EU data privacy laws will hit Asia – marketers need to be ready for them

The European Union's GDPR laws may seem far away in terms of distance and time, but unless the APAC marketing industry acts now, they are going to find themselves paralysed by them, argues Lotame's Alex Sibois

Last year, the European Union adopted new data guidelines intended to protect the privacy of its citizens, and if you’re not thinking about them here yet, you have got some catching up to do. 

Non-compliers with GDPR will face massive fines

The law, known as the General Data Protection Regulation – or GDPR –, is going to dramatically raise the bar for digital data collection without consumer consent once in effect by May next year.

Soon, EU residents will have much more control over how and for what purposes their data is tracked, stored, accessed and used for marketing.

And as an advertiser, you have reason to be concerned. As we hear all too often, data from consumers enables richer and more personalised ad experiences online. But under GDPR, ‘personal data’ will be broadly defined, treating anonymous data and personally identifiable information – like names and email addresses – similarly.

While it’s easy to sit here, thousands of miles away in Asia, and say this will not affect me, the fact is GDPR will hit this region whether we like it or not. In fact, it has the potential to reshape digital advertising across the entire world.

Essentially, GDPR applies to any entity that collects or uses data from EU citizens – even if the company itself does not have a European presence. An Indonesia-based brand that targets consumers in the EU will still need to be compliant, which could easily impact its business. Those who are not compliant by next year’s deadline will be subject to massive fines equal to four percent of global revenues or US$23 million.

So, what do APAC brands need to do to prepare?   

Be educated about compliance.     

Understanding GDPR compliance and what it entails is the first step to navigating the new rules’ impact. Unfortunately, studies reveal that, for most businesses in APAC, compliance will likely be a region-wide challenge. More than half of Singaporean businesses, for example, believe that meeting the May 2018 deadline for GDPR compliance is not feasible. Meanwhile, globally fewer than one-third of companies feel they are prepared to execute the new guidelines.

McKinsey recently looked at why compliance efforts seem so daunting, and they found most companies are overwhelmed by the haze around GDPR’s potential impact, meaning and applications. Most underestimated the scope of GDPR, believing it simply augments previous data privacy guidelines, rather than fundamentally reshaping them.

The consultancy firm also found that interpreting GDPR’s consent requirements have held up compliance progress. Interpretations vary by company, executive and region. More education on the subject is an imperative otherwise the marketing industry will find itself paralysed.

Focus on quality, not quantity.  

GDPR will increase the compliance costs associated with consumer data – however these will actually benefit advertisers. Higher costs will enable a much-needed shift in how the industry and advertisers perceive data strategy. Traditionally, the value of data has been tied to its size and volume – so-called ‘big data’ if you will. But, as the compliance costs of maintaining, analysing and using datasets increases under GDPR, relying on just volume ultimately becomes impractical and cost prohibitive. As a result, the conversation around effective data strategies will converge towards quality over superficial size.   

This will mean substantial benefits for advertisers beyond mitigating costs. Studies find that nearly one-third of marketing data is obsolete after a single year. As data privacy regulations impact what can and cannot be collected, while raising costs, the emphasis on quality over quantity will focus advertisers on the most meaningful datasets that can drive actionable insight and impact for their business.

For advertisers, this means partnering with transparent technology platforms is key. It also means that vendors need to work with third-party attribution and quality measurement platforms that can weed out shallow impressions and fake audience profiles. Similarly, GDPR itself will deliver higher-quality, more authentic data from EU consumers. This is the result of a higher threshold for opt-in and consent – and a big win for advertisers.

The EU’s new data privacy laws will have a substantial impact on all advertisers; globally-scaled brands in Asia-Pacific are no different. Costs will go up and delivering tailored campaigns will be harder. To prepare for GDPR in the short-term, advertisers need to become compliant. Over the long-term, however, as compliance costs rise, advertisers need to become more rigorous with prioritising high-quality data. Without meeting these implications, brands will no doubt soon feel the heavy force of EU fines: hardly something anyone needs during these uncertain times.

Alex Sibois is the managing director APAC of data-management platform Lotame


Get the latest media and marketing industry news (and views) direct to your inbox.

Sign up to the free Mumbrella Asia newsletter now.



Sign up to our free daily update to get the latest in media and marketing