Data Governance in Real-Time CDP

Adobe Real-Time Customer Data Platform (Real-Time CDP) brings data from multiple enterprise systems together, allowing marketers to better identify, understand, and engage their customers. This data may be subject to usage restrictions defined by your organization or by legal regulations. Therefore, it is important to ensure that Real-Time CDP is compliant with usage policies when handling your data.

Adobe Experience Platform Data Governance allows you to manage customer data and ensure compliance with regulations, restrictions, and policies applicable to data use. It plays a key role within Real-Time CDP, allowing you to define usage policies, categorize your data based on those policies, and check for policy violations when performing certain marketing actions.

Real-Time CDP is built on top of Adobe Experience Platform, and therefore the majority of Data Governance capabilities are covered in the Experience Platform documentation. This document is intended to complement the Data Governance overview for Experience Platform, and outlines the Governance features that are available in Real-Time CDP. The following topics are covered:

Apply usage labels to your data labels

Data Governance allows you to apply usage labels to your data, either at the dataset or dataset-field level. Data usage labels allow you to categorize data according to usage policies that apply to that data.

For detailed information on working with data usage labels, see the data usage labels user guide for Adobe Experience Platform.

Configure marketing actions for destinations destinations

You can set data usage restrictions on a destination by defining marketing actions (also called marketing use cases) for that destination. A marketing action for a destination indicates the intent of the data that will be exported to that destination.

For more information on marketing actions and their use in data usage policies, see the data usage policies overview in the Experience Platform documentation.

Defining marketing actions on destinations allows you to ensure that any profiles or audiences sent to those destinations are compliant with data usage policies. You should therefore add appropriate marketing actions to your destinations based on your organization’s needs to enforce policy restrictions on activation.

Marketing actions can only be selected when setting up a destination for the first time. Depending on the type of destination you are working with, the opportunity to configure marketing actions will appear at different points in the setup workflow. See the destinations documentation for steps on how to configure your particular destination.

Manage data usage policies policies

In order for data usage labels to effectively support data compliance, data usage policies must be defined and enabled. Data usage policies are rules that describe the kinds of marketing actions that you are allowed to, or restricted from, performing on data within Real-Time CDP. See the “Data usage policies” section in the Experience Platform Data Governance overview for more information.

Adobe Experience Platform provides several core policies for common customer experience use cases. These policies can be viewed in the UI by navigating to the Policies workspace and selecting the Browse tab. See the policies user guide in the Experience Platform documentation for more detailed steps on working with policies in the UI, including how to make your own custom policies.

Enforce data usage compliance enforce

Once data is labeled and usage policies are defined, you can enforce data usage compliance with policies. When activating audiences to destinations in Real-Time CDP, Data Governance automatically enforces usage policies should any violations occur.

See the document on automatic policy enforcement for more information.

Next steps

Now that you have been introduced to the key Data Governance features on Real-Time CDP and how Experience Platform enables them, please continue to the documentation for Data Governance on Adobe Experience Platform. The documentation provides overviews of essential Data Governance concepts, as well as step-by-step workflows for managing data usage labels and policies.

The following video provides an overview of Data Governance in Real-Time CDP, including the use of marketing use-cases on destinations and example workflows for different scenarios:

In this video, we’ll look at how Adobe Experience Platform’s data governance framework enforces data usage policies when activating audiences with the destinations feature. We’ll go through the key workflows including adding marketing actions to destinations and resolving policy violations. The enforcement capability builds upon the labeling and policy management features and together create the data governance framework. The data governance framework allows you to prevent certain types of data from being used for certain purposes. Say you ingest data into Platform that has a contractual restriction barring its usage for interest based targeting. How can you prevent marketers from using it that way? By embedding enforcement in activation workflows, data stewards can prevent non-compliant data usage. Labels, policies, and marketing actions in the framework allow data stewards to model complex usage restrictions. Marketers get real-time visibility into the usage restrictions through policy enforcement notifications. This minimizes coordination overhead with data stewards and allows marketers to confidently use data to deliver great customer experiences.
From a data steward’s perspective there are three key steps that need to be completed to manage data usage restrictions. The first is to classify data using labels. The second is to define data usage policies. And the third step is to indicate your usage purpose with marketing actions. Let’s take a look at a use case for Luma, our demo brand. Luma has a contractual restriction that prevents them from using their loyalty data for on-site advertising. How can we use the governance framework to enforce this? We’ve already completed step one, classifying the data using labels. Here we can see the loyalty data set as the C4 label applied to all of its fields. Step two is also complete. There is a policy enabled to restrict the use of any data labeled C4 for the marketing action of onsite advertising. So, let’s take a look at step three, setting our usage purpose. We do that by specifying a marketing action in the destination. I’ll create a new destination. Note how I’m prompted to provide the marketing actions for the destination. Note that I can add more than one. Adding these marketing actions to destinations is critical to connect policies to data labels, enabling enforcement. Now let’s look at what happens when a marketer tries to activate a segment using loyalty data to this destination. Here I have a segment, gold customers, that uses fields for my loyalty dataset to define membership. I’ll go to my destination and try to add this segment.
The activation isn’t allowed and a governance policy violation is shown. The violation shows why our action wasn’t allowed. In this case, we violated the restrict onsite advertising policy when we tried to activate a segment based on data with the C4 label to a destination with the onsite advertising marketing action. Suggestions to possibly resolve the policy violation are noted as well. In the data lineage area, we get a visualization showing us our specific dataset, merge policy, segment, and destination involved in the violation, including what action we were performing when the violation occurred. There are links to quickly open any of the related components. By analyzing this lineage, the marketer can understand what they did wrong and know not to try using loyalty data for cross site targeting in the future. Let’s take a look at a different scenario. Here I have a segment which doesn’t include any of the fields for my loyalty data set. Let’s see what happens when I try to activate this segment to my destination. Again, I get a policy violation. In this case, it’s not the fields in my segment that are the problem. It’s the merge policy used by the segment. I can remove the violating data set from my merge policy to resolve the violation or I can use it different merge policy that doesn’t include this data set in my segment. Once I’ve made the change I can come back to the destination and reattempt activation. Enforcement is embedded across platform workflows. So, any changes you make that violate existing activations are also prevented. This includes dataset label updates, merge policy changes, segment definition changes and destination configuration changes. You should now be able to use the governance features in Platform to manage marketing actions and destinations, analyze governance policy violations, and use data lineage to remediate policy violations. -