EMAC’s Special Interest Group (SIG) on Digital Marketing is proud to announce the SIG’s second online seminar talk. We plan to have 4-6 online seminar talks per year from top marketing scholars, working in the area of Digital Marketing. If you want to keep up to date about the activities of the SIG on Digital Marketing, consider following us on LinkedIn: https://www.linkedin.com/groups/12538661/
The second speaker of our online seminar series is Puneet Manchanda (University of Michigan). The title and abstract are:
The Race for Data: Who Gained from Re-Permission Emails in GDPR Enforcement?
Puneet Manchanda, University of Michigan
(Joint work with Caterina D’Assergio, Elisa Montaguti and Sara Valentini)
Privacy regulation bills such as GDPR and CCPA require firms to explain to customers how their data are used. In fact, GDPR mandates that firms obtain explicit consent to gain access to consumers' data. As a result, since 2018, firms have undertaken a massive data re-permission campaign targeted at their European customers. Interestingly, although GDPR explicitly regulates the usage and transmission of data and enforces higher security standards than before, it does not dictate the format of these consent (re-permission requests). By examining the content of 1506 re-permission emails, our work investigates how firms operating in Europe asked for data consent after the enforcement of GDPR. It also explores whether there are any systematic patterns in how firms designed their re-permission emails and which factors influenced the selection of alternative re-permission formats. Our analyses reveal that firms systematically used persuasive cues to gain data access. Additionally, the use of such cues is the outcome of a difficult tradeoff between the reputational damage derived from non-complying with the spirit of GDPR and the expected returns from data use. Via a field experiment, we then confirm that persuasive cues indeed lead to higher opt-in. Overall, our work shows that most companies acted in their self-interest and “gamed the system.”
This research has important implications for policy-makers, firm, and consumers. Policy-makers may realize that stronger oversight into the content of re-permission emails is needed. To that end, the efficient and scalable approach that we develop can be used by them to analyze and regulate re-permission e-mails easily. Firms can learn how to design their data requests to maximize the probability of gaining data access, while staying within privacy mandates. Finally, our results suggest that consumers might want to be more cautious when evaluating re-permission requests.
Date: Thursday November 11, 15.00-16.00 (CET) / 09:00-10:00 (ET)
Evert de Haan and Lara Lobschat
Special Interest Group Digital Marketing - EMAC