Category Archives: Data Management

Goodbye “channels” – Welcome the marketing “channel of one”

The practice of creating a seamless customer experience across digital channels has been a common marketing challenge for a long while now, and integration of some offline and online channels through campaign segmentation is the norm. However, for most of us it is difficult to get a grip on every part of the customer experience.

To put this into perspective, there are typically more channels or touch points throughout a customer experience that are entirely generic and not personalised at all, versus those that are. They are not personalised by name, proposition or offer, call to action, location. None of that. This is diluting the effectiveness of a CRM strategy because we don’t have a clear understanding of what every individual experiences through every single channel. But this is changing.

Take a look at this:

Technology is beginning to bridge some of the knowledge gaps to identify non-converting prospects who visit their retail stores. Some brands have tried to patch over this marketing need with solutions such as in-store wifi, but this newer technology is incredibly powerful to marketers. The customer experience in the video above could have resulted in a simple browse and no sale. The marketing opportunities created from understanding that experience through the data collected, will help us to follow-up appropriately with the right content, at the right frequency at the right time – all with an enriched profile of that customer.

The marketing challenge is beginning to shift towards a desire to converse “sequentially” with prospects and customers through any channel at any time. Sequential messaging across multiple devices, locations and mediums. All of these could be personalised, tailored and in a defined, tested and optimised sequence:

  • In-store offers and personalised greetings
  • In-product messaging (some cars are already enabled in this way)
  • In-app messaging
  • Email
  • SMS
  • Website
  • Outdoor advertising
  • Direct mail
  • Delivery messaging

What would this list look like for your brand?

Algorithms could be developed, to enable CRM platforms to intelligently learn and adapt to the best performing sequence of proposition, content and timing. Automatically.

What does all of this mean for Marketers?

Marketers will soon be spending much less time thinking about which message to send through which channel, but more time deciding on the right sequence of messages with the channel serving as a distribution channel. I like to think of this as ‘the channel of one’.


First rule of email marketing – simple, working unsubscribe

It is not a lot to ask and most ESP’s won’t allow you to send an email without an unsubscribe link. The problem is often how the unsubscribe is implemented and this can vary considerably. Its surprising how some big brands can still get their unsubscribe wrong.

I always say that unsubscribes aren’t a bad thing. At some point the recipient has opted in to receive your email and an unsubscribe is just them saying, thanks but I’m not interested in this anymore. Nobody wants to lose a customer but if they have no further interest then they won’t convert and its not worth sending them an email in the first place. Its good to remember that an unsubscribe is a whole lot better than a spam complaint.

First, try not to hide your unsubscribe. I dislike finding unsubscribe links hidden away in the terms and conditions at the bottom on an email. I believe brand trust plays a big part in email marketing and when I see an unsubscribe that is “hidden” in the footer of an email, it erodes away a little bit of that trust. I always suggest putting a clear unsubscribe in the pre-header as well as at the bottom of the email, not in the small print. If someone truly wants to unsubscribe they will do, either by clicking your unsubscribe link or complaining to their ISP.

I recently decided to clean my inbox of everything that I don’t read. This is not what I would class as spam but just emails I have opted in to receive but am no longer interested in reading. Here are two examples of how I believe an unsubscribe shouldn’t work.

The first was an online retailer and there was an unsubscribe link at the bottom of the email. All seems straight forward. However when you click on the unsubscribe link it takes you to a page on their website that says “if you know your account password you can unsubscribe by changing your preferences or enter your email address below and we will send you a link that you can use to unsubscribe”. Not exactly what I was expected. I don’t want them to send me another email so I can unsubscribe. I just want to unsubscribe. Anyway I enter my email address and click “Send Confirmation Email”. To my surprise it comes back with an error saying “we have no record of your email address. Please call our customer care team”.

I checked the address the emails are sent to and its correct. I even tried matching the case just in case but still no joy. So I had no way to unsubscribe. It took a call to the customer services team to get my account “reset” so I could then login and unsubscribe. Not a very satisfying customer journey and makes me think twice about using them again.

