100 Days Later: Why GDPR Has Been Good for Google and Facebook Most of All

September 7, 2018 — by MediaMath    

This post originally appeared as a byline in Campaign.

It has been more than three months since companies operating in the EU implemented the regulatory framework with the aim of stamping out opaque and irresponsible handling of consumers’ personal data.

So how is Europe’s €8bn programmatic advertising and marketing sector doing post GDPR?

Overall, it’s clear the buying and selling of digital advertising has already become a lot more ordered and transparent, with far greater respect towards consumers, which is years overdue, GDPR is a much-needed force for good. Across the whole sector – brands, agencies, media owners – GDPR has forced innumerable conversations about how to protect consumer privacy and personal data.

Thousands upon thousands of man hours have been expended on preparing for and executing this at large companies Europe wide and beyond. What’s emerging very clearly is a digital industry that’s sleeker and more responsible, but also as powerful as ever in its ability to build meaningful connections with consumers.

But if the picture is generally positive for brands, things are more nuanced for the publishers. Larger publishers tend to have the resources to shoulder the regulatory burden and establish reputations for GDPR compliancy quickly. However, some have struggled to get the right consents from consumers or have hit technical issues, impacting businesses that are already under pressure.

Many have begun to consider becoming part of a pooled identity framework owned and responsibly operated by an independent third party. Deterministic people-matching, to identify individuals across devices, can help ensure that publishers can capture marketer budgets in the manner in which those marketers wish those budgets be spent.

Across the sector, the larger players – including agencies – have been at an advantage, as they’ve got the resources to vet their data, identify and eject risky partners and potentially fight investigations and fines if it comes to that. Some entities providing audiences, faced with having to strip out consumer data that is now heavily regulated, for instance health, ethnicity, politics or location, have suffered or even stopped doing business in Europe.

All this has, of course, been pretty good for the two behemoths of the sector – Google and Facebook, both of which have alternative means to obtain consumer consent. Indeed, Google’s strong recent results are thought to reflect a shift in spend towards companies with large amounts of first-party data.

What’s good for Google and Facebook – who are often both partners and competitors to other players in our highly complex industry – isn’t necessarily beneficial for everyone else, though.

In response to GDPR, Google and Facebook have raised the walls around their ecosystems, with Google, for instance, restricting the use of its identity system to external partners. This means forcing advertisers to be more fragmented across platforms, tools and inventory sources, making advertising more expensive for buyers and more annoying for consumers.

Google has indicated that it will, but does not yet support, the Internet Advertising Bureau Europe’s Transparency and Consent Framework, meaning that, at least for now, already embattled publishers need to deal with both Google’s own rules as well as the emerging cross-industry standard.

Fortunately, alternative solutions are emerging that meet or exceed legacy capabilities while also recognising and respecting consumers and their wishes. Indeed, the true north for the industry is the promise of buying tools that are inclusive of all media and data whether that resides in open or “closed” environments.

So, there are challenges with the GDPR – it’s consumed vast amounts of management time and made it difficult for smaller players to keep pace. Of course, if you get the GDPR wrong, there could be a fine of €20m or 4% of global revenues.

That said, we are still in an uncomfortable and uncertain period as there is no body of precedent for how it will be investigated or enforced yet.

In a final analysis, whatever the transitional inconvenience, the challenges of the GDPR are easily outweighed by the benefits. We are building a more transparent industry shorn of dubious practices. We are connecting with consumers – whose trust we all ultimately depend on – in a more honest and, therefore, meaningful way.

And we are embedding standards that will enable our industry to develop and continue to grow steadily and sustainably.