Privacy and data protection regulations impact the work of every advertising, marketing and PR communications professional around the globe, and the focus on privacy by consumers and regulators continues to increase. W2O’s team is tracking the most important news and changes that directly influence our industry, including the latest on legislation, new privacy technology, enforcement actions, analysis and thought leadership in privacy and data protection.
Here’s the news we’re paying attention to right now.
The implementation of the EU’s General Data Protection Regulation (GDPR) marked a watershed moment and has raised awareness of digital privacy in particular around the world, including the United States with the impending implementation of the California Consumer Privacy Act (CCPA). The European Commission marked the anniversary with a press release noting that the GDPR has “become a global reference point”, and that nearly 6 in 10 people in the EU know about the data protection authority in their country.
Main Takeaway: Privacy protection is not just a compliance problem, it’s a key differentiator for brands. Marketers need to take action now by embracing privacy as a key component of programs and products. Personalized experiences are not only still possible, but likely even more effective between brands and their audiences when done in a transparent and trustworthy way.
The CCPA comes into effect January 2020, and has a one year look back window – meaning that technically any data collected this year will have to be accounted for. While EU regulators have not been quick to impose major fines yet, it’s reasonable to assume that California may be stricter. Brands who have already dealt with GDPR compliance may be ahead, but still have steps to take, and marketers who have not yet dealt with privacy compliance may be surprised at how rigorous and intensive coming into compliance will be.
Main Takeaway: While the fight over the CCPA and a potential federal regulation to pre-empt it is not over, brands and marketers should be preparing now. As of now, only 14% of companies report being ready, and complex organizations will have a great deal of work to do. If CCPA compliance isn’t a priority yet, now is the time.
This week the Irish Data Protection Commission opened an inquiry into Google, who’s EU headquarters is based in Ireland. This inquiry is focused on “processing of personal data carried out at each stage of an advertising transaction” – and is in a response to a complaint by Johnny Ryan, chief policy officer at web browser Brave. The complaint is focused on Real-Time Bidding (RTB), and whether the way that RTB is conducted represents a data breach.
Main Takeaway: If found to be not in compliance, a judgement against Google would require them to change how their ad systems work at a fundamental level. This is the first major face-off under GDPR of how programmatic advertising general works, and all digital marketers should be paying close attention to this as a potential test case as it could result in massive fines and impact the ad-tech ecosystem significantly.
* The opinions expressed in this post do not constitute or represent legal advice. No liability is accepted by the authors or W2O Group for any action taken or not taken based on the information or any associated communications.