Now it’s Australia’s turn to crack down on the use of third-party data and cross-context behavioural advertising.
The global shift towards more stringent data protection began with the European Union’s General Data Protection Regulation (GDPR) in 2016, followed by California’s Consumer Privacy Act (CCPA) in 2020. These regulations set new standards for data privacy, limiting how businesses collect, store, and use sensitive consumer data. Now, Australia is following suit with proposed amendments to its Privacy Act 1988.
The Attorney-General’s Department has put forward 116 proposals to amend the Act, with the federal government already agreeing or agreeing in principle to all but 10 of these proposals. Legislation is expected to be introduced and passed quickly in the coming months, signalling a rapid shift in the regulatory landscape.
Social media platforms can no longer simply check which users meet specific demographic criteria and push ads to their feeds based on third-party data
Key changes and their impact on customer data
At the heart of these changes is an expanded definition of Personally Identifiable Information (PII). This broader interpretation will likely include modern forms of personal data such as location information, IP addresses, and device identifiers. It may even extend to inferred information about an individual’s preferences or predicted behaviours.
For brands, these changes signify a shift away from reliance on third-party data and towards a greater focus on first-party data. This transition will necessitate changes in targeted advertising practices. For instance, social media platforms such as Facebook and TikTok can no longer simply check which users meet specific demographic criteria and push ads to their feeds based on third-party data. Instead, they must rely on first-party data and more sophisticated targeting methods.
Learning from our privacy predecessors
While the transition may seem challenging, Australian brands can learn valuable lessonsfrom their counterparts in the United States and Europe, who have already adapted to similar regulations. Many businesses have successfully pivoted by utilising conversion APIs and developing robust first-party data strategies. For instance, instead of relying on cross-context behavioural data, companies are now targeting ads based on information voluntarily provided by users on specific platforms.
The state of preparedness in Australia
Recent studies indicate that many Australian brands are underprepared for these changes. A recent survey by Arktic Fox revealed that only 29% of marketing, digital, and ecommerce leaders believe their organisations are effective at activating data to deliver impressive customer experiences. Even fewer (22%) are confident in their organization’s data management and maintenance practices.
This lack of readiness is concerning, given the potential consequences of non-compliance. The Office of the Australian Information Commissioner (OAIC) has flagged that it will impose fines on organizations that fail to meet the new standards. These fines can be significant, up to $2.2 million for each contravention.
Moreover, the Australian Community Attitudes to Privacy Survey 2023 found that data privacy is the third most important factor for consumers when choosing a product or service, after quality and price. A staggering 92% of respondents said they would like businesses to do more to protect their personal information.
The role of customer data platforms
This is where Customer Data Platforms (CDPs) come into play as a powerful solution. CDPs are designed to help brands navigate the complexities of new privacy rules by consolidating data from multiple sources into a single, manageable platform. This consolidation allows for the maintenance of accurate consumer profiles while facilitating compliance with consent management and data minimisation policies.
A well-implemented CDP can streamline the application of governance policies across all data types and sources. It simplifies the tracking and management of customer consent for data collection and use, making it easier for businesses to ensure their customer data activities comply with legal requirements. Furthermore, CDPs can be configured to retain only the data that can be lawfully used and only for the period stipulated by privacy regulations.
Choosing the right CDP
When selecting a CDP, brands should look for features that facilitate easy compliance with privacy obligations while still allowing for the construction of rich customer profiles. The ideal CDP should also integrate seamlessly with existing tools and technologies.
Key features to look for include:
1. Creates a unified customer view
2. Usable and accessible data across the organisation
3. Easy integration with other tools and platforms
4. Orchestrates audiences across activation tools
5. Supports cross-channel measurement
6. Stays safe and compliant with changing regulations
7. Performs at the scale and pace of customer data
As Australia moves towards stricter privacy laws, investing in a reliable CDP is becoming crucial for brands. This investment will enable them to build comprehensive customer profiles while ensuring compliance with upcoming regulations. By taking this proactive approach, Australian brands can avoid the potential financial and reputational damages associated with non-compliance while also meeting the growing consumer expectation for better data protection.
A new frontier for building customer trust and tech success
The shift towards stricter privacy rules presents an opportunity for businesses to build trust with their customers by demonstrating a commitment to data protection. As the privacy landscape continues to evolve, those who embrace these changes and adopt the right tools, such as CDPs, will be best positioned to thrive in this new era of data privacy.
Billy Loizou, Area VP APAC, Amperity
About the author
Billy Loizou, Area VP APAC, Amperity
Billy Loizou has 15-plus years experience in design, technology and marketing. He has worked with some of the world's most renowned and respected brands, helping them improve their customer experience and drive profitability.
About Amperity
Amperity, the first Lakehouse CDP, delivers the data confidence brands need to unlock growth by truly knowing their customers. With Amperity, brands can build a first-party data foundation to fuel customer acquisition and retention, personalize experiences that build loyalty, and manage privacy compliance. Using patented AI and ML methods, Amperity stitches together all customer interactions to build a unified view that seamlessly connects to marketing and technology tools. More than 400 brands worldwide rely on Amperity to turn data into business value, including Alaska Airlines, DICK’S Sporting Goods, Endeavour Drinks, Planet Fitness, Seattle Sounders FC, Under Armour and Wyndham Hotels & Resorts. For more information, visit amperity.com or follow us on Linkedin, X, Facebook and Instagram.
To read about how tech experts reacted to the 2024-25 Federal Budget, click here.