The good, the bad and the ugly: Beware of outlandish GDPR claims

Uncharted waters are something the digital media industry should be used to by now. But the General Data Protection Regulation is a whole new ballgame.

With six months to go until the law is enforced, there’s an equal amount of sense and nonsense being spouted about how to tackle it.

Here are some of the more startling claims overheard in the wild:

The aggressive sales pitch
Supposed “GDPR experts” are making loud claims. One publisher executive balked at being pinned by a third-party vendor with the pitch: “Without using our auditing services, you leave yourself open to extinction!”

The overconfident
It may seem hard to believe, but despite all the scaremongering around the GDPR, a lot of companies are still in denial about it. “The amount of times I’ve heard ad networks say, ‘GDPR and ePrivacy aren’t going to affect programmatic advertising’ — it’s crazy how many companies are still in denial about it,” said a digital marketing exec.

The artful dodger
Beware any niche third-party tech vendor that claims to already be 100 percent GDPR-compliant (there are plenty of them), as it’s highly unlikely they are. The final direction on how to obtain consent and share data won’t be published until next month, so avoid those claiming to be clairvoyants.

The lazy vendor
More than a few publishers’ jaws have dropped after receiving stony responses from vendors when inquiring about how they’re preparing for GDPR compliance. Some vendors seem to believe publishers alone will be on the hook for fines. As such, they’re sitting pretty, doing nothing and expecting publishers to gain consent on their behalf.

The worryingly complacent 
Some are still not taking action because they think the outcome of GDPR enforcement will be akin to that of the European Union’s ePrivacy Directive in 2011: a load of fuss made about nothing. This is not the case, however. “Most worryingly, a company stated to me they wanted to do absolutely zero, as they cited it being the EU Privacy Directive all over again. [It’s] a massive gamble not just in terms of fines, but business reputation, too,” said Lindsay McEwan, vp and managing director of Europe for tag management vendor Tealium.

The blunt approach
There’s talk that some agency holding companies plan to cap programmatic spending to limit exposure to GDPR penalties, according to industry sources. Some are also looking to instigate new insertion orders with GDPR-related terms and conditions. “Agency operating groups have ordered [their agencies] to limit exposure by reducing the amount of programmatic spend to 20 percent of total digital spend up to the end of September, I suspect to boost their own internal supply marketplaces,” said an ad tech exec. “Programmatic is a shitshow. Makes sense to avoid it and be seen to avoid it.”

The bloodsucking lawyer
GDPR lawyers, consultants and information security companies are making an absolute killing, and that will only increase. It’s best to boost your own GDPR knowledge to make your business less at their mercy.

Image courtesy of

More in Media

The Trade Desk and Yahoo are locked in a trading dispute with a looming deadline

If not resolved, it could result in the industry’s largest indie DSP cutting off access to Yahoo’s video inventory.

Why Getty Images and Picsart are partnering to train a new AI image model

The deal let Picsart train create an AI model using hundred of millions of licensed images to power a new platform for both companies.

How a work platform redesigned BuzzFeed’s former offices after moving in

Work platform now occupies the former office space of BuzzFeed.