The enforcement of the General Data Protection Regulation (GDPR) on May 25 has left many publishers frustrated with Google and how it plans to make its ad services compliant to GDPR.
Google’s announcement in March stated that it will require publishers to take “extra steps” in acquiring consent from users, particularly in the search giant’s ad services. Included in the company’s process is to be the “co-controller” of data together with the publisher.
GDPR requires clear consent for any collection of personal data from users. The newly imposed guidelines have prompted companies to alter their collection and privacy practices. However, uncertainty is still hovering mid-air among many companies, with some of them still unprepared even after the enforcement date had already taken place.
Google updated its policy roughly two months ago, saying publishers will use certain data for purposes beyond simply serving ads to their sites. This includes ensuring the accuracy of its ad forecasting system, improving user experiences, and testing algorithms.
The new policy also informed publishers what they’re not allowed to do; however, publishers argue that the information Google has provided isn’t enough with regard to acquiring consent from users.
GDPR Causes Confusion
GDPR has been hardly around for a week, and for publishers and many companies, getting their business GDPR-compliant is a highly complex, arduous task. Furthermore, interpretations of what’s allowed and what’s not ended up being different from industry to industry due to the vagueness in the law and how it exactly should businesses alter or update their contracts and products that cover their own liability.
This confusion has led many publishers to feel that they are being cornered, as they look to protect themselves while making sure they can still keep working with the ad tech partners they are heavily reliant on.
Benefits to Consumers
On a lighter note, GDPR has been positively received by consumers. Under it, consumers have a variety of right; chief among them the right to their own information. This means that organizations must acquire consent before gathering data, and they cannot be sold to third parties. In a way, the promise of privacy has finally been fulfilled, albeit the negativity being thrown at GDPR.
Gathering information online is a big help for a lot of users that need information about everything and anything that can be found on the Internet. But on the other hand, it is also risky for someone whose information is exposed online. It might be the cause of unwanted circumstances like getting scammed and being hacked.
GDPR gives importance on the success of the business venture as well as the risk if the information to be used for illegal doings. We cannot control anyone who uses the internet and the purpose of their online activities. With this new “consumer bill,” internet users can now safely submit their information online without having to worry of cyber attacks that have been rampant as of late.
There will be fines for non-compliance of GDPR, which can be crippling to businesses that are not yet GDPR-ready. According to the GDPR website, an organization can be penalized up to 4% of global revenues or €20 million.
Businesses across Europe have now started to comply to the new guidelines, and Australia and Canada are now in the process of updating their rules on privacy as well. Experts agree that other countries will soon follow suit including the US.
Only time will tell when GDPR will be enforced on a global scale. Considering it’s still in its first weeks, it’s possible more regulations will be added to protect the rights of consumers and internet users. As for Google, the company is yet to announce the conclusion of its agreement with publishers.