Seesaw between Privacy and Fraud

Since the mid-2010s, User Privacy has been an important and common topic in the Digital Ecosystem. The other topic that is gotten into common vernacular is Digital Fraud.

The single key variable that drives both these topics is identification. Identification is important for privacy, and Identification is important for fraud.

However, Identification forces Privacy and Fraud to be on opposite sides of the spectrum. Very simply put, the less you know about a given person (better for User Privacy), the more the odds of Fraudsters taking advantage of a given situation (worse for Fraud).

The evolving laws (GDPR, CCPA amongst others) are important and appropriate to the current time. Within the context of these laws, we'll share what can be done, and what cannot be.

We'll start off by first sharing that none of this is legal advice, but generalities as to what we need. And for the record, I myself use the app settings on the phone to reject cross tracking, and other forms of looser identification standards.

Can dos:

• Companies can work with partners (clients) to communicate what's being tracked. Consent is the key word here.
• Ensure companies have Data Privacy Agreements that very specifically define what we do/ don't do with that data. For example, we cannot re-target this data for advertising - amongst many other thing.

Cannot dos:

• Usage of supercookies or zombie cookies - these kinds of browser tokens recreate themselves as they are deleted.
• This is a clear violation of GPDR and other legal constraints- specifically because the deletion of a specific ID metric is a request for deletion.
• Re-target or market the data that a given company collects.
• Share specific data sets without prior consent

Fraudsters can use this to their advantage. Indeed, they can even "submit" new identities each time, although as far as we know, it's much easier for them to create a new identity and move on, than to wait out and build a new identity over time.

So, what can be done? Ultimately - that question is too broad - and changes in the context of Qual. vs Quant. to Online vs. Offline to Market Research to Advertising - each context has its own challenges. Just be aware that as identities get more and more protected, there is a higher onus on respondent interaction interaction through whatever technology you have access to (direct through the Panel, Fraud Tools, Survey Platforms, etc.).