Facebook-Cambridge Analytica fallout extends to GDPR and ePrivacy enforcement
Any business that thought it could slide under the General Data Protection Regulation radar with a stitched-together compliance strategy can think again, thanks to the expected fallout of the Cambridge Analytica-Facebook user data scandal.
Vagueness around how the GDPR will be enforced has lulled many businesses, particularly in ad tech, into what may be a false sense of security. For some, that’s meant hiding behind the “legitimate interest” clause in the law, which they believe will save them from the worst of the fines. Others have tried to piggyback off publishers gaining consent on their behalf, while liability has been hoisted up and down the supply chain like a hot potato for months.
But the fallout from Cambridge Analytica’s misuse of Facebook user data to sway voters in 2016 and Facebook’s failure to alert users about it could help not only strengthen the credibility and enforcement of the GDPR globally, but it could also quash any hope that the stricter proposed ePrivacy Regulation will become more lenient, according to industry observers.
“The Channel 4 sting operation [on the Cambridge Analytica data breach] reveals more about the apathy data processors have toward their research subjects and the data commodity and the [consequent] risk to data controllers,” said a digital marketing exectuive. “GDPR and ePrivacy will gain more momentum and credibility in the wake of this scandal.”
Although the GDPR is a major talking point in Europe, its significance hasn’t managed to fully penetrate the U.S., where many businesses are still under the impression it won’t affect them, that it is merely yet another European bureaucratic lawmaking process blown out of proportion. But the GDPR has already led some U.S. vendors to pull back their businesses from Europe.
“This absolutely gives GDPR and ePrivacy more credibility globally,” said Jason Kint, CEO of U.S. publisher trade body Digital Content Next. “Consumers expect their data to be used within the context it was collected or by entities with which they have a relationship, but they don’t expect their data to be set out like a buffet at the Golden Corral, where anyone can walk in off the street and help themselves.” To that end, it’s “vital” lawmakers drive forward with the effort to ensure consumer trust while not granting even more power to a few big tech companies, he added.
Some believe regulators may get more power to enforce the GDPR more strictly. For instance, the Information Commissioner’s Office, the regulator that would enforce GDPR-related fines in the U.K., can only seize documents from companies deemed to be in serious breach of the GDPR if it has obtained a warrant. But some expect the ICO to now push to do “dawn raids” without warrant on those deemed in serious breach — something that will, in theory, be easier to debate in the wake of this latest data breach.
Meanwhile, any hopes for leniency around the ePrivacy Regulation, which is still in the proposal stage and has more dire consequences than the GDPR for using cookies without consent, have now been dashed.
Aside from in Germany, where publishers are more rattled by the ePrivacy Regulation than the GDPR, the general feeling about the ePrivacy law is it will be watered down, that lobbying will somehow win out — or should it not, then the U.K. would manage to skirt it using Brexit as a shield.
“We [the U.K.] have tried to slow the ePrivacy Regulation down for years due to Brexit and found a way to stall it,” said Dan Wilson, CEO of London Media Exchange. “But with something as high-profile as this [the Cambridge Analytica data breach], the ePrivacy Regulation will be expedited. It [the data breach scandal] will also kill legitimate interest as something to hide behind. Legitimate interest is now beyond thin.”
Download Digiday’s guide to GDPR to get primary research, checklists, and more that marketers, publishers and tech companies need to know.
Bustle Digital Group, G/O Media cut staff
Bustle Digital Group announced the layoffs of a dozen staffers on Friday, including the entirety of The Outline’s staff, and pay cuts for some remaining employees.
‘Companies are in freeze mode’: Coronavirus crisis strains ad tech licensing model
Like so many other industries, the coronavirus crisis is rapidly separating the distance between the haves and the have nots in the software-as-a-service sector. In ad tech in particular, there was a rush in the middle of the last decade for companies to switch their models from charging clients a percentage of the media they […]
Member ExclusiveAs the DTC reckoning accelerates, founders turn to each other for advice and sanity
"The coronavirus outbreak notwithstanding, there were a lot of issues that were spread out through the rest of the DTC ecosystem going into the first-quarter of this year," said Jeremy Cai, founder of Italic, which sells luxury bedding, apparel and handbags. "I feel like we are settling into a new normal in many ways of being conservative," he said.
SponsoredPublishers are experimenting with more engagement models
A growing number of publishers are using registration walls, paywalls and metered models to collect first-party user data and drive subscription revenue.
Advertisers ‘don’t want to sound tone deaf’: Candid thoughts of publishers navigating crisis
Publishers gathered virtually to discuss the challenges they're facing within their businesses and what their strategies are for weathering the storm.
Member Exclusive‘Math doesn’t add up’: Publishers still face tough choices
“Just salary cuts will at most bring the costs down by 10%, at most, I can guarantee,” one exec messaged me.