Talking GDPR: Calling for a Pro-Consumer Conversation, Industrywide

Mobile marketing can learn from an industrywide GDPR conversation. It’s time we had one.

Most companies are not yet ready for the GDPR compliance deadline of May 25, the date that enforcement takes effect. According to Forrester, only 26% of polled European firms reported compliance as of February 2018. Furthermore, recent experiences suggest that, as an industry, marketing leadership is also not quite ready to talk about GDPR and what compliance will mean.

But we should be sharing about GDPR — and we should be sharing about it now.

We can all agree that the topic of the EU General Data Protection Regulation is a sensitive one, yes. And while mobile leaders may be willing to discuss plans and activities within the safety of their own conference rooms, it’s also the case that nobody wants their learning-curve chats to get picked up in negative ways, whether that’s by the trade press or it’s by present and potential partners. And so, out in the open, we tend to clam up.

In the end, however, in the midst of all our well-placed caution, let’s get one idea back in focus: compliance isn’t ultimately about press and partnerships. Compliance is about the proper way to treat our treasured customers’ data. When we put the conversation in a consumer-centric light, we can talk about GDPR. I’ve recently seen it happen, in fact. Based on my own observations, what follows is what I believe we can learn from an industrywide GDPR conversation. It’s time to let it begin.

Case for Conversation: Put the Consumer First

The good news about GDPR as a topic is that people do want to engage in collaborative discussion. When we create conversational environments that supply the safety we all want around the subject, our reluctance to share begins to lift.

For my own part, I witnessed this happen at IAB Tech Lab’s GDPR/ePrivacy Technology Town Hall, which I helped moderate on February 20, 2018. At this event, supported by like-minded peers looking for positive answers — one example of how healthy GDPR talks can occur — participants opened up and voiced questions and valuable thoughts about how to prepare for digital business in the GDPR space. One of those thoughts was — and is — that the consumer experience is paramount. It’s central to why GDPR matters in the first place. Here’s how that concept unfolds.

  • We know that consumers want relevant and engaging content; they know we are using their data to create branded experiences in the context of the mobile device.
  • GDPR compliance is a clarion call: our industry must demonstrate to each and every customer exactly how we are using the data to which they grant us access. It is the line in the sand: on the old side of it is potential ambiguity; on the new side of this line is the crystal-clear assurance that we’re treating user-granted information correctly and putting it to work for the consumer’s legitimate benefit.
  • In my own work, I define “legitimate benefit” in the following way: don’t just ingest the user’s mobile history and tell them what they already like — that’s potentially a positive, but users also usually know what they like — lead them to ideas they haven’t had yet. Anticipatory inspiration is a legitimate benefit of location data and customer-history insights. Supply anticipatory inspiration to your customer and you’re on the right side of the GDPR line.

And so, consumer experience fuels one of the essential GDPR conversations. That’s not to suggest there aren’t other worthy issues: some details of implementation are still undefined, for example, and there’s an element of uncertainty around consent disclosures and how this will affect user experiences (plus opt-in), and so on. The consumer, however, is a point on which we can agree, and all other GDPR topics touch upon this baseline. Consumer experience is how we get down to the business of discussing compliance and what it really means.

Preparing for GDPR as a Global First Step

May 25 is no hypothetical date. It’s a real deadline for all of us, and it gives new shape to the compliance landscape.

Not only do we need to partner with each other as far as thinking through and sharing elements of best practices around GDPR — essentially, we should be able to brainstorm to create effective solutions for Europe — we also need to start thinking about other regulatory actions that could stem from this first step. In the US, for example, my eye is on the West Coast, where the proposed California Consumer Privacy Act makes its way toward a November 2018 ballot. In an era of data-security proposals, GDPR may not be the only wind of change.

The bottom line is that we must embrace agile business practices, ones that enable us to proactively meet the privacy and security expectations that consumers deserve. Do the right thing by consumers, and regulatory compliance tends to follow. That’s a good approach for the industry and a good strategy for every organization in the industry. And so, let’s reach out to each other about GDPR. It’s time we talked.


Julie Bernard is Verve’s chief marketing officer. 

This story first appeared at the IAB’s News page.

More Stories