Here is what GDPR consent dialogues could look like. Will people click yes?

Dr Johnny Ryan GDPR Leave a Comment

This note presents sketches of GDPR consent dialogues, and invites readers to participate in research on whether people will consent.  Consent requests In less than a year the General Data Protection Regulation (GDPR) will force businesses to ask Internet users for consent before they can use their personal data. Many businesses lack a direct channel to users to do this. Therefore, it is likely that they will have to ask publishers to seek consent on their behalf. This is a sketch of what a GDPR consent request by a publisher on behalf of a third party may look like, with references to the elements required in the GDPR. Click to expand: Information that data subjects must be given in GDPR-compliant consent requests.…

The 3 biggest challenges in GDPR for online media & advertising

Dr Johnny Ryan GDPR 1 Comment

This note explains the three deepest challenges that the online advertising industry must overcome to survive the new European data rules. It also outlines our approach.  The General Data Protection Regulation (GDPR) and the ePrivacy Regulation (ePR) pose particular challenges for publishers, brands, and adtech companies. These go beyond the normal gap analysis and security overhaul that other businesses must undertake to comply with the new rules. Online advertising and media businesses’ ability to function online depends on the outcome of three deep challenges. Deep Challenge 1: Obtaining consent to process an internet user’s personal data. Despite some lingering debate to the contrary, businesses will need consent from internet users to use their personal data for online behavioral advertising. This poses a UX challenge.…

PageFair statement at European Parliament rapporteur’s ePrivacy Regulation roundtable

Dr Johnny Ryan GDPR Leave a Comment

Lightly edited transcription of PageFair remarks at rapporteur’s sessions at the European Parliament in Brussels on 29 May 2017, concerning the ePrivacy Regulation.  Statement at roundtable on Articles 9, and 10.  Dr Johnny Ryan: Thank you. PageFair is a European adtech company. We are very much in support of the Regulation as proposed, in so far as it relates to online behavioural advertising (OBA).…

Why pseudonymization is not the silver bullet for GDPR.

Dr Johnny Ryan GDPR Leave a Comment

Pseudonymization will not save online advertising companies from having to seek consent to use browsing and other personal data. This note explains why. Personally identifiable data (PII) will become toxic in May 2018 when the General Data Protection Regulation is applied, unless data subjects have given consent.[1] Some businesses may try to rely on “pseudonymization”, a partial method of anonymization, to continue to use PII without consent. This would be a mistake, as the GDPR (and a previous opinion from the Article 29 Working Party[2]).…

Supporting new European data regulation

Dr Johnny Ryan GDPR Leave a Comment

Unusually for an ad-tech company, PageFair supports the proposed ePrivacy Regulation. Here is why.
Additional note (11 May 2017): our position concerns the proposal’s impact on online behavioural advertising (OBA). Though there are kinks to work out, as we note in our recent statement to Parliament representatives, we strongly endorse the proposal’s broad approach to OBA.  The European Commission has proposed new rules for ePrivacy, which will supplement the GDPR.[1] Unlike colleagues in other digital advertising companies, PageFair commends the proposed privacy protections for online advertising.
Access the GDPR/ePR repositoryA repository of GDPR and ePrivacy Regulation explainers, official docs, and current status.Access Now PageFair has taken this position for two reasons. First, personal data are not required for online advertising.  The online advertising system can deliver relevant ads without the need to use personally identifiable information (PII), or third party cookies that collect PII.…

Why the GDPR ‘legitimate interest’ provision will not save you

Dr Johnny Ryan GDPR, Uncategorized Leave a Comment

The “legitimate interest” provision in the GDPR will not save behavioral advertising and data brokers from the challenge of obtaining consent for personally identifiable data. As previous PageFair analysis illustrates, personally identifiable data (PII) will become toxic except where it has been obtained and used with consent once the General Data Protection Regulation is applied in May 2018. Even so, many advertising intermediaries believe that they can continue to use PII data without consent because of an apparent carve-out related to “legitimate interest” contained in the GDPR. This is a false hope.

Ten Key Things That Happened in Q4

Dr Johnny Ryan Adblocking, GDPR Leave a Comment

Amid the blizzard of press releases and conference tidbits concerning media, advertising, and adblocking, only some really matter. Here are the ten key things that happened in Q4. OCTOBER 1. US Department of Justice examines possible agency shenanigans.  It transpired that the US Department of Justice had launched an investigation into rigged bids that unfairly favored advertising agencies’ in-house services over others, at clients’ expense. The Association of National Advertisers’ report into agency kickbacks, released in June, exposed agency practises that shortchanged clients, and several big brand CMOs launched audits of their agencies. But the DOJ investigation now raises the stakes for agency executives: previous investigations in 2002 resulted in prison sentences. 2. Media consolidation AT&T agreed a deal to purchase Time Warner for $85.4 Billion.…

Europe’s new privacy regime will disrupt the adtech Lumascape

Dr Johnny Ryan GDPR Leave a Comment

In a year and a half, new European rules on the use of personal information will disrupt advertising and media across the globe. Here are the three biggest impacts.  Since 1996 when cookies were first repurposed to track users around the Web there has been an assumption that gathering and trading users' personal information is the essence of advertising online. This is about to change.

Reprieve for IT departments as EU court rules on IP addresses

The PageFair Team GDPR Leave a Comment

If you run a website, you might want to breathe a sigh of relief. A decision this morning from the European Court of Justice means that websites can continue to collect and store visitor IP addresses. It would have been a shock to many if the ruling had gone the other way.

Eight Things From Q3 Worth Knowing

Dr Johnny Ryan Adblocking, GDPR Leave a Comment

Now, ten days into October, we have had time to digest on the events of the last quarter. As is ever the case with history, only some of the headlines of the last three months will have any lingering impact. But of all the events in the past three months the following eight are worth knowing about. This post is a quick digest of the ones that will shape the environment.…