Hackernoon logoWhat You Should Know About Zero-Party Data by@sam-bocetta

What You Should Know About Zero-Party Data

Zero-party data (ZPD) means a company only collects user data that is freely given. ZPD is data that a user gives you on purpose. Companies around the world are considering whether they need to collect and store any data at all. The EU's General Data Protection Regulation (GPR) and CCPA (California Privacy Act) have led to huge fines for mishandling user data. The new rules apply to any website accessible to Europeans, which means almost all of them.
Sam Hacker Noon profile picture


Sam Bocetta is a former cyber defense systems analyst/

Zero-party data (ZPD) means a company only collects user data that is freely given. Period. But why would a modern business, raised on the wonders of Big Data, undertake such a foolish philosophy? Maybe because they aren’t fans of financial ruin.

The idea of treating a user’s personal information the same as a civil right didn’t start with the GDPR (General Data Protection Regulation) and CCPA (California Privacy Act), but these two revolutionary consumer privacy regulations sure gave the idea a solid kick in the rear end. After British Airways and Marriott International were fined $230 million and $123 million respectively in 2019 by GDPR for data breaches, companies around the world were paying attention.

The question to ponder is whether ZPD is a legitimate business strategy or an unrealistic pie-in-the-sky yearning? Let’s dig deeper.


How GDPR Can Ruin Your Day

Back in 2018, the EU enacted a sweeping set of regulations determined to take back consumer privacy by allowing every individual on this planet who uses the internet to be in charge of their own personal data. Though based in Europe, the new rules, for all practical purposes, apply to any website that is accessible to Europeans, which means almost all of them.

The part that drew the attention of website owners around the world was the mind-blowing fines that could be levied for mishandling data, an amount equal to 4% of annual revenue or $20 million, whichever is GREATER.

As fines were applied in ever greater amounts, some companies reconsidered the necessity of storing personal user data at all. But before we venture into the pros and cons of that “crazy” little zero-tracking idea, let’s reverse course a bit and review the types of data collected and where it comes from. 

Know Your Data Types

In the beginning, God (or the deity or random force of your choice) created three types of data.

  • First Party Data - any data collected directly from consumers.
  • Second Party Data - any data received from the party that collected it directly

    Third Party Data - any data collected through a variety of sources and received from a broker who was not involved in the initial collection.

In recent years, the automation of data collection has become synonymous with marketing and a critical part of revenue increasing strategies in the modern business world. The practice is now so ingrained in a company’s DNA that no one ever questioned whether it was right or wrong, effective or a waste of time. Along the way, though, marketers realized there was a problem with their definitions.


Data collection gurus observed that the first party data (FPD) category really needed to be split in two. It was obvious that there was an ocean of difference between FPD collected through sneaky little trackers and cookies and that received as a result of a user making a conscious decision to share their data through contests, surveys, downloadable ebooks, discounts, recommendations, quizzes, social media, and the like.

To review, ZPD is data that a user gives you on purpose. A growing conversation in the online business community centers on this idea. Add in the looming spectre of the hand-smacking GDPR power to find a business out of existence, and you have an increasing number of companies considering whether they need to collect and store any data at all.

In other words, move to a zero-tracking model.

How ZPD Works in the Real World

In order to embrace a ZPD model, an organization finds itself in opposition to a world that never met a scrap of personal information it didn’t want to tuck away in a database somewhere. So how does a company go about bucking the trend and reach for this new ideal? The first order of business is to focus on the things a consumer actually intends to share, such as:

  • How they want to be identified
  • How, where, and when they want to be contacted
  • What they intended to share when they purchased

Anything that strays outside these boundaries is taboo for ZPD purposes. In order to exit the black hat side of the data collection game, the first thing that has to go is cookies and the various trackers that follow us around online everywhere we go, sending our browsing habits data back for analysis. 

Though marketers might experience a full blown seizure at the thought of voluntarily surrendering any level of data collection capability, a moral aspect comes in. You remember about morality, right? Where you do the right thing because it’s the right thing and not for fear you’ll get in trouble.

Try this. Rather than obsess on all the formerly acceptable tactics you used to deploy, and which are now off-limits, focus on the three items above. It’ll make your life simpler, that’s for sure. And for those who prefer to go about their merry way collecting personal information by any means available, good luck with that. Hope the nice folks at the GDPR don’t notice.

Benefits of ZPD

Before you tie yourself to the nearest train tracks or leap from the tallest bridge you can find, stop for a moment and consider that there are a handful of real benefits to embracing the ZPD game.

It’s more accurate and helpful: In case you haven’t noticed, consumers are becoming more reluctant than ever to share their personal information and (GASP!) might even provide bogus information. That means that the data you buy from a third-party broker is at least some percentage of pure undiluted crap. Is that what you want to base your marketing on?

Embrace the future: If you think the GDPR and CCPA are the end of personal data regulation, here’s a tip - you’re wrong. Get used to the idea that consumer information will become even more off-limits in the future. 

Invaluable Consumer Trust: What’s more valuable than scraped, out-of-date third party data? How about customers that actually trust you and continue to buy your product/service for that very reason? The bottom line is that the ZPD model creates an actual dialogue with consumers and that’s good for business.


There are no guarantees, but a ZPD approach might (should) have a positive effect on your bottom line. Before transitioning to this method, take note of the current key performance indicators tracking in your business and monitor whether or not they show a new positive growth over time after you switch to ZPD. Maybe, just maybe this whole “treating a customer like you would like to be treated” will pay off in higher profits.   

The Search for Privacy Conscious Software

No one said switching to ZPD would be easy. The online world is built around the idea of strong-arming personal information out of anyone it can. To move away from that model, you’re going to have to get rid of some of the platforms, software, services, and apps that you’ve grown accustomed to. The good news is that there is a whole world of privacy conscious software waiting to be discovered.

Remember that customer dialogue we talked about? A great way to start one is to point out how most of the online world works in exhibiting no remorse for its shady data collection tactics. Don’t just focus on selling your product or service. Educate them on how to protect themselves anywhere they go online by using tools tuned for privacy. 

Maybe they aren’t aware that an easily installed, free VPN can hide their internet sessions from prying eyes when they go online. For Google addicts, there are a variety of private, secure search engines - DuckDuckGo is a popular one - that return the same results and don’t violate your privacy a dozen different ways while doing it. Other categories of privacy software include password managers, private email, ad blockers, secure browsers - and the list goes on.

Final Thoughts

If you’ve decided to move your company towards a ZPD model, bully for you! Prepare for resistance from your marketing department, though they will hopefully be able to see the wisdom of the benefits we mentioned. The first step is to figure every avenue by which any form of non-permissive personal data arrives and shut off the faucet.

Eliminate all forms of second and third party data. Review your marketing strategies to make sure you’re not relying on any type of cookie or tracker. Audit your website to make sure any customer data outreach relies on the white hat methods mentioned above. The bottom line is that none of this is difficult, it’s just different, which makes it pretty dang hard for some to do.

Let’s close with a bit of Yoda-esque advice, though we’re pretty sure the little green guy never actually said this: let your conscience guide you. Now get out there and don’t track anything without permission because you’re part of the Zero Tracker Movement.


Join Hacker Noon

Create your free account to unlock your custom reading experience.