Secure your place at the Digiday Publishing Summit in Vail, March 23-25
Digiday Research: Half of companies plan to bundle consent requests under GDPR
This research is based on unique data collected from our proprietary audience of publisher, agency, brand and tech insiders. It’s available to Digiday+ members. More from the series →
The intent of the General Data Protection Regulation was to restore people’s online information to them. Under GDPR, businesses must ask consumers to opt in to sharing their data to process it for services like advertising.
One common complaint from companies is that if they provide more than one service, they have to get people to opt in separately to each one instead of bundling the consent process into one opt-in. For example, users must opt in to sharing their data with each Facebook product, including Facebook, Watch, Messenger and WhatsApp. GDPR prohibits bundling consent requests, but that isn’t stopping companies from doing it. At the Digiday Hot Topic UK: GDPR event in May, which occurred before the law took effect on May 25, half of the 22 companies surveyed by Digiday indicated they planned on bundling their consent requests.
Those who violate GDPR run the risk of heavy fines. Bloomberg reported that a complaint against Google filed in France claimed that Google “relies on an overall bundled consent to anything contained in the privacy policy for Android phones, which includes several other products.” Even the Interactive Advertising Bureau was accused of bundling consent in the run-up to GDPR.
In preparation for GDPR, Axel Springer ran tests to determine the optimal method for soliciting consent from readers. The publisher determined that people were slightly more likely to opt in to sharing their information with all of Axel Springer’s publications than just one site. In theory, Axel Springer’s approach could be GDPR-compliant if the publisher delivers the same service and processes user data the same way on each of its sites. However, regulators could consider the approach bundling if they decide that Axel Springer can’t ask for a universal opt-in. Because no one knows yet what GDPR enforcement looks like, it’s anyone’s guess if consent requests like Axel Springer’s are legal.
One line of thinking was that with many companies are breaking the law, it would be harder for regulators to punish companies for infractions like bundling consent requests because regulators wouldn’t be able to keep track of all the violators. But since GDPR took effect, complaints against companies have grown remarkably. In just over three weeks, regulators in France and the Czech Republic each received over 400 GDPR complaints, though it is uncertain how many of them pertain specifically to bundling consent.
More in Media
In graphic detail: Middle-tier creators are fueling the next phase of the creator economy
Facts and figures behind the growing middle tier of creators who make less than macro creators, but convert more.
How medical creator Nick Norwitz grew his Substack paid subscribers from 900 to 5,200 within 8 months
Creator Playbook: Unpacking the strategy behind medical YouTuber Nick Norwitz turning to Substack to significantly grow his brand.
Media Briefing: In the AI era, subscribers are the real prize — and the Telegraph proves it
In an era where AI is eroding referral traffic and third-party distribution, a subscriber who pays directly has become the most valuable reader a publisher can own. Springer just bought over a million of them.