Is GDPR poison for the AdTech industry?

Juan Luis Polo

12 July 2018

180712 gr rebelthinking gdpr juanluispolo wp 1 1

“AdTech is a system designed to share personal data as widely as possible, intended for a world without regulation. But it is unable to comply with the law concerning the protection of such data”.


Johnny Ryan of Pagefair, on the AdTech model.

Difficult times for AdTech in Europe, following the introduction of the General Data Protection Regulation.

Wait a second, AdTech? What does AdTech mean?


When the advertising industry started following us


Technology and Advertising are and have been allies in different ways over the years. The inner workings are unknown to the vast majority of those who come into contact with it every day: a relentless machine tracks every move we make on the Internet, so that we can be influenced by advertising. And in most cases, it is done without explicit permission to do so.

Advertisers, agencies, media, AdServers… all of these players make up the machinery capable of creating the flood of “personalised” advertising (that’s what we call it).

The characteristics of the “AdTech” model are, among others, as follows:

  1. It is designed to be personal, activated according to the interest we show when browsing. But it is imperative that it follows us to achieve its goals.
  2. One by-product of this is that it “spies” on us and to some extent violates our privacy. Even though we’re not aware of it.
  3. It is based on direct marketing models, rather than advertising as we know it. It’s perhaps closer to the type of emails we receive that end up in the spam box.
  4. Its modus operandi is based on the creation of engaging content and headlines, to justify the use of advertisements.
  5. Some experts believe that it is a constant source of scams for both advertisers and customers alike, as a result of the inability to monitor the reality of the ads served, the clicks obtained and, of course, the final result.

In recent years, the AdTech industry has grown at an unstoppable rate, helping advertisers to fine-tune their target audiences and, at the same time, collecting an endless stream of data from individuals in order to do so, whether we have given our consent or not. To determine the scope of an industry of this type, all you have to do is search the term “AdTech” on LinkedIn to find the 15,000 professional profiles related to this term.

Recently, the controversy surrounding Facebook and Cambridge Analytica has raised awareness among ordinary people about the scale and use of our data. But it is only the tip of an iceberg of unknown proportions.

Over the past few years, the collection of personal data has been a true “open bar” in which the companies involved have used all the personal data at their disposal for whichever purpose they wish, without anyone having to pay the bill.

Until now.


GDPR and the day after


The first consequence of GDPR coming into effect has been an avalanche of permission renewals, which has clearly shown that the implicit consent model was the preferred formula of most companies operating in the sector. But this has no longer been viable following the 25th of May.

The second result was a growing interest from individuals in how their data is handled. We have come to realise that there is a lack of transparency in how businesses access and utilise our data. But if we the consumers have sinned in any way, it is our relaxed indifference towards the small print of the services in which we have enrolled, giving our consent in willful, blissful ignorance.

However, when given the opportunity to decide which permissions we are prepared to hand out and for what purpose, the results are clear:

tracking preferences

It is interesting to analyse the data which Johnny Ryan presents in Page Fair, on the amount of tracking and for what reasons internet users are willing to accept it.

Another inevitable consequence for many companies in the sector will be a review of the opportunity cost of their operations in Europe, despite having their base of operations externally. They will have to accept higher costs to adapt to the requirements of the law, which may cause them to rethink their activity and investment in Europe.

It is also true that the GDPR might be used as a “scapegoat” by some companies seeking to justify bad results or poor performance when compared with previous years.


The Future


These are difficult times for the AdTech industry. However, it is risky to make predictions about the future of this field because so little time has passed since the new regulation came into force. That said, there are a number of observations to be made in order to try and understand where we are going.

  1. Prioritise data quality over quantity. Now is a great time for companies to embrace becoming more transparent and gain credibility at a time when consent needs to be renewed. Businesses can initiate conversations and listen to each other to really understand what their customers and potential customers are looking for.
  2. Companies in the sector that work for the consumer rather than for the sellers will gain traction. We have been saying for some time at Good Rebels that putting people at the very heart of your business is a great strategy for future growth. This is a good opportunity to make this mantra a reality and gain the trust of your consumers.
  3. Be attentive to people’s real interests, rather than playing watchdog and trying to imagine what might interest them. The digital marketplace has one feature that sets it apart from the rest: it allows you to ask people about what they are interested in, a method that is often far more effective than we think.
  4. The personalisation of content according to context will result in higher performance than the behavioural tracking model, which is de facto penalised by GDPR.

It is possible that we may be getting closer to the return of an internet similar to the one the signatories of the Cluetrain Manifesto dreamed of; where markets are conversations, not robots spying on us.