Home Resources The Privacy Series: Pixels perpetuating privacy concerns The Privacy Series: Pixels perpetuating privacy concerns To help marketers prepare for the impact that the privacy reforms will have on the industry and our practices, we have created The Privacy Series. Each month we will deep dive into one of the key components set to reshape the Privacy Act to understand what they mean for marketers and their businesses. Pixels perpetuating privacy concerns The latest digital marketing mechanism to come under fire since cookie deprecation has stopped making headlines is the pixel. Also well known as a tracking pixel, to date these have been a powerful tool in the digital marketer’s playbook. Their ability to track user behaviour, optimise campaigns and increase ROI is the type of daily activity marketers have become accustomed too. However, growing privacy concerns and the linkages tracking pixels have with third-party platforms have led to their recent scrutiny, and rightfully so amidst privacy reform in Australia. In this next edition of the Privacy series, we will unpack what a tracking pixel is, how compliance in pixel deployment is now being aggressively policed, and what implications that has for marketers. What are pixels? As a starting point, a pixel can be best understood as being cookie adjacent. Both are digital marketing tools used for website tracking, however they operate in different ways. A pixel is an invisible image that is embedded within a webpage, email or digital advertisement. Whenever these mediums are loaded, the pixel then sends data back to the server that it is connected to. The data that the pixel captures relates to tracking user actions. This includes actions like page views, conversions, button clicks, form submissions, video views, even scroll-depth – just to name a few. Tracking is the primary purpose of a pixel, in comparison to a cookie which is more concerned with storing data on a user’s device. The issue with pixels, as it is with cookies, is that the data captured can include personal information like IP addresses, browsing history, and even form inputs such as name, address, date of birth, email address and phone number, which all raise significant privacy concerns. This is particularly relevant as the server the pixel is connected to and therefore transmits the data to, is a third-party platform. As with all digital marketing tracking tools, organisations are responsible for ensuring that their use of pixels complies with the Privacy Act (1988) and the 13 Australian Privacy Principles (APPs) governing the rights and obligations around the collection, use and disclosure of personal information. Source: https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/organisations/tracking-pixels-and-privacy-obligations The Kind enforcer The first tranche of privacy reform granted stronger enforcement powers to the Office of the Australian Information Commissioner (OAIC). In short, the new tiered penalty structure is designed to capture a broader range of contraventions of the Privacy Act. This is a significant shift away from the existing practice of only penalising practices that constitute a ’serious’ or ‘repeated’ interference with the privacy of individuals. That means the OAIC now has the power to issue substantial fines for infringements and administrative breaches, ranging from $66,000 up to $330,000, and Australia's Privacy Commissioner, Carly Kind, aims to take a more enforced approach with aggressive policing. She expects to use infringement notices in a similar way as both the ACMA and the ACCC. Ahead of an enforcement crackdown, this month the OAIC published new advice on pixels and personal information. The guidance states that organisations seeking to deploy third-party tracking pixels on their website must ensure these are configured and used in a way that is compliant with the Privacy Act. The Privacy Act does not strictly prohibit the use of third-party tracking pixels. However, ensuring they are used in a way that is compliant with the APPs is essential. As part of the crackdown, the OAIC will be paying close attention to ensure businesses utilising pixel tracking are compliant with a handful of particular APPs. The first being APP 3 – collection – whereby data collection must be determined as reasonably necessary, and sensitive information will require explicit consent. The second is APP 6 – use and disclosure – which is concerned that personal information collected via pixels can only be used or disclosed for the original purpose, or a related secondary purpose with consent, or if reasonably expected by the individual. The third is APP 7 – direct marketing – which determines that specific requirements apply to using personal information gathered through tracking pixels for targeted advertising, and that opt-out mechanisms must be provided. And finally, APPs 1 and 5 – transparency – organisations must have clear and up-to-date privacy policies and provide notices informing individuals about the use of tracking pixels and their data. The OAIC Determination in a recent leading homeware supplies retailer matter suggests that the Privacy Commissioner takes a very robust view of APP 1. Businesses lacking any of these provisions will be in breach of the Act and at risk of penalties for non-compliance. The OAIC strongly encourages organisations to err on the side of caution and comply with the Privacy Act when using tracking pixels. The impact for marketers As pixels have been used to date to by marketers for purposes such as remarketing, audience targeting, campaign optimisation, conversion tracking and ROI, what are the implications of the OAIC’s crackdown on their use? To put it simply, marketers will need to ensure stringent compliance if they continue to deploy tracking pixels, or risk being issued an eye-watering fine for a breach. To avoid a breach and in pursuit of best practice, marketers should complete rigorous due diligence and thoroughly assess the functionality and privacy risks of third-party tracking pixels before deployment. This includes reviewing the provider terms and conditions and ensuring ongoing compliance with regular reviews, moving away from a "set and forget" approach. As part of the due diligence process, marketers should seek data minimisation strategies. Firstly, take the opportunity to shed any unnecessary data you have stored, then configure pixels to collect and share the minimum amount of data necessary. One way of doing this is to consider limiting pixel deployment to specific webpages. Additionally, as sensitive information requires express consent, avoid collecting it through pixels with appropriate configuration. Otherwise, be sure you have auditable record of where express consent to do so was obtained. This leads to the importance