Data is boring right? All those emails, customer records, the endless admin updating addresses, changing occupations and other details. What a chore.
Well on the upside, there’s marketing gold in all that data, because the clues that identify people’s desired products and services lies within their shared data. But the rules surrounding consent have changed under GDPR, and there’s more regulation that brokers and insurers need to think about on the horizon.
IE Editor Alastair Walker looks ahead.
Let’s start with the E-Privacy (ePR) regulations which are due to come into effect later in 2020, assuming the EU can agree on how to make the ePR rules work with AI and future automated tech systems in the future. For example, how would a consumer know if an autonomous car, or a home listening device, was sharing the occupants phone data; browsing history, conversations, downloads of music, web pages etc. unless the exact details of who sees the data, and why, are detailed on entry to the data harvesting space?
Our prediction for an ePR go live date is late summer 2020, but let’s wait and see.
One little change worth noting first is that anyone running a website must consider that obtaining cookie consent has to be much clearer from 2020 onwards, and your company may be required to demonstrate how consent was granted. It won’t be enough to put a strapline saying this site uses cookies, and by browsing it, you give consent – box clicking will be mandatory.
Whether we leave the EU regulatory orbit or not, it would seem likely that the UK will rubber stamp that strengthening of cookie consent, so you may as well take it as read if refreshing your website this year.
Now, onto ePR, which covers all electronic comms between consumer and company; text, emails, message apps, websites, phone calls, Alexa chats – even faxes! Yes, for those still using old school loo roll fax paper, these new rules apply. In a nutshell ePR regs mean that the end user, Joe Public, has ultimate control, and consent, over the use of their data. Texts, emails, messages on social media, plus forms online, app data etc – all covered.
The tricky bit for insurers is that ePR rules don’t allow third party companies to automatically grab that customer data, or interfere with it in any way. So if you have a breakdown, repair, loss adjustment or legal partner, you may have to consider ways to frame the third party authorisation of data use in say a case where a customer suffered a breakdown and wanted the FNOL company to have access to their records, plus a garage authorised to do repairs perhaps.
Whether gaining consent for that sharing at the point of policy inception will hold up to scrutiny by the ICO or other regulators, is a moot point. It will depend on careful wording. It is well worth spending time researching best practice when it comes to this issue of sharing data with third parties because just as with GDPR, your company can be fined 4 percent of its global annual turnover for breaches.
Will The EU Take Action? You Bet
If you look at the recent action against Booking.comyou can see that the EU will take action against companies that use data from browsers to manipulate, or game, their offers.
Things like applying time pressure – `only 3 rooms left’ – for example, or hiding sponsorship information when it comes to ranking hotels or deals, are practices which the EU takes a dim view of, so they have to stop on all travel websites. Booking.com is just the test case if you like.
This has a direct correlation with insurance comparison websites of course, so everyone needs to think about how the goldmine of data personalisation – delivering bespoke offers for loyal consumers – balances with rules on privacy and gaming the offers displayed online, given a user’s search history. It won’t be a valid defence for insurance comparison sites to put their sponsored, or favoured, partner insurer’s deals at the top of the page anymore – at least not withot identifying such offers as being clearly sponsored content.
This trend towards tougher regulation on data isn’t just an EU thing. As the US state of California also aims to introduce stricter data privacy rules in 2020, this will a tough year for everyine selling insurance online because everything will need to be compliant, and where Clifornia goes, other States may well follow.
The US is a highly competitive market but the way ahead, in both the EU and USA, is likely to be based on a relationship of consent, genuine privacy and trust. Those consumers who feel that they can truly trust insurers and brokers with their valuable data will be in the driving seat from now on, so insurance companies need to be aware that the balance of power has shifted.
Be the first to comment