Aside From GDPR, Many Changes On The Horizon For User Data

“Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.

Today’s column is written by Tim Sleath, vice president of product management at Exponential.

The General Data Protection Regulation (GDPR) that will be upon us in less than six months is one of a wave of changes that will profoundly affect the balance between individual users and advertisers.

Users are becoming savvier about the data bargain in which they’re engaging and making more of an effort to curtail data sharing.

A really clear case of changing expectations is visible in the activities of two data-rich and data-savvy organizations: Spotify and Netflix. Last Christmas, Spotify was lauded for its “clever” campaign leveraging its users’ data. This year, Netflix finds itself accused of being “creepy” by running pretty much the same campaign using the same kinds of data. Netflix’s offending tweet: “To the 53 people who’ve watched ‘A Christmas Prince’ every day for the past 18 days: Who hurt you?”

What has changed over the past year? Consumers are becoming more aware, and hence more wary, of the data exchanges that are happening, and businesses will need to react to this growing consumer sentiment. 

There are a variety of initiatives exploring the change in mood and putting the control and value of personal data into the hands of individual users.

Services such as digi.me, Social Data Collective and Datacoup, for example, have been around for a while to help users understand and monetize their data across devices. But until now, such services were only a novelty, as they didn’t actually provide effective control over the data flows. With the advent of GDPR, such systems can realistically also handle consent and hence be the gatekeeper for users’ valuable data.

“GDPR compliance” is claimed by Datafund, a new protocol designed to protect and reward personal data, powered by blockchain (what else!).

Consumers As Marketers

GDPR revises the role of users in the flow of data from merely “data subjects,” helpless in the face of corporate interests, to data controllers in their own right. We are all controllers of our own personal data.

The impact of this is both subtle and profound, and it is also timely. Social platforms have turned us all into potential marketers, and this category of authentic, human and personalized advertising will be a major growth vector in the next year or two. For example, there is influencer marketing enabled by companies such as Octoly, which was recently acquired by Havas for $10 million. Then there’s the referral marketing practiced by Mention Me, which relies on non-influencers spreading recommendations through their networks. Or there’s C2B monetization of pure data; Streetbees rewards users for marketing information requested by brands.

What all of these have in common is that the user, not a corporation or government entity, is in control.

We will start to see more of these kinds of services in 2018 as connected IoT devices bring consideration of personal data into the home environment. That introduces an additional dimension.

Besides the brands consumers interact with online, the companies that know about their take-out food ordering habits or show targeted ads on the family TV screen will be aspects of everyday life that will need to be managed. Tools don’t exist today to handle this complexity of relationships, but they surely will arrive during 2018 as Google Home and Amazon Echo insinuate themselves further into our domestic arrangements.

More Regulation

As noted, GDPR is not the last piece of legislation we need to think about next year. The ePrivacy Regulation, while is still in draft and the focus of some determined lobbying, looks likely to require user consent for any and all electronic/digital user interactions. The law will likely be finalized in 2018, even if it only comes into effect in 2019 or 2020. While GDPR suggests as much, this new regulation really will mean all online transactions need to have user consent to be lawful.

Fortunately, IAB Europe recently unveiled such a proposition in the form of the “GDPR Consent Mechanism.” While specific details have not yet been released, the idea is clearly a close industry alliance to ensure the many mutual cookie-syncing operations can be carried out as smoothly as possible under the new regime, requiring buy-in across advertisers, publishers and the ad tech intermediaries.

If you had some thought that it might just to be easier to operate in the US and deal only with US users, here is the bad news: The Network Advertising Initiative has refreshed its code for 2018 by defining device-identifiable data to align more closely with the changing EU laws.

The industry is set for a potentially challenging 2018 as we adapt to a world where the user must be treated with greater importance than ever, and data will need to be carefully curated rather than hoarded in bulk. It will still be possible to innovate, but the internet is about to grow up and become a less scrappy, less messy and, ultimately, more respectful place – at least in terms of the user, brand and publisher relationship.

Follow Exponential (@exponentialinc) and AdExchanger (@adexchanger) on Twitter.

This post was syndicated from Ad Exchanger.