Companies offering help in meeting the European Union's onrushing General Data Protection Regulation are bidding up the price on search ads for its acronym, GDPR, ahead of its arrival May 25.
GDPR requirements are complex, and each country is likely to have different rules because the E.U. has left some 70 clauses open to interpretation. Those found in violation of GDPR face fines that amount to 4 percent of their revenue or $25 million, whichever is greater.
And even if you're a U.S.-based publisher that sees 2 percent of online traffic from Latvia, you need to be GDPR compliant. The same applies to vendors that collect data from any of the 28 countries that make up the European Union.
With so much at stake, such little room for error and so much company spending necessary to achieve compliance, it's no surprise that a little gold rush has broken out around implementation.
And companies savvy enough to navigate GDPR waters are turning to search advertising to cash in.
A quick search for "GDPR" on Google yields four ads, for example—from well-known outfits such as IBM, Salesforce and Microsoft as well as lesser-known players like Box or Treasure Data. "Are You Ready for the GDPR?" Salesforce's search ad asks, before offering "Four Key Steps to Get Started."
Overall, searches for "GDPR" increased 172 percent between April 2017 and March of this year, according to data compiled by search analytics firm AdGooroo and digital marketing agency iQuanti. "GDPR compliance" is also up (124 percent), as is "GDPR requirements" (235 percent).
Paid search ads have increased too, particularly as implementation neared: There was a 2,232 percent upswing between November and December, according to AdGooroo.
The cost per click on those ads also increased sharply between November and December, by 1,323 percent, AdGooro says, though it won't disclose the specific prices it sees. "This is due to an increase in competitive pressure and spend," AdGooroo said.
Meanwhile, large companies with massive amounts of consumer data would need at least a year to achieve GDPR compliance. Any big enterprise making its first search on the term now is almost certainly screwed.