GDPR is coming, and many U.S. ad tech firms aren’t ready
In the lead-up to Dmexco in Cologne, Germany, which brings together the world’s ad tech decision-makers, the elephant in the room is the implementation of European Union rules on data protection that will become enforceable in less than a year.
For many visiting American executives, the drumbeat of warnings could serve as a wake-up call of sorts. As of next May, advertisers won’t be able to market to individuals without obtaining specific consent to use their data. It won’t matter whether a company’s servers are held in Israel, India or the U.S. — if it is storing the data of an EU citizen, it must abide by the General Data Protection Regulation or face fines.
The warnings can be dire. Johnny Ryan, head of ecosystem at PageFair, has said the regulations could “rip the digital ecosystem apart.” Several ad tech executives have noted that some U.S.-based vendors see the rules as a regional rather than international issue, while others are delaying preparations for the GDPR because they fear losing money.
From an American perspective, GDPR is difficult to fully comprehend: sweeping regulations that have 99 articles and 173 recitals. Some are betting that the sheer scope of GDPR means EU regulators will struggle to enforce it, said Matt O’Neill, gm for Europe at ad verification business The Media Trust at ExchangeWire’s ATS conference on Sept. 11. When the GDPR came up at a recent industry event, one industry source said none of the people they spoke to could confidently say they had a plan in place.
Businesses outside of Europe aren’t necessarily reluctant to adapt for the GDPR. The reasons they’re delaying preparations have more to do with procrastination, not reading the fine print and, most importantly, not fully processing the GDPR’s implications, said Shane Minte, U.S. head of supply at mobile data platform Ogury. “It’s one of those things that, due to the geography, might feel like a distant problem, yet it is going to affect us all,” he said. “Having just a single user in the European Union for which [a company is] not GDPR-compliant means 2-4 percent of their global revenues are at risk.”
Sam Tomlinson, a partner for media, insight and assurance at PwC, has witnessed the disparity between European and U.S.-based advertising businesses firsthand. Since the one-year countdown to GDPR enforcement began, ad tech vendors in Europe have inundated Tomlinson and his group with requests to educate their teams on the far-reaching implications of the rules. From the discussions, it’s become clear to the auditing firm that some of its ad tech clients don’t see the GDPR as a top priority yet.
“Another reason [for the ad industry’s lack of focus on the GDPR] is that ad tech strategic thinking is often happening in the U.S,” he said. “Those ad tech businesses probably have a sales outpost in London or continental Western Europe and are mainly concerned with those teams hitting quarterly sales targets rather than listening to ‘local’ concerns about impending GDPR regulation. That makes it hard to escalate GDPR to the U.S. head office, although there are some signs that’s now starting to change.”
Most marketers outside of Europe are struggling with the GDPR, according to the WFA. The trade body, which questioned 18 companies with a combined spend of more than £20 billion ($26.3 billion) a year, found that 56 percent of respondents said their European teams are more aware of the challenges of adhering to tougher data laws, compared to the global average of 44 percent.
“GDPR has only just begun to really hit mainstream commercial headlines in the U.K.,” said Sue MacLure, head of data at customer engagement agency Psona. “Outside of Europe, there is no reason to have heard about it in anything other than a compliance workshop. And marketers don’t appear to be going to those.”
Stephan Loerke, CEO of the World Federation of Advertisers, attributes the lack of urgency about the GDPR outside of Europe to non-European marketers’ confusion about how the rules affect their global practices, leading them to delay the implementation of necessary safeguards. Furthermore, those same marketers aren’t receiving much help from other parts of the supply chain, specifically ad tech vendors.
“There are a lot of ad tech players who feel that GDPR could potentially put their model at risk, given that a number of those businesses have never had a direct relationship with people and therefore are not in a position to be getting consent for the data that they’ve been using and monetizing for such a long time,” he said.
Some ad tech vendors like AppNexus are making moves ahead of the GDPR. The company is cutting loose all partners that don’t adhere to the rules, and it sowed the seeds of a compliant, people-based ID in May, which other leading ad players, such as OpenX and Rocket Fuel, back.
“AppNexus is future-proofing its business for the next generation of privacy compliance to provide a vital competitive advantage in the new GDPR environment,” said Julia Shullman, senior director and deputy general counsel for commercial and privacy at AppNexus. “Every publisher and advertiser should ensure they and their technology partners are taking steps to prepare.”
The ad industry’s fortifications for the GDPR are set to be hotly debated at the Dmexco conference in Cologne, Germany, this week.
‘We’re netting out with higher revenue’: Publishers reaping the benefits of Snapchat’s strong second half
With CPMs up as much as 20% year over year in the fourth quarter, many Discover publishers are bullish on the upstart platform for next year.
How Cosmo is building brand affinity with younger audiences through its focus on commerce
Cosmopolitan's focus on e-commerce through a line of branded wines and its own shopping holiday has led to a 254% increase in product sales.
‘Go to market faster’: The Washington Post’s Arc goes outside the tent for payment and data integrations
Subscriber revenue has become more of a priority to the Washington Post's Arc clients since it launched its subscription tools last year.
SponsoredPublishers will lead the charge as cookie-less advertising becomes the norm
Steve Wing, managing director, EMEA, Magnite As the advertising industry moves closer to a cookieless world — one in which browserless environments including connected TV (CTV) and mobile in-app are an increasingly large part of ad budgets — publishers will have an increasingly important role in developing the future of identity. Segment creation and identity […]
‘Profitability in the back half of next year’: BuzzFeed CEO Jonah Peretti (and Verizon Media CEO Guru Gowrappan) on their big merger
A special Digiday podcast episode features Interviews with BuzzFeed CEO Jonah Peretti and Verizon Media CEO Guru Gowrappan.
‘People have had permission to experiment’: Pandemic expedites rethink on 9-to-5 work structures
Starting out as a short-term fix to weather the coronavirus storm, employers are seeing work hours outside the traditional 9-to-5 week as a new normal.