Request a Demo
5 min read

What media and entertainment companies need to know about data privacy

Media and entertainment companies pay close attention to cybersecurity; after all, you can’t run a video-streaming service like Netflix or Disney+ without putting top-of-the-line safeguards in place to protect your media assets and ensure continuity of service. But how many media and entertainment companies can say, hand on heart, that they put the same effort into protecting their users’ data and privacy rights?

The irony is that, as the success of M&E-adjacent companies such as Facebook has shown, data itself is rapidly becoming a core asset for media companies. So far, though, few firms are investing sufficiently in the technologies needed to handle an expanding data universe, or to manage compliance in an increasingly demanding regulatory landscape.

At Ketch, we understand the relationship between media and tech. We the founders previously built Krux, working with media giants including Time Warner and Meredith to serve over 20 billion page views per month. So I speak with some authority when I say: if media companies don’t solve their tech stack, and put effective systems in place to manage privacy and data governance, they will face serious problems in the months and years to come.

The golden age of M&E

Ironically, this challenge stems from the fact that media companies are currently enjoying something of a golden age. Increasingly, M&E brands operate across a wide range of platforms — mobile, TV, game consoles, the Web — and an even wider range of jurisdictions. Look at Netflix: whether I’m in Caracas, Caen, or Cincinnati, I can fire up my laptop (or my phone, iPad, Roku box, or just about any other gadget) and instantly access a wealth of streamable content.

People aren’t just accessing media at home: they’re logging on at the gym, in schools and workplaces, during commutes, and even on long-haul flights. But precisely because M&E brands now touch so many parts of people’s lives, they face increasing scrutiny from both consumers and regulators.

People pay real attention to media companies, and have a direct and intimate relationship with them, so data breaches can do real brand damage. After all, if an anonymous ad company exposes my personal data, I’d be annoyed — but if my favorite media company messes up, I’d feel utterly betrayed. When Sony’s PlayStation Network got hacked, exposing 77 million users’ data, it took years for Sony to regain gamers’ trust.

Game on for regulators

Media companies are more likely to be punished by consumers for data breaches, and they’re also first in line to feel the impact of new privacy regulations, because they interact directly with both content and consumers. The entire downstream universe of ads and marketing relies on data and consent information collected by M&E companies, and regulators are paying close attention to the way that media companies meet their obligations to consumers.

Further complicating matters, media companies are seeing regulations such as the GDPR used as an offensive weapon. Data protection laws (and especially data subject rights such as the right to be forgotten) are being used alongside defamation law to raise objections to content, making data management a high-stakes area of special interest for M&E companies.

Media and entertainment brands also face additional regulations regarding their handling of users’ content-viewing and web-browsing histories, their decisions when using interactive content, and so forth. The stakes are especially high for companies that cater to children: parents care deeply about how their children’s information is handled, and many data laws have stringent provisions governing minors’ data.

Media companies must also monitor regulations that govern access to services across multiple jurisdictions. The European Union, for instance, now requires that media subscriptions purchased in one member-state remain valid in other member states, so an Italian Netflix subscriber must also be able to log on to local services when traveling in France or Finland. That requires companies with multinational presences to seamlessly coordinate privacy and consent across their national sites and services.

The fragmentation of data tech

Inevitably, as M&E organizations spread across multiple platforms and jurisdictions, their data-tech solutions grow fragmented. Dealing with a complex world, companies implement complex fixes — and in doing so, they create a hodgepodge of tech solutions incapable of delivering the streamlined, joined-up data infrastructure they need to succeed.

Unlike finance or health companies, where data security has always been a priority, M&E organizations haven’t historically had to worry much about these issues. It’s only now, with the explosion of data applications and the sprawl of global regulatory frameworks, that media companies have found themselves forced to try to evolve new capabilities, and rapidly add in-house data expertise.

To cope, media companies urgently need a new approach: a data-security solution that can sit alongside their existing tech stack, and serve as a single point of truth amidst the complexities of their tech architecture, their vendor ecosystem, and their own corporate structure. After all, media companies are made up of sub-organizations within sub-organizations: companies like Warner, Sony, or Disney aren’t single entities, but rather amalgams of different tech and media operators. Now more than ever, these organizations need a way of ensuring all the different parts of their M&E empires speak the same language when it comes to privacy and consent.  

Ketch is the solution

The good news is that help is at hand. Ketch serves as the connective tissue enabling media and entertainment companies to manage data privacy and consent across their sprawling, interconnected business functions.

Here’s how it works: using a simple dashboard, your legal specialists determine how different regulations affect your business, and create policies that define how data can and can’t be used. Ketch then turns those policies into a single unified reference system that developers from across your organization can use to check how any given piece of data can be used.  

Your legal team never has to weigh in on specific data-usage questions — they just set the overarching policies, and let Ketch do the rest. And your developers and engineers don’t have to fret about interpreting regulations — they just use APIs and other standard coding call-outs to check whether a given operation is permitted.

That means your legal team can stay focused on interpreting regulations, while your tech team can keep driving innovation forward. Ketch provides only the guide-rails that are truly needed, and stays out of your way the rest of the time — and that leaves you free to do whatever you want with your data, as long as it’s consistent with the regulatory interpretations you’ve implemented.

A richer experience

The benefits aren’t just internal: data managed by Ketch stays protected even when you work with outside parties. Because we extend through your whole vendor ecosystem, integrating both upstream and downstream, your users’ data is kept safe and handled appropriately even when you hand it across to third parties for ad-tech purposes or other permitted applications. That adds up to a seamless, flexible, and robust solution that allows media companies to provide exceptional experiences without compromising on data security.

Because Ketch lets you deliver just-in-time solutions, handling privacy and consent doesn’t detract from the user experience. With Ketch, you can wait until the exact moment that consent is needed (such as the instant of clicking a button or completing a form) before you make the request, rather than interrupting users before they’ve had the chance to start enjoying an experience or interacting with content.

An asset, not a liability

When it comes to privacy and data security, media and entertainment companies are on the front lines, and the stakes have never been higher. Regulators are raising the bar, and there’s simply no room for companies to make mistakes.

Even so, many M&E companies are woefully underprepared. Data is emerging as a vital strategic asset, but also a potential liability. To succeed, media brands urgently need a tech stack that’s able to ensure regulatory compliance without inhibiting innovation and growth. Ketch is the only solution that can cope with the complexity of the media environment, and help companies to manage data while delivering the seamless, engaging experiences their customers demand.

So if you’re trying to figure out how to manage data privacy in the M&E space, get in touch — and find out how Ketch can help you take privacy and consent to the next level.

Privacy Tech
December 11, 2021

Continue reading

News, Regulations
What the POTUS privacy push means for your 2023 strategy
Jonathan Joseph
7 min read
Privacy Tech, Product
3 requirements for effective consent management
Peter Wang
6 min read
Case Study
Kodiak Robotics: enhancing the UX with customizable, scalable data privacy tech
Kara Kennedy
4 min read

Get started with Ketch

Simplifying your privacy program has never been easier. Begin your journey to simplified privacy operations and granular data control across the enterprise.