Platforms, not regulators, are driving data privacy enforcement
This article is part of the Digiday Privacy Preview, a digital issue of stories examining what the coming changes to Chrome and iOS will do to the worlds of media and marketing. Read the rest of that coverage here.
Data privacy regulators look a lot different these days.
For starters, there’s more of them. They’re also — if you include Google’s plans for the third-party cookie and Apple’s ongoing anti-tracking restrictions — commercial enterprises, rather than government bodies.
It’s not an exact like-for-like: Platforms don’t make or change policy on how publishers collect or use data directly from their users. Google’s decision to not build alternate identifiers to track individuals relates to its own products. But Google and Apple’s dominant market positions do mean when they make changes, they cause tidal waves across the rest of the digital advertising supply chain.
And so unlike GDPR or CCPA, which involve compliance with legal, rather than just technical frameworks, the moves Google and Apple are about to make will cause immediate shockwaves the day they are implemented.
There isn’t much choice but to fall in line.
“We’re barnacles on the whale,” said Bob Regular, CEO of Infolinks. “If you measure us all relative to Google or Apple — sometimes they aren’t even aware we’re there. They may be happy to let us feed from them, but if they make a move and then we fall off, they’re indifferent.”
In the U.S. the lack of federal privacy law has left the door wide open for Google and Apple to call the shots, according to Regular. “Currently we’re moving toward states-rights-level privacy. It’s untenable — you can’t build plumbing at a state level, we need a federal version. And at the moment the first [federal attempt] is Apple and Google. They’ve taken the lead on what they say is the right solution — for right or wrong,” he said.
Traditional regulators’ methods aren’t perfect either. When regulatory change is announced businesses are left to interpret the new legal requirements and adapt their business models as they see fit. The result can be messy, confusing, and lead to numerous attempts to flout or circumvent the rules — as seen with the response to the European Union’s General Data Protection Regulation which went into effect in 2018 after a two-year grace period.
What’s more, the intent of GDPR — to give users back more control over their personal data and ensure it’s not misused by hidden players in the digital advertising ecosystem — has resulted in a horribly confusing, annoying user experience in Europe, with every website featuring their own pop-up messages requesting consent for collecting data. Privacy activists believe regulators have failed to properly enforce the law at scale. “One of the issues around regulations is the incredible lack of active and at-scale enforcement,” said Ruben Schruers, group chief product officer at media investment analysis firm Ebiquity. “Essentially so far, the regulations are all bark and no bite.”
The privacy-led changes driven by platforms Apple and Google are all bite. Plus, they are binary — not open to interpretation. Naturally, that results in people questioning whether this biting behavior is fair and the underlying reasons are honest or have a double agenda, added Schruers.
Preparing for GDPR was a legal nightmare. Publishers, agencies and ad tech vendors in particular squandered time procrastinating, spent months rewriting legal contracts to shift liability for fines to other partners in the digital ad supply chain, and argued over who was a data controller (and therefore on the hook for eye-watering fines) and who was a processor (not on the hook for fines). But in hindsight, at least there was wiggle room.
The platforms allow no wiggle room. And the changes required are all technical rather than legal. “The grace period was far longer with regulators — businesses were told by local authorities to try their best to respect GDPR and they, in turn, wouldn’t fine them for a given period of time,” said Remi Cackel, chief data officer, Teads. “But with Google, there will be a hard unplug once [third-party] cookies are pulled. Technically speaking you have no choice; it will happen overnight.”
And yet, for some, the changes are a long time coming and — for tech platforms pushing the privacy agenda — are welcome. “The spirit of GDPR and CCPA [California Consumer Privacy Act] is at the heart of what the browsers are doing,” said Amit Kotecha, global marketing director, Permutive. “The ad industry has prioritized this hyper-targeting over data ethics for a long time.”
Yet when it comes to global enforcement, even the platforms may hit roadblocks. Case in point: Apple’s anti-tracking drive is currently being challenged in China, where the state-backed trade group The China Advertising Association has reportedly begun its own ID workaround, which lets apps track users for advertising purposes even if the users haven’t opted in. China is a crucial market for Apple, so the tech player’s response will be the ultimate stress test of how seriously Apple plans to prioritize privacy over its commercial road map. Meanwhile, Google has also hit a snag with the planned rollout of Federated Learning of Cohorts (FLoC) in Europe, thanks to GDPR.
It may be that countries can’t curb the dominance of the tech platforms, but they can at least slow them down.
Climate emergency: Employees challenge their companies to provide environmentally-friendly pension funds
Increasing numbers of environmentally and ethically conscious employees are now challenging their own companies to provide a sustainable pension pot which has a positive impact on the environment. And companies are also looking to divest away from fossil fuels.
Member ExclusiveMarketing Briefing: ‘Trifecta of industry buzz’: Marketers remain bullish on TikTok despite rising costs
Ad buyers say that it’s not surprising that TikTok is upping the cost of its premium ad units as the platform has grown in popularity and shown it can have an impact on culture.
Member ExclusiveMedia Buying Briefing: Synthetic experiences outgrow their novelty status as they attract more brands
As time spent in video games rises, so do synthetic experiences that attract younger audiences. Brands are jumping in too.
SponsoredHow three top brands transformed their video ad strategies to follow the views
Brian Albert, managing director, U.S. Agency and Brand Solutions, Google Video watch time, particularly for streamed content, is booming. In December 2020 alone, over 120 million Americans streamed YouTube or YouTube TV on their TV screens. Many advertisers are meeting consumers where they are by reinvesting in digital video. In particular, these three brands transformed […]
The Big Quit: Employee burnout and a robust job market have workers eyeing greener pastures
Employers are bracing for a wave of quitting this summer, as people up stakes to either take some much-needed R&R or look for greener work pastures.
‘We are also living and walking through it’: Black diversity execs weigh in on changing DE&I leadership, intersectionality
As agencies look to follow up on promises of diversity, BIPOC executives weigh in on their experience.