Advertisements have been following us no matter where we go and what we do. They pop up on every website we visit with another item we might be interested in. How do they do that?
Each website we visit have cookies, tracking scripts or pixels that are used to store user behavior and use the same to target us with advertisements that we might click on. This tracking mechanism of collecting user data without the knowledge or consent of the users is a direct violation of GDPR laws that protect user data.
GDPR or General Data Protection Regulation is considered to be one of the most significant changes in data protection in the past 20 years. It brought strict requirements on data handling procedures being allowed only with a user’s explicit consent.
One of the many important aspects of GDPR is user consent. Every website needs to take explicit consent of the user for processing their data. This means pre-checked boxes or no action at all cannot be considered as consent anymore.
Advertisers use targetting cookies and pixels to target users with advertisements they might click on provide a better user experience. This violates GDPR rights users have. No website can track users using cookies or so if they don’t have the user’s consent and failing to educate them of the purpose of the cookies set.
Under GDPR two main things should be taken care of:
- Users own their data
The citizens of the EU get the final say on how their data will be used. Their consent is required for PII (Personally Identifiable Information) collection, usage, sharing and more. With GDPR user’s get the right to see, edit and delete their data owned by a third party.
- Companies need to protect user data
Companies need to handle PII of data subjects with more care and GDPR ensures the same. With GDPR these company websites have to give you data breach notifications, more security protocols, limited usage of user’s data they collect, and more.
GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). GDPR helps protect user’s data by asking user’s consent before setting cookies on any website they visit or any kind of personally identifiable information of the user is stored on the website.
It provides the data subjects with certain rights using which they can ensure whether their data is being used for any other purpose than what it was originally asked for. Ever since the implementation of GDPR, the customers and users in the EU get full authority over their data no matter which website they might have provided it to.
Some of the rights GDPR provides its users is the right to be informed, have access to their data, rectify it, to object the processing and to be forgotten. To more about these right read Rights of the Data Subjects in GDPR.
What are the Effects of GDPR on Targeted Advertising?
The digital marketing industries who make these targeted ads are going to face many limitations with the implementation of GDPR. There are many immediate and long-term measures going on to make marketing websites GDPR compliant.
Data is of utmost importance in advertising and marketing. It gives an overview of what the customers want and who they are. But GDPR implemented there are certain things that advertisers need to take care of.
First and foremost responsibility of every advertiser is to inform the audience of all kinds of data being collected from them. The purpose of the collection of data and how will the data be used must be informed to the audience it is collected from.
Secondly, advertisers need to ensure a relevant legal basis for the use of data. For example, contractual necessity or legitimate interests.
An unchecked checkbox needs to be present on websites for users to check in. Only the cookies allowed by the users should be set on the website. Other than this, a method must be available for the user must to allowed to opt out of the cookies too.
Third-party tracker usage needs to comply with GDPR. Transparency is the key part of GDPR. To store any kind of data to show ads, consent is a vital requirement.
What are the Consequences of not Complying to GDPR?
If you are wondering what will happen if one doesn’t follow all the GDPR rules, the price to pay is quite big. An organization can be fined up to 4% of annual global turnover or 20 million, whichever is greater. To know more about the penalties and fines related to GDPR read What are the fines for not complying with GDPR.
Advertising agencies and many websites right now may be facing a lot of trouble adjusting with all the GDPR norms that are to be followed and being totally in compliance with it.
But if you look at the brighter side, consumers will benefit more if we take care of their privacy and security. Potential customers will rather choose a website that is transparent and true to them about its working than one that isn’t. So who knows, this might just turn out to be that silver lining website owners were looking for!
To learn more about how GDPR affects all online businesses click here.