How the marketing ecosystem is responding to GDPR

GDPR and Consumer Privacy Regulations - NetLine

A look at the industry response to GDPR and outlook on the new California data privacy legislation

Much like the fury of the Y2K hype, pre-GDPR discussion spiraled on blogs, in tweets, articles, whitepapers and emails galore (ironically). Unlike the apocalyptic outcomes of other “ominous” dates in tech history, May 25, 2018 marked the flipping of a switch to protect privacy and prioritize UX for EU users. What’s actually happened is an ongoing discussion that didn’t simply fizzle into pop culture infamy when the clock tolled 12:01.

Nay – the internet did not break, BUT, many sites are still grappling with the notoriously vague language of GDPR. Opt-in via legitimate interest, soft opt-in and consent-based opt-in have become a hazardous trifecta that many marketers are either ignoring or painstakingly abiding (sometimes, to a fault.)

Almost simultaneously, the Facebook/Cambridge Analytica controversy brought about data management scrutiny for tech companies and advertisers. On June 28, 2018, California passed legislation (California Consumer Privacy Act of 2018) that closely echoes the data privacy stipulations of GDPR and goes into effect in 2020; this could mark the beginning of a revolution in consumer rights for the US. It’s a new age of awareness for consumers, users, and companies who want to retain good-will with their audiences.

What we’re seeing

Post-May 25, we’ve seen an array of responses to the regulations: from dismissiveness to exhaustive measures that effectively eliminate a brand’s entire EU audience. By proactively unsubscribing all of their EU users through asking them to “re-opt-in”, some marketers are reevaluating their global online footprint. Playing into the economic downside predicted by GDPR critics, these marketers are erring so far on the side of caution, they’re willing to withstand some loss for fear of the astronomical fines promised by GDPR for non-compliance. These fines can be even more devastating for smaller companies, so “better safe than sorry” makes sense.

cookie consent post gdpr

This is a proper cookie consent, as seen on the ico.org website.

Then there are others – half-heartedly posting cookie disclosures that don’t solicit for acceptance or have continued to bury opt-out links and tout verbose privacy policies. Whether you’re B2B or B2C, it’s clear that GDPR is forcing some areas of the marketing industry to scrutinize their practices and in some cases – their entire business model. With the passing of AB 375 in California, more states in the US are likely to adopt the consumer-friendly GDPR-ish protections, so companies will have to revisit their data privacy infrastructure again in two years.

 
 
 
 
 
So what’s next?

If you’re using the right tools, it shouldn’t be that scary and can actually improve the quality and ROI of your marketing toolkit. Hear us out.

Those marketers who thrive in the wake of GDPR (and the dawning of US regulations) will be those who capitalize on/obsess about great user experience already.

For lots of organizations, the trouble with GDPR compliance begins with a fundamental disconnect from their audience. Whether that’s by design or by culture, publishers and marketers looking to monetize where ever possible at the users’ expense are probably still in-fighting over how to approach GDPR.

Put it this way: have you ever been enticed to read a “Get Thin Quick” article, only to face disappointment that the answer is diet and exercise?

GDPR is kind of like that – companies looking for the quick and easy solution, without modifying an annoying UX for their EU users, are still scrambling for how to “hack” compliance. Meanwhile, there are organizations who have developed their healthy meal plans and gradually introduced exercise into their routines. Those guys are taking GDPR head-on and their users appreciate it. That means return traffic and loyalty from users. And isn’t this what we’re after?

What we’re saying is that it takes some work and a perspective that the user experience on their web properties are more important than “hacking” GDPR. Sure, there are some sites that may crumble in the wake of GDPR – but those are the businesses that put an unsavory spin on marketing anyway. GDPR = SPAM-Be-Gone! And for marketers relying on these “solutions”, the tide is shifting towards real options that drive value for your brand and for your users. That also means less risk for marketers who deploy these solutions to their audiences and on behalf of clients. Those companies that consider the user as the core of the model will emerge the winners and acquire customers whose vendors never really cared about that.

Scale isn’t always a predictor of compliance

As a consumer of martech for the benefit of your audience, there’s a trickle-down approach to responsibility that has had marketers spooked for months. Some martech platforms have provided vast repositories of resources on their compliance measures. For marketers using these solutions to cover the full range of digital marketing activities including email, forms, website, etc., that content should be expected and studied.

But, just because your vendor is big doesn’t mean they know what they’re doing. Infographics and blogs are helpful (we hope) but actions should be audited. If your vendor’s cookie policy appears in a sticky bar that says, “Ok” to accept, that’s not really enough.

If your forms aren’t providing the appropriate type of consent to the appropriate users dynamically, that’s not acceptable. Dig deeper and ask questions.

Conversely, small companies might not have had the resources to build in compliance measures. Despite greater opportunity for control over their product, it’s still possible that perhaps there were oversights or limitations for engineering or prescriptive legal guidance. In that instance, customer feedback channels should not only be open, but collaborative. Smaller vendors should be able to nimbly pivot their approach to compliance if their customers reasonably believe there’s a risk.

Those who live in glass houses

Yeah, as a martech provider, we don’t want to throw stones, but as a B2B martech platform born of industry innovation (and engineers) back in 1994, GDPR has simply meant another opportunity to customize NetLine’s form technology. Leveraging the existing technology, our forms dynamically render the appropriate verbiage for an EU user; taking location and email entries into consideration, users are exposed to exactly the right experience. The form technology itself caters to the busy professionals requesting content across our B2B network. The scale of our network lends itself to serving lots of professionals across the world who want to consume our content, so we’ve made it an easy, quick experience to download whitepapers, eBooks, webinars, infographics and more. Additionally, GDPR comes with a separate set of rules for B2B that are a bit less stringent.

By always keeping users and customers in mind, it was just another development project for our engineers to execute. As companies like Facebook and Google likely take the brunt of the heat from “trial by fire”, we’ll all learn a bit more about what lawmakers meant with the language choices in GDPR. And, our industry will continue to adapt to expanding regulations as they unfold over the next decade. It’s a bit like Darwinism for martech – the strong and nimble organizations who are paying attention will survive and those who are in it for quick wins and surface-level value to users will crumble. Overall, it seems that marketers and the martech industry will be rewarded for keeping the best interests of EU users in mind.