What’s a company to do when data privacy regulations and consumer concerns collide in a multibillion-dollar industry?
Love ’em or loathe ’em, there’s no denying that digital advertisements do a lot of heavy lifting. They bring products to top of mind for consumers and potentially start them down the sales funnel, from awareness to purchase to loyalty. Brands rely on digital ads to target specific audiences, manage their advertising budget, drive sales and, with any luck (and persistence and incentive), develop the coveted personal relationship with the customer.
All that heavy lifting is evidenced by hefty spending: In 2021, digital advertising revenue reached $189 billion, an increase of more than 35% from 2020, according to the Interactive Advertising Bureau. That’s the highest year-over-year growth since 2006.1
Two Developing Issues
Yet even as digital advertising continues to flex its muscles, two developing issues are cramping its style and troubling advertisers.
The first has to do with evolving regulations that focus on the behind-the-scenes environment where personal information is collected. This is the domain of third-party advertising technology (“AdTech”) companies, which use online tracking technology such as “cookies” to follow browsers’ habits. Driven by regulatory concerns about how personal data is processed, data protection authorities in the European Union have been administering a steady drumbeat of enforcement actions, with settlement amounts that are getting attention. Figures range from €2.6 million to more than €700 million.2
Meanwhile, in the United States numerous states are addressing the growing chorus of consumer concerns around AdTech and digital advertising. Many states are enacting or proposing consumer privacy laws, some of which are winding their way through the legislative process as of the publishing of this article.3 The common thread among all is the rights granted to consumers to control their own data and the obligation for organizations to honor consumers’ choices.4
State attorneys general are at the ready to enforce existing and emerging laws as needed. And if there was any confusion about whether this type of legislation applies to AdTech, the California Attorney General’s August 24 announcement of the first enforcement action under the California Consumer Privacy Act (“CCPA”) served as a warning shot across the bow. It was a doozy: In a $1.2 million settlement announcement, the state demonstrated vigorous enforcement of the CCPA and highlighted the bull’s-eye painted on AdTech.5
The second developing issue involves the major players in the technology industry. Google has already publicly announced that its offerings will no longer recognize third-party cookies beginning sometime in 2024.6 In parallel, Apple shifted its mobile operating system from an opt-out to an opt-in model for geo-location tracking.7 These market developments will have a tectonic impact on how digital advertising in both desktop and app environments is facilitated.
The above developments, while not exactly an existential threat to companies that rely on digital advertising, do raise several serious questions about the future of the medium. For instance, if third parties are cut out of the mix or reduced, will advertisers have to rethink their ad placement strategies? How about the sourcing of consumer data — where will it come from, and will compliance rules change? Will companies have to rebuild the architecture of their own websites? Finally, how will advertisers protect and grow revenue derived from digital advertising?
Get Ready for AdTech 2.0
Before running out to reinvent the wheel, organizations can take certain actions now to mitigate the regulatory and market challenges while the environment now sorts itself out. Why wait for trouble when an assessment of current risks can both reduce companies’ potential for revenue loss and prepare them for the arrival of AdTech 2.0?
One starting place is to review governance policies, standards and processes related to data privacy. Are current privacy notices accurate, and do they map against actual data practices? How can the organization be sure? Is a flexible and sustainable AdTech and privacy governance framework that is aligned with marketing in place to help manage these growing risks while protecting digital advertising revenue?
Given the heightened regulatory scrutiny on AdTech and digital advertising, organizations are asking whether they should reallocate marketing dollars to other digital advertising segments as a risk-mitigation strategy. In any case, privacy should be a part of that cost-benefit analysis.
Perhaps the overarching question every organization should consider is, Will they be ready to put their products in front of tomorrow’s audiences and reap the rewards?
For further information, please contact:
Todd Ruback, Managing Director, FTI Consulting
todd.ruback@fticonsulting.com
1: “Internet Advertising Revenue Report: Full Year 2021.” IAB. Apr. 12 2022. https://www.iab.com/insights/internet-advertising-revenue-report-full-year-2021/.
2: Komnenic, Masha. “36 Biggest GDPR Fines & Penalties So Far [2022 Update].” Termly. Mar. 31 2022. https://termly.io/resources/articles/biggest-gdpr-fines/.
3: Ruback, Todd. “The Perfect Storm: AdTech, Privacy and Digital Advertising.” FTI Consulting, Inc. Aug. 15 2022. https://www.ftitechnology.com/resources/blog/the-perfect-storm-adtech-privacy-and-digital-advertising.
4: Desai, Anokhy. “US State Privacy Legislation Tracker.” International Association of Privacy Professionals. Oct. 7 2022. https://iapp.org/resources/article/us-state-privacy-legislation-tracker/
5: Ikeda, Scott. “Sephora Hit by First CCPA Enforcement Action, Settlement Carries $1.2 Million in Penalties for Targeted Advertising Privacy Violations.” CPO Magazine. Sept. 1 2022. https://www.cpomagazine.com/data-privacy/sephora-hit-by-first-ccpa-enforcement-action-settlement-carries-1-2-million-in-penalties-for-targeted-advertising-privacy-violations/.
6: Wiggers, Kyle. “Google delays move away from cookies in Chrome to 2024.” TechCrunch. Jul. 27 2022. https://techcrunch.com/2022/07/27/google-delays-move-away-from-cookies-in-chrome-to-2024/.
7: “Apple’s iOS 14 Requires New Opt-in Consent for Advertising Identifiers.” Hunton Andrews Kurth. Aug. 24 2020. https://www.huntonprivacyblog.com/2020/08/24/apples-ios-14-requires-new-opt-in-consent-for-advertising-identifiers/.
© Copyright 2022. The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates, or its other professionals.
