May 2018 approaches. Marketing and advertising technologies are bracing for impact. The EU’s Global Data Protection Regulation (GDPR) is marching forward in full force, and there are already a good number of official tools and guides in existence aimed at facilitating compliance at many levels.
But I know almost nobody in marketing (or “martech”) has the time needed for a proper review of the documentation, plus plenty of infographics and quick guides are widely available anyhow. This post has a more ludicrous (and yet quite actionable) mission in mind: taking a guess at the most likely outcome of what promises to be a bloody battle.
What’s at stake?
If you are in “adtech”, mostly everything, bearing in mind that almost every piece of data you collect and exchange about your audiences has been gathered without express user consent and can hardly be altered or removed in an efficient manner across the entire chain.
But things are not much rosier if you play in the “first-party data” world of “martech”. Primarily working directly with brands does not mean that audience information is not exchanged and shared across multiple devices, environments, media, platforms, or even brands. Or that such information was collected under express user consent in the first place.
Bottom line: The “PII” (Personally Identifiable Information) threshold is gone. It does not matter that you now store an encrypted identifier or “anonymized” id – the new framework will still apply (rendering it “pseudonymous data”). It will apply to cross-device measurement, data onboarding, most cookies… and it will do so to leave you with very little left.
Or are they?
Well, that is the nature of the battle. It can mostly go two ways: towards full enforcement and general compliance; or towards very light enforcement and a “back to business” approach.
The difficulty of the task and limited resources of the enforcing bodies (EU national data protection agencies) seem to favor the latter outcome. The general public awareness with regards to certain rights, which can quickly result in expensive user-led actions, may, however, tip the balance towards the former.
But how far can a permission-based, or Privacy by Design system take us? Does this not go beyond basic compliance of our current activities?
The reality is that it can take us to an entire new world of opportunities in which everything we know today gets inverted and reshuffled.
Since we have been representing everything we know today through the MarDaTech landscape (please use our 2017 update as a reference), I believe using the same diagram to illustrate change could be especially useful. And this is it:
Summarizing what amounts to plain speculation at various levels:
Does this sound wild and improbable? I guess. Does it help to expand our thinking a little bit, just in case we find ourselves there in seven years or less? You tell me.
[The impact of GDPR on Digital Intelligence has been covered by our recent SWEETSPOT POCKET GUIDE TO DIGITAL INTELLIGENCE (free download)]
The ultimate tool for agencies and marketers