{"id":40053,"date":"2021-12-13T10:00:00","date_gmt":"2021-12-13T15:00:00","guid":{"rendered":"https:\/\/www.litmus.com\/?p=40053"},"modified":"2025-12-23T15:39:52","modified_gmt":"2025-12-23T20:39:52","slug":"privacy-proof-your-email-program","status":"publish","type":"post","link":"https:\/\/www.litmus.com\/blog\/privacy-proof-your-email-program","title":{"rendered":"6 Ways to Privacy-Proof Your Email Program"},"content":{"rendered":"\n\n\t
\n
\n \t
\n \t\t
\n \t\t\t
\n \t\t\t\t

Data privacy measures are increasing and each new regulation impacts how email marketers reach their audiences.<\/p>\n

In 2014, Canada’s Anti-Spam Law (CASL)<\/a> went into effect, with The European Union\u2019s privacy law\u2014General Data Protection Regulation (GDPR)<\/a>\u2014following in 2018. Then in 2020, it was the California Consumer Privacy Act (CCPA)<\/a> which strengthened measures in the U.S. and is likely to be a blueprint for other states to follow. 2021 was the year of Apple\u2019s Mail Privacy Protection (MPP)<\/a>, and looming on the horizon is the death of third-party cookies<\/a> from Google in 2023.<\/p>\n

With the rise of privacy measures, it\u2019s important to not only stay informed but also to plan for the long-term health of your email program. While the upcoming changes are uncertain, something you can count on is that privacy measures will continue to increase\u2014and it\u2019s best to be prepared.<\/p>\n

Our recommendation? If you aren\u2019t doing it now, you should be taking steps to privacy-proof your email program. This means setting up your email program for longevity and success, with privacy top of mind. Read on for six ways you can set yourself up for privacy-proofing success (or jump ahead below):<\/p>\n

    \n
  1. Increase collection of zero-party data<\/a><\/li>\n
  2. Ensure confirmation campaigns are in place<\/a><\/li>\n
  3. Track engagement with metrics other than open rates<\/a><\/li>\n
  4. Redefine how you re-engage customers, outside of email<\/a><\/li>\n
  5. Steer away from dependence on opens and geolocation<\/a><\/li>\n
  6. Consider removing Personally Identifiable Information (PII)<\/a><\/li>\n<\/ol>\n

    What are the four types of data?<\/h2>\n

    For email marketers, it\u2019s important to understand the data you have accessible so you understand how to use it most effectively. First, let\u2019s recap the four different types of data<\/a>.<\/p>\n

    Zero-party data<\/b> is individual-level data explicitly given to you directly from your audience. Examples are email preference centers<\/a>, account preferences, and topic or product interests.<\/p>\n

    First-party data<\/b> is individual-level data collected from your audience on your own channels. This includes email engagement, website activity, and purchase history.<\/p>\n

    Second-party data<\/b> is individual-level data acquired from a trusted partner\u2014aka someone else\u2019s first-party data. Think co-marketing efforts, customer reviews, and loyalty programs.<\/p>\n

    Third-party data<\/b>: aggregate data collected from one or more sources. Examples of this include browsing activity (via cookies), demographics, and survey responses.<\/p>\n

    How to privacy-proof your email program<\/h2>\n

    Consider these tips as jumping-off points to prepare your email program for the ever-changing future of privacy.<\/p>\n

    1. Increase collection of zero-party data<\/h3>\n

    As more people adopt Apple\u2019s MPP<\/a>, open rates will appear inflated. As such, you\u2019ll need more reliable data to glean insights from\u2014like zero-party data.<\/p>\n

    Zero-party data is individual-level data explicitly given to you directly from your audience. It\u2019s a key component for future-proofing because it\u2019s reliable data. By increasing your efforts to collect more zero-party data from your audience, you\u2019ll set yourself up for success down the line as privacy measures rise.<\/p>\n

    How can you put this into practice? We usually think of subscription preference centers<\/a> as a place where subscribers choose what they want to receive and frequency of communication. But they can also be a place to gather zero-party data, like topics of interest.<\/p>\n

    Additionally, account preferences can be a great place to capture information, like role, title, and location\u2014all of which can be used as part of your strategy (e.g. determining send times, localization, etc.).<\/p>\n

    \"fairygodboss\"
    Example from <\/i>Fairygodboss<\/i><\/a><\/figcaption><\/figure>\n

    Other ways to capture this are through customer onboarding, sign-up forms on your site, and even quizzes\u2014which adds a layer of interactivity, too. This is a win-win because you\u2019re not only allowing users to have an interactive experience, but also establishing brand trust by encouraging participation with the understanding that you\u2019ll use the information appropriately.<\/p>\n

    Here\u2019s an example from Notion\u2019s onboarding experience\u2014they collect relatively standard information like company size but also team type, making it a more interactive experience.<\/p>\n

