When legislators in the EU came up with the GDPR legislation, I know they had the best intentions to protect the rights of users.
For too long digital media, marketing, and advertising technology platforms have been harvesting and monetising data (albeit cookie data, for the most part) without the knowledge of the user.
The EU decided to take on this practice by introducing the GDPR – and force companies handling PII to give more control to users.
Whilst nobody can argue against the logic of the legislation, I doubt EU legislators could have envisaged the unintended consequences of their lofty attempts to empower EU citizens to take a stand against the questionable use of PII (Personally Identifiable Information).
Here I list the 10 probable unintended consequences of the GDPR and their likely effect on the digital marketing ecosystem in the EU.
1. Strengthening the duopoly, weakening the 20 percenters – in the short term
Many say the GDPR was conceived as a means of blunting the control of the duopoly. This is utter nonsense. Legislators have been concerned about how both Facebook and Google process data, but the GDPR wasn’t architected as a way to control their dominance in Europe.
But one of the biggest unintended consequences is likely to be a strengthening of the duopoly. Their power is absolute in digital advertising. They control nearly 80% of digital spend in the EU.
I am about to tell you that things are going to get worse before they get better. I am predicting that the duopoly is going to get to a 90% share of the digital ad market in the next 12 months.
The GDPR, in its current guise, is a godsend for the duopoly. For years, advertisers and agencies have been pushing Google and Facebook for independent measurement and the ability to extract data. This is useful for basic things like frequency capping and insight.
The GDPR now almost makes this impossible. Google and Facebook will have no oversight. They get to mark their own homework. It’s a ridiculous situation. But brands need the duopoly more than it needs the brands. Those walls just got a little higher; and from the conversations I have been having with European agency heads, more money is coming their way.
2. Big publishers will be the first victim of GDPR
While I have an ambivalent relationship with Google, I do think their stance on GDPR has been correct. Absolute consent is necessary to use and process users’ PII. Legitimate interest is not legally defensible for some of the practices that take place in this industry – Google has been pushing this aggressively and has been backed by the WFA.
What I have been shocked by, in the run up to GDPR, is the way publishers have been approaching it. The majority of them believe legitimate interest will be fine. While this is a grey area, I think they will be first in line to be tested by this legislation.
Go to any of the top newspaper publisher sites and run a cookie audit, and count the number of cookie syncs taking place on a single page.
What’s New in Publishing: GDPR – the Ultimate Publisher’s Guide