Compliance Mess as Google Delays Ad Standard for EU Privacy Law
Delays Ruining Push by Members to Comply with EU Privacy Law
Google is leaving some firms open to fines by delaying its entry into a consortium of advertising technology companies. These delays are causing problems for members who are pushing to comply with the European Union’s new privacy laws, and those who are currently the most vulnerable are the unwitting owners of ad-funded websites and apps.
Google has stated that these owners have a responsibility to get the needed consent to serve these targeted ads to their European consumers. Google’s policy decision has cascaded through the US$200 billion global online advertising industry which is mostly dominated by Alphabet Inc.
This is a concern because of how a website visitor’s data passes through approximately a dozen ad tech firms before the user is even able to view the loaded ad on their screen, and according to the Europe General Data Protection Regulation (GDPR), each of these ad companies must either have user consent or another legal basis to access a viewer’s data.
Although Google did devise a temporary solution, it is nowhere near perfect as some of Google’s advertising clients are still targeting ads to users who have not given their consent or agreed to personalized marketing.
Google has declined to comment regarding the possibility of policy violations. Google is instead reiterating that the GDPR is “a big change for everyone” and that the company is still working with its partners regarding the compliance requirements. A fine by the GDPR could result in amounts as high as 4% of Google’s annual revenue.
Sovrn Holdings Inc.’s Chief Executive Walter Knapp states that until Google adopts the consent framework by the EU, there will still be a lot of confusion going on that needs to settle down. Sovrn Holdings Inc. is an ad software company.
DoubleClick Bid Manager Unable To Accept Users’ Selection
Google’s DoubleClick Bid Manager (DBM) is also facing a critical issue because large advertisers rely on DBM to make ad space purchases from ad exchanges. Unfortunately, DBM will not be able to accept the users’ selection because it does not support the consortium standard without the compliance acceptance. Many websites in Europe present visitors with pop-up ads which ask for their consent before sending identity data to exchanges, which means DBM’s ad space with its user information is valuable.
AppNexus Inc and Rubicon Project Inc are just some of the many big exchanges which are working around this issue by promising that they will only be offering ad space on DBM if the user has consented, although they declined to specifically state how they are ensuring this adherence with compliance. The two companies told websites that if they cannot meet the guarantee, it was up to them to block DBM.
AT&T Inc., who agreed to acquire AppNexus in June 2018, has said that they will be operating as separate companies until the issue of regulatory approval has been reolved, and declined to comment on any specific GDPR issues.