Ada Parker Like the majority of consumers, you might not think twice about searching, using a third-party plugin, or registering on a website to make a purchase or read the news. But the truth is that some of the forms you fill out may actually serve to solidify the devil’s purchase of your soul while also introducing widespread data usage that you might not approve of or understand. Have you heard of GDPR?
A new digital privacy policy called the General Data Protection Regulation (GDPR) was unveiled on May 25, 2018. It harmonizes a plethora of disparate privacy laws across the EU into one, a comprehensive set of rules that will safeguard users in all member states.
Continue reading and learn more about GDPR.
Also Read: Is Advertising A Good Career Path?
Table of Contents
What Is The GDPR?
The GDPR is an EU law that came into force in May 2018. It’s a regulation, which means that it has a direct effect on all 28 EU Member States (including the UK).
The EU Data Protection Directive is replaced by the GDPR. The highest level of data protection and privacy was already being offered to EU citizens by this directive. Despite this, the changes brought about by the GDPR are highly significant.
One of the main aims of the law is to bring stronger protection to the personal data of everyone in the EU. The regulation accomplishes this in a number of ways, including:
- Bringing non-EU companies under the law
- Providing a stronger, more meaningful model of consent
- Granting people powerful new personal rights, including the “right to data portability” and the “right to be forgotten”
How Does GDPR Affect Advertising?
As marketing becomes more sophisticated, it frequently involves significant amounts of personal data.
Nowadays, advertising involves more than just crafting an effective message to sell a product. It’s about determining who is most likely to be affected by that message. It’s also about how and when to deliver the message for maximum impact.
Previously, advertisers could target potential customers by advertising in a particular magazine, or after a specific TV show. Nowadays, advertisers can target individual people based on thousands of data points collected by companies that monitor their internet activity, their location, and their purchases.
This may be bothersome, unsettling, or simply unwanted. So data protection law attempts to bring people some control over whether their personal data is used in this way.
How Will GDPR Affect US Businesses?
Article 3 of the GDPR states that your business is subject to its requirements if you gather personal data or behavioral data from a person in an EU nation. This means that for American businesses, asking European customers to enroll in a research study before sending them product advertisements is prohibited, as is pushing advertisements based on users’ search histories.
Users must be informed clearly and transparently by businesses about what will be done with their IP addresses, email addresses, phone numbers, and other personal information. Utilizing sensitive information from medical or financial records, or identifiers connected to children necessitates 72-hour notice to an EU regulator or other pertinent authority. Companies that decide not to disclose a breach within 72 hours risk losing 2% of their global revenue.
If Lose Your Cookies?
Although cookies are only briefly mentioned in the GDPR, under Recital 30, it is a significant update and calls for strong opt-in consent. In essence, the EU has stated that if you use cookies, it is aware that you are collecting personal data. You will need to either stop the practice or get customer consent to remain compliant with the GDPR.
Surviving GDPR
The extreme lack of GDPR-compliant advertising platforms currently on the market only serves to complicate matters further. And regrettably, there are many programmatic advertising technology providers, ad networks, and affiliate networks that cling to phony marketing metrics like cost per click (CPC), click-through rates, cost per thousand (CPM), and more, all of which depend on cookies.
They are clinging to these metrics because they are unsure of how to move forward. Their long-standing system, which they have used to defraud numerous organizations, has just run into GDPR, which is a brick wall. Simply put, these businesses weren’t made to adapt. Too invested in themselves for them to eat each other.
New Standard Of Consent
The GDPR brings a new, higher standard of what constitutes a person’s “consent.”
But why is it necessary to earn consent for online advertising?
Governments have long attempted to control how businesses market to consumers. Laws that prohibit the sending of “spam” emails exist in even nations with comparatively free market economies, such as the United States.
The risks are even greater at this point. Advertising can involve the accumulation and analysis of data about a person’s preferences, political affiliations, and family life (to name just a few examples).
The GDPR wants to ensure that anyone who will be exposed to online advertising is fully aware of what they are agreeing to.
Refreshing Consent
During the implementation of the GDPR, many businesses sent emails to customers asking them to “refresh” their consent to direct marketing. An illustration from Pact Coffee is given here:
If you earned consent from some EU consumers under the Data Protection Directive, you don’t necessarily need to get their consent again.
But if the way in which you earned a user’s consent was compatible with the old law but not the GDPR (or wasn’t compatible with either law), you will need to either remove that user from your marketing pool or request consent again.
The upshot of this stricter requirement is that you might end up advertising to a smaller group of people, but those people are likely to be more engaged with your company and more on board with being the subject of personalized ads or direct marketing.
Consent For Cookies
Since 2002, consent for cookies has been necessary under EU law. The ePrivacy Directive, an older law still in effect, is the source of this requirement.
All cookies require consent, except for those that are necessary or used for user-centric activities. These cookies may be used for authentication, load balancing, remembering the contents of a shopping cart, tracking form inputs, and more.
So what’s changed? Well, because of its new, higher standard of consent, the use of cookies has significantly changed as a result of GDPR. Due to this, commercial websites are increasingly displaying “cookie banners” for EU users.
Sadly, it’s quite challenging to locate many websites that abide by the new legislation.
Cookie banners should offer users a genuine choice about whether they consent. Solutions utilizing opt-out or “browsewrap” cookies don’t adhere to this rule.
Read More: First Toy Advertised On TV
