Full Disclosure: GDPR is Good for Business

On 07/02/2018 by Araceli Almada

Challenges concerning data protection have entered the spotlight, as advancements in technology have compromised people’s control over their personal information. The ‘democratization’ of data - the easy access to large amounts of digital data - has enabled businesses to learn more about their customers and forecast trends as a means for competitive advantage. For example, data-driven decisions help understand consumers’ behaviors across all the different channels where the consumer interacts: e-commerce, social media, and even offline. Consequently, organizations can deliver an enhanced, customized consumer experience at multiple touch-points. However, this has sparked a debate over the ethical implications of data collection, as innovations in information technology have limited the control individuals have over the privacy of their personal data. While data presents a huge opportunity to businesses operating in today’s digital world, recent media coverage concerning the associated risks of its unauthorized use have prompted an even greater need to address it.

In the world of advertising, personal data plays a critical role in responsibly predicting consumer behavior - location data, IP address, cookie strings, mobile device ID’s, and other online identifiers provide valuable insight into the consumer, allowing for better personalization and an improved user experience. Through the power of technology, advertisers translate personal data into actionable information, enabling them to support more predictive rather than intuitive decision-making.

Undoubtedly, the potential benefits of big data to organizations and consumers alike are significant. Nevertheless, there are equally significant security risks if data is not managed responsibly by its custodians, and serious implications of massive data collection and use on consumers’ privacy. It is, therefore, imperative that companies demonstrate transparency and accountability in the lawful obtainment and management of their users’ personal data.

The EU introduces measures to protect personal data

Government agencies play an important role as regulators to meet new privacy challenges and protect consumers’ personal data from unauthorized use. The European Union’s latest comprehensive measure, known as the General Data Protection Regulations (GDPR), ensures the legitimate use of any European’s personal data by strictly monitoring, protecting, and regulating the flow of information within and outside organizations, no matter where in the world the entity presides. By providing greater transparency, this updated set of protection laws strengthens the power of consumers in their relationship with online media organizations. Organizations that fail to respect consumers’ rights to privacy will face tough legal and financial ramifications that can, in extreme cases, phase out the existence of a business.


How GDPR can impact business

Evidently, the new GDPR regulations have become a focal point in conversation across the advertising industry and its supply-demand chain. While the new set of standards is not intended to make life difficult for publishers and advertisers, it has the potential to impact not only how they advertise but also to whom. Demand-side platforms will be held responsible to ensure that every source of data collected and distributed is audited to avoid fines for non-compliance. Given that GDPR assigns responsibility for compliance to all actors along the supply chain, publishers must be selective when choosing third-party data providers and ensure their partners take measures to remain in full legal compliance. Furthermore, publishers must find an unobtrusive way to establish explicit consent from users regarding what data is collected, and offer opt-in and opt-out functionalities for data to be acquired or released.

The implementation of these new regulations will undoubtedly alter the way business is done, testing marketers and advertisers’ creativity in adding value to the users’ experience. GDPR will impact what data can be collected from the client, and such restrictions can potentially hamper ad campaigns and marketing strategies. As companies take on the responsibility to safeguard and secure consumer data and, with it, the associated heavy fiscal burden, the cost of implementing the new regulations may not be feasible for small and medium-sized businesses (SMB’s). Given that SMB’s account for roughly 60% of Europe’s GDP, these new regulations may hinder their contribution to Europe’s economy. Finally, while the new regulations may incentivize self-censorship as a preliminary measure for the users’ internet sovereignty, they can also create a false sense of safety and online security since compliance alone does not guarantee protection from a data breach.


How GDPR can benefit business

While some may consider the EU’s data protection law an impediment, the new regulations provide a great opportunity for ad tech companies. According to Recital 47 of GDPR, processing personal data for direct marketing purposes such as advertising may be regarded as carried out for a legitimate interest, thus benefiting the ad industry. Moreover, ad tech companies can use these regulations in good fortune to drive better communication with consumers, establish more meaningful long-term relationships, and stay ahead of their competition. In fact, the principle of accountability, which is central to GDPR, promises great success for companies that prioritize transparency and compliance. If you are an ad tech company that has always conformed to high professional standards, then it is likely that this update to a decades-old law will not drastically impact your operations. So, why is transparency and compliance so critical?

Transparency and compliance generate trust with the consumer, as a strategy is based around their needs. Unsurprisingly, trust represents the keyword for native advertising. Publishers and advertisers in this space are clear in showing which content they are sponsoring, providing distinction between editorial and advertised content to avoid deception. Brand safety is asserted as both sides of the supply chain seek to develop a premium network. Therefore, entities that view transparency and compliance as a priority look to meet the expectations of their consumers by relying on legitimate interest. In fact, it is considerably more likely that users opt-in to a company name that they know and trust rather than sign up with an unknown partner. Such statement supports a study performed by the Association of Online Publishers, which found that 33% of consumers are more likely to trust native advertising than traditional advertising.

Additionally, a transparent and compliant organization will provide clear guidelines to the user as to what personal data is being collected and stored, how the user can access and review the personal data that is collected of them, including the possibility to have data deleted if they deem it no longer necessary or useful. As customers review and validate their information, the accuracy of data is improved.

Finally, a transparent and compliant company only asks for the personal data it really needs. This shouldn’t be bad news given that the objective is data quality. Advertisers can expect better data quality to ensure their advertisements reach the right audience through more sophisticated targeting.

While the driver of data protection regulations is to empower consumers, organizations that prioritize transparency and compliance can also win with GDPR. In summary, increased transparency and compliance drives better data quality for companies, improves business performance, and ultimately results in increased trust, stronger relationships, and improved customer loyalty.

Whatever the format imposed by legal frameworks, creativity and technology will always be a driver for growth. While creativity brings relevance to the audience, technology provides scalability. It is the technical changes that allow advertisers and publishers to target the right audience and make ads ever more relevant. Thus, in light of GDPR becoming a reality, let us not forget that it is the choice a company makes that determines whether it progresses or falls behind. With or without the EU’s comprehensive protection measures, every business should strive for best practices. A strong commitment to transparency and compliance are two of our own fundamental business principles. We don't see people as a means to an end, but as a fundamental part of how we measure our native success. For this reason, we have never used nor will we use personal data to do business, proving our business model to be immune to the most restrictive measures initiated by law or industry. Transparency and compliance is no longer a choice, but rather a basic requirement for survival. The GDPR will only be the trigger.

There are certain steps you should take to align yourself with a transparent and compliant partner. Contact us today!