The Drum Awards Festival - Extended Deadline

-d -h -min -sec

European Union Data Protection Under Armour

Could European data protection reforms herald new rules of engagement for marketers?

By Catherine Turner

April 5, 2016 | 8 min read

Sponsored by:

What's this?

Sponsored content is created for and in partnership with an advertiser and produced by the Drum Studios team.

Find out more

Data is the lifeblood of businesses. For too long, however, the focus has been solely on its worth to brands. As European data protection reforms come into play and more and more startups look to help people regain control of their personal information and realise its value, are we about to see newfound respect for consumers?

In December last year, after almost four years of wrangling, provisional agreement was finally met on European data protection reform to make Europe “fit for the digital age”.

The General Data Protection Regulation (GDPR) will be formally agreed in weeks, with companies given two years to implement the new rules.

At more than 200 pages long, the Regulation is one of the most wide-ranging to be passed by the EU and formalises concepts such as the ‘right to be forgotten’, data portability, data breach notification and accountability. Massive fines of €20m or up to four per cent of global revenues are threatened for non-compliance.

The reform, says the European Union, will allow people to regain control of their personal data. According to a recent Eurobarometer survey, two-thirds of Europeans (67 per cent) are concerned about not having complete control over the information they provide online. Seven out of 10 worry about the potential uses companies may make of the information disclosed.

Certainly, the data landscape has shifted enormously from when the Union proposed data protection reform in 2012, and almost beyond recognition from the time the UK’s Data Protection Act of 1998 came into being.

Zach Thornton, external affairs executive at the Direct Marketing Association (DMA), says getting to grips with the GDPR is the biggest challenge ahead for marketers and agencies of all stripes. “Huge brands with massive data businesses will need to make sure they are up to speed,” he says.

“The GDPR is introducing massive changes across the industry. It is bringing data protection out of the legal department to be dealt with at the highest level.”

Data is now big business, informing how consumers are tracked and targeted with marketing messages but also – as the internet of things comes online with connected devices from fitness trackers to fridges, cars and even medical equipment – transforming how businesses operate and the services they offer.

For instance, Under Armour bought fitness tracker MapMyFitness and lately Asics purchased Runkeeper. Philips is focusing as much on its connected solutions, collaboration and software as it is the products it produces. The sharing economy, led by poster boys Uber and Airbnb, is in full swing.

As Turn’s managing director EMEA Richard Robinson says, “data is the lifeblood of business today”.

The benefits to brands are obvious, but there are signs too that consumers are becoming frustrated that, at best, they and their valuable data are being taken for granted.

For instance, a study this month by the Illinois Institute of Technology in Chicago of 211 diabetes apps for Android smartphones showed 81 per cent lack data privacy policies and only four ask before sharing a user’s data with third parties.

In Britain, an app that stores any personal data must comply with data regulations from the Information Commissioner’s Office that states users must be “properly informed about what will happen to their personal data if they install and use the app,” though it’s hard to regulate at present what happens when people download apps built in the US or elsewhere around the world.

Robinson says: “There’s a feeling at the moment that people are throwing their hands up in disbelief that organisations are ‘stealing’ their data.”

Nowhere is that more noticeable than with the rise of programmatic technologies that allow, for example, clumsy retargeting. Whereas tracking people online has been carried out for years and fed into direct response campaigns either through mail or email, now the results are instantaneous – you can be checking out a purchase online one moment and be targeted by a digital ad for that product seconds later.

Likewise, opt-ins and opt-outs on marketing forms can be a minefield to navigate with too little information on what the data will be used for – something the new rules hope to eliminate but something experts say brands should be doing on principle anyway.

Little wonder then that this is leading not only to an upsurge of adblockers but also to the emergence of a personal data management services sector, where individuals can sell or lease their personal information in exchange for money or services.

CitizenMe was founded in 2014 by StJohn Deakins with the aim of helping digital citizens gain control of their digital identity. It focuses on helping users collect and analyse social media data through a mobile app that connects to multiple social networks and will eventually allow them to monetise that data directly to advertisers.

“We want to liberate data. We are on the tipping point of a massive shift from the industrial to the information age,” he says. It launches a new version of its app next month.

Ryan Garner, CitizenMe’s director of insight, says the balance of control over the data generated in this new age is “one-sided”, pointing to a recent report by Syniverse that suggests 75 per cent of consumers distrust brands with their personal data.

“There’s a huge amount of opacity at the moment,” he adds. “And that engenders even more fear and distrust.”

Data security breaches and leaks, such as Edward Snowden’s which showed the mass scale government agencies also disrupt privacy, have only increased this distrust.

Another project aiming to give customers more control over their data is

Launched by former WPP Team Detroit executive Nicholas Oliver in January this year, the website and app invites consumers to disclose information about their interests and preferences, which is then used to match businesses with engaged consumers. Brands can bid for the opportunity to connect with those ideal customers – and part of the bid will convert into a reward for individuals reached via

Oliver says that the small-scale Shoreditch-based trial running at the moment is to prove the concept; and he is in talks with VCs, publishers, FMCG brands and telcos over the platform and its potential.

“This is such a fundamental shift in the mindset of consumers and if we can prove that they get what we’re doing there is a model that benefits everyone.

“We’re trying to prove our combination of certain elements is the successful one for the race that’s about to start.”

He says at present whole ecosystems have been built around trying to find and define the customer, with dozens of tracking devices, cookies and connected data sets employed at vast expense – all to serve up banner ads that disrupt the consumer experience in order to fund the free web.

Wouldn’t it be simpler, and more insightful, he asks, to simply ask the user for their data instead?

“People are becoming aware of how much personal data companies are taking, and how valuable that data is. And most people consider their personal data as their property. The problem is that nobody has yet presented them with a solution to that. We are building a new industry of opportunity. Everyone talks about the single view of the consumer, but it’s still from the brand’s point of view.”

As Robinson concludes: “Technology is moving us from enabling marketing to empowering marketing, but you need to understand, trust and respect your customer first. You need to allow the consumer to understand what data you’re collecting and how it is going to be used.”

It seems that new rules of engagement – be they dictated from policymakers or otherwise – are most certainly in play.

The Drum will host a Data breakfast on Thursday 14 April at its London offices. To register your interest, contact

European Union Data Protection Under Armour

More from European Union

View all


Industry insights

View all
Add your own content +