The GDPR goes into effect later this month and GDPR compliance efforts are well underway. For example, users of online services around the world are receiving notifications of updated terms of service and privacy policies.
Some of the updates contained in these agreements are significant. Facebook-owned WhatsApp, for instance, has increased its minimum age to 16. Snapchat isn’t abandoning users under 16, but it is changing how some of its features work for its under-16 userbase.
But while big names like WhatsApp and Snap are making changes to deal with the GDPR, not every company is planning to comply with the new rules. Already, a few have decided that the burdens of GDPR compliance are too much to bear and are shuttering part or all of their businesses.
Mobile marketing platform Verve, which relies heavily on location data, has confirmed reports that it is exiting Europe in response to the GDPR.
“We have decided that the regulatory environment is not favorable to our particular business model,” Verve CMO Julie Bernard told AdExchanger. “We are focusing efforts on the strength of our US business as this time.”
Game developer Uber Entertainment is going ever further. It will be shuttering its free multiplayer online game, Super Monday Night Combat, because the costs of compliance would be too high.
As Polygon’s Owen S. Good explained, “Making [the game] compliant would require either rewriting large parts of that system or porting Super Monday Night Combat to Microsoft’s PlayFab platform.” Because the six year-old game doesn’t have massive usage, Uber Entertainment couldn’t justify the investment required for either.
The first but not the last
Verve and Uber Entertainment might be among the first companies to throw in the towel because of the GDPR but they almost certainly won’t be the last. According to a survey of 400 US companies published last week by technology association CompTIA, many firms are still confused about the GDPR and 52% are “still exploring the applicability of GDPR to their business.” As companies become more familiar with the GDPR, expect some to take drastic action like Verve and Uber Entertainment.
Not all of these drastic moves will be noticed because there are countless small businesses that won’t make headlines when they decide not to serve Europe or opt to shutter entirely.
Getting ready to pay the piper
In addition to companies that might decide to scale back or close their doors because of the GDPR, there are also companies that are preparing to pay fines for GDPR non-compliance.
According to Ensighten, only slightly more than a quarter of the 150 UK brand and agency-side marketers it surveyed said they felt “very confident” that they will be fully GDPR compliant by May 25. With that in mind, 45% said their companies are setting aside funds to pay for fines, which could be as high as 4% of annual turnover or €20m, whichever is higher.
Almost certainly, most of these companies aren’t setting aside funds to cover the maximum potential fines, which almost certainly won’t be levied in the early days anyway. But numerous polls have found that many companies see the GDPR as an existential threat, which makes sense given that most companies would not be able to survive a fine of €20m or more.
Ironically, one of the companies that could afford to live with a GDPR fine, Google, has come under fire for basically pushing a lot of the burdens and liability of GDPR compliance on publishers.
Opportunity in challenge
Of course, where there is a challenge, there is frequently an opportunity, and that’s certainly the case with the GDPR. Even companies struggling to comply with it largely see that the work they’ll have to do to become GDPR-compliant has the potential to produce benefit, some of it significant. For example, 69% of the marketers Ensighten surveyed expect the GDPR to enhance the accuracy and consistency of their data.
Because of benefits like this, even companies that know they won’t be GDPR compliant (or near compliant) by May 25 should keep pushing forward with their efforts.