How CMOs Can Respond to Shifting Privacy Regulations


With states passing their own privacy legislation and companies being fined for alleged violations of existing laws, the privacy landscape has shifted under marketers’ feet. This means that the role of the Chief Marketing Officer (CMO) is changing as well, though no one expects CMOs to take over the legal department or become chief privacy officers.

Nonetheless, the new privacy landscape is changing the mechanisms behind targeted advertising, and companies are still trying to figure out the best approach to privacy overall – including whether to take a jurisdiction-specific approach or go with a one-size-fits-all solution that might leave some revenue on the table.

Understanding these new privacy restrictions and regulations are critical for any marketing professional – read on to learn more.

The states are passing their own laws
A number of US states have set their own regulations surrounding consumer privacy in recent months. California was the first state to do so with the California Consumer Privacy Act (CCPA), which went into effect on January 1st, 2020. Since then, Virginia, Maine, Nevada, and Illinois have all passed their own versions of consumer privacy legislation. Considering that nearly 40% of the US population now lives in states with these types of regulations in place, it’s clear that this trend is here to stay.

What does this mean for CMOs? As these laws continue to be passed and implemented, it’s becoming more and more difficult (and expensive) to comply with all of them. That’s why it’s important for CMOs to understand not only what these laws entail but also how they can work with other departments within their company – like Legal and IT – to ensure compliance.
In addition, these state laws are likely just the tip of the iceberg.

Companies are being fined for alleged CCPA violations – Sephora was just hit with a $1.2M fine
One example of how complicated complying with consumer privacy regulations can be came earlier this year when Sephora was hit with a $1.2 million fine by Californian prosecutors for allegedly violating the CCPA. Specifically, prosecutors alleged that Sephora failed to provide customers with an easy way to opt out of having their personal information sold and didn’t properly secure data collected from children under 13 years old.

While Sephora denies any wrongdoing, this incident serves as a reminder that companies need to take consumer privacy seriously – failure to do so can result in hefty fines. In fact, since the CCPA went into effect on January 1st, there have been several lawsuits filed alleging violations of the law. None of these cases have gone to trial yet, but they serve as a reminder that companies need to tread carefully when it comes to consumer data collection and use.

It’s important to note that whileSephora was fined under California law, similar incidents could occur in any state with consumer privacy regulations in place – meaning that CMOs need to be aware of these laws regardless of where their company is headquartered or does business.

As privacy restrictions gain traction across the United States, it’s clear that the role of the CMO is changing. While CMOs aren’t expected to become experts in legal regulation overnight, they do need to have a basic understanding of how these new laws are impacting targeted advertising and data collection practices.

In addition they need to be aware of how these laws vary from state to state and work closely with other departments within their company to ensure compliance. Failure to do so could result in hefty fines – as we’ve seen happen already this year. Understanding-privacy restrictions and regulations is critical for any marketing professional today.

What's your opinion?