As privacy reaches a new boiling point, adland faces an uncertain future: we investigate

For advertisers in particular, data, in many ways, serves as the backbone of the ecosystem they inhabit. It enables them to find audiences across the internet and connect with the right consumers at the right time, with messages that resonate with them. The process in turn empowers publishers to monetize their content and ultimately keep the open web, well, open – and largely free.

But the outlook for data-driven decision-making is coming into question as the tide rises on data privacy and protection.

Demand for increased consumer data protections has in many ways been the natural extension of the digital age. With more information at their fingertips, consumers have become increasingly conscious of their role in supporting the open web and the machinery of what some have dubbed “surveillance capitalism.”

In light of rising pressure, the EU pulled the trigger on the first groundbreaking development in consumer privacy in years, in the form of the far-reaching General Data Protection Regulation, or the GDPR. The legislative framework introduced new ways for EU consumers to control how and when their personal information is collected, stored, sold and used.

In the four and a half years since the GDPR went into effect, the world has witnessed an explosion of data privacy developments.

Inspired by the EU’s success, US states including California and Virginia took up the mantle, passing sweeping state regulations taking aim at commercial uses of data without individuals’ consent. Next year, five new state-level privacy laws will go into effect in the US.

Meanwhile, federal lawmakers in the US have pressed for a GDPR-like national framework – and this year, the country has come closer than it’s ever been to passing such a bill. But wary of slow Congressional progress, government agencies have stepped in to accelerate the privacy agenda; in August of this year, the US Federal Trade Commission said it would kickstart a new rulemaking process in an effort to “crack down on commercial surveillance and lax data security practices.”

Across the pond, the EU this year green-lighted the Digital Services Act and the complementary Digital Markets Act, which aim to establish more stringent rules for content on online platforms, including new privacy measures. The UK scrapped the GDPR and announced plans to institute its own – likely laxer – data privacy and security legislation, with the goal of reducing “unnecessary red tape” for businesses.

Around the globe, major markets including Brazil, China, Indonesia and India have made new proposals or successfully passed new laws that are designed to give consumers more control over their data and its commercial use.

Enforcement of existing regulations is getting more serious too. Government agencies around the globe are slapping publishers and adtech companies with hefty fines for violating data security and privacy laws. Increasing concerns surrounding the use of EU user data by US security agencies have generated new scrutiny around cross-border data transfers – a development that may have lasting repercussions for the world’s biggest publishers.

But it’s not just regulatory and enforcement action heating up; under growing pressure from consumers, privacy advocates and lawmakers alike, the tech titans whose platforms support the majority of the world’s advertising activity – think Google, Apple and Meta – have taken it upon themselves to pave a new privacy-centric path forward.

Google plans to sunset third-party cookies – a widely-employed technology that enables advertisers to track individual users as they move across the web – by 2024 (a timeline that’s been twice delayed). Its analytics platform has stopped logging IP addresses. The $1.24tn company is investing major resources in developing new tools that seek to obfuscate individuals’ personal information while providing advertisers with enough insights to effectively target their audiences.

In a similar way, Apple has cracked down on device-level tracking and targeting. Operating system updates rolled out in the past two years have given users a range of new privacy-focused controls. The company has deprecated its cookie-like Identifier for Advertisers and allowed users to select which apps have permission to follow their activity across the internet. Built-in VPN access and new email privacy features have further insulated users’ information – and made it more difficult for brands to gain granular data about consumers that can be used to advertise to them.

Apple’s changes in particular have severely stymied Meta’s advertising business; the social media behemoth has predicted that it will lose a whopping $10bn in 2022 alone as a result. Amid all the action, Silicon Valley infighting has reached new heights.

In light of the tidal wave of new consumer data protections, advertisers have been forced to do something they’re already known for: exercise creativity. Investments in privacy-centric identifiers are growing as the ecosystem seeks to replicate the power of third-party cookies. At the same time, many are turning away from third-party data altogether and prioritizing first-party data strategies with the help of privacy-preserving data cleanrooms and in partnership with budding retail media networks. Context-based approaches to ad targeting are taking off, and players in ecosystems such as the premium video and streaming space are developing nascent privacy-focused media targeting and measurement solutions.

For marketers and advertisers, the order has never been taller. They must navigate the minefield of data privacy and security while innovating new approaches that will allow them to connect with target audiences and measure the impact of their efforts. All the while, they’re grappling with the emergent forces of web3 and new digital paradigms – under the thumb of economic uncertainty.

At the end of the day, advertisers, developers, publishers, technologists, policymakers and consumers need to collaborate to create a balance that works – a system in which businesses can flourish while consumers can feel safe and in control of their information.

This week, as part of The Drum’s Data and Privacy Deep Dive, we’re investigating the ins and outs of all things data and privacy as they relate to marketing, advertising and the open web.

Expect exclusive research, fresh insights and incising analysis of the following topics:

• The impact that Apple’s iOS changes have had on Meta’s advertising business

• Changing consumer sentiment about the value exchange of personal information and relevant content

• The environmental impact of the programmatic marketplace – and how adland is working toward decarbonizing its supply chain

• The future of web analytics in light of the impending rollout of Google Analytics 4

• Key privacy considerations facing the burgeoning metaverse

• How streaming and connected television players are navigating cross-screen measurement challenges

• The fight to combat data-driven discrimination in advertising and media

• How consumer data is powering modern dating

• The value of data literacy within an organization

Happy reading!

Check out The Drum’s Data and Privacy Deep Dive for more. Plus, join us Tuesday virtually or at The Drum Labs live in London for a special panel on balancing consumer privacy with data-driven advertising tactics.