Because We Can...
An interesting situation.
We were recently pitched on a SaaS platform that tracks your website visitors via reverse IP look up, and reports all of their activities on your website. The purpose is to flag when the "window is open" for a prospect or even an existing client. To be clear we are Trusted Advisors in the Data Protection & Privacy space. Companies contract us to help them with compliance issues.
The Sales guy in me was excited. "You mean I can know "when" and even "what" a prospect is interested in? In real time?" Rush quickly to full demo, pricing models and let's go through a return on investment calculation so we can sign up and start using this tool.
Then the Privacy Professional in me weighed in.
It is interesting to note here that this is a live, in the moment example of what GDPR, PIPEDA, CCPA and all other data protection and privacy laws are designed to do: to make us THINK the entire impact through.
It is why GDPR requires Data Protection Impact Assessments (DPIAs). They want us to look at the practice from all points of view to be sure everyone is being served and no one is being harmed. When looking through the tiny sliver of "Sales Guy", this service looked very smart. The exact same service to a Marketer or a Privacy Professional...
As the Privacy Professional our decision whether to use this service or not hinged on a single question: would our website visitors reasonably expect us to track their actions this way and use those actions to try to close another engagement?
The answer was clearly no.
There are many business practices over the past 20 years have have been put in place across all kinds of companies, because technology allowed us to do something. Simply put, we did it because we COULD.
In many of these cases nobody asked if we SHOULD.
Now the Marketer in me weighs in. Our brand is "trust-based". Ask anyone who worked for Arthur Andersen & Co. The foundation and very first question any potential client will ask is "can we trust these people to do what we hire them to do?" So everything we do must further a prospect's trust in us. Every contact - every touch point must further deepen the prospect's or client's trust in us and our ability to help.
With this context, should we use a lead generation platform like this?
Sales Guy - Hell yes!
Marketing Guy - No. It is not compatible with our primary brand position - trust.
Privacy Guy - No. It is beyond the average website visitor's reasonable expectation.
ETHICS must rise to the top again in our business decisions. Just because we can, does not mean we should. This is what "managing the risks" means when it comes to data protection & privacy. The large fines are the tangible "risk factors" but doing what's best for your customer should always be the key consideration.
I would love to hear your perspective. Are we being too conservative? What goes into making these kinds of decisions in your world?