Mediaboss Marketing

As of today (May 25), the General Data Protection Regulation has been in force for five years across the European Union. A period in which the data privacy law has been lightly enforced by regulators, left ad execs confused over what is and isnt permissible and overshadowed by platforms.

Theres no other way to explain why theres been so little enforcement of the law. Indeed, most (64%) of the 159 enforcement measures by late 2022 were merely reprimands, according to the Irish Council for Civil Liberties study of the European Data Protection Boards register of final decisions.

Maybe this is the nature of bureaucracy in all its glory.

When it launched in 2018 the GDPR was hailed as a privacy superhero of sorts. It set the rules for how companies handle personal data, making sure they couldnt just grab it without someones permission.

But those rules were written in a way that left a lot open to interpretation. And that shouldve been fine. Regulators said they would educate the market and only enforce where they believe the most harm was being caused. This happened, but not always in ways that have changed the ad market for the better. Efforts to educate were often reduced to guidance notes that some ad execs deemed indecipherable see the thriving cottage industry of so-called GDPR consultants as proof while enforcement has been patchy at best.

Johnny Ryan, senior fellow at the Irish Council for Civil Liberties, was more blunt with his assessment: He said the GDPR has not been enforced in any significant way. The crux of his argument can be read in a post he shared with the Economist. Other industry voices have been equally underwhelmed by the impact (or lack thereof) of the GDPR. The platforms never really changed their practices, said one agency exec speaking on the condition of anonymity.

In short, the story of the last five years is one of missed opportunities, minimal reforms and lots of privacy consultants.

That assessment, while overly simplified, is at least directionally right, and the recent record-breaking 1.2 billion fine dished out to Facebook owner Meta only augments the argument.

It was issued by Irelands Data Protection Commission earlier this week (May 26) after it concluded that the tech company had ferried troves of personal data of its users in Europe to the U.S. without sufficient safeguards in place against its misuse. The breakdown can be found here, but this is the abridged version: the fine itself doesnt really matter (Meta made a net profit of more than $23 billion last year): what does matter, however, is the requirement for Meta to stop the storage of personal data on European users in the U.S. where contraband Meta says this is about a clash of EU and U.S. law rather than data being at risk. This is basically true.

Needless to say, the implications of this ruling will take a while to shake out.

Keep in mind that Meta will probably appeal. Then theres the possibility that lawmakers in Europe and the U.S. can agree on a mechanism known as the Data Privacy Framework that will let Meta and other companies to legally transfer the data of EU individuals to the U.S. In the meantime, any company which needs to transfer personal data to the U.S. will remain utterly confused.

This is the GDPR in a nutshell: a delicate dance where every step forward feels like three steps back. The wide deviation from the anticipated outcomes for advertising starts to make more sense.

Facebook, media agencies, programmatic advertising were all meant to be among the biggest losers in the fallout, and yet they came through it relatively unscathed. Even dodgy cookie consent, which was a big bugbear of regulators in the run up to the GDPR, are in rude health. Advertisers still dont know how cookies the mechanism that houses the data they use to power programmatic advertisers are obtained. It turns out pretty sneakily on occasion.

Thats not to say, the GDPR was a walk in the park for the ad industry. The scars are there for all to see.

Remember Drawbridge, the cross-device vendor? It had to exit Europe entirely thanks to the GDPR. Verve did similar as did countless smaller ad tech vendors who didnt have the resource or knowledge to deal with the GDPR. Larger companies also struggled. Criteos stock price seemed to be in a permanent state of flux in those final few months before the regulation arrived. Oh, and dont forget Googles Doubleclick ID. The thing agencies relied on for cross-device attribution across the web got restricted due to the wide-ranging data privacy law.

Still, these flashpoints were rare and the consequences of them were limited.

The same cant be said for Transparency & Consent Framework (read those cookie notice pop-up that gets in the way of reading online articles).

This was the industrys attempt to standardize how businesses publishers and ad tech vendors predominantly, but also agencies can continue running programmatic advertising on the open exchange in a way that is compliant with GDPR. Surprisingly (or maybe unsurprisingly), it didnt.

The IAB Europe is working to fix the TCF it orchestrated with the rest of the market. However, those efforts may not be enough. Thats a matter for the EUs Court of Justice to settle.

Until then, the TCFs fate and more broadly the fate of buying ads from the open exchange, where prices are decided in real-time through an auction, hang in the balance. Cue lots of concerned ad execs the foundations of a large part of their industry could crumble.

The information-and-choice paradigm that the GDPR incarnates is undoubtedly the best way to empower users to decide which online content and services they pay for with money and which they wish to access against their willingness to receive advertising, said Townsend Feehan, CEO of IAB Europe. But having produced a global gold standard for data protection regulation, Europe needs to ensure the supervisory authorities have the knowledge and other resources to ensure the Regulation delivers all the benefits to users and to Europes digital economy that it can.

