GDPR and the Law of Unintended Consequences

2017/08/15

Relevant Viewpoint has invited Petteri Vainikka, VP of Strategic Business Development at Cxense to comment on ongoing debate of the General Data Protection Regulation and the impact on industry. Petteri is a recognized digital advertising and marketing speaker and thought leader, and is driven by the thrill of using cutting-edge technology in
unconventional ways.

Many things start with good intentions, but some end up causing more harm than benefit.

With less than 10 months to go until the GDPR becomes effective across the EU, there is a very real risk that the newly minted regulation will end up merely boosting the already monopolistic online businesses of Google, Facebook, Apple, and Amazon — thus further eroding any chance of fair competition from smaller online companies, such as national publishers, retailers, and marketers.

Armed with a borderline unfair access to incremental — as well as already accumulated — consumer data across their omnipresent consumer services, all with 1st party cookie privileges and most even with deterministic sign-in authentication, any regulation restricting data portability and exchange across online ecosystems by large will only propel those who by design are self-sufficient regarding their consumer data needs. Should a new data niche emerge that is outside of their Walled Gardens, it will only be a temporary matter — easily set right by an acquisition of the missing data asset.

So how can regulation designed to prevent the online ecosystem from becoming dominated by a select few American data titans — while guaranteeing European consumers far more control over their data than they have now — actually make the existence of all but a select few incumbent giants even more distressed that it already is?

Peer-to-peer data exchanges are critical

The answer lies of course in the data. And to be more specific, in the possible hurdles the new regulation may impose on the necessity of not only allowing for, but encouraging, frictionless transfer, sharing, and pooling of data across multiple independent smaller publishers, retailers, and other marketers. In other words, incubating so-called Peer-to-Peer (P2P) data exchanges that are vital for all smaller business to thrive and remain competitive in the online ecosystems.

So what exactly is Peer-to-Peer data? And why is it as critical as frictionless online payments and ubiquitous online access for the future of vibrant online ecosystems; ones where local and national companies can mutually coexist in fair competition with the handful of U.S. multinational titans?

What is peer-to-peer data?

Peer-to-Peer data, also called 2nd party data, is anonymous data — most commonly in the form of audience segments — that is deliberately, transparently, and securely exchanged between two friendly parties. These parties, or peers, willingly engage in an agreed and governed data exchange involving either one party’s 1st party data being licensed to the other, or, both parties’ 1st party data being licensed reciprocally. They choose to do so because no one alone has all the data they really need; in particular not unless they are one of the data titans.

Without the ability to securely and privately exchange data assets for mutual benefit amongst each other, it is hard to see how European publishers or marketers compete in an ever more data-driven digital future. For European businesses — and thus European economies, and with them European citizens — to thrive, Europe needs to embrace open, transparent, and frictionless data sharing models; not prevent data from driving tangible business value also for national scale businesses. There is today a very real concern that GDPR, together with the still fluid EU Cookie Law, will impose severe restrictions on data portability, and this to the emergence of value-creating Peer-to-Peer data exchanges in Europe.

Is such a clear call for a flourishing European Peer-to-Peer data exchange economy at odds with the need for stricter governance on consumer data handling and privacy? Of course not.

Balancing P2P data exchange with consumer privacy

Consumer privacy, which rightfully concerns itself with personal information (PII), and not with anonymous data (non-PI), needs to be balanced with what is best for consumers at large. Needless to say, maintaining fair competition, ensuring the continuation of a thriving national and local business sector, and affording companies of all sizes the ability to capitalize and leverage data in an ever increasing variety, is in the best interest of every European citizen.

So is protecting citizens’ right to their personal data equally of course. But herein lies the important distinction that is now at risk of being lost in the turmoil: cookies, and other forms of anonymous device identifiers — along with segments of devices exhibiting similar characteristics — are not personal information, nor should they be considered as such.

By possibly extending the scope of personal data to also include cookies and other clearly anonymous forms of device identifiers, Europe would yet again give U.S. data titans the upper hand across all European based businesses. Doing so would be the biggest mistake in EU digital policy ever.

Read also:

Google Chrome’s privacy changes – how will they impact the online advertising ecosystem?

2019/05/10

Google announced earlier this week that they will bring new privacy controls to Chrome, following the same path as Safari and Firefox have chosen before, but with a slightly different approach. The way Google is approaching this is that the classification of cookies as first or third party needs to be done on the site.

Read more

Publishers have a problem: Their paywalls are too steep to scale

2019/04/29

If 2018 showed us anything, it’s that the Duopoly seems to be unstoppable. Google and Facebook lurched from scandal to scandal, suffering bad press, but sacrificing just a fraction of their market shares. Why? Put simply, they still have more of the granular, behavioral and interest data that advertisers want.

Read more

TRANSPARENCY AND CONSENT FRAMEWORK (TCF) VERSION 2.0 – What should I know as a publisher?

2019/04/26

IAB Europe’s Transparency & Consent Framework program to help publishers, technology vendors, agencies and advertisers ensure they are GDPR compliant regarding the access and processing of data and/or personal data. The Framework is especially relevant for publishers (first parties), who have partnered up with third parties, to enable those third parties to process user data.

Read more

The New Paywall Is “Bendable”: How the Wall Street Grew Subscribers by More Than 30 Percent

2019/04/20

Publishers face the ever growing challenge of declining ad revenue due to market-dominating platforms like Google and Facebook. And with so much free content for easy consumption and changing user behaviour it is a serious challenge for publishers to sell subscriptions, stop the decline and grow revenues.

Read more

Data traders’ drop out game has started?

2019/03/27

Last week, it was reported that Oracle has stopped selling AddThis data in Europe. Data traders who collect their data in contravention of the GDPR can still be found in bulk and we believe that the removal of AddThis is just a prelude. We will see significant market cleaning done during this and next year and the first signs of this are already visible in the Nordic countries.

Read more