Here are our key takeaways:
GDPR & PECR
The dust has now started to settle on what is and isn’t acceptable according to the General Data Protection Regulation (GDPR), the European data protection legislation introduced in May 2018.
The UK ICO has now made three GDPR fines since it came into force. EE were hit with £100k fine in June 2019, Facebook a whopping £500k in October 2019 and DSG £500k in January this year. There have also been a further three fines to other UK businesses for nuisance calls and text messages and three individual fines.
A new draft of the much anticipated e-Privacy regulation (PECR) is due to arrive in February 2020 and could bring major changes to the marketing industry.
The UK will leave the European Union on 31 January and enter a transition period. During this period the GDPR will continue to apply in the UK and businesses won’t need to take any immediate action.
As part of the negotiations during the transition period, the free flow of data will be on the agenda with the data protection rules still to be clarified. Will the UK follow the same model as the EU previously or does this change open scope to replicate another country’s data model – The Chinese? The USA? Or the European?
The ICO has prepared an excellent FAQ paper about information rights and Brexit here.
Cookies and Ad Tech
Cookies will continue to be a hot topic in 2020. The ICO recently reissued their cookie guidance, which is currently still covered by PECR, but doesn’t have a clear definition of consent within. The big question going forward will be what cookies need to gain consent, and what ones don’t.
Some of the current cookie policies, where users ‘click here’ to consent will no longer be acceptable. Companies will have to clearly explain how they gather consent and allow users to opt-in. Some brands are already doing this, and others will have to follow.
There are already fundamental changes happening in the world of Ad Tech and the way companies use their data to display ads to customers and targets.
Google is changing the way it uses third-party cookies in a revamp of its ad technology. Over the next 24 months cross-website cookies will be replaced with a more privacy-friendly model referred to as its ‘Privacy Sandbox.’
We’re still to find a solution for the long term, but it’s encouraging to see and hear these advancements.