In many ways, the fracas over TCF is symptomatic of how much the ad industry, especially the buy-side, has adapted to the GDPR. Where possible those stakeholders have tried to replace or even rewrite cornerstones of how personal data is sourced, processed and stored but rarely have they tried to rewrite them entirely. Thats changing now, to be fair, but thats more due to second order effects of the GDPR than a direct causation of it.

A lot of this is because data privacy regulation is starting to become much more comprehensive and as a result its becoming customer centric, said Jon Suarez-Davis, chief commercial officer at data control business Ketch, who was leading Kelloggs digital strategy when the regulation came into effect. Pre-GDPR you had a handful of people who were stewarding billions of dollars of media and data investment at companies. Today, that aperture has widened: legal counsel, data scientists and other specialists are being brought into the fold a lot more when it comes to these discussions.

Trying to figure out what the GDPR has added up to over the last five years is really a process of addition by subtraction. The demonstration of what it hasnt achieved illuminates what it has. And what it has achieved is public awareness. Nowadays, people are a lot more aware of their personal privacy online than they were in 2018. True, they already were aware in markets like Germany, Italy and Spain, not so much in places like the U.K.

One in six people in the U.K. say they clear their internet browsing history and cookie cache daily and 18% say that they opt out of websites tracking cookies on a daily basis, per a study of 2,000 respondents by ad tech firm Nano Interactive. These arent overwhelming numbers by any means, but they do show an interest in data privacy issues,

We can complain about the level of enforcement or the fact that its [compliance] is too complicated but without the GDPR individuals would be in a far worse place than they are today, said Nigel Jones, co-founder of Privacy Compliance Hub. Were well set up for the future because of it.

What he means is what the GDPR has lacked in enforcement chops it made up for in terms of influence.

Over the last five years, it has become the base for many privacy regulations beyond the EU, from the California Consumer Privacy Act in the U.S to Brazils General Data Protection Law. Even recent calls for a federal privacy law in the U.S. can be traced back to the GDPR. And thats not even considering the broader impact it could have on cross-border data flows as the Meta fine shows.

Perhaps, this is the more enduring effect of the GDPR. It was the start of a more nuanced, focused debate over data privacy. And if nothing else, those conversations have forced ad execs to think a bit more about the provenance of the data they used, whether consent equated to compliance with the law, and confront aspects of an ad industry that are unethical at best and unlawful at worst. No, this didnt always lead to reform for the better, and yes marketers have got complacent in some regards. But no one marketer or otherwise can say they arent aware of these issues now.

Thats a good thing, said Ben Kartzman, chief operating officer at Mediaocean. Its really important that the ad industry gives people choice over how they share their data and are clear with them on what happens to it if they do. If GDPR has accomplished anything over the last five years it has heightened awareness of the importance of privacy and the need to protect that.

Read more:
Five years in, the GDPR has had a double-edged impact on the ad ... - Digiday

The third-party cookie is going away (eventually, probably), but cookieless identifiers remain somewhat half-baked. First-party data has become increasingly important, but privacy concerns and privacy regulations have also increased. Personalization is a priority for many advertisers, but it comes with added costs. Ad tech firms are becoming much more capable, but this is making the programmatic supply chain a bit more complicated.

These were among the top topics discussed by brand and agency executives during a pair of closed-door sessions at the Digiday Programmatic Marketing Summit, which kicked off on May 22 in Palm Springs, California. The conversations were held under the Chatham House Rule, so Digiday could share was said while maintaining the executives anonymity. Here is a sampling of the conversations.

I need one scalable, proven method thats not Google. I need it 100% scalable, ubiquitous.

When youre working with different DSPs, can they work with this [cookieless identifer]? Theres this yes and no and then I can work with this, but I cant work with that. So youve got to find a workaround, and the workaround is this pain in the ass.

We work a lot with LiveRamp. Its a big headache in terms of standardizing how were pushing our data and getting it back. Theres always a lot of friction in terms of match rate, how many cookies were putting in and getting back.

All these different solutions and some of them could work but because theres so many competing interests right now, one or two of them could work but theyre trying to do the same thing or competing so we have to test them and they dont go anywhere.

Theyre just too new.

To use an analogy, who here has been to The Cheesecake Factory? Who here hasnt been able to decide what to order? Thats the problem.

It has to be ubiquitous. Everybody has to adopt the same thing and then everybodys testing off of this menu and you get like a little piece here and you get a little piece there. And then competing interests means that someone might try to close off. So if Im integrated with this supply, Im baked into that specific site list. It needs to be something where its very clear that the data companies and the supply side are on the same page. Its not fully scalable to the place where it can actually replace anything.

