The May issue of Admap puts the spotlight on data ethics. Taking inspiration from the EU’s General Data Protection Regulations (GDPR), the California Consumer Privacy Act (CCPA) comes into effect in January 2020. Like the GDPR, the CCPA will have a far-reaching impact on the marketing industry, with other U.S. states drafting similar data privacy legislations. Rachel Glasser, Chief Privacy Officer, Wunderman Thompson, argues the industry needs a commitment to education if it wants useful legislation and a workable and meaningful code of ethics on responsible data uses.

These days, the buzz in privacy circles focuses around the California Consumer Protection Act (CCPA) and what it means to have adequate data protection. Various data protection bills recently introduced in the United States have sparked additional debate around a call for a set of guidelines for data ethics and responsible uses of data—but they’ve largely ignored the central role data plays in an open and free Internet.

It is therefore imperative that we work toward this one fundamental principle: data privacy and data ethics as core values. This will help us maintain an open internet that will foster innovation, growth and customer protection. Yet, how do we come to a middle ground without sacrificing the open internet and curtailing business, all the while continuing to respect and protect customer privacy?


Data protection and data ethics go hand in hand. The former typically centers around the legal limits and best practices for collection of data, and the disclosures made to consumers when the data is collected. The latter centers around whether it is right to use that data in a particular way for a particular purpose.

The biggest challenge in creating a code of ethics for the treatment of consumer data is that what is ethical is a subjective concept that may be governed by many factors, including cultural and social norms. While there are already some very clear lines in the sand—discriminating against individuals for employment eligibility, for example, or creating profiles about children—others are not so clear. When we find ourselves confronted with an idea that is new and innovative, we must push the limits to encourage new behaviors and advance technologically. But how do we know if we are pushing too far? How do we keep up with evolving and changing behaviors and the evolution of acceptable use?

Education is necessary

Proposals are poorly conceived at best and do little to protect consumer data. The trend toward tighter regulation and ethical uses of data is something everyone involved in advertising, technology and marketing data should embrace. Our role is not to panic and say no, but to make the real issues clear and ensure that the baby isn’t thrown out with the bathwater.

We must make it clear that data-driven advertising has largely given us a free and open internet. That’s undeniably a good thing. A free and open internet has greatly reduced barriers to education, information, and financing. Shutting off access would likely hit the most vulnerable hardest, closing off opportunities and bringing progress to a standstill. Besides, we all like free content and frictionless access to that content. Most of us agree in principle that an ad-supported internet is a proven way to ensure that.

We also must do a better job of being more conscious of using data ethically and in ways that won’t make consumers uncomfortable or feel uneasy. We must reinforce existing best practices and expand on that by coming to consensus on inherently unethical uses of data, particularly in the context of marketing and advertising. As an industry, we should get used to asking ourselves, just because we can, does it mean we should?

Let’s be honest. The growth and sophistication of the data industry has far outstripped public understanding and awareness of it. Quiz ten of your close friends outside the industry, and none of them could meaningfully define first- or third-party data—nor have any idea what an ad exchange is and how it works. The industry needs a commitment to education if it wants useful legislation and a workable and meaningful code of ethics on responsible data uses. Otherwise, the field is open for uninformed proposals that don’t help consumers or industry.

The benefits are contagious

Businesses that embrace responsible uses of data both from a privacy perspective and a data ethics perspective will benefit. Brand reputation and customer trust tend to follow when it comes to responsible and ethical uses of data. If you build these tenants and core values into your culture, it becomes a way of doing business, and the customer is always top of mind. Customers appreciate and recognize this. Demonstrating this type of commitment to customers, builds long-term relationships. These businesses can also serve as an example for others to follow and engage in better practices.

Regulation is nothing without enforcement

Why do we have so many robocalls in spite of clear rules against them? Enforcement. The FTC recently revealed that since 2015 it has fined robocallers $208 million, but has only collected $6,790 of those fines. That’s a rate of .003 percent. If we create regulations but do not enforce them, the bad data players will continue doing as they have done—and the entire industry will suffer. To create a level playing field open for the kinds of innovation that will make customers truly safe, we have to make sure everyone plays by the rules.

On a final note, it’s paramount that the data ethics debate center on what the industry should do versus what it could do in order to earn customer trust. To ensure an open and thriving internet and guard against unintended consequences, everyone—industry, government, and customers alike—will need to take part in the discussion. As with any new thing, we need to be ready to make changes, identify and fix what’s not working, and work toward solutions that will keep the internet free and open for all.