Since the introduction of GDPR and CCPA regulations, the world of data-driven marketing started to change its shape. User privacy has become a crucial issue for many companies, so many of them have to change some of their practices to reorganize their data policies. According to Emarketer, 45% of US businesses are in the process of preparation for the CCPA. Still, they aren’t expected to be ready until CCPA comes to the action on January 1, 2020.
The advertising environment is complex and interconnected, as it includes lots of layers dependent on data usage and third-party technologies. This significantly complicates the preparation process, so it is understandable that only less than half of US companies are expected to get ready by the time CCPA comes into effect. Of course, new policies and practices that allow companies to comply with California GDPR are being developed. However, up until these policies will be well-established the question remains: Do these changes endanger ad tech ecosystem or companies just need to prepare well?
How the industry is going to comply with EU GDPR & California CCPA
So how can marketers address both the demand for privacy and accurate personalization in the light of these changes? For some companies, the solution lies in gathering and usage of first-party data. Significant amounts of first-party data integrated to data-management platforms can still be used to create successful targeting campaigns which would also comply with the new rules. This solution is good, but it is only applicable to companies that have the opportunity to gather user data themselves through a tried-and-tested consent mechanism (actual for GDPR consent-gathering). Ð¡CPA regulations are stricter in this manner, as it is required that the websites add a specific link “Do not sell my personal information” if the individual wants to opt-out of such data processing.
For others, the situation is slightly more difficult, and the quest for new decisions continues. In the meantime, Google has started to provide an opportunity to restrict data processing in order to comply with the EU’s GDPR, California’s CCPA). Advertisers and publishers will be able to choose how the data is used for certain users through certain services, such as Google Ads, Analytics, App Campaigns, as Google introduced own measurement for tracking campaigns. This can have little or no impact on measurements or conversion tracking, but personalization and targeting are still subject to debate. This way or another, the CCPA comes into effect from 2020, so the changes are inevitable and the sooner marketers come up with new solutions, the better for the industry.
The real value of data for companies and users
But how much money companies actually make on personal data of each individual? Tech giants like Facebook and Google acquire huge amounts of data every day about every user of their services. At the same time, in 2018, the advertising revenue of Facebook accounted for $55 billion, while for Google, this number got as high as $116 billion. According to the co-founder of Facebook, Chris Hughes, $100 billion per year could be generated from the US companies that use personal data if the 5% tax was introduced. If we divide this sum by the number of American adults, we can see that each individual could receive approximately 400$ per year. These calculations, however, cannot make any difference for consumers, as for now, they have little to no power over the collection and distribution of their data and, consequently, don’t receive any revenue from it.
Several ideas were proposed to change this paradigm and regulate the legal status of personal data. For example, US presidential candidate Andrew Yang suggested granting the right of personal data management to every individual. This would make it possible for users to exchange their data for value and give permission to use it for marketing purposes. He stated that “data is now more valuable than oil” and since people generate massive amounts of data every day, they should also be able to monetize it. These kinds of policies can finally give users some control over their own information and, at the same time, provide sustenance for data-driven marketing strategies.
New approaches and practical applications
Some ad tech companies have already started to offer initiatives that can serve as practical applications to the ideas mentioned above. For instance, blockchain-based browser Brave introduced attention tokens - an interesting mechanism to reward user attention and collect their data while complying, which GDPR and CCPA. It works like this: when users watch an ad, they receive basic attention tokens for it as a reward for their attention. These tokens can then be spent by users as they please, for example, to support their favorite content creators. Another example of such an idea is Blockstack, a decentralized open-source platform, used as an alternative to various popular services (such as Graphite, Google Docs, BitPatron, etc.), which also relies on basic attention tokens.
Another example of such initiative is Metalyfe, a blockchain-based browser where users have all their behavioral data and logins encrypted on the blockchain. This way, users possess full ownership over their data and can disclose it only if they choose to, for example, in order to monetize it. BitClave suggests the same business model, a decentralized search engine, also based on blockchain. It shares the same values. The founders emphasize that the Internet giants “should not be the only ones that benefit financially from the data their users give away.” Perhaps, if this shift will take place in the way how we treat our data and who has the power over it, a digital environment will finally become a fairer place for every participant of the advertising ecosystem. The foundations for this change are developing right now.
The future of targeting
One of the most significant areas that the EU’s GDPR and California CCPA policies have affected is targeting. Despite the fact that there are numerous types of targeting and that technology is constantly developing, all those methods are united by what they rely on. It is data that makes all types of targeting and retargeting possible, as well as machine learning and new sophisticated ways to analyze and work with this data. This core element cannot be replaced by modeling or calculations, especially when it comes to behavioral or personal targeting. Still, the more data is available about consumers, the more predictive it can become. Some clues about customer preferences can originate from quite unforeseen sources, such as their musical tastes or favorite activities. Those can reveal unobvious relations between preferences in different areas and, for example, personality traits.
With the introduction of GDPR and CCPA, it may seem that all those advances are now under threat, as the data will now be much harder to obtain and, hence, further development of targeting and retargeting may be slowed down. But is it really so and how can one turn constraints into benefits?
First of all, it is worth noting that not all kinds of data will be restricted by new legislation, so there will still be plenty of information to collect and analyze. Perhaps, new approaches to understanding customers will give us new insights as we shift our attention to things that might have been missed out. Another essential matter is that companies actually use not all of the collected data for marketing. It is a regular situation when the information keeps piling up because it isn’t really useful. In this sense, GDPR and CCPA can turn out to be good change-makers, as they turn data management into the more conscious process. Only useful information will be collected, so that maximum benefits will be extracted from every piece of it.
At SmartyAds, we always strive to create opportunities to stay on the verge of innovation. This is what helps our technologies to adjust to the ever-changing market requirements and regulations. With SmartyAds DSP you can create successful targeting campaigns that generate the highest profits but still go hand-in-hand with fundamental user privacy regulations.