Last June, the ICO released a stark warning to businesses operating in the AdTech space – historically a bit of a wild west when it came to data protection. The regulator, quite rightly, announced a much-needed crackdown on how AdTech companies are both processing data and collecting consumer consent to data at its source.

Under data protection law, using people’s sensitive personal data to serve adverts requires their explicit consent, meaning consumers have to actively choose to give away their data, as opposed to implied consent, where the lines start to blur. The upshot of this is that despite GDPR aiming to address exactly this, people are still being served adverts based on their personal data – clearly, something is going awry in the ‘explicit’ data sharing consent process. 

Data use at the forefront of national consciousness 

The reasons for this are two-fold; it is in part, due to widespread misinformation on the part of the consumer but businesses must also hold themselves responsible. From a consumer point of view, big data breach stories and cultural phenomena such as ‘The Big Hack’ and ‘Killing Eve’ brought data use to the forefront of national consciousness for the first time in 2019.

For example, the ICO’s fining of British Airways following the airline’s data breach garnered national media attention – perhaps one of the few times the ICO has made national headlines, what with its sphere of influence typically consigned to the marketing industry alone. However, while general awareness grew in 2019, most consumers have yet to understand the extent to which their data is being used, and would be hard pushed to say with any certainty what it is they even are ‘consenting’ to when presented with the option to do so.

If you took your average Joe on the street, whilst they might have worked out that their frequent Googling for winter sun deals was causing them to be targeted by an endless barrage of airline flight sales, it’s unlikely they’ll know how or when they consented to this data being shared. 

Where should the responsibility really lie?

That said, the onus shouldn’t really be on the consumer at all; businesses need to focus on the intricacies of their data strategies – from management all the way through to activation – and this is easier said than done. For one thing,   true data and technology skills are scarce. According to our research, 67% of CMOs admit they’ve experienced ‘disasters’ when it comes to managing data and 76% say they could have missed out on opportunities because data has not been managed effectively in house. On average, they estimate that poor data handling is costing their business almost £1m (£985,000), and that’s on top of the astronomical fines imposed by the ICO for non-compliance with GDPR. It’s therefore vital that ad tech companies, in particular, are making sure they’re properly investing in training when it comes to data proficiency.

It’s no longer something to be brushed under the carpet. If this year’s fines and subsequent ICO warnings are anything to go by, the issue of data protection and consent is going to rumble on into 2020 and to plead ignorance will no longer be a valid defence. 

When it comes to developing an efficient – and crucially, compliant, data strategy – businesses also need to take a step back and look at the bigger picture. This doesn’t just mean investing in the right training, but also taking a more holistic approach to data and how it can be unlocked. By developing a core data strategy from the very beginning, businesses are able to then properly manage and control their assets, using them in the right way to speak to the consumer with relevancy. You wouldn’t build a house on a weak foundation, so why risk building your data-driven marketing business on unknown, uncertain, and potentially mishandled data?

Improved data handling is better for businesses and consumers alike

Amongst the uncertainty, it’s important to keep in sight the huge benefits that correctly handled data can bring to a business. The potential rewards to be reaped are enormous. It’s no secret that experiential and personalised marketing is the golden ticket to a much-needed rebuilding of trust for the consumer, creating enjoyable, memorable experiences. If brands or publishers create such experiences as a result of efficient AdTech data processing, consumers directly witness the value of sharing their data – in other words, when they understand the exchange, they appreciate they’re getting something back. 

The big concern off the back of all of this is whether the six-month ICO deadline has been long enough for a 7000+ vendor marketplace to shift. If we each make simple, yet smart changes to our businesses, both internally and externally, along with smart partnerships, I believe this may well signal the much-needed push necessary to enter into a new world of marketing. Once managed correctly, businesses can both confidently use their data to not only drive loyalty, revenue and acquisition but also generate incredible insight back into the business ecosystem – to become smarter, more informed throughout.

So, as 2019 draws to a close, and the ICO looks to revise its position on data protection, the question AdLand will be left asking itself is ‘have we done enough?’