If post-GDPR advertising is supposed to stand for anything, it should be transparency.

However, that is the one positive reassurance many digital marketers will likely agree they do not have. The tech giants and various elements of the digital supply chain say their data is safe to use and is all fully GDPR compliant. But is it? It is increasingly very hard to know.

Anyone with a nagging doubt they might be unwittingly running non-compliant advertising campaigns was given real reason for concern at the start of the year. In January, Google was fined €50m by the French data watchdog, CNIL. The charge had an unfathomable privacy policy which could be seen as offering forced consent, rather than the informed granular set of decisions GDPR requires.

Google is appealing but the fine was accompanied by the ICO confirming it was looking into privacy complaints against the tech giant. At the same time in Germany, Facebook was warned against sharing and collating its data between WhatsApp, Messenger and Instagram.

As the regulators investigate, advertisers remain in limbo. Nearly a year on, GDPR does not yet appear to have provided the transparency and trust-based marketing it promised but rather confusion and concern for budget holders. It just feels like more of the same, only with a huge question mark hanging over the continued reliance on third-party data.

Marketers’ houses are in order

In direct contrast, when it came to the first-party data brands are fully in control of, such as their own customer databases, GDPR had huge ramifications. Lists were culled by repermissioning campaigns which sought informed consent. The same fate potentially awaited those who took the alternative option of pointing clients to a renewed privacy policy that spelt out their reliance on ‘legitimate interests’ to process personal information. 

The impact was huge and yet there is still more to come. If GDPR saw the advertising industry has to adjust to how it processes customer data, the upcoming ePrivacy Directive will re-examine how companies use it for electronic communications, such as emails, texts, messaging, notifications and phone calls. 

The DMA estimates the new directive could become law as early as the middle of next year, potentially with a six-month implementation window. By the end of 2020, then, there will have been another major privacy challenge to overcome.

In its current wording, the ePrivacy Directive will allow consumers to block cookies at browser level, rather than requiring they are accepted or rejected for each site individually. It would also force B2B marketers to fall in line with the B2C market and only message people who have opted-in to be contacted. Lawmakers are also believed to be attempting to make all telesales opt-in. 

New marketing models

The combination of processing personal information, under GDPR, and then using it for targeted communications, under the ePrivacy Directive, is certain to lead to more compliance challenges. 

Without being freely able to message or email huge lists of potential clients at will, B2B marketers are likely to need the additional reach of digital display to help establish awareness and favourability among prospects.

All marketers will need to adjust to a digital ecosystem where cookies, the key component of desktop targeting, will be much rarer.  

Context above consent

As they prepare for the second half of a privacy double whammy, advertisers are in GDPR limbo and so are likely to find the option of relying on trusted first party data far more appealing than carrying on as normal in the hope some clarity will be added to the murky world of third-party information. 

More to the point, advertisers are likely to turn to a solution that offers first-party data that is not personally identifiable, and so does not raise compliance issues that could see their campaigns inadvertently proving to be on the wrong side of the law.

By focussing on what a person is showing an interest in, from the content of the page they are currently viewing, advertisers get real-time insight into a visitor’s motivation. This up-to-the-microsecond insight into a consumer is more revealing than personal data that relates to past behaviour and comes loaded with compliance headaches.

Technology using advanced cognitive NLP can today read a page to the same level of understanding as a human so the context of what someone is looking at can be fully understood and extract in real time audience knowledge from their online behaviour. This allows it to profile types of customers around advertisers’ desired outcomes. 

This empowers advertisers to serve the most emotionally engaging and contextually relevant adverts possible using first-party data to identify their ideal audience. At the same time, it clears up the concern of requiring a third party to be GDPR compliant. 

Due to cognitive NLP technology can fully understand the content of a page a person is visiting, it can also judge whether a site is a safe environment to place a brand’s advert taking detailed care of all the brand values (brand care). 

It is likely that the opaque world of consent is going to lead more advertisers to make this intuitive leap and consider context and content over and above consent, to rely on first, rather than third, party data.