The second was a newsletter that I had been receiving for years but wasn’t actually reading so time to unsubscribe. The unsubscribe link was in small text near the footer and used the text  “not useful ? unsubscribe”. I clicked on the link and it takes me to their account login page and asks for my username and password. I can’t remember either but all is not lost as there is a “reset your password” link. However, this link now asks for my username and email address. I then have to search my email archive to try and find my login details to unsubscribe. Not the user experience you want to happen.

An unsubscribe link should be simple and do exactly what is says on the tin. Ideally it should pre-populate with the email address that the original email was sent to (for people who have many email aliases) but at least you should just enter an email address and unsubscribe. At some point in the future you want your unsubscribes to return so you should try and part as friends.


Data Collectum (or not)

My daughter recently had a week off school, so my wife and I took the week off as well and my father and his wife flew over from America to join us for a bit of UK tourism. I was looking for a true holiday: one where I completely unplugged from work and was able to focus solely on the family. I was very successful at this but was let down by a complete failure at two of the biggest attractions that we visited.

On the second day of our break, we went to Harry Potter World. My daughter had already been as part of her summer camp and was very excited to show mom, dad and the grandparents around. We were all equally excited being fans of the books and movies. Upon arrival, we were ushered straight into the queue to begin the ‘guided’ part of the journey and, as is the fashion at these kinds of places, the queue snaked back and forth on itself but moved quickly enough.

One of the things that caught my eye was a promotion of free Wi-Fi. I had read that they have an average of 5,000 visitors per day and I broke with my avoidance of email to log-in. I have been looking for a really good example of using free Wi-Fi for data capture and I was sure this would be it. In the words of my daughter, “I was wrong diddly wrong.” There was no data capture…AT ALL. After I agreed to the terms and conditions, I got a splash screen encouraging me to check in on Facebook and mention them on Twitter. Would I have given my email address to get access to the free Wi-Fi? Absolutely. Would I have signed up for an email program? Yes (but that is because I am in the industry, so I asked my more cynical companions). They all said that they would sign-up to an email program. This conversation then got the other guests around us asking, “Oh, do they have an email program? How do I sign-up?”

Later in the holiday, we visited the National Moter Museum at the Beaulieu Estate. After visting the museum we stopped off for a bit of lunch before visiting the other parts of the grounds. Again the restaurant offered free Wi-Fi and again did nothing towards capturing my data; just the same encouragement to check in on Facebook and share our visit on Twitter.

As the saying goes, “an opportunity not taken is an opportunity lost.” I know email marketers that would bite off their own arm to get access to that many potential registrations per day.

The classic methods of data collection have gone out the window. Consumers now understand that their data is the currency of the web and they are becoming much more protective about when they give it and to whom. At the same time, consumer behaviour on the web has changed. People no longer “surf the web” by wandering around to see what they may find. The internet is a tool and a place to get things done. Don’t expect them to sign up to your email program just because they have popped by your website. They are there to accomplish something. You need to make it clear to them what value they will get by giving up their data, and ask for it at a time that is convenient for them and not only convenient for you.


Yahoo! Changes will Impact More than just Email Marketers

Not to be outdone by its rivals caught up in the PRISM ‘scandal’, Yahoo! has decided the best way to deal with lapsed users is to give their private details to the first person that asks for it.  Okay, well it isn’t really that bad but their recent announcement that they will start recycling dormant email accounts on August 15th will have significant repercussions for the both ecommerce and the email industry.

About two years ago my iTunes account was hacked using a well known Apple scam.  The hackers just need your account ID, which they use to download apps. How can they download apps without the password you may ask? They can’t, but when you unlock your password those apps are downloaded to your device and they get the cash because it was their app that was being downloaded. The whole ordeal around getting this sorted is another post for a different blog, but the important thing here was the remedy I used to fix it, which was to create a Yahoo! account using a random password generator to create the bit before the ‘@’. So far so good, no dictionary attack has cracked this email account.

The problem is, that I don’t ever log into the account (clearly I will have to add this to the list of monthly tasks like cleaning out the washing machine filter and checking the smoke detector). What would happen if I missed this announcement from Yahoo!? Come the middle of August somebody could take this email address from me and suddenly have access to my iTunes account.  The password reset would go to the address that they control and away they go.  If I was like many people including Mat Honan of Wired Magazine, this email address would also be used for other things and I would have lost control of all of them.

