Originally Published in: ISBA.co.uk/News
February 27th, 2018
The new General Data Protection Regulation is set to introduce fundamental changes to data protection rules in Europe, raising genuine challenges for marketers, ad exchanges, DSPs, SSPs, DMPs and others in the AdTech sector.
With additional compliance requirements and a number of key questions that remain unanswered, the industry is in a state of confusion. However, while the new law will result in undeniable challenges, businesses should think more holistically about the GDPR and embrace the ways in which it will not negatively affect their organisation.
Repercussions relative to responsible action
There is huge uncertainty around the implementation of GDPR and scaremongering in the industry is rife. Marketers need to take a step back and realise they are in more control than they realise. There are two types of fines for data breaches and if businesses have done their due diligence and devised strategies for how they should be building and reacting to it, then the slightest infringement of the new law will not lead to a fine of 4% of overall annual turnover or €20 million.
Any organisation that can demonstrate they have made responsible steps to comply with GDPR are best placed. The repercussions of GDPR are relative to an organisation’s size, impact of breach and the spirit with which it has embraced the regulation. That said, any company that flippantly disregards the law is playing “a very dangerous game”, says Scott Meyer, CEO of Evidon and will be risking everything from bank balance to reputation.
Governing bodies are still preparing
Because it isn’t yet enforced, we are still waiting for the first rulings, with national bodies still providing guidance. Without any jurisprudence, there is no legal precedent. It is therefore down to the organisation to interpret the regulation as best they can, but again in the spirit in which it was produced.
All an organisation can do at this point is be prepared with the resources possibly available to them. A global corporation with thousands of employees across the world have better resources than a firm of 5 in a small rural village – the regulation is designed to respect this and each business, although equally responsible, will be affected in different ways, relative to their size and resource.
GDPR is not bad for advertisers
From lack of transparency, brand safety and data fraud, the AdTech landscape is home to many problematic themes that continue to populate the press and common consensus is that the industry “will be worse off”. Instead of living in fear, marketers should embrace the reasons why AdTech will flourish in this new world and consider the opportunities GDPR will bring, not those it will take away.
It is within your organisations best interests to take control of your data and security now before it is too late. Businesses must seize the opportunity they have before 25th May 2018 and set themselves up for success. While this clean-up may have otherwise taken months or perhaps years, having a deadline moves the industry into action. What will result is a more transparent, safe landscape.