Media Unleashed

GDPR Refresh

By: Courtney Ou    July 23, 2019

Here we are, over a year past the rollout of GDPR and many of us still don’t entirely understand what it is or how it affects our campaigns. Perhaps you didn’t have any European clients during the whirlwind start of GDPR so you turned a blind eye, or maybe you’re starting to realize that with the California Consumer Privacy Act on the horizon in the U.S., it might be time to do some brushing up. Don’t fret, you aren’t alone. Hopefully the guide below will be a starting point on your journey of digging deeper into GDPR details.

What Is GDPR?
Let’s start at the beginning – what exactly does GDPR stand for? The answer is the General Data Protection Regulation. What exactly does this mean? It’s a regulation on data protection and privacy for citizens of the European Union. It covers how the data of these citizens is processed. This data includes anything that can be used either directly or indirectly to identify an individual. Another important component of GDPR is that a legal basis that is processing this data needs to be logged for auditing purposes.
What Is Consent?
In order to access a user’s device to read or write cookies, consent must be given. To be compliant with GDPR, this means the unique consent must be:
• Legally given
• Specific
• Informed
• Unambiguous
• Given voluntarily

What’s the Current State of GDPR?
While GDPR is no longer a new regulation, there is still confusion in the industry. Parties are still facing ambiguity in the law as there have been difficulties still in defining the data controllers and data processers within the system. Often, parties are finding that they are both within their ecosystems. In addition to confusion with the controller and processer component, parties are still having mix-ups with consent.

What Are Consent Management Platforms?
As a result of the confusion around consent, there is an IAB Transparency and Consent Framework. This framework aims to help all involved parties comply with the laws by setting a standardized method to capture consent and provide transparency. This new technology of Consent Management Platforms (CMPs) helps parties understand if legal consent has been given.

What’s the Future Impact of GDPR?
GDPR is here to stay … so it’s best to make sure you are keeping up with the policy. As time goes on, additional phases will roll out in the EU. If you don’t have any European clients, GDPR is not something that can be ignored anymore either. A similar type of law will be rolling out in California in 2020 as well. Don’t worry, you aren’t alone in the sea of data privacy. The good news is that the heavy lifting has been done when it comes to understanding compliance and support is in place for whatever the future holds. As a good rule of thumb, reach out to your trusted partners and ask them to help guide you through the framework to get you where you need to be.