This will also clearly have implications for me as an email marketer.  Loads has been written over the past few years about removing data that has not opened or clicked in more than twelve months from your list. The thinking is that inactive addresses are being used as spam traps, although there has been a lot of disagreement on this by email experts such as Dela Quist. Regardless of which side of the fence you fall on this topic, you need a plan in place to be executed between the 15th of July and the 15th of August because if you email a recycled address – you will have spammed them.

Yahoo! will hard bounce all of the addresses that are to be recycled during this thirty day period, so you need to take this opportunity to tidy up your Yahoo! addresses.

There are well over 3 Billion email addresses in the world. It is not surprising that the email application providers want to start recycling them. Let’s face it, jimsmith@yahoo is a lot better than jimsmith345@yahoo. This is going to become a regular part of our world, so we better develop some strategies to address it.

The Draft EU Data Protection Regulations and the Other Compliance Obligations

As our series of blogs on the proposed EU Data Protection Regulation is almost at an end, I think it’s fair to say that they made for very informative reading. I hope you would agree with me that many marketers can learn something from them. A lot of the main topics within the proposal have been covered. But what are the changes to the compliance obligations which organisations need to consider in their day to day activities if the proposal was to be passed in its current version?

Data processing is featured heavily in the proposed Regulation. One of the changes is around notifying the relevant national data protection authority, in the case of the UK the Information Commissioner’s Office (ICO), of your organisation’s data processing activities. Currently, providing such notification to the ICO has been a matter of course, whereas the proposal states that full records of data processing activities must be kept by the organisation and only supplied to the relevant national data protection authority on request.

The use of data in many organisations is crucial for marketing purposes, as well as general interaction with customers. If you work client-side, just think of the number of email campaigns your organisation sends out to your customers, whether the customers are active, prospective, lapsed or otherwise. Your data would have had to be processed in some way before emailing, whether it’s cleaning or segmenting for a targeted campaign; therefore keeping a record each time the data is processed with specific information would add another compliance burden to the activity. The obligation to keep records of processing activities is also extended to agencies where dealing with data is an integral part of running of the organisation, such as list rental and lead generation activities. With this in mind, if you think of your own organisation’s activities as well as the number of organisations involved in a typical data processing chain, then the number of data processing activities that will need to be recorded is overwhelming. The ICO is concerned that there is a danger that organisations will focus on the ‘paperwork’ rather than on actual data protection compliance. The removal of the notification fee, which organisations currently pay to the ICO when they complete the notification form, does raise questions as to how the ICO will be adequately funded to carry out its data protection work effectively.

Another change in the proposal which will have a big impact is the requirement for organisations with 250 or more staff to have a designated independent data protection officer. Even though data is crucial to a lot of organisations, the size, reasons for its use and frequency the data is handled and processed amongst organisations varies. The ICO believes that “a simple head-count criterion for the designation of a data protection officer is not the best approach.” Some low head count organisations may process a large amount of information about a lot of people and are therefore high risk. On the other hand, large head count organisations may carry out relatively small –scale and low risk processing. Read the ICO’s report on the draft regulations here

The additional bureaucratic requirements relating to these proposed new compliance obligations will certainly create extra administrative costs, particularly for smaller organisations. As well as the increased documentation of all data processing activities, consider the revision and issue of new terms and conditions, and the amount of employee guidance and training around these changes.

These new compliance obligations , as well as implementing the right to be forgotten, and explicit consent for data processing will mean that all organisations will have to review their day to day activities.

What is “personal Information” according to the draft EU Data Protection Regulation?

In order to keep up with new technologies and addressing consumer concerns over privacy the 1995 European Data Protection Directive, which was implemented in UK in the 1998 Data Protection Act is in the process of being updated. This can be a good thing because aside from anything else it aims to reduce the red tape, and add more consistency across Europe. However, the draft proposals are missing the mark and not going to meet the objectives unless some additions and changes are made.

