GDPR Day Recap: Lessons Learned & What To Expect

Before May 25, there was speculation on what would happen after GDPR. People assumed Google and Facebook would come out ahead. Others surmised that blocking EU citizens would be “a last resort.” Check out our GDPR Day Recap to get an overview of what actually happened and what to expect moving forward.

Facebook and Google Fined 8.8 Billion Dollars

With more time and resources to prepare for GDPR, many people predicted giant companies like Google, Facebook, and Amazon would come out ahead. As of May 25, however, Google, Facebook, Instagram and WhatsApp were hit with privacy complaints within hours of GDPR taking effect — complaints that by end of day totaled $8.8 billion.

Privacy-advocacy group Noyb.eu explained that the companies force people to adopt an unacceptable "take it or leave it" approach with regard to privacy.

Fines on the Horizon for Apple, Amazon, LinkedIn

French digital rights group La Quadrature du Net is pursuing Apple, Amazon, and LinkedIn in addition to Google and Facebook. On Monday, it filed seven complaints with French privacy regulator CNIL against the five companies. Google got separate complaints over Gmail, YouTube, and Search.

Programmatic Demand Slipped by 40%

Some publishers stopped running automated digital ads altogether when GDPR began on Friday, industry news website Digiday reported. Digiday reported that some ad exchanges saw demand from Europe drop as much as 40 percent.

US News Outlets Went Dark in the EU

American news outlets including The Chicago Tribune, The Los Angeles Times, The New York Times, and The Arizona Daily Star abruptly blocked access to their websites from Europe on Friday, choosing to black out readers temporarily until comply with the GDPR standards. With about 500 million people living in the EU, that’s a hard stop on one-and-a-half times the population of the U.S.

Small Companies Completely Cut Off EU Services

Unlike those with more resources to combat legal complaints, smaller companies have taken a more permanent approach to GDPR. Unroll.me, an inbox management firm, announced it was completely withdrawing services for EU companies due to an inability to offer its product as outlined in GDPR.

Unexpected Impact on Smart Device Owners

When most people think of GDPR, they think of digital ads and emails but forget about smart devices. PC hardware maker Razer issued an update to one of its computer mice, warning that users may find their devices weren’t working if they didn’t consent. Chinese smart-home manufacturer Yeelight disabled inter-connected light bulbs in the EU.

Oath Found A (Bad) Consent Loophole

Websites run by Oath (result of Yahoo! and AOL merger) sent blanket consent requests in which users click OK to move on, or follow a chain of links to discover that consent means sharing data with more than a hundred ad networks. Another Oath site, Tumblr, offered some links to understand how partners use data. However, this information was hosted on Tumblr itself and users had to accept the terms in order to read information about the terms they were accepting. Consumers have taken notice and widely shared the brand’s abuse of the law.

Creative Consent Messages Reigned Supreme

GDPR led to more creativity among email marketing teams. For example, a message from rock band Rage Against the Machine was widely shared on social media after the band urged fans to click a button marked “Testify!” to continue receiving emails followed by “Here comes the bit from the suits,” to highlight the legal disclaimer text.

In-House GDPR Data Tools Created Advantages

European media powerhouse Axel Springer had the resources to develop its own consent management platform that it opened to other publishers to use as open source, a move which has earned the company enough clout in the market to stand up to larger platforms.

The Takeaway

Since taking effect, GDPR has been felt worldwide. While the new law has had unforeseen impact on smaller companies and media giants alike, a few clear lessons on navigating GDPR successfully have emerged. For starters, companies that use loopholes to gain consent will receive backlash. Plus, creative consent requests are more likely to stand out. And finally, companies who utilize technology to create in-house GDPR strategies will be seen as industry leaders.

Interested in building your own in-house GDPR consent organization tool? Book a free evaluation with our data experts today.