“Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.
Today’s column is written by Mark Roy, founder and chairman at REaD Group.
In a little under a year, the EU General Data Protection Regulation (GDPR) will come into force, and for programmatic advertisers, it foretells an end to the concept of automating relationship building.
The GDPR has been developed to directly address customers’ concerns about the safety of their personal data. Like it or not, anyone in possession of customer data will need to be compliant by next May, when the regulation comes into effect. GDPR contains strict new rules around individual data, including customer consent and their “right to be forgotten.” GDPR will be unforgiving to those who fail to comply; organizations will face astronomical fines of 20 million euros ($24 million) or 4% of annual global turnover, whichever is greater.
I cannot see how programmatic can ever be GDPR-compliant unless it is limited to a small number of organizations, rather like a prospect pool. The GDPR will require advertisers to obtain active consent from customers, which will involve them specifically opting in to, rather than out of, a deal.
While some organizations may be able to circumvent this by limiting premium services to those who opt in for data collection, such as customers agreeing to the collection of cookies, obtaining consent for programmatic advertising is going to cause a real headache. As of next May, if advertisers have not obtained specific consent from individuals, they cannot market to them in any shape or form.
The “right to be forgotten” rule, in which an individual can have their historic data removed from a database, will leave the programmatic industry with a significant conundrum. In order to be “forgotten,” we must be able to know what needs to be forgotten. Every click, path, transaction, request or click-through must be recorded and be deletable. Therefore, by putting data assets into the ether and allowing thousands of organizations to use it, it is nigh on impossible to comply with the GDPR.
GDPR Doesn’t Just Apply To The EU
The EU’s new privacy rules are likely to disrupt the global digital marketing scene by preventing companies from using an EU citizen’s data unless they have obtained their direct consent. This will apply to the data of every EU citizen, regardless of where in the world their data is being used or stored. This means that US companies, such as Facebook and Google, which no doubt possess a large amount of EU citizen data, will have to pay attention to the regulation across the pond and take the same steps as everyone else to become compliant.
The target in the crosshairs of the EU rifle has always been and will be the US tech behemoths. When I first engaged with the EU on this years ago and was talking to legislators in Brussels, it was shortly after Mark Zuckerberg had decided that all those pictures, stories and photos on Facebook belonged to the company and not the millions of EU citizens who had posted them. Legislators were apoplectic, but even more determined to tackle the issue head-on.
What Does The Future Hold For Advertisers?
Overall, it is clear that every organization in possession of customer data will be affected by the GDPR. The programmatic advertising sector will feel the regulation the most due to the data requirements it needs for targeting. The GDPR is likely to shift advertising away from the algorithmic models of communicating, back toward a simpler form of advertising, relying on less volume and better-quality data.
I predict programmatic technology will be used in a far more limited way and largely in a retention and customer management environment, and there will be a return to a more personal touch in advertising facilitated by human beings rather than machines.
GDPR will herald a new era of greater trust between organizations and customers still willing to share personal data to access tailored services. Organizations need to clearly explain to customers how their data will be used and how they can expect to benefit from it.
Follow REaD Group (@REaD Group) and AdExchanger (@adexchanger) on Twitter.
