Marketers Could Be Hit by Tough New Data Laws for EU
Regulators Emphasize Human Rights Over Business Concerns
The battle between big data and individual privacy will be put in the spotlight on Oct. 21 when the European Parliament votes on the introduction of the harsh new Data Protection Regulation.
Organizations -- including the World Federation of Advertisers and the Industry Coalition for Data Protection (a collection of trade bodies that includes the WFA and the American Chamber of Commerce to the EU) -- have been furiously lobbying ahead of the vote, hoping for a lighter-touch regime to protect the interests of business.
Malte Lohan, director of public affairs at the WFA, said, "The European Parliament wants to make the toughest privacy law the world has ever seen. The EU is championing the rights of citizens, but it's not that straightforward -- this could undermine the digital economy."
The first crucial issue is around the definition of personal data. The Data Protection Regulation could include not just truly personal information like names, bank details and passport numbers, but all sorts of identifiers that marketers routinely use – and consider to be anonymous -- in the world of big data.
The second centers on the definition of consent. The regulation is looking for explicit, prior, opt-in consent at every turn, asking consumers to negotiate a cookie wall before they can even check the weather or read the news. "From a marketer point of view it's totally disproportionate," Mr. Lohan argued.
The proposals were first outlined last year. Since then, Jan-Philipp Albrecht, 30, a Member of the European Parliament who represents the German Green Party, has been working on refining the complex document. Mr. Albrecht specializes in civil liberties and is tough on privacy issues.
The vote by the European Parliament is not the final stage in the process, but it is a key step in determining the outcome. Once approved, the regulation will be put to the European Council, where individual countries get to have their say, bringing in another layer of complexity as different countries have very different approaches to privacy. The Netherlands, traditionally conservative on data protection, recently relaxed its laws in response to consumer frustration with endless requests for consent.
If a public forum is any guide, there may be a shift underway towards greater privacy online. In a "Big Data, Zero Privacy?" debate at the Guardian's Changing Advertising Summit this week in London, the general consensus was that the "free for all" era of the internet is coming to an end, and that marketers need to work harder to establish trust with consumers online.
Representing the extreme point of view, Gerd Leonhard, CEO of the Futures Agency, spoke about "data greed." He said, "Everybody wants your data and nobody wants to pay for it. Data abuse is not a sustainable business and treating consumers like mere algorithms is a bad idea. If trust is broken, business breaks as well."
John Barnes, managing director, media and technology, Incisive Media, and chairman of the Association of Online Publishers, revealed, "As a publisher we feel we've been raided by the ad industry. We've done site audits and been flabbergasted by how many third party cookies have been dropped on our site by commercial partners – they were stealing our data."
Mr. Leonhard predicted that advertising without permission will become "almost extinct." He said, "Hyper intelligent advertising is the only way forward. This will require consent – and the way to get permission is through trust, transparency, honesty, user-empowerment and customer delight."