There has been plenty of chatter leading up to the new Safeguards law that went into effect earlier this year. Among many other components to the legislation and new requirements, the law requires auto dealerships to obtain clear and informed consent from website visitors before collecting and using their personal data,

However, there are finer details of the new Safeguards law that many dealers still have yet to comply with. Worse, dealers are still unsure how to make the proper implementations on a variety of measures.

A recent webinar poll showed more than a third of dealers (34%) either need to upgrade their Safeguards compliance solutions or they still need to complete the website certification process. Furthermore, the same poll revealed 33% of dealers either want to upgrade or are still unsure how to work with their web teams to properly and effectively post the required certification and make visible on their website that they have disabled third-party cookies.

What Are Cookies?

In today’s digital age, websites have become a crucial component of every auto dealership business. These websites traditionally relied on various technologies to enhance the user experience and gather valuable data into the customer. One such technology is website cookies.

Website cookies are small pieces of data stored on a user’s device when they visit a website. These cookies serve various functions, such as remembering user preferences, tracking user behavior, and collecting information for analytics.

This is most often utilized through retargeting ads, where a consumer visits a VDP page of a particular vehicle. Ad retargeting allows dealers to target users who have previously interacted with their website, mobile app, or other digital properties. It works by using cookies—or tracking pixels—to follow users as they subsequently browse the internet, and then displaying specific ads to them based on their past actions or behaviors with the dealership. They can be categorized into first-party and third-party cookies, each serving different purposes.

Auto dealerships, like many other businesses, used cookies to improve their online presence and marketing efforts to better personalize the user experience through better targeted ads.

However, with the recent passing of the Safeguards law along with other regulations and mandates that have eliminated the use of cookies and the collection of third-party to protect customer data privacy, auto dealers now must make it known to their website customers that they are no longer tracking them during the online shopping experience. Non-compliance with these laws can result in fines and damage to a dealership’s reputation.

Show Me, Don’t Just Tell Me

Today, auto dealerships and their web teams must instead leverage the collection of first-party data from their customers. The key differences between first-party data and third-party data are related to ownership, source, quality, and intended use.

First-party data is directly collected by a dealer from its own interactions with customers, is owned and controlled by the company, and is typically of higher quality for personalized marketing and customer understanding. Third-party data, on the other hand, was used to collect data from external sources, most notably Facebook ads. It often had varying quality and is no longer allowed to protect consumer data from web tracking.

Dealerships must ensure the vendor supplying these cookies are part of their third-party assessment process. Dealers must work with their third-party web site providers to ensure any cookies they are placing on the web site for tracking, or resale of information, are auditing these vendors to ensure they are safeguarding consumer privacy information. This certificate must be placed on the dealership’s website and ensure it is inclusive of ALL cookies.

Responsibilities of Dealers

Additionally, Dealers must designate individuals within the company who are trained in taking ownership of these new regulations and to ensure everyone is ready.

Any educational curriculum must be designed so that each employee is trained in all facets of the new regulation with full comprehension of each component. These designated employees MUST be able to work with their web teams to upload and illustrate the proper certificate of compliance and have it openly visible to consumers as they enter the “digital showroom,” aka their website.

As it stands now, many dealers still have questions about how to work with their web teams to make this certificate visible on their website.

Dealers can’t take this portion of the Safeguards law lightly as there can be expensive fines involved. However, what’s truly at stake is their reputation and long-term trust with customers and consumer shoppers who today are extremely knowledgeable and now look for these types of certificates to reinforce their trust with a retailer, similar to a Good Housekeeping Seal of Approval.  If one of the web site vendors’ cookie providers has a data breach, your dealership is responsible and subject to audits and fines per the Safeguards law.