Facebook-Cambridge Analytica fallout extends to GDPR and ePrivacy enforcement
Any business that thought it could slide under the General Data Protection Regulation radar with a stitched-together compliance strategy can think again, thanks to the expected fallout of the Cambridge Analytica-Facebook user data scandal.
Vagueness around how the GDPR will be enforced has lulled many businesses, particularly in ad tech, into what may be a false sense of security. For some, that’s meant hiding behind the “legitimate interest” clause in the law, which they believe will save them from the worst of the fines. Others have tried to piggyback off publishers gaining consent on their behalf, while liability has been hoisted up and down the supply chain like a hot potato for months.
But the fallout from Cambridge Analytica’s misuse of Facebook user data to sway voters in 2016 and Facebook’s failure to alert users about it could help not only strengthen the credibility and enforcement of the GDPR globally, but it could also quash any hope that the stricter proposed ePrivacy Regulation will become more lenient, according to industry observers.
“The Channel 4 sting operation [on the Cambridge Analytica data breach] reveals more about the apathy data processors have toward their research subjects and the data commodity and the [consequent] risk to data controllers,” said a digital marketing exectuive. “GDPR and ePrivacy will gain more momentum and credibility in the wake of this scandal.”
Although the GDPR is a major talking point in Europe, its significance hasn’t managed to fully penetrate the U.S., where many businesses are still under the impression it won’t affect them, that it is merely yet another European bureaucratic lawmaking process blown out of proportion. But the GDPR has already led some U.S. vendors to pull back their businesses from Europe.
“This absolutely gives GDPR and ePrivacy more credibility globally,” said Jason Kint, CEO of U.S. publisher trade body Digital Content Next. “Consumers expect their data to be used within the context it was collected or by entities with which they have a relationship, but they don’t expect their data to be set out like a buffet at the Golden Corral, where anyone can walk in off the street and help themselves.” To that end, it’s “vital” lawmakers drive forward with the effort to ensure consumer trust while not granting even more power to a few big tech companies, he added.
Some believe regulators may get more power to enforce the GDPR more strictly. For instance, the Information Commissioner’s Office, the regulator that would enforce GDPR-related fines in the U.K., can only seize documents from companies deemed to be in serious breach of the GDPR if it has obtained a warrant. But some expect the ICO to now push to do “dawn raids” without warrant on those deemed in serious breach — something that will, in theory, be easier to debate in the wake of this latest data breach.
Meanwhile, any hopes for leniency around the ePrivacy Regulation, which is still in the proposal stage and has more dire consequences than the GDPR for using cookies without consent, have now been dashed.
Aside from in Germany, where publishers are more rattled by the ePrivacy Regulation than the GDPR, the general feeling about the ePrivacy law is it will be watered down, that lobbying will somehow win out — or should it not, then the U.K. would manage to skirt it using Brexit as a shield.
“We [the U.K.] have tried to slow the ePrivacy Regulation down for years due to Brexit and found a way to stall it,” said Dan Wilson, CEO of London Media Exchange. “But with something as high-profile as this [the Cambridge Analytica data breach], the ePrivacy Regulation will be expedited. It [the data breach scandal] will also kill legitimate interest as something to hide behind. Legitimate interest is now beyond thin.”
Download Digiday’s guide to GDPR to get primary research, checklists, and more that marketers, publishers and tech companies need to know.
Hearst is packaging its design titles together for a new educational franchise
This is only the second time that these Hearst titles have been leveraged together for a joint program and sponsorship opportunity at this scale.
‘Pet anxiety is real’: More employers willing to allow pandemic-pets when staff return to the office
Pet adoption became a go-to coping mechanism during the pandemic. Now more employers are allowing staff to bring their pets to work once offices return, in recognition of their benefit to mental health and to stave off separation anxiety.
Cheat sheet: Where Scroll fits in Twitter’s subscription plans
The Scroll acquisition announced today marks the third consumer revenue-focused move Twitter has made this year.
SponsoredHow The Company Store is reimagining customer experiences for pandemic-era growth
Throughout the pandemic, some retail categories have been inherently successful. Home furnishings and décor are among them; with consumers spending so much more time at home, updates and renovations flourished. Criteo data from the first half of 2020 showed sales for items like outdoor furniture sets up 434% year over year, with other home items […]
How the Try Guys took their YouTube channel and turned it into a media company and a TV deal
In the last episode of the creator series, the Try Guys talk about allowing passion to guide their company's growth.
Cheat Sheet: What Yahoo offers Apollo Global Management
Verizon Media posted its first quarter of year on year growth in four years in the fourth quarter of 2020. Its new owners, Apollo Global Management, could use the ad-tech infrastructure to deal the rest of its media assets a more favorable hand.