In the last two months, a pair of U.S.-based ad tech firms — cross-device targeter Drawbridge and location data firm Verve — said they would wind down European operations due to the looming General Data Protection Regulation.
It’s no secret that the last-minute scramble to get compliant before the GDPR enforcement deadline on May 25 has been tough for all companies in the media and advertising industries. But for ad tech companies that aren’t known consumer brands, it’s even harder. They must get consent to use data sourced from publishers and advertisers in order to keep running their ad services — a tough thing to do without a direct relationship with users. That’s why, in many cases, publishers are being looked to as the vehicle to help obtain consumer consent on behalf of those in their digital ad supply chains, whether they like it or not.
Ironically, gaining consent wasn’t the biggest GDPR headache for Verve. The firm, which has 15 people across its London and Munich offices, spent most of the last two years developing close relationships with publishers, with the result that those partners are comfortable gaining user consent on its behalf. The bigger problem for Verve was in justifying the subsequent tech infrastructure costs required to run its ad services in a post-GDPR world.
However, when it comes to why these businesses are retreating from Europe, the GDPR is not the full story. Growing a U.S. ad tech business in Europe is tough and riddled with uncertainty. In the U.K., it’s rare for ad tech companies to deal directly with marketers; media agencies control those conversations and act as conduits, particularly for smaller vendors. Penetrating that agency network can take a long time, and vendor sources have said it’s become even harder in the last few years, with more layers of people within agencies making it tough to find the decision-makers. Plus, agency conversations will typically revolve around the Facebook-Google duopoly, rather than smaller players. Those are tough stakes for a small ad tech vendor’s sales team to crack, and they make progress look very slow to any U.S. investors. Verve’s European team will have faced all those issues.
“There are all sorts of reasons why a business may want to retrench and refocus on their core business: Sometimes, it is a case of just having overstretched, missing numbers, making poor decisions, or it could simply be a matter of bad timing,” said an ad tech executive who spoke on condition of anonymity. “But it would be lazy to just pin everything on the GDPR, and use it as a scapegoat. But no doubt that may look better with U.S. shareholders, to point to ‘those communists in Europe [European regulators].'”
There is also the common misunderstanding that the GDPR is just a problem for European businesses. In fact, it’s a requirement for any business with customers in Europe, regardless of where it is based. Anyone thinking that closing down European operations rids them of compliance challenges may need to think again.
Not only that, but thanks to the Cambridge Analytica scandal that has shone a harsh light on the topic of consumer privacy, the GDPR has been brought to the global stage — so much so that the U.S., which has long scoffed at European socialist-leaning bureaucratic law processes, is now looking more closely at creating a GDPR equivalent.
“By exiting Europe, companies will not escape the remit of the GDPR,” said Gabe Morazan, senior product manager of digital governance for Crownpeak. “They’ll still be bound to comply with this regulation as long as they are marketing to audiences in Europe. The GDPR will therefore become a de facto global privacy standard; Canada and California have both introduced similar regulations, and Apple has already announced plans to roll out its GDPR compliance solution worldwide.”
In truth, the reasons for seemingly hasty exits are likely broader than the GDPR.
“Europe is a crowded market, and a lot of U.S. [ad tech] businesses are reviewing their businesses and where they’re going to place their bets, and it’s forcing a few people out,” said another ad tech exec who spoke anonymously. “U.S. investors are nervous, and they may be seeing these choppy waters and thinking this is too hard, but it will likely be based on more than the GDPR.”
Those that are running from the GDPR are missing out on potential business opportunities, according to Morazan. “By coming into compliance with this regulation, companies can use conversations around consent to deepen the trusting relationships they have with consumers and prioritize data quality against the accumulation of big data,” he said.
Download our guide to GDPR for checklists, research and much more you’ll need to know before May 25.