Over the last few years there has been plenty of chatter about the new Safeguards law that went into effect earlier this year. As has been widely reported, the law requires auto dealerships to obtain clear and informed consent from website visitors before collecting and using their personal data, among many other components to the legislation and new requirements.
However, there are finer details of the new Safeguards law that many dealers still have yet to comply with. Worse, dealers are still unsure how to make the proper implementations on a variety of measures. A recent webinar poll showed that more than a third of dealers (34%) either need to upgrade their Safeguards compliance solutions or they still need to complete the website certification process. 1.
Furthermore, the poll also revealed that 33% of dealers either want to upgrade or are still unsure how to work with their web teams to properly and effectively post the required certification and make visible on their website that they have disabled third-party cookies1.
What are cookies?
In today’s digital age, websites have become a crucial component of every auto dealership business. These websites traditionally relied on various technologies to enhance the user experience and gather valuable data into the customer. One such technology is website cookies.
Website cookies are small pieces of data that are stored on a user's device when they visit a website. These cookies serve various functions, such as remembering user preferences, tracking user behavior, and collecting information for analytics. This is most often utilized through retargeting ads, where a consumer visits a VDP page of a particular vehicle. Ad retargeting allows dealers to target users who have previously interacted with their website, mobile app, or other digital properties. It works by using cookies or tracking pixels to follow users as they subsequently browse the internet, and then displaying specific ads to them based on their past actions or behaviors with the dealership. They can be categorized into first-party and third-party cookies, each serving different purposes.
Auto dealerships, like many other businesses, used cookies to improve their online presence and marketing efforts to better personalize the user experience through better targeted ads.
Show me don’t just tell me
Today, auto dealerships and their web teams must instead leverage the collection of first-party data from their customers. The key differences between first-party data and third-party data are related to ownership, source, quality, and intended use. First-party data is directly collected by a dealer from its own interactions with customers, is owned and controlled by the company, and is typically of higher quality for personalized marketing and customer understanding. Third-party data, on the other hand, was used to collect data from external sources, such as Facebook ads. It often had varying quality and is no longer allowed to protect consumer data from web tracking.
Dealerships must ensure the vendor supplying these cookies are part of their third-party assessment process. Dealers must also work with their third- party web site providers to ensure any cookies they are placing on the web site for tracking, or resale of information, are auditing these vendors to ensure they are safeguarding consumer privacy information. This certificate must be placed on the dealership’s website and ensure it is inclusive of ALL cookies.
Dealers must also designate individuals within the company who are trained in taking ownership of these new regulations and to ensure everyone is ready. Any educational curriculum must be designed so that each employee is trained in all facets of the new regulation with full comprehension of each component. These designated employees MUST be able to work with their web teams to upload and illustrate the proper certificate of compliance and have it openly visible to consumers as they enter the “digital showroom”, aka their website.
As it stands now, many dealers still have questions about how to work with their web teams to make this certificate visible on their website.
Dealers can’t take this portion of the Safeguards law lightly. Yes, there can be expensive fines involved. However, what’s truly at stake is their reputation and long-term trust with customers and consumer shoppers who today are extremely knowledgeable and now look for these types of certificates to reinforce their trust with a retailer, similar to a Good Housekeeping Seal of Approval. If one of the web site vendors’ cookie providers has a data breach, your dealership is responsible and subject to audits and fines per the Safeguards law.
About The Author:
Ken Hill is managing director for 700Credit, the automotive industry's leading provider of credit reports, compliance and soft pull products. For more information, please visit www.700credit.com.