    \"notion\"
    Example of Notion onboarding experience from <\/i>Blush<\/i><\/a><\/figcaption><\/figure>\n

    2. Ensure confirmation campaigns are in place<\/h3>\n

    Staying on top of your list hygiene is important as privacy changes take place. One way to do that is ensuring you have confirmation campaigns in place that gather explicit opt-in from existing subscribers. We\u2019ll talk about two kinds here: 1) re-permission campaigns and 2) double opt-in (DOI).<\/p>\n

    Re-permission campaigns<\/h4>\n

    By having re-permission campaigns as part of your regular practice (e.g. your list hygiene activities), you\u2019re ensuring you have the most up-to-date consent of your subscribers.<\/p>\n

    Let\u2019s say you\u2019re looking at a segment of inactive subscribers who haven\u2019t opened an email from your company or business in the past six months. In a world where privacy is an increasing concern, is it worth the risk of your spam complaint rate potentially going up by continuing to send to this group?<\/p>\n

    A re-permission campaign helps make sure you\u2019re emailing people who are still interested. And with opens becoming less of a dependable metric, it\u2019s only going to be harder to determine. That\u2019s why regular re-permission campaigns\u2014where subscribers actively say they\u2019re interested\u2014are a good way to not only keep your list clean, but refresh or update your subscribers\u2019 email consent.<\/p>\n

    At Litmus, if a subscriber has not opened or clicked on any email they have been sent in the last 60 days, we send them an email asking them if they\u2019d like to continue receiving emails. This allows the subscriber to re-engage or opt-out and allows us to keep good data hygiene.<\/p>\n

    Double opt-in (DOI)<\/h4>\n

    A long-standing debate in the email community is single opt-in vs. double opt-in<\/a>. In terms of privacy-proofing your email program, DOI, gives you a stronger proof of opt-in.<\/p>\n

    A big concern for double opt-ins is losing out on subscribers when they don\u2019t confirm. But one way to work around this is by requiring subscription confirmation before<\/i> delivering the intended resource that the person signed up to receive (e.g. a report, e-book, etc.). For example, your post-form page could say: Confirm your subscription in your email to receive the e-book. Then, after they confirm, they\u2019ll receive the download.<\/p>\n

    Also, DOI is great in instances where a typo may have occurred when entering an email address. It helps you validate new subscriber\u2019s email addresses, ensuring you\u2019re emailing the right people (and reducing the risk of getting hit with spam complaints).<\/p>\n

    3. Track engagement with metrics other than open rates<\/h3>\n

    Like we mentioned above, as adoption of MMP increases, open rates will become less reliable due to perceived inflation.<\/p>\n

    Open rates are known as the most traditional and popular metric in email marketing. But it\u2019s time to shift your focus to other engagement metrics, especially if you use open rates to project conversions. It’s especially important to look toward more reliable ones\u2014such as click-through rates, read rates, and unsubscribe rates\u2014as you plan for 2022 onwards.<\/p>\n

    But the real key for measuring engagement is looking beyond<\/i> email. Look at your other platforms and incorporate omnichannel metrics that demonstrate customer engagement\u2014such as offline purchases, account activity, website visits, mobile app activity, and SMS engagement. Think of email as a touch point for engagement. Then, discuss with your team: How can you get these omnichannel metrics and metrics from your ESP pulled into your dashboards, combined for a more holistic view of your marketing efforts?<\/p>\n

    4. Redefine how you re-engage customers, outside of email<\/h3>\n

    Let\u2019s talk about your re-engagement campaigns<\/a>. What KPIs are you using to measure success? Metrics like click and click-to-open rates may come to mind. But are they enough to measure re-engagement alone?<\/p>\n

    Rather, as we mentioned earlier, think of email as a touch point in your customer journey. A more effective way to measure re-engagement is by looking at where subscribers go after<\/i> they engage with your email. For example, did they go to your site or mobile app after reading your newsletter?<\/p>\n

    By taking an omnichannel approach to how you look at your own metrics, you\u2019ll paint a fuller picture of your customer journey, better than if you were to look at specific email metrics alone. This also gives an opportunity for teams to break down their marketing silos and use a combined approach to achieve results.<\/p>\n

    5. Steer away from dependence on opens and geolocation<\/h3>\n

    In addition to open rates, MPP has also impacted email marketers\u2019 ability to track geolocation. That\u2019s why it\u2019s a good idea to start adjusting how you measure your program\u2019s performance, outside of these metrics. Being prepared for these contingencies will be helpful in privacy-proofing your program for what lies ahead.<\/p>\n

    One way to prepare is by conducting an audit of your email program(s). Evaluate your current activities: check for instances where you rely on open rates and geolocation and discuss new ways to move forward with your team. These might include your:<\/p>\n