Many direct response advertisers have flirted with the idea of taking digital media buying in-house, but with the European Union’s General Data Protection Regulation (GDPR) looming, that might blossom into a full-fledged infatuation.
Driven by concerns about fraud, measurement and transparency, many buyers have been looking for ways to gain control over how their budget — and their data — is managed.
GDPR adds fuel to this fire, threatening fines as high as $24 million or 4% of annual revenue for mishandling consumer data. Advertisers are taking a hard look at how their data is gathered, stored and shared, and concluding that there’s no longer room for a supply chain filled with middlemen who add little value. They have become a liability, and it’s tempting to rethink the entire process.
GDPR elevates the importance of transparency.
GDPR will go into effect on May 25 this year. The guiding principle for the regulation is to give consumers greater control over, and insight into, how their data is used — including pseudonymous data like that used to construct behavioral and probabilistic audience profiles. Putting aside the complexity and cost of compliance, publishers and advertisers alike are worried that consumers will take them up on the offer of privacy, reducing the opportunity to deliver valuable, well-targeted messages. It’s the primary reason GDPR is causing such a knee-jerk reaction.
The supply chain has seen its fair share of transparency problems in the last 18 months, and they’ve collectively shaken the confidence of major players like P&G and, more recently, Unilever. But most of these issues have been limited to budgets, which are easy to track and understand. With GDPR, data is the issue in question, and the harsh reality many CMOs are facing is that they never had a good grip on what their companies did with data.
GDPR won’t allow such gray areas, so gaining transparency into data usage is now becoming an organization’s biggest priority. It doesn’t matter if you’re a data controller or a data processor; the important thing is that, as a brand, you understand how your customers’ data is being used. If you’re a direct response advertiser, you have two options to meet your obligations under GDPR: Rely on your advertising vendors or take the time to understand how your customers’ data is being used and how they want it to be used.
The first option of relying on others could be the path to the disaster advertisers fear, yet it’s the exact route many are taking. Often, these vendors provide no transparency around fees, audience makeup and sites on which ads are served. It’s foolhardy to trust them to operate in the spirit of transparency that GDPR demands. Instead, expect obfuscation of how your customers’ data is being shared and how consent was gained, and every effort to meet the letter of the law without embracing its message. Brands kicking the issue down to third-party vendors are treating this as a technical problem for someone else to solve, instead of recognizing it as an opportunity to be open and build trust with their customers.
The future is bright.
Echoing Louis Brandeis’ observation that “Sunlight is said to be the best of disinfectants,” GDPR can ultimately have a positive influence on the ad tech ecosystem. The need for transparency will likely accelerate a more direct relationship between advertisers and publishers as consumers make consent decisions based on interest and trust.
Today’s ad platforms and networks will end up with weakened audience data, making arbitrage business models harder to pull off. For some advertisers, this will serve as a catalyst to start eliminating the middlemen. They’ll run campaigns in-house to maintain control of their customer data, potentially with custom software developed internally. New, more transparent software platforms will emerge to help advertisers and publishers connect directly at scale.
The more lasting legacy of GDPR will be that consumer data will be abused much less and the companies that have made a living off that abuse will have a harder time doing so. While GDPR isn’t directly causing brands to take an in-house approach to their advertising, it’s certainly adding fuel to the fire. Years from now, advertisers may look back at GDPR as the push they needed to bring transparency to ad tech, even if now it feels more like the last straw.