based
User Interfaces, Systems, Platforms
Attribution Data Usage
DATA RIGHTS MANAGEMENT
Media Execution
The Red Aril architecture
Functionality – Depth, Breadth, Analytics
End-to-end solution: Data – Audience – Extension
Complete data portfolio control – 1st, 2nd, 3rd party data – all together
Real-time, user-level, audience modeling – predictive extensions
Get the right message to the right person
Audiences
• Demographic Markers
• Psychographic Markers
• Media Exposures
• Search History
• Site Behavior
• Social Graph
Content
• Media
• Categories
• Semantics
• Lifespan
• User Generated
Context
• Competitors
• Brands
• Devices
• Channels
• Socio-economics
demo
Old World New World
Over to you for any more questions…