Advertisers are now really protective of their first-party data. So if theyve already chosen a place that theyre gonna house their data, theyre real picky about letting it flow somewhere else. Its difficult to find the right place. And LiveRamp has a really nice place in the industry to begin with because they were already trusted.

I think that we tend to actually want a monolithic solution and yet were terrified of a monolithic solution. And I think that that is something thats really getting in the way of it because we say, OK, well is it LiveRamp? Is it The Trade Desk? Is it UID 2.0? Is it whatever Googles trying to do with grouping people together? The problem is that we would all prefer to choose one so that we dont have interoperability issues.

Being able to take what Fortune 500s have already figured out, they all have their own platforms, theyre not waiting for a unified solution. Theyve already built it; it exists on their servers. Were hoping for a solution cuz our brands may or may not have that budget depending on who they are. So were kind of sitting in the middle like whats next?

No one can actually control [the programmatic advertising supply chain] to create this new ubiquitous experience. Its likely gonna become an intermediary that we have to work with between multiple data platforms. Itll complicate all of our work. My question would be: What clients will pay for it?

I mean theres definitely urgency [to move away from the third-party cookie]. I just think that Google is stretching it out and theres not a lot of trust that theyre actually gonna complete the migration this year.

Ive been laughing a lot. Every time we hear something its definite. And now not so much.

O.G. ad networks introduced ad exchanges to unite them all. We need an ad exchange for identity, thats a neutral third party. The problem with The Trade Desk is theyre not neutral. They represent the demand side, and who actually holds most of the first-party [data] keys? The publishers.

In [The Trade Desks] defense, they tried to stay neutral. But then other people, like Google, owns part of the supply. Whenever you try to trade value, like youre trying to make a JVP with The Trade Desk, they dont have as many tokens to trade with.

Everythings too divided again. Who has the relationships The Trade Desk has? Yahoos probably divesting their supply but also probably doing the same thing. What do you go to Magnite for? Magnite calls me and say, Were the CTV shop. But The Trade Desk has already kind of established that.

Theyre all [claiming theyre] the CTV shops.

Everythings creating more complexity as a way to get closer to supply.

How can we work with both the SSPs and DSPs to get what we want? I think part of it starts with figuring out what that want actually is.

I think everyone in this room is OK with regulation. The problem is that we dont have the right parties in the room for the regulation side.

Its almost like there just needs to be a better consortium of the conversation as to what needs to be decided what becomes regulation.

There has to be some standardization.

Theres all these breakouts within IAB to different groups, but there needs to be a newer wave that goes up to the Fed. You watch those [congressional hearings], and you see the questions theyre asking, and its like, Ah crap.

All of the conversations that were hearing, its because the consumer has lost trust. Not just in terms of where their data is going or how its being used. But its also how its being collected.

If were going to develop regulation, its tough because its coordinating the sell side, the data teams, the buy side. Its a lot of monkeys in that circus to get everybody in the same direction.

The trend were seeing is the larger brands are ready to go with personalization, as opposed to the medium and small brands that its more dragging them across the finish line.

Our CPG client is actually pushing personalization. We are going from these bigger strategic audiences to, I want to know the ones that are interested in sports, in traveling, and theyre each going to get a different ad thats more tailored to their interest. So our clients are pushing that personalization, but were also testing, Is that actually necessary? Do we really need to dig into these peoples data like that? Do we need to also pay more for it because its doubled our CPMs?

Content is personalized. Period. We just happen to be advertising. Like, people expect personalization. Theres not a publisher I know thats any decent size that doesnt personalize the shit out of your landing experience. Theres not a retailer I know that doesnt personalize the shit out of your landing experience.

I work on the upper funnel a lot, and Im like, Why are we personalizing this much?

I would argue, if you dont personalize, you could also run the risk of pushing people away.

Not to break it down to the most obvious thing, but its how much money you have to put into personalization. Is it even worth it for a campaign?

What if we consider the consumer instead of trying to solve the data needs on the backend? [What if] we basically just say, Yeah, were going to pay you for your information.

[Wheres that money coming from?]

In my mind, it would be whoever is housing the ads, so the publishers.

In order to make a reward very meaningful, it has to be a big number. But when we talk about [the prices advertisers pay per ad], its not going to be convincing enough for someone to share that data to the advertisers.

Is the new normal you go to a website and youve got to give an email address to even view the content? And its like, Oh, you didnt want to opt in to our CDP? Well, then you dont get to see anything. Is that the replacement we all have to go to and brands want to go to because theyre not willing to survive without data?

