In a world increasingly—and rightfully—concerned with data privacy, we’re entering a new age in marketing dynamics. Welcome to the new era of permission-based marketing.
A term coined by marketing expert, author, and speaker Seth Godin, permission-based marketing requires an industry shift from interruption and presumption to mutual respect and consent.
It’s becoming increasingly the case that businesses must earn the right to be heard by their audience, especially in light of Apple’s recent iOS 17 updates, prioritizing security and privacy. Apple has been leading consumer data privacy efforts since iOS 14.5, which began requiring apps to ask permission for data tracking.
However, this focus on data privacy isn’t confined to Apple’s ecosystem. It’s part of a larger, global conversation about personal data, privacy, and consumers' fundamental rights. In the U.S., states like Colorado, Virginia, and California are spearheading privacy laws that echo the consumer-centric principles of the EU’s General Data Protection Regulation (GDPR).
In light of these developments, businesses and marketers must adjust to this evolving landscape of permission-based marketing. Successful adaption is more than compliance—it’s championing consumers' rights, reinforcing trust, and building stronger, more authentic relationships with audiences.
It’s vital to view permission-based marketing in the context of a heightened global emphasis on data security and privacy. With this framework, we can understand the consumer need for this form of marketing, its intricacies, and its challenges. Then, we can create strategies to help businesses succeed in this new marketing age.
Beyond offering new features like mental health assessments and Facetime calling on Apple TV, the iOS17 update significantly bolsters user data privacy and security.
It offers consumers more control over their data sharing and makes it increasingly challenging for businesses to access user data without explicit permission. These changes demonstrate the need for companies to adopt a permission-based marketing approach.
Improved sharing permissions require apps to collect the minimum amount of data to function effectively with the following features:
Websites often track users across platforms using additional information in shared links. This update strips that extra information from URLs shared in Messages, Mail, and Safari Private Browsing, so websites can no longer track iOS users across the internet.
For businesses and marketers who use tracking within URLs for analytics, customer insights, and retargeting purposes, this update will limit their ability to gather such data. Instead, they’ll need to rely on explicit permissions and direct customer engagement to gain data-driven insights rather than passive tracking through links.
The iOS17 update allows users to keep their browsing separate for different topics such as work and personal, separating browsing history, cookies, extensions, tab groups, and favorites.
This feature limits websites' ability to compile detailed user profiles, as it compartmentalizes browsing data. For example, a user’s browsing habits won’t influence the ads or content they see while using their work profile, making targeted advertising more difficult.
Safari offers a private browsing feature, which—despite its name—still has issues with tracking. Enhanced private browsing updates make it significantly more challenging for businesses and markets to collect data about users’ online behavior due to the following features:
The updated security features of iOS17 embody a significant shift toward empowering individuals to control their data and highlight the need for a transition to permission-based marketing. According to McKinsey & Company, businesses that don’t adapt to this shift potentially risk a 10 to 20 percent expense increase in marketing and sales to generate the same returns.
Their research concluded that around 33 percent of Americans doubt companies responsibly use their data. This skepticism is fueled by a growing awareness among consumers who feel companies have been unduly profiting from their data without offering them any meaningful return.
The path forward for businesses is clear in light of more stringent data privacy measures and a societal shift towards a more privacy-conscious populace. We must embrace a strategic model that prioritizes consumer trust and autonomy.
Before implementing a new strategic framework for data collection and advertising, it’s important to understand the types of permission-based marketing and how they differ from interruptive marketing.
Interruptive marketing, as the name implies, interrupts consumers to get their attention. This traditional form of marketing often feels forced upon an audience—it’s not personalized—making it less effective and sometimes even detrimental to a brand’s image.
Consumers today are bombarded with unsolicited ads and promotions, leading many to employ ad blockers. According to Forbes, even when targeted, consumers become distrustful because it appears advertisers know too much about them, leading 32% of GenZs and 30% of Millennials to turn off mobile trackers. This negative reaction to interruptive marketing can lead to a significant loss of funds and return on investment (ROI) for campaigns.
Permission-based marketing focuses on gaining consumer consent before sending marketing messages. This approach builds trust and loyalty, translating to more qualified leads as customers who opt-in have already expressed interest in the brand or product.
In Permission Marketing: Turning Strangers into Friends and Friends into Customers, Seth Godin outlines two types of permission-based marketing: express permission and implied permission. We’ll add a third type for a complete perspective that can inform your permission-based marketing strategy—forced permission.
