Get a Demo

How to build a mobile-first privacy consent management experience that actually works at scale

Oct 17, 2018 1:13:51 PM

Grab-blog1-header

The user experience is the differentiator

For many B2C businesses, the biggest differentiator is not just their quality product or service, but their ability to create an effortless user experience. For example, when considering delivery dinner options, which experience would you rather have?

  1. Dig up an outdated menu for a place you hope delivers to your house, wait for somebody to answer the phone, wait on hold, have trouble hearing the person taking the order, and then wait some more.
    or;
  2. Open a mobile app, customize your order, pay for it, leave a tip, and track your order's progress in real time.

The answer is clear. According to Apptopia UberEats had over 8.5 million active users in Q1 of 2017, up from just under 250,000 of Q1 the previous year.

Consumers today value experiences, and disruptive mobile apps are delivering faster, effortless, and more reliable experiences than their entrenched industry counterparts. It’s leading to massive growth in this on-demand economy -- with massive investments and IPOs coming to companies from Uber to Airbnb to Southeast Asia’s dominant ride-hailing service, Grab.

MORE: Grab aims to set a new global benchmark for privacy and consent

With new customer experiences comes new privacy risks

Increasingly rich data is what enables these companies to succeed. As these robust customer experiences continue to grow, however, their vulnerability to risk also increases. Consumers are also becoming more and more aware of their privacy rights as the privacy landscape evolves.

If you’ve clicked on this post, you probably know about the renewed global focus on individual privacy rights. Legislation and initiatives like the EU’s General Data Protection Regulation (GDPR), California’s Consumer Privacy Act in the United States, and the APEC Privacy Framework in the Asia Pacific Economic Cooperation region have all clearly signaled that the legal landscape is in flux across the globe. The penalties of a violation are steep: the GDPR, for example, can levy fines of up to 4% of annual revenue.

But the risks for innovative, known brands that reach consumers at massive scale are far greater. These brands face a higher risk of inquiry from regulators, and massive reputational damages if the inquiry goes south. Regulators are looking to make examples of tech-first, well-known names with this new legislation -- and Facebook, Google+, and others are great recent examples of how damaging a privacy faux pas can be to a big organization.

How to create the perfect in-app privacy data center

In this constantly evolving privacy landscape, how do you protect your business and create a repeatable, scalable consent experience? Simple: Create an in-app data privacy center and consent management experience that's flexible to change and as effortless for users as the rest of your mobile app.

Consumers value quality experiences and transparent control over their personal data. To satisfy them, mobile-first companies need to build an in-app privacy data center that fits with the rest of their in-app experience.

Here's how you create an in-app privacy data center:

  1. Start by identifying the collection points that make sense.
  2. Present initial consents in a way that informs the user in simple terms on how their data is being used and give them the ability to opt-in or opt-out.
  3. Be clear, concise, and articulate a real reason why your possession of that data will benefit them. (Clickwrap agreements are a great option for initial consents.)

When evaluating a consent management tool, the UI elements that a given platform provides for you to integrate into your app don’t matter much. Like any good enterprise, you will want to style your in-app privacy data center to match your brand. Pre-built plug-ins break at scale, and our research shows that 85% of enterprise companies given the option to use pre-constructed UI elements don’t end up using them. There's just not enough flexibility at this kind of scale.

It’s easy to get hung-up on flashy elements in software demos, but you’ll need to invest enough time to quickly build your own consent interface for your data privacy center. This is especially true for mobile apps. Pre-built plug-ins rarely play nicely with iOS. You’ll find much more benefit in your consent provider’s roadmap on how to build and customize that experience, as well as hands-on consulting and support, than you will find in any sort of pre-constructed user interface. This bit of extra front-end work early on will benefit your team with scalability, stability, and a better experience in the long term.

5 Questions to ask your potential consent management provider

Good in-app data privacy centers and consent management solutions shine in three areas not readily apparent in early evaluations: back-end integrations, record-keeping, and API scalability. Here are 5 questions to ask your potential consent management provider:

  1. How many transactions do you power daily?
  2. What are your throughput and uptime rates?
  3. How is your solution built for failovers?
  4. How do you ensure our conversions are never held up in the event of an outage?
  5. Do you ensure a PDF record is created for every single consent action?

Finally, spend time roadmapping and whiteboarding how your in-app data privacy center will talk to other relevant business systems. After all, revoking consent to track your location doesn’t matter much if you still continue to track location afterward.

There's so much more to consent management than a user interface. Growing B2C businesses need a data privacy center and consent management provider that scales with their exponential growth, gives customers control over their own data, and is as effortless to use as the rest of the app. 

Talk to us about our flexible API

Kyle Robbins

Written by Kyle Robbins

Lists by Topic

see all

Posts by Topic

see all

Recent Posts