Why anyone whose business relies on personal data would be ungrateful for the GDPR (General Data Protection Regulation) is a mystery to me: it is a huge step in the right direction, designed to benefit data holders and consumers alike. There are costs to becoming ready, and the potential risk of being fined for non-compliance – but these are short-term problems, which will soon be forgotten in the wake of a more transparent, efficient data economy.
In relation to digital advertising, the new regulation will have a positive impact on the quality of the data used for targeting, the relevance of ads, and the attitude towards those ads on behalf of the consumer. Ultimately, GDPR will greatly enhance the performance of any digital marketing campaign.
Creepy vs. Relevant
Online advertising treads a fine line between being creepy and relevant. An oft-cited example comes from the US clothing store, Target, which epitomises the current issue with targeted advertising. Using an algorithm to analyse the purchasing habits of its customers (based on data obtained from loyalty cards), Target was able to predict, amongst other things, when one of its shoppers became pregnant and adapt its marketing accordingly.
On one occasion, Target sent a bundle of soon-to-be-a-mom-related coupons to a 16-year-old customer; her father sent an irate complaint, only to discover that Target, before even the daughter had realised it, was right.
This is an extreme case of creepiness, yet this feeling and a number of other synonymous attitudes, are prevalent amongst recipients of targeted advertising. And underlying this sense of creepiness, is ultimately a lack of trust. According to the largest European consumer survey to date, the Special Eurobarometer 359 report (2010), ‘70% of Europeans are concerned that their personal data held by companies may be used for a purpose other than that for which it was collected.’
Furthermore, ‘Just over a quarter of social network users (26%) and even fewer online shoppers (18%) feel in complete control.’ The Symantec State of Privacy Report (2015) reports similar findings: ‘only 22% trusted “tech companies” to keep data completely secure and only 10% trusted social media organisations’. And, considering current practices, it’s not really that surprising that this is the case.
As a result of this lack of trust, many consumers are resorting to either not sharing their data, or falsifying it. A report by the Pew Research Center (2013), found that ‘an estimated 86% of consumers in the US had falsified or misrepresented their personal information online’.
Further stats from Pew Research
In a report published earlier this month in the Journal of Marketing Management, Girish Punj warns that ‘the trend towards the falsification of online information could be particularly detrimental for mobile commerce firms because they require accurate location-aware, real-time information on consumers for personalising communications and customising product offers’.
In simple terms, the current relationship between advertisers and consumers is damaging to both parties. GDPR presents a massive step forward to repairing this relationship, and improving personal data quality.
Greater media transparency has become the number one priority of advertisers over the last couple of years, especially since the publication of the ANA K2 report in 2016. What about transparency between advertiser and consumer?
At the moment, internet users are heavily deterred from making an informed decision about whether to share their data, the potential consequences of such sharing, and what exactly is happening to their data once it has been submitted.
In the previously mentioned research by Symantec, ‘59% of respondents said that they only skim read the terms and conditions when buying products or services online’ and ‘14% said they never read the terms and conditions’.
The Eurobarometer research found that ‘58% of respondents who use the internet usually read privacy statements’, but ‘24% of those who read them said that they did not fully understand what they are reading.’
A study by the ICO (2015) found that a focus group’s ‘awareness of privacy notices was extremely limited’, and number of studies have criticised the lack of granularity in options, leading to consumers needing to make compromises, e.g. opting to share data in exchange for valuable information.
The positive impact of GDPR
If GDPR is able to achieve what it sets out to – ensuring data transparency, increasing individual control – then advertisers can expect a much improved relationship with their audience. A study by the Thurgau Institute of Economics (2015) concludes that ‘transparency leads to an increase in the individual’s willingness to share personal information as the individual is able to see and assess the collected information and the possible use of it’.
Part of transparency is understanding the benefits of data sharing. A study by Sciencewise, a UK government-funded programme, found ‘personal benefit to be the strongest incentive’ for those in favour of sharing personal information, yet, according to a study by Deloitte (2012), ‘62% of consumers are not confident that sharing their data with companies or public sector bodies will result in better services or more relevant products’.
The majority of internet users don’t believe in the benefits of an open data economy, but GDPR will help to make these benefits clearer. In terms of advertising, the main advantage will always be greater personalisation, along with the more indirect, general reward of a more efficient ad industry driving economic growth. Beyond this, there is the potential of data to be used for improving services, and generating a global network of information with incalculable social benefits.
We need to make GDPR work
GDPR, for all of the praise within this article, is imperfect. There are a number of foreseeable loopholes that may be exploited by data holders, potential limitations to the efficacy of the regulations in terms of empowering individuals to exercise their new rights, and a number of ambiguities that may lead to confusion when the law becomes implemented next year.
A number of commentators are also questioning to what extent data holders/processors will fulfil the ‘privacy by design’ principle that is so important to the success of the EU’s ambition. And, so long as businesses are convinced that non-transparent data practices are to their advantage, there is plenty of reason to be pessimistic about GDPR: perhaps, despite all this anticipation, it will actually have very little impact?
The answer depends on all of us. Not since AdWords has there been a better opportunity for improving the transparency of advertising, and for aligning the interests of consumers with the objectives of businesses. It is up to all of us on the other side of the screen to use GDPR to make advertising better, and rejuvenate the digital world.