‘Only enforcement will bring change’: Ad tech responds to regulator’s GDPR warning
The Information Commissioner’s Office has given ad tech a second chance to become compliant with the General Data Protection Regulation.
But without actual enforcement, there may be no point.
Last week, the ICO issued the ad tech sector with a stark warning not to continue with practices that violate GDPR. The gist of its warning was that many of the current practices within programmatic advertising — specifically real-time-bidding — are essentially now illegal.
The document clarifies specific areas in which the ICO will not tolerate the misuse of personal data for the purposes of targeted advertising. In particular: Legitimate interest cannot be relied on for businesses operating RTB, special-interest category data which includes ethnic origins, health and political orientation, require explicit consent, while contractual agreements alone can’t be relied on for compliance.
On the surface, the document is extremely worrying for ad tech. But ad tech businesses remain unfazed, partly because there is no threat of serious penalties and partly because any attempt to address the issues raised will take a long time to fix given the complexity of the digital ad supply chain. Until it can call out specific players for GDPR violation, any major changes will be unlikely, at least in the short term.
The ICO said it will work closely with the IAB and Google on their GDPR frameworks to help them become fully compliant and check back in six months to ensure there is evidence of change. But officially, it has only committed to potentially issuing further guidance, rather than strict punishment.
“They [the ICO] have punctured the tin but not ripped the lid off [of ad tech],” said Dan Wilson, CEO of London Media Exchange. “This [how data is used within RTB-based ad calls] has been flagged as a systemic risk to privacy. They can’t issue statements like that and walk away.”
Media agencies like Essence have welcomed the ICO’s warning as a necessary step to shining a light on continued GDPR malpractice. “Practices which effectively game the acquisition of user consent have a shelf life, and we’re keen to see the back of,” said Ryan Storrar, svp and head of media activation for EMEA at Essence. However, Storrar added that warnings alone won’t change the status quo. “A lot of people are talking about it, but only enforcement will bring change. A lot of the report’s findings are unsurprising, but they need to make examples [of businesses falling foul.]”
To date, the ICO has made it clear it will favor the carrot to the stick when it comes to the majority of GDPR assessments. But many media agencies and some ad tech vendors have said that it’s time for the ICO to show its teeth. “It has to happen — without those fines there is very little impetus to change,” said Brian Kane, co-founder of publisher tech vendor Sourcepoint.
The ICO will need to do more than issue a written wrist slap, as it did with the Washington Post. “That was the most wishy-washy of statements,” said Kane. “It was meaningless. At some future point, the ICO will come out with some sort of fine against someone. They have given plenty of warning and time to adjust.”
Many advertising executives believe that if ad tech businesses that are in breach don’t respond hastily to the latest warning, there will be serious repercussions. “Not taking the ICO’s guidelines seriously at this point would be equal to playing with fire,” said Alessandro de Zanche, an independent publishing consultant. “I have heard that the ICO will be issuing warnings first, then leave an informal buffer of a few months before issuing fines,” he added. “Being in contempt of this and showing an arrogant and defiant approach will just create further damage to an industry whose credibility is through the floor.”
Others agree that the digital ad industry must respond if it’s to avoid further penalties or risk more of a mainstream news spotlight on the issue, which would place it higher on consumer radars, like with issues around brand safety.
“It’s in danger of getting on a larger radar [if left unchecked],” said David Morris, director of solutions consulting, EMEA, at ad tech vendor Tealium. “Cambridge Analytica put a lot of what happens at Facebook on a larger radar, and when GDPR went live, it made mainstream BBC news.”
But there’s still skepticism around whether the current use of data within RTB as a method for trading ads programmatically has a future. “Parts of the industry are willingly prepared to crash against a wall at full speed rather than accepting the obvious: RTB and privacy regulations, GDPR in particular, are incompatible,” said de Zanche.
Heated founder Emily Atkin shows what it takes to make the transition from staff writer to Substacker
Substack is now a full-time job for Emily Atkin and her subscriber base has grown large enough for her to hire her first employee.
‘The pressure cooker is primed to explode’: How instant messaging tools are contributing to burnout
Despite their many benefits, instant-messaging tools like Slack have contributed to burnout over the last year — leading some businesses to drop them entirely.
Member ExclusiveGaming Advertising Forum Recap: Rapidly growing sector’s massive platforms and user diversity underestimated
Digiday’s Gaming Advertising Forum invited industry insiders and thought leaders from brands, gaming platforms and ad tech companies to take the industry’s pulse.
SponsoredWhat sustainable app monetization looks like in 2021
Apple’s iOS 14 changes are driving significant shifts in the app ecosystem. For gaming businesses, these new changes will make it challenging to show targeted ads. That said, the mobile game economy continues to boom, and analysts predict long-term growth; global in-app ad revenue in 2021 will rise by 6.2% for non-gaming apps, and 19.1% […]
U.S. cities and regions offer cash incentives to skilled remote workers to relocate
The uncoupling of work and location means that opportunities are no longer restricted to major urban centers.
Member ExclusiveMedia Buying Briefing: As gaming explodes as an ad medium, media agencies aim to level up
Media buyers are ramping up their efforts to guide clients through the exploding but complex world of marketing in gaming.