Programmatic growth picks up as 'doomsday' GDPR passes without major incident

General Data Protection Regulation (GDPR) wasn’t the "data-pocalypse" people feared and hasn’t put businesses off programmatic buying, says Unruly CEO Norm Johnston.

In fact, the video ad-tech company’s programmatic growth has picked up following cries from so many who predicted a slow-down in the immediate aftermath.

"There was an element of ‘Millenium Bug’ fever, where doomsday scenarios predicted legal and financial chaos," Johnston told Campaign US. "Ultimately May 25 passed without major incident."

GDPR applies to all EU citizens, but even companies in the U.S. or China have to follow the rules if dealing with EU citizens.

Among the changes include requests for consent of data sharing can’t be hidden under reams of Ts and Cs—they have to be clearly distinguished. Pre-ticked boxes can no longer be used to indicate consent, and making people hand over more personal information in exchange for extra features is not allowed.

It’s a big piece of legislation, so there were bound to be a few hiccups. Brands and publishers scrambled to get on top of the law by flooding people’s inboxes with consent forms that they either didn’t need to send, or have consent to send, which was an ironic situation, said Johnston.

"Privacy campaigner groups will no doubt continue to attack Google, Facebook and other big data owners to make their own point, and over time it will become apparent if everyone’s consent frameworks and opt-ins are clear enough to comply to the letter of the law, but the febrile atmosphere surrounding GDPR has certainly settled down."

Norm Johnston

The CEO said Unruly naturally fielded a lot of questions from clients as they prepared for compliance, but experienced no slow-down in terms of programmatic work it does for big brands. He puts this down to "the reassurance we can offer with our access to premium inventory and an ecosystem where robust consent frameworks are established."

Some businesses announced they were leaving Europe citing GDPR as a major factor, but Johnston suspects a few of those departures were down to the business not being strong enough, and GDPR providing a convenient time to exit the market.

A number of U.S. publishers are still experiencing teething issues. Some have blocked EU visitors while they work on consent management platforms. The Washington Post has gone as far as to upsell ad-free viewing with a monetized subscription for online readers.

"You’ve got to assume they’ve weighed up the potential liability against the amount of European traffic they get, and made that call," Johnston said. "I expect over time they’ll reach a comfort level that GDPR isn’t the menace they feared. As with any of these things, it just needs a few publishers to move in that direction, and the rest will feel confident enough to follow suit.

"Over time all publishers, big or small, will realize they can’t stick their head in the sand. California just passed the Consumer Privacy Act, which I’ve seen reported as ‘GDPR-lite.’ As you get similar legislation passed at state or national levels, we’re heading to a place where the concept of data privacy is going to be pretty consistent universally."

Research recently carried out by Unruly revealed that the majority of consumers in non-EU countries would like at least one of the GDPR rules to be in effect in their country.

Unruly, which spoke with 4,000 people across eight markets about the changes to the way data is handled by firms, also found that 63% of consumers worldwide trust brands more when they are clear about how and where their data is used.

A total of 93% of all consumers in non-EU countries said they would like at least one rule brought about by GDPR effective in their country.

Among the top areas of importance, people agreed with the three following statements: I should have the right to see a copy of my personal data at any time; I should have the right to ask how my data is being used at any time and; I should have the right to delete the data companies have collected about me.

The research found that people are most comfortable sharing biometric data for services like fitness apps because the rewards for exchange of data are clear and obvious—you get to learn about your health.