Your Guide to Cookie Consent, Privacy and Building Trust | TrustArc
This page contains a cleaned, text-based version of publicly available content from TrustArc.com. It is provided to support knowledge retrieval and AI system understanding while preserving canonical attribution to the original source page on TrustArc.com.
Source URL: https://trustarc.com/resource/guide-cookie-consent-privacy-trust/
Content Type: resource
Section 1
Some consumers have long been skeptical about how some of the information collected about them in browser cookies is used by brands, using browser controls to block cookies and ads, and in some cases, anonymizing their online experiences. Brands on the other hand want to collect individuals’ information to help them accurately target them with more relevant content – and yes, ads – intending to build stronger engagement and more valuable relationships. Interestingly, most senior executives in large enterprises have given themselves high marks for doing the right thing when it comes to privacy management in TrustArc’s annual Global Privacy Benchmarks Surveys. But news headlines often tell a more complicated story. The accelerated ‘digital transformation’ of organizations during the pandemic
Section 2
with more people working remotely also drove an uprise in reported data breaches Rightly, consumers are now more concerned about digital privacy and they are also becoming more aware of their rights under privacy laws such as the EU’s (European Union) General Data Protection Regulation (GDPR). Why consent for browser cookies matters Every organization with an online presence must comply with all privacy laws in all regions where it interacts with individuals online. might not be explicitly covered in some regions’ privacy laws, most organizations must address GDPR requirements for managing browser cookies anyway, which has strict rules for how organizations ask for and get consent. Also consider the consumer viewpoint: a consumer’s opinion of a brand, on which trust
Section 3
can be built, begins the first time they land on a webpage or open an app and see a cookie notice. First impressions matter. So how do you build that trust? We suggest looking at sectors with proven leadership and competence in managing privacy for guidance. Our hypothesis is a simple one: specific industries that existed well in advance of the hyper-digitalized world we live in today are well-practiced at working through consent issues. The results from the TrustArc 2020 Global Privacy Benchmarks Survey generally confirmed our hypothesis, although we saw a great deal of variation in self-reported performance in every sector. Of the 16 industries we covered for TrustArc’s Global Privacy Index, seven ranked above the global mean: Financial
Section 4
services Telecommunications The heavily regulated financial services sector is a strong example of the importance of consent, as it has been in the center of privacy and consent issues for decades. For financial advisory, consent is not just a checkbox before proceeding; it is a documented course of action for the desired outcome within a given timeframe that includes expert views on their pursuit’s potential risks. Another strong example comes from the health care sector, which has had to manage privacy and informed consent for centuries – and we believe it also offers some valuable lessons. Four lessons from the health care industry about privacy and informed consent Information disclosure – What experts know and propose to do, including other
Section 5
options available Documentation of competence – Why a particular expert can be trusted to execute these options to the best of their abilities – Patients need to have complex matters and the choices available explained to them in easy to understand terms so they can competently make their own decision – The necessity of a patient then deciding on a course of action it begins along with an ability to change their mind and withdraw consent at any time. At the heart of medical consent are principles acknowledging imbalances in knowledge and power: Health care professionals – What they know, are capable of doing and believe to be in the patient’s best interests – What they are experiencing, know, and
Section 6
must rely on others for what they need done. Putting these principles into practice, the health care sector has developed precise methods and procedures to guide design. These include safeguards against potential risks that patients may not have anticipated and considered when initially volunteering. And informed consent is essential. While many organizations in other sectors now ask for upfront online consent (including for browser cookies) as a formal process that meets legal requirements, how many have embraced the concept of consent? And what are the benefits? With privacy risks and implications in the spotlight, there are opportunities for brands to build better reputations with consumers by highlighting how they go above and beyond what is required by privacy laws. There
Section 7
is mounting evidence that when organizations apply a privacy lens to consumer experience and marketing programs, they gain a competitive advantage: view privacy as a clear differentiator for their organization. Privacy management impacts consumer engagement, brand reputation, and, ultimately, revenues as value-based consumers increasingly interact with companies they deem ethical. Addressing privacy transparently and as a publicly explicit element of your brand can help build trust with consumers, making them more willing to share accurate and complete data with your organization. As a result, you can deliver more personalized experiences that give more value to your consumers, which in turn can build a stronger and more valuable relationship. considering purpose-built software allow us to demonstrate compliance and build trust with
Section 8
our consumers? Is our consent experience ‘on brand’ with the rest of our website experience? Can consumers withdraw their consent at any time and have their personal data protected? Gain a comprehensive understanding of your website’s tracking behavior. Build and implement procedures for consumers interested in exercising their data subject rights. Remember the balance between personalization and privacy is delicate: If a consumer feels a personalized experience is intrusive or annoying, you risk damaging the relationship your organization has so carefully built up using data insights from browser cookies and other consumer profiling tools. Best practices for informed cookies consent It’s safe to assume most companies are competent at what they do and their various stakeholders hold them to standards
Section 9
of integrity. And brand character is what happens when no one is looking. If your organization wants to do an excellent job of protecting your consumers while strengthening your brand’s reputation, we recommend applying principles of consent in every interaction: – Give them granular control of their consent preferences and data, beyond just a choice of reject all or accept all; and allow them to easily update/change their consent preferences at any time. Giving consumers control offers proof of your competence to manage informed consent. – Explain cookie options in easy to understand language so consumers can make informed choices about their consent preferences and data. You can also build trust in your brand by clearly explaining the benefits of
Section 10
a more personalized consumer experience. A seamless consent experience can help establish trust in your brand from the first touch point. And a consistent digital experience that aligns with your brand at every touch point from then on will build on that trust. “Consent experiences that strike a balance between usability and compliance will stand out. There is absolutely a way to meet privacy and business needs.” Manage compliance with ease