of transparency and control. Businesses must provide clear and accessible information about the use of tracking pixels, the types of data collected, and the purposes for which it is used. They must also grant the customer/user greater control and offer simple opt-out mechanisms for direct marketing. Of course, if you are integrating privacy considerations from the outset and potentially conducting Privacy Impact Assessments (PIAs) to identify and mitigate potential harms in a privacy by design approach, you’ll put yourself in the best position possible to avoid any unintended breaches. At the very least, businesses should absolutely take this as fair warning to continue preparing for the full privacy reform. This is not the time to take your foot off the gas and become complacent. If breaches are occurring under the existing Privacy Act, then the amended bill in its entirety will most certainly result in non-compliance unless you get your house in order. FIND OUT FIRST, STAY CONNECTED Sign up to receive ADMA newsletters, updates, trends, special offers, events, critical issues and more Job role*Agency Account Manager/ExecutiveAgency Account/Strategy DirectorCDOCEO / Managing DirectorClient Service / Sales ManagerClient Service/Sales DirectorCMO / CCO / Marketing DirectorCreative Director / HeadData Analyst / Scientist / EngineerDesigner/Copywriter/Creative ManagerEarly Career Data Analyst / Scientist / EngineerHead of Analytics / Analytics LeaderHead of Category/Customer Experience/InsightsHead of Marketing/BrandHead of ProductHR/Learning and Development ManagersIT Director/ManagerLegal/RegulatoryMarketing ConsultantMarketing Executive / CoordinatorMarketing Freelancer / ContractorProduct / Brand / Digital / Communication ManagerSenior Data Analyst / Scientist / EngineerSenior Marketing/Brand ManagerOther You may unsubscribe at any time using the link provided in the communication. View our Privacy Policy. Filter Resources Filter Courses Capability Capability Campaign Integration Compliance Customer Experience Marketing Technology Insights Learnings Brand Development Content Format Content Format Information sheet Member-only Press-release Article Blog Case Study Data Event Infographic Media Coverage Research Tool-kit Video Webinar Whitepaper Topics Topics CMO Spotlight Global Forum Global Forum 2023 Resource Compliance Resources CEO Blog Compliance Regulatory Content Copywriting Creative Data Data-driven Marketing Digital Campaigns Leadership Social Media Thought Leadership Article 22nd May 2023 8 mins Google Chromes phasing out of third party cookies now has a starting date … and it maybe closer than you are ready for On Friday (Australian time), Google Chrome announced it’s plans to deprecate third-party cookies for one percent of Chrome users in QI of 2024. All data-driven marketers should use this new announcement from Google as the opportunity to either start your teams preparing for the new world and if you are already some ways along – this helps you cement your own timelines. Article 22nd May 2023 8 mins ADMA’s Privacy webinar reveals the good, the bad, and the surprising on Privacy Act changes ADMA recently hosted a webinar bringing together important stakeholders in the ongoing Privacy Review to help get marketers up to speed with what is happening in this vital area. If you missed it, don’t worry we have you covered with the key takeouts below Article 17th May 2023 10 mins How do you create a great customer experience? Customer experience programs take time and careful planning to develop. But arming yourself with the right knowledge, skills, and tools will give you the confidence to create consistent and differentiated experiences that can shift the needle and help your organisation thrive. Article 17th May 2023 9 mins Getting your Martech right is a business imperative With over 10,000 Martech tools and platforms on offer, how do you know what’s right for you? It all starts with a clear framework. In an environment that’s constantly changing, marketers need to think about how they can set the organisation up to cope with the ongoing change. Webinar 17th May 2023 6 mins Best Practice in Customer Experience Webinar Modern marketers are now looking to move beyond multi-channel marketing into a truly omnichannel experience across all customers. To be successful you need to equip yourself with the knowledge and skills to develop and lead CX programs across your business. Register now. 11th May 2023 Privacy Act Review - Summary and PET Download Thank you for attending the Privacy Act Review - Where it is At and Why it Matters to Marketers webinar. Below are the resources from the webinar. Load More
Article 22nd May 2023 8 mins Google Chromes phasing out of third party cookies now has a starting date … and it maybe closer than you are ready for On Friday (Australian time), Google Chrome announced it’s plans to deprecate third-party cookies for one percent of Chrome users in QI of 2024. All data-driven marketers should use this new announcement from Google as the opportunity to either start your teams preparing for the new world and if you are already some ways along – this helps you cement your own timelines.
Article 22nd May 2023 8 mins ADMA’s Privacy webinar reveals the good, the bad, and the surprising on Privacy Act changes ADMA recently hosted a webinar bringing together important stakeholders in the ongoing Privacy Review to help get marketers up to speed with what is happening in this vital area. If you missed it, don’t worry we have you covered with the key takeouts below
Article 17th May 2023 10 mins How do you create a great customer experience? Customer experience programs take time and careful planning to develop. But arming yourself with the right knowledge, skills, and tools will give you the confidence to create consistent and differentiated experiences that can shift the needle and help your organisation thrive.
Article 17th May 2023 9 mins Getting your Martech right is a business imperative With over 10,000 Martech tools and platforms on offer, how do you know what’s right for you? It all starts with a clear framework. In an environment that’s constantly changing, marketers need to think about how they can set the organisation up to cope with the ongoing change.
Webinar 17th May 2023 6 mins Best Practice in Customer Experience Webinar Modern marketers are now looking to move beyond multi-channel marketing into a truly omnichannel experience across all customers. To be successful you need to equip yourself with the knowledge and skills to develop and lead CX programs across your business. Register now.
11th May 2023 Privacy Act Review - Summary and PET Download Thank you for attending the Privacy Act Review - Where it is At and Why it Matters to Marketers webinar. Below are the resources from the webinar.