Consumers actively provide their contact information to receive marketing messages with express permission. For instance, they might sign up for a newsletter, a common practice in forming new business relationships.
This form of permission-based marketing capitalizes on an existing relationship with the consumer, such as a current customer or frequent website visitor.
This method involves coercing consumers to agree to share their data to access a product or service. There’s a growing trend where companies indirectly force users to agree to their terms, including sharing data, to be able to use their services.
For instance, Meta forced users to give permission for data use for targeted advertisements on Facebook and Instagram. If users declined to accept the updated terms of service, they could no longer use Facebook or Instagram. In this case, the Irish Data Protection Commission (DPC) determined Meta violated the GDPR and fined them over 430 million dollars in January 2023.
Forced permission marketing may provide companies with the data they desire, but the cost of potential fines, trust, and customer satisfaction outweighs the benefits. However, the other types of permission-based marketing can help companies build a stronger relationship with consumers.
Express permission acknowledges and respects consumers’ boundaries, guaranteeing they consent to data collection and receiving marketing messages. Implied permission assumes a customer has given permission for certain interactions but could lead to dissatisfaction or complaints if they don’t realize they’ve consented.
Express permission is the most valuable form of permission-based marketing, but obtaining explicit consent requires more effort upfront. Regardless, ensure that whatever data collection a customer agrees to is necessary to personalize their experience with your brand.
The result? A more engaged and responsive audience, potentially leading to higher conversion rates and enhanced customer loyalty.
In our research, we’ve found the Data Relationship Management (DRM) approach from McKinsey & Company offers a practical and effective framework. Businesses can use it to construct a strategy that fits their needs and capabilities.
We’ve slightly condensed and adapted McKinsey & Company’s approach with small businesses in mind:
Apple’s initiative for clearer language regarding data permissions could deter customers from automatically clicking “accept,” which has been the norm for so long. To succeed in the contemporary data terrain, companies must take greater accountability.
Customers who don’t understand why a business collects their data may be more likely to refuse sharing. In your data invitation, clearly state the benefits of data sharing to encourage customers to participate willingly.
Have internal conversations on existing security protocols; could they be stronger? Then, have external data conversations with your customers.
Transparently communicate existing data-protection measures to build trust and obtain consumer consent. Compile a detailed list of collected data and describe its usage—make this information available to customers. Offer them the ability to opt out of any future data collection or use and keep them informed of data privacy updates.
McKinsey & Company references an email campaign a company ran to promote its data security practices. The email directed readers to a landing page that allowed them to set their preferences, successfully building brand trust.
What does the consumer get out of signing away their data? While you tell customers the benefits of data sharing during your initial invitation, in this stage, you deliver by using the data you collect to enhance your value proposition.
People are likelier to share personal information if they perceive a clear, valuable return. For instance, an e-commerce store could develop a loyalty program where consenting to data collection nets personalized discounts or offers over time.
Or companies can analyze purchase history and browsing behavior to highlight items that align with the customer’s preferences and needs, creating a bespoke shopping experience.
The data value proposition should be more than just extracting customer data. Instead, use customer data to deliver real, meaningful value back to them, fostering a beneficial and satisfying relationship for both parties.
In developing your strategy, keep this advice from McKinsey & Company in mind:
As you implement your permission-based marketing strategy, consider these “current and future regulations” to stay ahead of the curve and develop trust with your customer base.
Customers are more likely to engage positively with a brand when they
Beyond transparency and respect, offering valuable and relevant content is crucial. Consumers today are inundated with marketing messages, making it all the more essential to stand out by providing clear and tangible benefits that align with their needs and expectations.
Demonstrate the value you bring to their lives by using the data they choose to share with you to enhance their experiences and meet their unique needs.
Businesses that succeed in the modern marketing landscape must prioritize the customer above all else. As you adapt and think ahead about how you’ll navigate new challenges posed by emerging data privacy regulations, keep these essential components in mind for your strategy:
At Brand3, we’re constantly thinking ahead about how the social climate and emerging technologies shape our marketing strategies. Doing so helps strengthen our unique approach grounded in clear branding and unified messaging principles.
By rethinking marketing, we help businesses move from noise often surrounding traditional marketing efforts to clarity. If your businesses could benefit from an informed marketing and branding strategy, schedule a call. We’re here to help you successfully navigate these evolving landscapes.