Article: 2020 Data Privacy Regulations - Jan 2020
By Dale Cooke, Regulatory Expert
The 2010s Were Defined by Mobile Communications
For pharma marketers, the 2010s were defined by the emergence, growth and eventual dominance of mobile communications. The 2020s are going to be dominated by the data privacy implications of that mobile revolution.
It took a few years from the launch of the iPhone in late 2007 for the smartphone to become most people’s primary interface with the Internet but by the decade’s end the idea of “mobile first” was fully embedded in most marketers’ minds and the proliferation of data collection didn’t stop at the phone as the Internet of things expanded data collection to our refrigerators, toasters, scales, televisions, and beyond.
One under-appreciated side effect of everyone carrying around mobile tracking devices was the resulting explosion of personal data and the corresponding ability to target messaging. Every adult glibly clicked on the “Agree” button to accept the terms and conditions for apps and functionality that provided genuine benefits such as providing hands-free driving directions, constant weather updates, and more.
None of them ever read the terms and conditions or realized how much of their personal data was being collected, analyzed, repackaged, and sold. As the decade came to a close, many people woke up to what had happened. Media coverage increased, such as the New York Times Privacy Project. Some new regulation and oversight such as the European Union’s General Data Protection Regulation and California’s Consumer Privacy Protection came into effect, but the state of play in the United States continues to be an antiquated set of rules that isn’t up to the challenge of regulating what’s happening on the ground.
The Challenge of Regulating Data Privacy on the Ground
All industries are going to have to address this challenge in the ’20s, but it’s particularly imperative for pharmaceutical companies for a few reasons.
1. Pharma's Current Reputation
First, the overall reputation of the pharmaceutical industry is at a nadir. Although the past decade saw pharmaceutical companies largely contain the AIDS epidemic, cure hep C, make major strides in the fight against cancer, and bring relief to thousands of patients suffering from rare diseases, the industry as a whole has not seen its reputation buoyed by these successes. Instead, a large portion of the population sees pharmaceutical companies as responsible for escalating costs of the medicine that they need to survive, and politicians on both sides of the aisle promise on a daily basis to get tough on pharma.
2. The Sensitivity of Health Information
Second, the information that pharmaceutical companies have and the types of targeted marketing that they engage in touch on the most sensitive aspects of a person’s life–their health and the health of their loved ones. As the concern about data privacy grows, pharmaceutical companies that are found to be lacking in their concern about privacy issues will face a much larger and more severe blowback than when a shoe company or a convenience store has a data breach.
3. Pharma Relies on Trust
Third, pharmaceutical companies rely on patient trust for their success. The drug development process requires that patients give a tremendous amount of personal data to companies. Skepticism of some historically abused populations has already had negative impacts on the ability of companies to recruit for clinical trials. A perception that the industry cannot be trusted to respect patient privacy will only make those hurdles more significant.
What this Means for Marketers
As a consequence, pharmaceutical marketers need to add to their “mobile first” mindset a concern about baking privacy into their plans from the beginning. Truly adopting a focus about privacy means doing much more than merely updating the terms and conditions on a website to meet the new California law’s requirements (though, of course, that should already have been done). Instead, respecting privacy as a core value means adopting and implementing principles such as those from the Organisation for Economic Co-Operation and Development’s privacy framework.
One of the most important of these principles is to limit the amount of data that is being collected. Instead of taking the approach that more data is always better, marketers should start questioning why they want or need to collect specific pieces of information before they collect it. In addition, marketers will need to start thinking in terms of the purposes behind their data collection and how those purposes would look when featured in a story on the New York Times front page about their company.
Putting Privacy at the Center
Putting privacy at the center will be at least as challenging for marketers as adopting a mobile first mindset was, and part of the challenge is that most of the benefits will be seen initially in the negative. A lack of coverage for violating consumers’ privacy rights is more difficult to factor into a ROI calculation than a script-lift from slightly improved targeting, but the potential pitfalls for companies that fail to place privacy at the center are real: heightened government regulation, a crackdown on existing practices, increasing damage to the industry’s reputation, and becoming the poster child for the next chapter in the story of why pharma companies can’t be trusted.