3 Best Practices to Keep Growing Despite Stricter Privacy Law

Listen to This Article

In response to European privacy legislation, companies mostly put their time and effort into becoming ‘privacy-compliant’. While important, compliance alone isn’t enough. If you want to continue to grow despite stricter legislation, then that requires a thoughtful approach in which you continuously prioritize user interests.

Julien Fievez

In 2023, Cisco surveyed what consumers consider most important in their assessment of how a company or organization handles their privacy. “Clear and transparent communication about data processing” is cited most often (39%) as the most important element. By contrast, whether a company is “legally compliant with privacy laws” is considered most important by only 20%.

“Consumers consider legal compliance to be a ‘given’, with transparency as more of a differentiator,” the researchers conclude based on their findings. 

So, according to the survey, while actual compliance with privacy laws is precisely what companies most often consider most important, compliance is not what makes a company stand out. What differentiates companies is transparency. In other words, your modus operandi when it comes to your customers’ privacy.

If this isn’t top of mind at your organization, it can have serious consequences. 

  • In the short term, this decreases customer satisfaction and makes acquisition more and more difficult. 
  • In the long term, this will keep you far behind your competitors. 

How do you ensure that you interpret new online privacy regulations in a way that aligns with your customers’ perceptions?

‘Compliance’ alone is not enough

Every time new legislation around online privacy and data processing is introduced, it raises numerous questions – especially for companies that rely heavily on their online marketing. For example: will we soon be able to reach our target audiences with our digital ads? How can we continue to track visitor behavior on our website or in our apps? 

Often, solutions designed to solve such questions are parked with the legal department, waiting for an ‘agreement’. 

Companies want to be compliant with new legislation, but at the same time tend to keep doing what they’ve been doing for years. In response, new legislation becomes even stricter. 

For example, for many companies, the Digital Markets Act (DMA) is yet another piece of legislation that comes on top of GDPR, and the DMA’s successor is also likely to impose additional restrictions. Being purely and simply concerned with being compliant is therefore not an optimally effective approach, as this approach is  more reactive rather than proactive. While this may prevent fines, it does not constitute your route to long-term success.

Recommended Readings: 

A more holistic route to growth and success

Companies should focus much more on the gést of the law rather than the lètter of the law in their quest for compliance. In doing so, you turn reactive policies into proactive ones. 

Legislation like the DMA has an underlying rationale that is perfectly understandable to those who are genuinely interested in it. Such legislation aims at a fair, transparent playing field, where consumers can make an informed choice between services and products, without being pushed in one direction unnoticed.

You can choose to fight this as a company. You then do the bare minimum to become compliant, for example by making users accept mainly as much tracking as possible, tracking without active acceptance and continuing to lean on third-party data. In short: you try to maintain the old way of marketing online.

On the other hand, things can be done differently. By embracing all the news that comes your way and trying to make it work to your advantage. In doing so, you come to realize that the playing field is changing not only for you, but also for your competitors and your customers. The cards are being reshuffled and that presents opportunities. 

The question is, how do you make sure you hold the best cards?

Best practice 1 – Follow Google’s innovations

The whole world uses Google for online advertising, targeting and marketing. With innovations like the Privacy Sandbox and Consent Mode, Google offers appropriate answers to current issues around online privacy legislation. In fact, Google always manages to be one step ahead of that legislation. Follow those innovations closely, opting for the more advanced options.

Consent Mode is a good example. Many companies currently use the simple version (Basic Consent Mode), while the extended version (Advanced Consent Mode) offers you much more possibilities in the longer term. Advanced Consent Mode collects more data and gives you more options to respond to consumer behavior within your target group. Give yourself that edge over your competitors now and tackle it thoroughly, rather than doing the bare minimum.

Best practice 2 – Approach privacy and ‘compliance’ as daily business

Implementing privacy legislation is not a project. It’s daily business. By approaching it that way, you avoid setting something up once and then never looking at it again. The most effective way to really embed a healthy approach to privacy legislation in your daily business is to appoint one or more privacy champions in your organization.

This is not a privacy officer, who falls within the legal department and handles all complaints and incidents. Your privacy champion is an employee who ensures that your organization shows the intrinsic will to take privacy and careful data handling seriously. He or she is a fan of privacy and wants to do better than the competition in that area, so that even when it comes to privacy, you are truly customer-centric.

Best practice 3 – Customer interest top priority

Your customer is what matters and what new legislation is developed for. Consumers want you to communicate transparently about their privacy and thus take the issue seriously. They expect you to operate according to practices that are sincerely in line with the thinking behind the legislation. 

Sincerity, transparency and forward-thinking are core values that make customers appreciate dealing with your company and want to stay with you.

Therefore, ensure you’re putting your customer interests around personal data and privacy in every product, service and touchpoint or customer journey you develop. Don’t think about what you can do despite all the legislation, but instead look at how you can design customer journeys in the best possible way with the spirit of the law and the interests of your customers as starting points.


Once you get those priorities right, you actually have the roadmap to future growth in your hands. You are then no longer concerned with becoming compliant, but with becoming a respectable, valued company. In the long run, that approach leads to the greatest success.

Listen to This Article


Originally published in Dutch on Emerce

Read Next

Find out how we can help you

With offices around the world, we can build a team perfect for your needs.

Keep up to date with our monthly insight digest