When the EU enacted the General Data Protection Regulation (GDPR) it set off a data compliance rush and inspired others to review their own legislation. Since May 2018, we’ve seen California pass the Consumer Privacy Act (CCPA), Canada update its rules on breach notification, and senate-level discussions about the potential for federal privacy legislation. And that’s just North America; data laws are also being reviewed internationally in Brazil, Japan, and India.
The response from the digital community remains mixed, especially among publishers. Some have adapted existing cookie pop-ups, while others have chosen to block EU traffic entirely. And then there are the forward-thinking industry leaders who have moved past basic compliance and are using GDPR as an opportunity to drive greater engagement by offering individuals wider data choices. For example, on their first visit to Washington Post, users are offered a choice between a subscription-based access, or free access – which permits the publisher to collect the user’s data in exchange for free content, as clearly outlined in the messaging pop-up.
Given that most consumers still want further control over how their personal data is used — 67% feel the US government should be doing more to protect data privacy — publishers who go the extra mile will be the ones to win greater audience trust, loyalty, and data access consent.
Compliance: where are we now?
As the data legislation landscape has evolved, so have publisher practices. In the months after GDPR enforcement, more than 1,000 US news sites blocked EU visitors to avoid potential compliance risks and several major outlets still remain locked, such as the Chicago Tribune and Los Angeles Times.
But publishers are increasingly recognizing the importance of embracing regulation and giving consumers more power over data collection. This has led to an increase in the adoption of tools designed to provide consumers increased privacy controls – around a quarter of publishers are thought to be using consent management platforms (CMPs) to gather unique data preferences and ensure these are passed to relevant vendors.
The slow yet steady progress is positive: showing that publishers understand consent signals are essential for keeping within the law, and audiences engaged. This has been further fuelled by recent cases in France. Teemo narrowly escaped a fine from the Commission nationale de l’informatique et des libertés (CNIL) for collecting and processing data without informed consent, Vectaury received a formal warning from the CNIL on the validity of the consent it had obtained and more recently, Google is appealing a fine of $57 million. Cases like these will continue to play a role in informing publisher strategies. But going a step further, if publishers want to optimize audience experience and retention, they must provide the ability for consumers to personalize data choices and content consumption preferences.
Taking a consumer-centric approach
While providing an explanation of why data is needed and a way to opt in or out is enough for publishers to be considered GDPR-compliant, it doesn’t mean they are consumer centric.
To enhance trust and build lasting audience relationships, publishers need to take their consent efforts up a level by increasing flexibility and control. They must create requests that make it easy for individuals to set detailed data preferences and for those publishers who offer users the ability to login, efforts should be spent to align cookie level preferences with the users’ overall profile. More and more we expect identity to be central to a publisher’s ability to understand a users’ consent preference and then use those preferences to personalize the experience for their consumers across all contexts and devices.
It’s also important for publishers to take a creative approach to messaging and adopt a design that fits with the site’s brand identity, maintaining the overall brand image. It’s about speaking to a specific audience – embedding messaging seamlessly into the rest of the branding by using brand colours and assets demonstrates that care has been taken to enhance the user experience, providing further familiarity to the consumer. More so than ever, the relationship between ad operations and consumer marketing teams within publisher organizations will need to be in alignment to pursue joint efforts.
Granular consent: what’s in it for publishers?
Putting consumers in the driving seat increases their confidence in publishers and improves their overall experience, which together results in stronger relationships, and potentially higher consent conversion. This means publishers can secure access to high quality audience insight that will help drive monetization and better engagement.
Ultimately the increasing tide of regulation is a sign that consumers want to control the data collected about them, and the way it’s used. Publishers that go the extra mile are not only acknowledging audience needs, but also proving that they take them seriously. By exceeding baseline consent and going beyond compliance to offer individuals seamless incremental choice, publishers can deliver experiences that keep them ahead of competitors and connected to their audiences.