After months of compliance preparations, deadline day is finally upon us. Today, 25th May, is the day that the General Data Protection Regulation (GDPR) comes into force.
The purpose of the GDPR is a well-meaning one. It is an embodiment of the public’s growing recognition of the value of their data, and its desire to have more privacy in an increasingly digital world. But as companies complete their compliance programmes and implement the GDPR, has the regulation fulfilled its intended aim?
Asking the audience
Proponents of the GDPR have argued that giving audiences increased control of their data will improve the quality of online communications. By only using audience data only when people have opted in, or where it is necessary, recipients may be spared from unnecessary or irrelevant messages.
But this argument hasn’t been without its critics. Indeed, many ad tech and mar tech vendors would argue that using big data to personalise transactions has created a more enjoyable digital experience for audiences. It only takes a brief scroll through your email inbox this week to understand why the GDPR deadline day hasn’t been met with the enthusiasm that might have been expected of consumers (GDPR geeks can find some of my favourite reaction memes on these links: 1, 2 and 3).
This public outcry is because many companies have chosen to maintain their mailing lists by contacting customers to ask if they still wish to remain subscribed to their missives. I can certainly vouch that this has led to a deluge of messages from companies with whom my relationship has been consigned to the depths of internet history. This digital clutter has by no means made my browsing more efficient nor enjoyable.
However, that’s not to say that this won’t change after 25th May. With businesses stating they will only contact consumers who have opted-in, users might find that their inbox becomes clearer as the rush to get consent before the GDPR deadline passes, and they only receive the emails they have chosen.
It’s also worth noting that the responsibility for this clunky process rests not only with the European Union, but with the marketers who had not used the months in the run-up to the implementation deadline as an opportunity to discover which members of their mailing lists were still active. If customer relationships can be reignited, then data is worth keeping. If not, consider that cleansing databases ahead of the deadline day could make marketing processes more targeted, increasing open rates and the quality of communication.
Assessing the impact
For some firms, GDPR is seen as a burden, and compliance is perceived as either time-consuming or unnecessary. In a testament to this, only four in ten companies claimed to be GDPR compliant last month, although 80% said it was a top priority. If few companies actually implement the regulation, then it could become difficult to enforce at all, as with so many rulebreakers to target, luck is on the criminal’s side – similar to how illegal downloads became a force out of the music industry’s control in the early 2000s.
Undoubtedly, there are industries where the regulation has had a bigger impact than others and these firms have been given the difficult challenge of finding new working processes. Adtech, for example, has been rocked by the rule, and firms have been scrambling to ensure that their operations are compliant and that data is used fairly.
Organising data flows and lightening the load
But many organisations have found that compliance has brought additional benefits, beyond avoiding the fines. Uncovering how data flows around an organisation has brought efficiencies for many companies, streamlining processes, breaking information silos and identifying security risks. Many marketers have also been forced to explore how exactly data is shared through technologies on their website. By unmasking digital supply chains, marketers can rationalise their ad tech and mar tech stack and avoid website latency.
It could be argued that while compliance has been burdensome for the companies who may have lagged behind, proper data management procedures are essential to the smooth running of a company.
For ad tech in particular, GDPR is an opportunity to examine how data is shared, giving marketers an incentive to better understand their digital operations and the advertising ecosystem a chance to consolidate in favour of the best-performing players. The time spent on compliance is, therefore, an investment for the future.
Looking forward (to fines?)
Ultimately GDPR is a well-meaning regulation that aims to tackle the highly complex world of data collection, processing, and sharing – a world that almost all of our daily actions are built on. Whether the law can be practically enforced, and whether it has created a smoother experience for online audiences remains to be seen. But at this early stage, one thing is for certain: GDPR is the talking point of the moment, meaning companies are now making data governance an essential part of their operations.
By Rebecca Morgan, Account Manager