The Silver Lining in the EU's New Privacy Rules

By Published on .

Credit: Dario Pignatelli/Bloomberg

Unless you've been living under a rock, you know all about the EU's General Data Protection Regulation—or GDPR. This game-changing law expands the data protection rights of EU citizens and puts some huge fines out there for non-compliance. Add in the significant ambiguity around proposed revisions to EU cookie law, sprinkle a dash of confusion over how laws will be enforced by regulators across different EU member states, and you get a big mess. Probably the only growing consensus is that, while this is a big problem across the board, Google, Facebook, and Amazon are going to have a much easier time of it.

No doubt, digital advertising's three largest players have advantages. With consumer relationships across devices, proprietary ad-tech and plenty of in-house resources, Google, Facebook and Amazon have many of the tools needed to gain consumer consent for data collection and provide consumers with visibility and control over that data.

But it is overly simplistic to believe that Google, Facebook and Amazon are the only potential winners here. Most EU authorities aren't out to destroy digital advertising or further entrench its dominant players. Rather, they are asking for products and services to begin with the notion that privacy is a fundamental human right. Publishers and brands who embrace transparent data collection practices and work earnestly to give consumers real choices about the collection and use of their data are well-positioned to gain consumer (and regulator) trust.

Who wins?
In the short term, brands that can demonstrate they are taking GDPR seriously will lower their regulatory risk and gain a significant competitive advantage over less-ready competitors, of which there are likely to be many.

What should your business do?

  • Ensure that compliance is visible to anyone arriving on your site;
  • Have a compliance plan in place that is ready show to regulators;
  • Know who is collecting data from your digital properties -- what they collect, and how they use it; and
  • Avoid tech providers with opaque data collection and monetization methods. Stick with providers who create clear value for your organization and consumers, and who have compliance plans of their own.

Longer term, these changes will benefit all organizations who provide both value and transparency to consumers. This is especially true for publishers who make the case that data collection is essential to delivering quality content, as well as for those with strong, contextually-relevant content. Advertisers who can build strong first-party data assets, while delivering clear value to consumers, will be at a major advantage over brands reliant on third-party data sources or panel-based, content-as-proxy targeting alone.

Losers will be the current banes of the digital ad ecosystem: shady brokers with data of unclear origin, pure middlemen and arbitrageurs, fraudsters and botnets who use opaque practices to steal from advertisers and publishers. These bad actors won't be able to meet new regulatory burdens, and their cannibalistic business practices are likely to put them in regulator crosshairs. ­

Is GDPR the end of digital advertising? Hardly. Does it pose challenges to how data is collected, processed and applied across the supply chain today? Absolutely. Is there any opportunity for publishers and brands who take GDPR compliance seriously, manage their ad and data supply chains rigorously, and give consumers transparency and choice? Most likely -- and not just if your company's name is Google, Facebook or Amazon.

Most Popular
In this article: