The California Attorney General Just Published CCPA Rules, And They’re Clear As Mud

Privacy wonks have been awaiting Attorney General (AG) Becerra’s draft regulations for the California Consumer Privacy (CCPA) Act to provide guidance on the law. On October 11, our patience was rewarded with 24 pages of rules that often confuse more than clarify. For example:

  • While the CCPA states that covered firms must provide a one-click link for individuals to opt out of data selling/sharing, the AG’s rules say that “a browser plugin or privacy setting” can “communicate [a user’s] choice to opt out.” That sounds suspiciously like the universally ignored “do not track” setting in a browser.
  • The regulations tell us that a consumer’s data deletion request can be completed by . . . de-identifying the personal information. Huh? No standard accepted method for “de-identification” exists, since personal information (PI) under the CCPA includes everything from location history to device IDs and biometrics.
  • The AG’s rules have created more risk for vendors (AKA “service providers“). It says that they “shall not use [PI] received either from a person or entity it services [ . . . ] for the purpose of providing services to another person or entity.” Goodbye, cookie pools and third-party audiences.

We will be compiling and submitting our comments to the AG’s office by November 15, and we encourage you to do the same. If you’d like to send us your thoughts, please email Fatemeh Khatibloo by November 1.

The Cloud Has Assassinated Big Data

If you watch enough National Geographic or the nature channel, you are bound to come across an odd insect called the assassin bug. This critter has a long, needle-sharp proboscis, which it uses to sneak up on prey, inject them with poison, then suck its victims dry. In 2019, this is exactly what the cloud did to big data. We warned clients about this in our 2017 report, “The Cloudy Future Of Hadoop.” We challenged the then-dominate big data vendors to stop fighting each other and come up with a unified response to public cloud providers, and cloud-native startups, that were sucking the life out of the then-Hadoop-centric big data market. That didn’t happen. Flash-forward to 2019, and firms’ interest in the term big data and plans to invest in the technology have taken a nosedive — bad news for Cloudera and MapR. Contrast this to the term cloud, which has remained a topic of high interest for a decade or more. Interestingly, data strategy initiatives are still top of transformation agendas, but many clients recognize that the problem is not the technology. While technologies for dealing with large, fast, and expanding data sets are important, firms have been investing for years and many haven’t made the progress they expected. This is forcing firms to finally confront the big, nasty issues of data organization, culture, and talent. In other words, data problems have become people problems. Firms that fund their technology management organizations to lead data strategy efforts are going to miss the boat when CIOs can’t change culture, reorganize processes around data, or upskill talent beyond IT.

Help Ensure That “Customer Health” Is Part Of Your Innovation Prioritization

As noted in James Staten’s report earlier this year, some of the most advanced innovators in the market are ensuring that customer health is one of their objectives — even if their company isn’t healthcare-focused. This is important, because when customers see that using your services and capabilities gives them a better life and/or shields them from health risks, it drives up their engagement with you. To help you understand what health needs you should prioritize, consider reaching out to Welltok, a popular innovation engagement partner with a rich database of consumer health priorities. The value of its data and enterprise empowerment has led to the company winning three straight Forbes Cloud 100 prizes. Welltok’s award-winning consumer activation platform is powered by a consumer database featuring social determinants of health, advanced analytics (machine learning/AI), and multichannel communications.

A Disruptor Asks: What If Men Got Periods?

Aligning products, messaging, and other experiences along gender lines has been a common practice for many brands. Some, like Dr Pepper TEN, doubled down with hard-line messaging, suggesting that the brand was “not for women.” But such exclusionary targeting does not always support a broader business strategy, and marketers find themselves having to “ungender” their positioning. This is when they run into what Harvard’s Jill Avery calls “gender contamination” — the idea that men are loathe to accept brands “tainted” by women. (The idea of contamination comes from an age-old — and still-prevailing custom in some parts of the world — to isolate a menstruating woman during her period because she is considered unclean.) This last decade has witnessed a rapid shift in gender perceptions, which has dramatically altered thinking around gender in marketing. This week, brand Thinx turns “contamination” on its head and debuts a campaign that imagines a world where men get periods. This is the future of marketing — a future of undoing atavistic instincts that have fallen by the cultural wayside and a future of staying relevant to a rapidly evolving idea of what gender means to consumers. Marketing leaders must evaluate their brands for changing cultural norms before consumers or competitors unfavorably reveal their stagnation.

Third-Party Risk — PayPal Is Fleeing Libra

When Facebook announced Libra, it seemed that it made no attempt to address the regulatory environment that it would be getting into with its new cryptocurrency. Facebook’s partners, however, know the banking regulatory environment. With no new regulation around cryptocurrency, the federal agencies that regulate banking are left to apply current federal law to the new digital environment. Banks see entering markets that have uncertain regulatory environments as a very risky proposition. Add to that the fact that the partner, Facebook, declared war on regulation, according to leaked audio tapes. Banks have cultivated strong working relationships with their regulators. A war over cryptocurrency isn’t worth it. And for Facebook, continuing to ignore regulation while challenging regulators will leave it out of the real money-making markets. And its partners? PayPal said no . . . will Visa and Mastercard be next?