The definition of “personal data” is one example of this; it is proposed to be extended so it could cover some IP addresses and cookies;

“a natural person who can be identified, directly or indirectly by means likely to be used by the Data Controller……in particular by reference to an identification number, location data, online identifier…”

The definition makes no distinction between personal data which is not directly identifiable, such as an IP address identifying a device not a person and data which is, e.g. name and address. Furthermore an IP address only identifies a device not a person. This change would make profiling and web analytics much more difficult, if not impossible. This would change the whole way the internet and email marketing works. The easy user experiences and communications users are currently used to from talented marketers would be replaced with either nothing or un-targeted information, a backward step which will not benefit users or business. The updated European data protection legislative framework need to allow the commercial developments to continue, which will allow business to grow and users to have positive relevant information sent to them.

It is imperative that the definition of personal data is revised otherwise the online economy may be severely damaged.

EU Draft Data Protection Regulation – Data Breach Notification

Anyone who is in the business of processing personal data will be aware of the proposed new EU Data Protection Regulation. It’s a pretty hot topic right now (as I’m sure you’d agree) as it represents the most significant global development in data protection law since the EU Data Protection Directive that was agreed over 17 years ago. This was clearly way before smartphones were in everyone’s pockets and internet access was in every household, so no one would deny the fact that in this age of mass information sharing, this piece of legislation is in need of some revision.

However, a common view amongst marketers and data owners is that the current draft of the Regulation doesn’t strike the right balance between a) protecting an individual’s right to data privacy, and b) allowing businesses to engage with consumers, using the data they have access to, to deliver really relevant content.

As part of the proposed new Regulation, the European Commission is widening the scope of data protection laws to include a requirement that any business that stores personal data will have to disclose the details of any data security breaches.

So what does this mean and how do data security breaches occur? They can happen in a vast majority of ways, which can include:
• Lost or stolen laptops, removable storage devices (USB sticks etc.) or paper records containing personal information
• Hard disk drives being disposed of or returned without the information being correctly erased
• Hacking
• Staff members accessing or disclosing personal information illicitly
• Unsecured recycling of confidential waste
• Sending sensitive information digitally without encrypting it properly first

According to the Information Commissioner’s Office (ICO) the definition of a personal data security breach is “a breach of security leading the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.” Under the draft Regulation, it’s proposed that any organisation that processes personal data will be required to inform the ICO if a personal data security breach occurs.

So what does this mean for us as Email Marketers?

Essentially it gives the consumer much more information and ultimately control. Yes, this is great for our customers, but not so wonderful for us as many organisations (especially those of us in the email industry who handle a large amount of data for our clients) have expressed concern about potential ‘over-disclosure’ opportunities that could arise thanks to the requirement to provide the necessary information within 24 hours of a data security breach, as envisaged in the draft Regulation. It could potentially force organisations to reveal more information than they need to (such as notifying every individual who might have been affected by the breach rather than those who definitely were). This concern is backed up by recent research from LogRhythm who found that 87% of UK businesses have admitted that they wouldn’t be able to identify individuals affected by a breach within this timeframe.

Another concern amongst email marketers is that this requirement to notify a data security breach within 24 hours doesn’t just apply to organisations based within the EU, but it includes those doing business in it, making the draft Regulation the first de facto global data breach law.

Finally, it could lead to ‘notification fatigue’. With the requirement for each and every breach to be notified, regardless of the severity, consumers could be inundated with breach notifications, which could lead to consumers tuning out.

The good news is that it could take another 3-4 years before the changes come into play, however many of our peers are expressing concern over the negative impact the new Regulation could have on email and direct marketing. The DMA (UK), with FEDMA, is lobbying the EU institutions in Brussels ,the Ministry of Justice and the Department of Culture Media and Sport here in London to try and achieve an outcome that is more business-friendly. We would like to see the requirement to notify regulators and individuals of a data security breach restricted to serious breaches and the 24 hour time limit to notify a breach to be extended. Whatever the outcome is, positive or otherwise, you can bet your bottom dollar that the data security breach notification requirement will remain in the Regulation in some form or other. Therefore, it’s absolutely imperative that you put in place or review clear and well-understood data security breach notification procedures.