GDPR in the U.K.—a first-of-its-kind law that gave citizens control over how their data is collected, used and handled—went into effect in 2018. While CCPA was signed into law by the state of California in 2018 and took effect in January of this year. CCPA allows consumers to know what data companies are collecting on them, why they are collecting it and who they are sharing it with. It also provides a path for consumers, as well as the California attorney general, to sue companies if they experience a data breach.
The laws haven't been without pushback. Tech giants Google, Facebook, Amazon and Microsoft, as well as trade bodies like the Data Marketing Association and Interactive Advertising Bureau, tried thwarting CCPA. The 4A's has also pushed back on the California bill, arguing that it carries "ambiguities and internal contradictions, making compliance obligations a complex challenge."
UM's position is not to fight the laws, but to accept them.
"The advice we're giving is to embrace the regulations," says Joshua Lowcock, U.S. chief digital and global brand safety officer of UM. "The public attitude towards privacy has changed and that's something we need to embrace, adapt to and really lean into."
He adds, "This is bigger than digital. The way we approach brand safety and privacy is not just about our digital partners; this is about every media partner we work with."
Lowcock says UM predicts the next phase of "brand safety challenges," and something he's been advising clients on, is the way in which news organizations collect consumer data. He says their sometimes unethical practices pose "just as much risk" as the "inappropriate placement of ads. It's very clear that companies that collect data in unethical ways should not be part of the advertising ecosystem," Lowcock says.
IPG Mediabrands recently released 10 "media responsibility principles" to help "balance brand safety and brand responsibility in advertising." The principles called for partnering with media companies that "foster balanced, constructive discourse and respectful civil commentary"; that "protect people from harm"; that "demonstrate that they celebrate all forms of diversity"; and that "collect and use data in ways that are ethical, accountable and fair," among other guidance.
Lowcock says Garcia is the right person to shepherd UM's digital privacy program, pointing particularly to her background in law. Garcia received her Juris Doctorate from Fordham University's School of Law. She has been with UM for the past seven years, leading operations and compliance across 23 markets for ExxonMobil. Garcia will continue to oversee operations and compliance for that business in her new role.
“Arielle has played a key role in cementing UM’s standing as the industry leader in privacy and brand safety,” UM U.S. CEO Lynn Lewis said in a statement. “Given her extensive work in a critical space that continues to grow and define our industry, Arielle will be on the front lines of the dialogue and debate around privacy-related developments and trends while driving a ‘culture of compliance’ for our agency, clients, partners and the industry at large.”