Privacy exposed: five lessons and solutions from the Spotify saga
The backlash against Spotify’s new privacy policy has highlighted a growing disconnect in brand and customer perceptions to data sharing.
Spotify’s main crime may be poor communication – its privacy policy is similar to that of other streaming apps like Tidal, Google Play Music and Apple Music. But the uproar proves that people are no longer willing to blindly accept changes to their privacy data.
Constant media stories around privacy exploitation and breaches have made customers more savvy and cagier than ever before. People are becoming more aware of the value of their data and increasingly protective about how it’s used. With this changing tide, here’s five lessons and solutions to takeaway from the Spotify fiasco:
1. Individuals are understanding the value of their data and want a fair share of the rewards
Consumers are increasingly aware of the value of their information. In response to demand, a new breed of smart tools is emerging designed help people use their data to save on household bills by automatically matching actual usage to deals, and allowing them to keep hold of their data. CTRLio is one of them.
Other companies encourage people to sell their data as a bundle, ostensibly putting commercialism directly in the consumer's hands. But the reality is that customers can only expect to receive around £5 a month. This is a fraction of the return that they’d get from using (and keeping) their data to find better deals.
2. Rebuild trust with transparency
The Spotify saga showed the importance of clear and open communication. Miscommunication costs. Overnight Spotify went from being a respected and loved brand to being dubbed “creepy” and “evil”. The fact is businesses need to collect certain data to operate, whether this is a playlist, phone usage or shopping history. This is a good thing as it enables a better service but it must be gathered with transparency, consent and the right usage permissions.
The issue is not so much one of data ownership but of data accessibility. People should be able to access, control and use the data collected about them. The government’s midata initiative started this in the UK and it’s the principle behind CTRLio, but Spotify’s actions showed it had not learned this lesson. And while we’re on the subject of data accessibility – it’s much safer to keep data distributed around the companies that collect it rather than create central repositories, which are honeypots for hackers.
3. Big data is dead, long live little data!
The old model of putting lots of data in one big pot and making clever predictions might work for weather forecasting but it struggles with human behaviour. Despite the sophistication of the AdTech industry, it’s not very efficient with single digit click through rates being causes for celebration. This is because it relies on inferences, not real intent.
If advertising was based on real needs, imagine how much more successful it could be. Individuals could actually declare their intentions to brands in a way that brands could respond to, at the right times. This is what marketer turned academic and author, Doc Searls has been writing about for years. Next generation marketing, where people are armed with their personal data and able to share relevant bits with the brands they trust, when it suits them. For example, when they’re actually looking for car insurance.
4. Publishers need new revenue streams
Though not directly related to Spotify, ad blocking is another by-product of consumers disgruntled by privacy invasion. The rise of ad blocking and the in-built content blocker of Apple iOS 9 are threatening revenue streams and the distribution of ads based on inferences. It’s estimated that ad blocking is already costing companies £14bn each year. Publishers need clearer revenue streams that work in harmony with customer data and privacy.
This is what CTRLio is working on. An intentions platform where publishers can share in the revenue generated when people use their data to tailor deals to their preferences, usage and timescales. Businesses will know who their potential customers are, what they want and when – with the full consent and mechanisms to engage with them and make offers.
5. Blanket terms and conditions don’t work
As people demand more control over their data, blanket terms and conditions will continually be met with resistance. People want to be able to choose what they share. Unless businesses adapt, data gathering will become a battle between what brands feel they need and what individuals are willing to offer. And this is only likely to worsen as the internet of things era continues. The Kantara Initiative is one of several efforts to develop a more granular approach to consent management and information sharing.
Dominic Strowbridge is the chief product officer at CTRLio