GDPR is coming, and many U.S. ad tech firms aren’t ready
In the lead-up to Dmexco in Cologne, Germany, which brings together the world’s ad tech decision-makers, the elephant in the room is the implementation of European Union rules on data protection that will become enforceable in less than a year.
For many visiting American executives, the drumbeat of warnings could serve as a wake-up call of sorts. As of next May, advertisers won’t be able to market to individuals without obtaining specific consent to use their data. It won’t matter whether a company’s servers are held in Israel, India or the U.S. — if it is storing the data of an EU citizen, it must abide by the General Data Protection Regulation or face fines.
The warnings can be dire. Johnny Ryan, head of ecosystem at PageFair, has said the regulations could “rip the digital ecosystem apart.” Several ad tech executives have noted that some U.S.-based vendors see the rules as a regional rather than international issue, while others are delaying preparations for the GDPR because they fear losing money.
From an American perspective, GDPR is difficult to fully comprehend: sweeping regulations that have 99 articles and 173 recitals. Some are betting that the sheer scope of GDPR means EU regulators will struggle to enforce it, said Matt O’Neill, gm for Europe at ad verification business The Media Trust at ExchangeWire’s ATS conference on Sept. 11. When the GDPR came up at a recent industry event, one industry source said none of the people they spoke to could confidently say they had a plan in place.
Businesses outside of Europe aren’t necessarily reluctant to adapt for the GDPR. The reasons they’re delaying preparations have more to do with procrastination, not reading the fine print and, most importantly, not fully processing the GDPR’s implications, said Shane Minte, U.S. head of supply at mobile data platform Ogury. “It’s one of those things that, due to the geography, might feel like a distant problem, yet it is going to affect us all,” he said. “Having just a single user in the European Union for which [a company is] not GDPR-compliant means 2-4 percent of their global revenues are at risk.”
Sam Tomlinson, a partner for media, insight and assurance at PwC, has witnessed the disparity between European and U.S.-based advertising businesses firsthand. Since the one-year countdown to GDPR enforcement began, ad tech vendors in Europe have inundated Tomlinson and his group with requests to educate their teams on the far-reaching implications of the rules. From the discussions, it’s become clear to the auditing firm that some of its ad tech clients don’t see the GDPR as a top priority yet.
“Another reason [for the ad industry’s lack of focus on the GDPR] is that ad tech strategic thinking is often happening in the U.S,” he said. “Those ad tech businesses probably have a sales outpost in London or continental Western Europe and are mainly concerned with those teams hitting quarterly sales targets rather than listening to ‘local’ concerns about impending GDPR regulation. That makes it hard to escalate GDPR to the U.S. head office, although there are some signs that’s now starting to change.”
Most marketers outside of Europe are struggling with the GDPR, according to the WFA. The trade body, which questioned 18 companies with a combined spend of more than £20 billion ($26.3 billion) a year, found that 56 percent of respondents said their European teams are more aware of the challenges of adhering to tougher data laws, compared to the global average of 44 percent.
“GDPR has only just begun to really hit mainstream commercial headlines in the U.K.,” said Sue MacLure, head of data at customer engagement agency Psona. “Outside of Europe, there is no reason to have heard about it in anything other than a compliance workshop. And marketers don’t appear to be going to those.”
Stephan Loerke, CEO of the World Federation of Advertisers, attributes the lack of urgency about the GDPR outside of Europe to non-European marketers’ confusion about how the rules affect their global practices, leading them to delay the implementation of necessary safeguards. Furthermore, those same marketers aren’t receiving much help from other parts of the supply chain, specifically ad tech vendors.
“There are a lot of ad tech players who feel that GDPR could potentially put their model at risk, given that a number of those businesses have never had a direct relationship with people and therefore are not in a position to be getting consent for the data that they’ve been using and monetizing for such a long time,” he said.
Some ad tech vendors like AppNexus are making moves ahead of the GDPR. The company is cutting loose all partners that don’t adhere to the rules, and it sowed the seeds of a compliant, people-based ID in May, which other leading ad players, such as OpenX and Rocket Fuel, back.
“AppNexus is future-proofing its business for the next generation of privacy compliance to provide a vital competitive advantage in the new GDPR environment,” said Julia Shullman, senior director and deputy general counsel for commercial and privacy at AppNexus. “Every publisher and advertiser should ensure they and their technology partners are taking steps to prepare.”
The ad industry’s fortifications for the GDPR are set to be hotly debated at the Dmexco conference in Cologne, Germany, this week.
‘Necessity drives innovation’: Despite the economic downturn, upstart agencies are finding their way to launch
Agencies are launching despite— and as a result of — the pandemic as new creative opportunities arise from the disrupted marketing landscape.
‘Fewer, bigger, better’: RFP close rates rise for publishers as buyers look to keep things simple
Some publishers are now closing close to half the RFPs they send out. The trick is getting onto the shortening lists receiving the RFP.
Inside the Atlantic’s triumphant and tumultuous run during the coronavirus pandemic
The Trump 'losers' and 'suckers' scoop provided a boost not only to The Atlantic’s renewed sense of importance, but to its bottom line.
SponsoredFor brand marketers, watch parties are where connections and entertainment meet
Jen Prince, managing director, media and entertainment, Twitter Bridget Harvey, head of media and entertainment strategy, Twitter Next Whether it’s finding new shows, rewatching old favorites or tuning into a history-making world premiere, watching movies and TV at home brings people together during times of isolation. And while audiences are looking to be entertained, they’re also […]
Member Exclusive‘Stricter than the ad tech industry expected’: Apple clarifies its upcoming privacy changes will leave little wriggle room
A recently published FAQ section on Apple's developer site offers more clarification on how its forthcoming app privacy changes will be applied.
‘Retention has been one of our best stories of the year’: Bob Cohn on steering The Economist through crisis
The Economist has recently switched tactics from being 'an acquisition machine' to honing its subscriber retention tactics — a move its recently appointed president says is paying off.