The arrival of General Data Protection Regulation, also known as GDPR, is expected to set a new standard for consumer rights regarding their data. While the regulation presents a variety of implications for brands, whether it be the systems and processes required to comply, or the protection of user information and data, it will undoubtedly have a substantial impact on those running paid media.
In this episode of The Marketing Remix, “GDPR: What it Means for Media,” Heather Molina, Sr. Director of Paid and Earned Media, and John Faris, President of Red Door Interactive, break down GDPR, its ramifications, and what the regulation means for targeting and DMPs.
For more details about what we discuss in this episode, continue reading below.
GDPR’s Implications for Marketing
Third-party data housed in DMPs (data management platforms) is going to be more challenging to use. The new regulations mandate that consent to use personal data collected via cookies on websites has to be “explicitly given,” whereas before GDPR, consent had to be “opted out.” This means brands will be relying on first party data (data a brand collects directly from the consent given via the consumer) and second-party data (data given to a trusted partner brand, and is leveraged by the brand to extend their targeting) to provide opportunities for being targeted with messaging. Ultimately, the closer a brand is to the source of the data and consumers’ consent for it to be used, the safer it is. This may also mean that relevancy of ad targeting could be diluted in comparison to targeting with use of third-party data.
Facebook becomes the “data controller.” If you use the Facebook pixel on your site for conversion tracking, the onus goes to them as the “data controller” for ad targeting. However, if a brand does not install the pixel and advertises on Facebook’s platform, they are the default “data controller” and they assume the responsibility that comes with that role.
Using “Custom Audiences” on Facebook means the brand is the “data controller.” In the case of using uploaded customer data for targeting purposes on Facebook, the platform acts just as the “data processor.” The brand is in control of the data and how it is used, and therefore must have explicit consent from users to use it.
Programmatic cost efficiency will go down. Less granularity in the targeting means multiple advertisers will be trying to reach the same, more general audience.
What Should Brands Do in Preparation
Take a look at the media publishers you use. Reach out to your publishers and inquire how they are planning to comply with GDPR and what their plan may look like in the future so you are better able to understand what targeting you can tap into.
Do a simple data audit. This will help you understand exactly how your data is being used, who is coming to your site, what tags you have on your site, how data is being collected, where it's being stored, and who controls that data.
Target for segments, not personal info. While current retargeting granularity will be diluted with GDPR, brands can still utilize segment targeting.
Like what you hear? Subscribe to the show and leave us a review on iTunes.