Location-based marketing is a highly effective tool, but it makes some customers uneasy. And that’s not without cause: this technology has the potential to gather data that infringes upon customers’ privacy, therefore creating concern for companies to establish a code of conduct.
Your company should be able to be proud of its location-based marketing, and your customers should feel confident that their data is secure.
The Future of Privacy Forum has created the Mobile Location Analytics (MLA) Code of Conduct as concrete, enforceable guidelines you can follow to assure your customers’ privacy and comfort. Here are some of the provisions outlined in this document.
Limiting the Data You Collect
You have the power to collect a lot of data… but that doesn’t mean you should. There’s a lot of personal data that’s completely irrelevant to your marketing campaign, and which can dangerously violate your audience’s privacy.
If it’s not related to your analytics, don’t collect it. The exception is if you are depersonalizing or de-identifying your data (by stripping unique information from it), or if you’re explicitly getting the consent of your audience.
Opting In and Out
It’s not ethical if your audience can’t consent. You should never just gather personal data without someone’s permission. Your audience needs to have a clear way of opting into and out of your location-based marketing campaign. They should have to explicitly opt into data collection if their information is identifiable as theirs, or if you’ll be contacting them based on the data you collect. The exception to these guidelines is if you’re gathering information that’s not readily identifiable as belonging to an individual person, or if you’re stripping identifying information from your data.
You should always provide a simple way for users to opt out. It’s true that your audience can turn off WiFi or GPS to opt out, but that blocks certain essential phone features within your location. While this is technically an opt-out, forcing your users to disable their phones to opt out isn’t ethical.
Retaining and Deleting Data
Modern data storage technology means you can technically hold on to a massive amount of data, essentially indefinitely. But again: just because you can doesn’t mean you should.
You should set limitations for how long you hold onto your audience’s unique, identifiable data for. At the end of that period, destroy all copies of the data, including backups. This sort of information is very tempting to hackers, and wiping it regularly will prevent dangerous security breaches.
Informing Your Audience
It’s not enough to quietly abide by these principles. Your audience needs to know the top-notch ethical principles you’re holding yourself to.
This is why the MLA Code of Conduct advises that you share a privacy policy on your website. This privacy policy should cover a lot of ground, including but not limited to:
- An explanation of the data your company collects, along with a consumer-friendly explanation of the technology behind location-based marketing
- The steps you take to protect and depersonalize the information you gather
- How long you retain data for
- How, when, and with whom you share data, including your policy about sharing data with law enforcement
- How customers can exercise choices about their data, including opting out of data collection and deleting existing data
- How to get in touch with you about any questions
This way, your customers will feel more comfortable with the data-gathering you’re undertaking over the course of your analytics, and you’ll know you’re going forward with the full informed consent of your audience.
Location-based marketing is a new technology, and customers are understandably anxious about it. By abiding to certain basic ethical principles about data collection and use, outlined in the MLA Code of Conduct, your audience will participate in your location-based marketing program with complete confidence.
Sources