It hardly needs to be explained, but the GDPR is the European Union’s new privacy law. It kicked in last Friday, May 25, and promises to guide, influence and rule digital data practices, not only in the EU’s 28 member nations, but also the rest of world. Ready or not, companies in the digital space are spending significant funds and time to conform to the rules — and watching closely for who comes out ahead and who is falling behind.
According to The Wall Street Journal, Google is an early beneficiary of changes in online behavior so far. On Thursday (May 31), the paper reported that because of the GDPR, advertising spending is flowing toward “Google’s online ad services and away from competitors that are straining to show they’re complying with the sweeping regulation.”
PYMNTS intends to monitor the winners, losers and unintended consequences of the GDPR. To be fair, it is hardly surprising that a big operator such as Google would be looking this good this early.
A new PYMNTS column from Karen Webster, which criticized the logic behind the European data privacy rule, anticipated that EU regulators who support the GDPR might instead have created a landscape that, over time, will leave the continent with “only the largest of global players to serve the needs of its citizens, which is precisely the type of company EU regulators seem to loathe.”
That’s not to say those large firms are immune to post-GDPR flak. Max Schrems, an Austrian activist who has long criticized how the companies collect data on their users, has filed lawsuits against Facebook and Google over their data sharing policies, suits that collectively claim $8.8 billion in damages.
But on the brighter side, for Google at least, are the early online ad returns, as described by The Wall Street Journal. The report said that Google parent Alphabet “is gathering individuals’ consent for targeted advertising at far higher rates than many competing online ad services." Essentially, Google is making sure it plays according to the strict guidelines set by the GDPR right out of the gate, a task that generally will be easier for larger, richer companies, according to analysts.
“Since the law went into effect Friday, Google’s DoubleClick Bid Manager (DBM), a major tool ad buyers use to purchase targeted online ads, has been directing some advertisers’ money toward Google’s own marketplace, where digital ad inventory can be bought and sold, and away from some smaller such ad exchanges and other vendors,” the paper continued. “That shift has hurt some smaller firms, where Google says it can’t verify whether people who see ads have given consent.”
So how much is Google benefiting so far from the GDPR?
Hard numbers are difficult to come by, but the paper quotes Havas SA, “one of the world’s largest buyers of ads,” as saying it has noticed a “low double-digit percentage increase in advertisers’ spending through DBM on Google’s own ad exchange on the first day the law went into effect.”
As Google apparently figures out how to make the GDPR work for its online ad business, other companies and sectors of the economy are still significantly behind.
Take B2B, for instance. A Forrester Research survey of 66 B2B marketing firms found that 15 percent of them thought they were fully compliant with the new privacy laws. A further 62 percent considered themselves partially compliant, or said they would be compliant by year’s end. The rest apparently had little or no idea about the specifics of the GDPR, or figured the rules would not apply to them.
Another survey underscores how many businesses that do not enjoy Google’s cash reserves and expertise are facing risk in this new GDPR world. The May Digital Identity Tracker from PYMNTS found that nearly 44 percent of small businesses and 41 percent of medium-sized companies have yet to take steps to ready themselves for the new rules, and preparedness is much lower among non-EU firms.