Data Protection & Regulation: Making Sense of a Post Cambridge Analytic & GDPR World
Over the past few months, company’s and advertiser’s ability to manage and protect user data has taken center stage. Thanks to the Facebook Cambridge Analytica scandal and the impending General Data Projection Regulation (GDPR), user data and how companies acquire and utilize this information is a topic that isn’t going away. No matter your marketing strategy, it is important to be aware of the possible impact and changes data regulation can have on your business. Join us on a quick rundown on the changes and what you need to consider in a post Cambridge Analytica & GPDR world.
Targeting: Following the Cambridge Analytica scandal, Facebook announced many “steps” they were taking to become more transparent and accountable. One of these steps includes the removal of third-party consumer data from its targeting segments. This includes partners such as Acxiom, Oracle, Data Cloud, Experian and Epsilon. These segments allowed advertisers to identify users based on what they buy, where they shop, family profiles and more. Utilizing a third-party data provider is common practice in digital advertising, but Facebook believes this step will help regain trust considering Cambridge Analytica was classified as a “third-party” data partner of Facebook. According to a Facebook rep, the timeline of these changes are as follows:
- “May 25: No longer deliver to Partner Categories built on audiences from the UK, Germany, and France, and these targeting options will no longer be available for use on Facebook. You will be notified to update any targeting containing impacted Partner Categories before this date.
- June 30: Last day for creating new or editing existing campaigns using non-EU Partner Categories; they will be allowed to run until September 30.
- October 1: All other Partner Categories will no longer be available as targeting options on our platform and we will stop delivering against these audiences. You will be notified to update your targeting by this date.”
What does this all mean for you? Consider which targeting groups are your strongest and how they will be impacted. What first-party data do you have access to (e-mails, phone numbers, remarketing lists) that you can focus on to help bridge the gap.
- Political Advertising: aside from data management, Facebook has received intense scrutiny surrounding political interest groups utilizing the platform to influence campaigns and issues around the world. In response, Facebook is now requiring a political authorization process for advertisers who want to run election-related ads. Advertisers will have to provide mailing addresses within the US, provide the last four of their SSN and a copy of their driver-licenses. Users will also be able to view all ads political pages are running and an achieve will be available of past advertisements. When considering a political strategy, it may be wise to distribute media spends and content across multiple ad spends and campaign groups.
- Restricting Data Access: Facebook has updated the platforms APIs to be more restrictive on Events, Groups, and Pages access. In addition, apps access to users information through the Facebook Login is much stricter than before, removing apps ability to access personal information. For a complete list of restrictions, click here.
The GPDR is an expansion on current European Union (EU) regulations, focusing primarily on data controllers. GPDR applies to companies with customers/users residing in the EU, even if the business is not located there. These regulations go into effect on May 25, 2018.
In response, Google Analytics announced the data retention tools. The controls give you the ability to set the amount of time before user-level and event-level data stored by Google Analytics is automatically deleted from Analytics’ servers. If you don’t adjust the time period, come May 25th you will only have historical web data from the past two years.
Even if your company doesn’t advertise in the EU, the impact of the GPDR is proving to reach into the US consumer’s mindset. 68% of US internet users say they’d support GDPR-style rules in the US (Janrain, 2018). According to the eMarketer, “just over half (51%) of those polled in the Janrian survey said they were ‘very concerned’ about the security and privacy of their data, and 43% were ‘somewhat concerned.’” Maintaining trust with your consumer is vital. Take time to review your policies and how these are being communicated to your target.
As regulations continue to tighten the reigns on what marketers have access to and how we can utilize this information, it’s imperative to understand which data sets are the most important to your company. Examine where this information is originating from and how you can begin cultivating your own access. Data should be driving insights and influencing overall strategy. Now is the time for a data management and cultivation strategy.