How can Australian businesses prepare for the EU’s GDPR?

The countdown has begun: in just a few short months, the General Data Protection Regulation - GDPR, for short - will take hold in the EU, laying out a brand new set of standards that focus on the collection of digital data without consumer consent.

To say that GDPR will revolutionise the way advertisers access and leverage consumer data is an understatement. Data has become so critical to modern advertising success because it helps advertisers deliver more relevant and personalized content. However, under GDPR, consumers will now have more control over how their data is used, making it more challenging for advertisers to deliver tailored ad experiences.

But why does GDPR matter for advertisers based outside of the EU? Why should brands in Australia care? Simply put, GDPR extends to any organisation - based in the EU or elsewhere - that collects and leverages EU citizen data. Those who don’t cooperate by next year’s deadline will face fines equal to 4% of global revenues, or €20mn (AU$31.72mn).

See also:

• Open Banking: Australian Treasury releases report into financial data sharing
• How to prepare for Australia’s new data breach notification scheme
• Read the latest edition of ANZ’s Business Chief magazine
   

With this in mind, here are a few things advertisers in Australia can do to stay ahead and prepare for these new regulations.

Understand compliance

To fully grasp the potential impact of GDPR, it pays to have a complete understanding of the compliance and what it means. Nearly 40% of Australian businesses don’t know if they need to comply with GDPR. At the same time, less than a third of companies around the world believe they’re ready to execute these new guidelines. This is not an ideal combination for success.

This is evidenced by a recent McKinsey report that examined what makes these compliance efforts so discouraging. McKinsey found that the majority of companies don’t understand GDPR’s impact, meaning and applications. Many have miscalculated its scope, believing that instead of reshaping previous data privacy guidelines entirely, it builds on them. The firm also found that GDPR’s consent requirements have delayed compliance progress. Interpretations differ by company, executive and region. So, to prevent the marketing industry from coming to a halt, it’s crucial for marketers to become educated on this topic.

For data, size won’t matter

While compliance costs will jump as a result of GDPR, it could actually prove to be beneficial for advertisers, and cause them to rethink their approach to data. Traditionally, volume and size have been the focal point of many data strategies, since companies don’t want to miss something in the 2.5 quintillion bytes of data generated daily. Yet this will have to change as the compliance costs of maintaining, analysing and utilising massive datasets become untenable under GDPR, making data quality more important than data quantity.

By forcing advertisers to throw away outdated or useless data, this shift in focus can also serve several other avenues. Since GDPR will implement a more stringent privacy framework about what can and can’t be collected, focusing on quality over quantity will help advertisers acquire more valuable data. And since users will have to opt-in, there will be higher quality from the get-go. This means more qualified and actionable intelligence.

In parallel, data providers will need to rework both their technology and processes to meet the requirements of GDPR. The best players are already deep into this process, actively working to adopt and implement the new IAB consent framework or an alternate means of consent validation. These vendors have already initiated the transformation of their services, with the goal of meeting compliance by 25 May, the date when GDPR becomes enforceable.

These new data privacy laws will have a real impact on all advertisers, including those based in Australia. Costs will go up, and it’ll become more difficult to deliver tailored campaigns. So, to prepare for GDPR, advertisers need to become compliant. But as compliance costs rise, advertisers will have to become more rigorous with prioritising high-quality data. And if brands don’t meet these implications, they’ll have to deal with some hefty fines on behalf of the EU.

By Alex Sibois, Managing Director, APAC, Lotame