GDPR vs. MarDaTech: the battle has already started


Tweet about this on TwitterShare on FacebookShare on LinkedIn

battleship game

May 2018 approaches. Marketing and advertising technologies are bracing for impact. The EU’s Global Data Protection Regulation (GDPR) is marching forward in full force, and there are already a good number of official tools and guides in existence aimed at facilitating compliance at many levels.

But I know almost nobody in marketing (or “martech”) has the time needed for a proper review of the documentation, plus plenty of infographics and quick guides are widely available anyhow. This post has a more ludicrous (and yet quite actionable) mission in mind: taking a guess at the most likely outcome of what promises to be a bloody battle.

What’s at stake?

If you are in “adtech”, mostly everything, bearing in mind that almost every piece of data you collect and exchange about your audiences has been gathered without express user consent and can hardly be altered or removed in an efficient manner across the entire chain.

But things are not much rosier if you play in the “first-party data” world of “martech”. Primarily working directly with brands does not mean that audience information is not exchanged and shared across multiple devices, environments, media, platforms, or even brands. Or that such information was collected under express user consent in the first place.

Bottom line: The “PII” (Personally Identifiable Information) threshold is gone. It does not matter that you now store an encrypted identifier or “anonymized” id – the new framework will still apply (rendering it “pseudonymous data”). It will apply to cross-device measurement, data onboarding, most cookies… and it will do so to leave you with very little left.

  • DMPs that run “co-op” audience pools… gone.
  • Customer Data Platforms (CDPs) that build a single view of the customer without express permission at every different touchpoint they integrate… gone.
  • Web analytics practices that allow for the enrichment of audiences with CRM data… gone.

Or are they?

Well, that is the nature of the battle. It can mostly go two ways: towards full enforcement and general compliance; or towards very light enforcement and a “back to business” approach.

The difficulty of the task and limited resources of the enforcing bodies (EU national data protection agencies) seem to favor the latter outcome. The general public awareness with regards to certain rights, which can quickly result in expensive user-led actions, may, however, tip the balance towards the former.

But how far can a permission-based, or Privacy by Design system take us? Does this not go beyond basic compliance of our current activities?

The reality is that it can take us to an entire new world of opportunities in which everything we know today gets inverted and reshuffled.

Since we have been representing everything we know today through the MarDaTech landscape (please use our 2017 update as a reference), I believe using the same diagram to illustrate change could be especially useful. And this is it:

mardatech diagram 2017

Summarizing what amounts to plain speculation at various levels:

  • AdTech is replaced by CustTech (see Project VRM for more info on this hot topic), as it is Customers who are in control of the data they share and the experiences they receive in exchange
  • The lower quadrants (“data as fuel”) are replaced by the said “share” and “experience” actions
  • The backbone is no longer brand-managed or agency-managed. Not exclusively anyhow, as the only effective manner to let users control their data is actually keeping data within their reach – which points directly towards a blockchain solution
  • Other pieces in such middleware act as necessary brokers between people’s data vaults, experience providers, and brands (if different from them) – a few fancy names are added for illustrative purposes: “CDE” stands for “Customer Data Exchange”; Customer Data Hubs are replacing CDPs.

Does this sound wild and improbable? I guess. Does it help to expand our thinking a little bit, just in case we find ourselves there in seven years or less? You tell me.


[The impact of GDPR on Digital Intelligence has been covered by our recent SWEETSPOT POCKET GUIDE TO DIGITAL INTELLIGENCE (free download)]

Tweet about this on TwitterShare on FacebookShare on LinkedIn

Sergio Maldonado

Founder & Chairman at Sweetspot. Author, speaker on analytics, marketing technology, privacy compliance. JD, LLM (Internet law). Once a dually-admitted lawyer. Father of three. I love surfing and cooking.

Add a comment

Sweetspot 2017 lessons learned - Sweetspot

[…] Sweetspot CEO, shares his predictions on the possible implications of what is sure to be a bloody battle. Will this mean the end of adtech and the rise of CustTech? Or will middleware software act as data […]

Published on , 1:57 pm   


I see you don’t monetize your site, don’t waste your
traffic, you can earn extra bucks every month because
you’ve got high quality content. If you want to know how to make extra
money, search for: Mrdalekjd methods for $$$

Published on , 5:10 am   

Try Sweetspot today!

Not Another Dashboard.