It didn’t take long for trouble to begin.
Once the EU’s General Data Protection Regulation (GDPR) came into force on May 25, 2018, European NGOs immediately started going after tech companies and social networks. To ensure maximum impact, organizations like None of Your Business filed coordinated complaints with different privacy regulators all over Europe. This in turn seemed to confirm a suspicion long held by advocates of a laissez-faire data economy: Is GDPR nothing more than an outright attack on American tech giants? Is it privacy legislation as a trade war weapon?
Well, yes and no—but mostly no. Rather than an anticompetitive broadside, GDPR was and is the long-overdue, if slightly ham-fisted, attempt to secure European values and data protection principles in an expanding tech economy. It was an atypically late attempt, too, a deviation from the EU’s traditional precautionary principle.
Usually, European regulation works to identify and nullify all risks in advance. This is at odds with the post-cautionary American approach of letting innovators, companies, technologies and markets develop freely and dealing with negative consequences after they have materialized.
They have materialized. No matter how much about Cambridge Analytica’s actual role in the 2016 election you believe, it was 2018’s data scandal that kicked off a new awareness for data protection. To be blunt: People are getting fed up with the nontransparent, unchecked, unregulated use of their data. And their governments see the need to act. In this regard, both the CCPA and the NYPA are both prescriptive and descriptive. They provide a legal framework, but they are also a societal declaration of will.
We now find ourselves at what may be the tipping point from the age of optional privacy to the age of privacy as a selling point. Ad blocking has become a default feature in browsers like Google’s Chrome, Apple is pivoting toward privacy by design and even Facebook has come to realize that “the future is private.” That is a huge change for a business that relies on data collection to sustain its “we run ads” business model.
Facebook’s data collection, profiling and predictive analytics, however, pale in comparison to the everyday ad services that plaster our daily strolls along the web. Their cross-platform tracking and cookie ecosystems follow, retrace and predict user paths across the whole online universe, across devices, into mailboxes and shopping carts. Cookies and the ads that feed on them are the final, ultimate iteration of marketing’s traditional go-to approach: visual contact-based marketing. Banner ads. Annoying you since 1994. Maybe.
As CCPA, NYPA and the xxpas to come are set to reduce, minimize and eradicate the value of this age-old form of marketing, marketers and brand managers need to find alternatives. But behold, brands of today: The magic was in you all along.
The end of the ad means the resurgence of the existing customer base and the use of first-party data. Yes, this means newsletters, among other things. Rather than battle for customer growth and new users, brands will need to reengage past users and clients with new services, products and messages.
Many ecommerce retailers in Europe already realize a large percentage of their revenue through direct marketing and newsletters. These are measures that make use of a simple, consensual transaction in accordance with the GDPR: data versus service.
This is actually a very simple deal, a basic building block of brand relationships. In the past years, however, data companies and brands have gone to great lengths to obfuscate this deal, acquiring more and more user data while reneging on fulfilling their part.
Current legislative measures are designed to put an end to this, and brands should regard this as an opportunity to build trust and prepare for the next level. At this rate, we’ll soon see products and services with responsible data use and restrictive approaches to privacy as their USP. Don’t get left behind.
