I rang in the New Year putting the finishing touches on my first article of the year, one that outlined the ins and outs of the California Consumer Protection Act. It was fitting that I finished the article just as the law was taking effect. While the law itself won’t do to data what GDPR did two years ago, it will be just the beginning of a complicated decade when it comes to data.
Data Privacy Signs of the Decade Ahead?
Last week, in an expected move, Google announced it would eliminate third-party cookies from Chrome. Digital ad platforms, such as The Trade Desk, are already being valued lower in the stock market. Despite the fact that reliance on cookies has diminished over the years, people still perceive these micro-data trappers as something evil that must be eliminated.
Yet as The Trade Desk CTO and founder Dave Pickles emphasized, the company can already work in a cookieless environment and while technology will always evolve, the internet will still be funded by advertising.
New ways to track consumers will surely take the place of cookies. But Google’s announcement will speed up the evolution as it own two-thirds of the market share.
Europe took the lead in data compliance with the release of the GDPR. They mean business, too. I have personally seen how seriously they take complaints while in a previous role. Google, Facebook, Apple and Amazon know this as well, as they spent the latter part of the last decade fighting compliance issues and being fined more than most people could comprehend. As a result, these titans of Silicon Valley, which CCPA was clearly written to keep reigns on, have been developing security policies and infrastructure to remain within the bounds of the law (which isn't to say it looks like that from the consumer end).
Reining in the Wild West of Data Collection
Since advertising is a major revenue source for Facebook, Google, Amazon and Apple, their policies will likely protect businesses who advertise and collect data via those channels. Rather than risk working with third party solutions that buy ad space on thousands of sites across the web, companies might become more reliant on these technology behemoths, making them even more powerful than they already are.
Another source of data that will likely become more powerful as privacy data is clamped down on is geofencing. Advertising solutions, such as startup Ride Vertise, which builds localized infrastructure for real time, geography-based ads, but doesn’t store personal data, could be a natural means to continue relevant advertising as less personal data is stored. Segmenting by geography has been done for years, but in the near future our location might not be as obvious to advertisers as it is now, which is why they’ll need to catch us in the moment.
What about the throngs of data that almost every company already has? Will a simple database cleanup be enough to ensure the legacy data is in compliance? In some cases, yes. Most large companies will need to hire data specialists to strategize on how to proceed with it all. The 2020s will likely see many new jobs in the data field.
More laws will continue to pass, but they likely won't garner the same widespread interest as the GDPR did when still being implemented at the local and state level. Even the passing of CCPA, while a serious law, didn’t draw nearly the publicity that GDPR did. Laws like this will likely lead to an all-encompassing and less vague federal mandate. At that point, due to the changes already enacted, the general evolution of technology, people’s demand for better privacy protection, and actions such as Google’s elimination of third-party cookies, the surprise and work that needs to be done will (hopefully) be minimal. Like most things in technology, change happens quickly in hindsight, but slowly as it happens. We’ll look back at 2020 in 10 years as the beginning of the end of the wild west of data.
Related Article: Preparing for New Data Privacy Regulations? Learn From GDPR