Home Data-Driven Thinking GDPR Is An Enforcement Nightmare, But Its Impact Is Massive

GDPR Is An Enforcement Nightmare, But Its Impact Is Massive

Jessica Jacobs, global director of partnerships and growth at Incubeta.

Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.

When the General Data Protection Regulation (GDPR) was passed in 2016, it was a wake-up call for anyone that handled consumer data. 

When the law went into effect, there were high hopes that its regulatory framework would make large-scale improvements to a digital ecosystem that wasn’t working for consumers.

Regulators had the best intentions: building consent structures for user data and imposing fines and penalties on entities that betrayed those consumer protections.

Now, four years since its implementation, GDPR’s efficacy remains unclear.

Many have expressed dissatisfaction with it, even writing premature obituaries for this landmark legislation. GDPR’s biggest hurdle? Enforcement. Smaller countries and under-resourced regulatory bodies were tasked with imposing fines – hundreds of millions of dollars – on some of the most well-funded, largest corporations in the world.

While it may be valid to express frustration at the failures of the GDPR, or to write it off entirely as it languishes, it’s important to recognize how important it was in changing the conversation surrounding consumer privacy online.

GDPR has become a bellwether for data protection

Before GDPR, Big Tech, brands and advertisers were all in the big data business. They collected as much consumer data as they could with minimal consent and without much strategy for what they would do with the data once it was collected. Third-party cookies were bought and sold, which led to shady targeting practices and a multitude of data breaches.

In short, the privacy structure of the pre-GDPR internet was centered around the needs of corporations, not consumers. Once it passed, it became incumbent upon governments to protect consumer data and make clear to companies that they needed to build structures of transparency and consent in online traffic. They needed to realign their practices with consumers in mind.

Unsurprisingly, with the tone set by the GDPR, a number of similar legislative frameworks around the world jumped on this collective realignment: the UK, South Africa, Japan and even California all passed legislation of their own. 


AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Building better data practices in advertising

New legislation represents a changing conversation surrounding consumer privacy. But without the buy-in of Big Tech companies, brands and advertisers, true change won’t come to pass. 

In advertising, a growing emphasis on privacy has caused a large-scale overhaul and reevaluation of how data is collected, activated and stored. Consumers have become much more aware of their rights online. Transparency is now a point of distinction for advertisers.

Rather than tapping into the endless stream of inexact but cheap third-party identifiers, advertisers now have to audit and make better sense of first-party data. In fact, many are still learning to tap into this data and make it actionable. 

Crucially, by using consent-based data gathering, advertisers have been able to build infrastructures capable of better targeting and personalization. Those that have adopted these more sophisticated practices are able to model customer journeys from end to end and better tailor their advertising efforts.

Setting change in motion 

The book hasn’t been closed on GDPR and other consumer data protection legislation. While enforcement remains a challenge, the imperatives these laws signal have been internalized by many stakeholders, particularly in advertising. 

As further changes crest the horizon – such as the sunsetting of third-party cookies – the advertisers that made transparency, consent and consumer privacy cornerstones of their operations will continue to succeed even as the landscape continues to evolve.

Follow Incubeta (@IncubetaGlobal) and AdExchanger (@AdExchanger) on Twitter.

Must Read

Nope, We Haven’t Hit Peak Retail Media Yet

The move from in-store to digital shopper marketing continues, as United Airlines, Costco, PayPal, Chase and Expedia make new retail media plays. Plus: what the DSP Madhive saw in advertising sales software company Frequence.

Comic: Ad-ception

The New York Times And Instacart Integrate For Shoppable Recipes

The New York Times and Instacart are partnering for shoppable recipe videos.

Experian Enters The Third-Party Data Onboarding Business

Experian entered the third-party data onboarder market on Tuesday with a new product based on its Tapad acquisition.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Albertsons Takes Its First Steps Into Non-Endemic Advertising, Retail Media’s Next Frontier

Albertsons is taking that first step into non-endemic advertising next week via a partnership with Rokt to serve ads to people who have already purchased groceries.

Marketecture Buys AdTechGod (No, Really)

Marketecture has acquired AdTechGod – an anonymous ad tech Twitter poster turned one-man content studio – and the AdTech Forum, an information resource hosted by AdTechGod and Jeremy Bloom.

Why The False Advertising Lawsuit Against Poppi Is Bad News For RMNs

This week’s dispatch explores the new trend of false advertising class-action suits in the food and CPG industry and how the evolution of online, data-driven retail media could exacerbate the problem.