Out of all the hurdles publishers and AdTech & MarTech companies must overcome to comply with the upcoming General Data Protection Regulation (GDPR), the one about user consent is the biggest.
After May 25, 2018, if they want to collect, process, and store personal data from data subjects in the EU and EEA, then they’ll have to:
- Obtain clear, unambiguous, and freely given (i.e. no pre-ticked boxes) consent from users for each data-processing activity (e.g. behavioral targeting and remarketing).
- Tell them exactly what their data will be used for.
- List the companies they’ll share the data with.
- State how long they’ll keep the data.
- Manage the website’s tags based on the user’s consent decision (i.e. only fire tags once the user has given consent).
- Store the user’s consent decisions and privacy preferences for future user and reference.
But what will all this look like in practice?
We created an infographic to illustrate this entire process.
Click here to view the infographic in landscape format.
Goodbye Cookie Bars
Not only is this cookie-bar method completely ineffective at introducing any sort of data protections or improving user privacy, as it allows for data to be leaked and shared without the users’ knowledge, but it also creates a poor user experience.
While the new process of obtaining, storing, and managing user consent decisions poses a number of technical challenges, which can be overcome by either using a consent manager or building your own user consent tool, the real challenge for publishers, AdTech and MarTech companies, and advertisers will be persuading users to provide their consent in the first place.