Home Privacy French Startup Teemo Appeases GDPR Regulators, Avoids A Fine

French Startup Teemo Appeases GDPR Regulators, Avoids A Fine

SHARE:

There is life after a GDPR enforcement warning.

Location data ad tech startup Teemo, one of the first companies admonished under the General Data Protection Regulation for gathering and processing data without informed consent, was given the all clear on Thursday.

Teemo, headquartered in Paris, received an ultimatum from France’s data protection authority, the Commission nationale de l’informatique et des libertés ( the CNIL ), in July: Either obtain the proper consents, provide the proper disclosures and set appropriate limits for data retention or face a possible fine.

The company tossed all its R&D resources to reach compliance, said Alexandra Chiaramonti, Teemo’s managing director for France. It took roughly two months to implement everything the CNIL was asking for.

It was highly unlikely that the CNIL was going to slap Teemo with a fine, though. Making a good faith effort to comply goes a long way with the DPAs. EU regulators aren’t gunning to put small businesses out of business.

The GDPR is “mainly intended to guide behavior, to encourage compliance, not as a vehicle for penalizing,” said Blaine Kimrey, a shareholder at Vedder Price in Chicago, who has spent most of his career litigating technology-related cases.

“The potential penalties are severe under GDPR and they’re definitely there for a reason, but the people I’ve heard speak about GDPR, including those involved in its drafting, don’t see penalties as the standard enforcement proceeding,” he said.

Carrying a big stick and not using it is somewhat of a foreign concept in the United States, where regulators are far more likely to levy fines when they come knocking, Kimrey said, but “companies that do their best, that devote whatever the EU data protection authority deems to be the appropriate level of resources to the matter, will get injunctive relief.”

Teemo’s publisher partners must now display a banner during the app installation process that gives users the opportunity to provide their informed consent for data collection before any data is actually collected. A link gives users more info on their data rights, including the duration of retention – 30 days for raw data and 12 months for aggregated data in Teemo’s case – and the ability to withdraw their consent at any time.

It’s too early to tell whether the changes will impact user opt in, but even if fewer users offer up their consent, that could end up being a good thing, Chiaramonti said. There might be less data, but the quality will ostensibly be better and “more interesting for advertising purposes,” she said.

Although its dustup with the CNIL was far from ideal – “I’m not going to lie, it’s been a very tough couple of months,” Chiaramonti said – there are positive takeaways, not least of which comes in the form of regulatory guidance. When a DPA like the CNIL takes action, it helps clarify the law for other companies looking to comply.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

“If everyone is willing to find a reasonable solution which serves each party’s interest, we can get there,” Chiaramonti said. “GDPR doesn’t have to be scary; it can benefit the industry as a whole by building trust from the general public and making this market a lot healthier.”

It’s hard to say what the CNIL’s next move will be, whether it will give companies in its jurisdiction a little time to absorb its guidance on consent and get their own houses in order before making an example out of any other entities – but that’s not the only uncertainty, said Ronan Tigner, an associate at Morrison & Foerster who is focused on data privacy and security.

“We are still waiting for the reform on the ePrivacy regulation governing cookies and similar technologies used in the ads context, which isn’t likely to be finalized before the end of 2018, early 2019,” Tigner said. “There are potential impactful changes, such as more acceptance for consent through browser settings and new explicit consent exemptions, such as cookies for audience measuring or security updates – so, we may be looking at awareness raising and a gradual build-up for now until those rules are known and industry solutions stabilize.”

Fidzup, the other French location data company called out along with Teemo by the CNIL in its warning, is making progress towards compliance with the development of a consent management platform. CNIL reps are cooperating with Fidzup to test the platform, said COO and co-founder Anh-Vu Nguyen. Fidzup is awaiting a final decision from the CNIL about whether it’s efforts meet “all the expected criteria,” Nguyen said, but the company is “optimistic.”

Must Read

Comic: What Else? (Google, Jedi Blue, Project Bernanke)

Project Cheat Sheet: A Rundown On All Of Google’s Secret Internal Projects, As Revealed By The DOJ

What do Hercule Poirot, Ben Bernanke, Star Wars and C.S. Lewis have in common? If you’re an ad tech nerd, you’ll know the answer immediately.

shopping cart

The Wonderful Brand Discusses Testing OOH And Online Snack Competition

Wonderful hadn’t done an out-of-home (OOH) marketing push in more than 15 years. That is, until a week ago, when it began a campaign across six major markets to promote its new no-shell pistachio packs.

Google filed a motion to exclude the testimony of any government witnesses who aren’t economists or antitrust experts during the upcoming ad tech antitrust trial starting on September 9.

Google Is Fighting To Keep Ad Tech Execs Off the Stand In Its Upcoming Antitrust Trial

Google doesn’t want AppNexus founder Brian O’Kelley – you know, the godfather of programmatic – to testify during its ad tech antitrust trial starting on September 9.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

How HUMAN Uncovered A Scam Serving 2.5 Billion Ads Per Day To Piracy Sites

Publishers trafficking in pirated movies, TV shows and games sold programmatic ads alongside this stolen content, while using domain cloaking to obscure the “cashout sites” where the ads actually ran.

In 2019, Google moved to a first-price auction and also ceded its last look advantage in AdX, in part because it had to. Most exchanges had already moved to first price.

Thanks To The DOJ, We Now Know What Google Really Thought About Header Bidding

Starting last week and into this week, hundreds of court-filed documents have been unsealed in the lead-up to the Google ad tech antitrust trial – and it’s a bonanza.

Will Alternative TV Currencies Ever Be More Than A Nielsen Add-On?

Ever since Nielsen was dinged for undercounting TV viewers during the pandemic, its competitors have been fighting to convince buyers and sellers alike to adopt them as alternatives. And yet, some industry insiders argue that alt currencies weren’t ever meant to supplant Nielsen.