If you look at England, you basically cant see content until you opt in. So its just as bad, in my opinion. At the end of the day, users are either being forced into something. So I think theres a happier middle ground where users can control what they want to see and brands have to adapt.

Nothing is user-focused at all, actually. Like in the U.K., its like, OK, accept, and now I can read what I was going to read.

There needs to be a conversation with consumers where we dont talk down to them. Its kind of like what they did on Twitch where streamers have to choose if they wanted to have sponsored ads. Its like, if you want this content, this is how you support it. I feel like we need to educate the general public.

People have just gotten so used to getting everything for free. As a consumer, I get so angry when I really want to read this article and theres a paywall. Im totally willing, in that instance, just to get to that place of, Yes, Im going to log in, youre going to know everything about me, and then I can find that article. It is about educating people the value exchange that the internet has been free and, if something is free, then youre the product.

I got a cool paywall the other day. I was reading a local newspaper and hit the point where youve got to log in. But then it said, You can sign in or you could answer questions. It was some sort of study. Im like, Wait, thats cool. And then I got to read the article after that. So they got what they needed, and I got to read the content without having to do the login process, and it was a smooth experience.

Part of the problem with all this is that we try to sell this story of, We want you to have this experience and this value exchange, but I think to the average person while we think they dont think its bullshit sorry, they do.

I work in pharma. We want to manage frequency, the cadence of messages, the sequence. We want to make sure were not pressing too much or too hard. You dont want to remind somebody that they have cancer 17 times. However, it is important that you get in front of the person with something that can actually help them, but not to the point where its upsetting.

We have to take ourselves out of the advertising mindset for a moment and into the mindset of the person consuming the data. In a lot of the programmatic conversation, its more about appeasing the client.

See the article here:
'We need an ad exchange for identity': Overheard at the Digiday ... - Digiday

1. Ron DeSantis will launch his presidential bid with Elon Musk on Twitter  NBC News
2. Florida Gov. Ron DeSantis will kick off 2024 presidential bid with Elon Musk on Twitter  USA TODAY
3. DeSantis Set to Announce 2024 Run on Twitter With Elon Musk  The New York Times

See the original post:

Ron DeSantis will launch his presidential bid with Elon Musk on Twitter - NBC News

A judge dismissed a proposed class-action lawsuit against Elon Musk that claimed he cheated Twitter shareholders several times last year in the course of buying the social media company for $44 billion.

In a decision on Monday, U.S. District Judge Charles Breyer in San Francisco said plaintiff William Heresniak lacked standing to sue because he challenged "wrongs associated with" Musk's buyout, not the fairness of the buyout itself.

Breyer said Heresniak did not show harm from Musk's belated disclosure of a 9.2 percent Twitter stake, which the suit said let him buy more shares at lower prices before the buyout was announced, or from the closing's taking place 1 1/2 months later than planned.

The judge also found no proof that Musk helped two friends then on Twitter's board, co-founder Jack Dorsey and Silver Lake private equity firm managing partner Egon Durban, breach their fiduciary duties by favoring their own and Musk's interests.

Breyer said letting Dorsey roll over his approximately $1 billion of Twitter shares into an equity stake in the new company merely reduced how much Musk had to pay at closing, and did not "improperly divert" money from other shareholders.

Heresniak's lawyers did not immediately respond to requests for comment outside business hours.

Musk, the CEO of Tesla Inc., is the world's second-richest person, according to Forbes magazine.

Lawyers for Musk, two of his holding companies and Twitter did not immediately respond to requests for comment.

In a March 3 court filing, they called Heresniak's claims "a disjointed laundry list of - often irrelevant - grievances against Elon Musk."

Heresniak sued on May 25, 2022, one month after Twitter accepted Musk's $54.20 per share buyout offer. The transaction closed on Oct. 27.

Twitter has since struggled to maintain ad revenue, with some advertisers expressing concern that loosened content rules could leave their ads associated with hate speech or other "wrong messages."

On May 12, Musk named former NBCUniversal advertising chief Linda Yaccarino as Twitter's new chief executive.

The case is Heresniak v Musk et al, U.S. District Court, Northern District of California, No. 22-03074.

Read the original post:

Federal judge throws out shareholder lawsuit against Elon Musk over Twitter buyout - Automotive News

1. Elon Musk dubbed 'Karen Musk' on Reddit over remote working comments  Business Insider
2. You cant tell me this doesnt work: Shark Tanks Kevin OLeary has ripped apart Elon Musks claim that working from home is immoral  Fortune
3. Elon Musk calls remote work morally wrong 'bullshit'  Business Insider

Read more from the original source:

Elon Musk dubbed 'Karen Musk' on Reddit over remote working comments - Business Insider