The Internet is a generally free place to explore, mostly open to anyone with a connection. But as further regulation comes into force — including the upcoming California Consumer Privacy Act (CCPA) – excessive responses from some publishers could be making the web less worldwide.
In reaction to the EU’s recently passed Copyright Directive, Google has threatened to pull Google News in Europe if quoting stories will mean paying fees. And almost exactly a year since GDPR application, more than 1000 websites remain off limits for EU visitors.
As the internet is increasingly split into zones governed by differing rules, obeying legislation through restricting users might mean content access depends on where audiences log on – putting an end to global publisher reach and revenue generation potential.
So what can publishers do to ensure maximum content availability and compliance?
Accept regulation as inevitable
While it may sound obvious, step one is accepting that applying a site shutdown for regions covered by data legislation isn’t sustainable. Not only does this approach lock publishers into an endless game of whack-a-mole, but it will also see audience reach continually reduced.
Amid rising consumer awareness of data usage, potential breach risk, and concern about online privacy, regulation is both increasing and inescapable. Following the CCPA, multiple states have filed to implement their own rules, including: New York City, New Jersey and most recently, Texas. That’s not to mention persistent calls for a federal law to govern data collection, sharing and execution, and safeguard individuals across America.
It’s therefore essential for publishers to align practices with data laws, rather than trying to circumvent them. In doing so, they will build a secure processing framework that makes it easier to meet new data guidelines as they arise and demonstrate their strong commitment to privacy protection, helping to boost user trust and loyalty.
Walk the CPPA line
Although due to go live in January 2020, the CPPA is still shrouded in uncertainty – but there are some key stipulations publishers can focus on. Firstly, the CCPA goes further than the GDPR by counting any data that can be used to identify individuals and households as personal. So, in addition to sensitive details, it covers behavioral profiles and the results of analytics. Secondly, the regulation gives consumers the right to know what data is being collected about them and whether it is shared or sold on. Plus, individuals will have a right to view that data, ask for it to be edited or deleted, and refuse consent for data selling.
As a result, the core requirement for compliance is data oversight. If publishers are to meet requests for access or changes, they must ensure audience data is stored in unified systems that allow them to establish exactly what information they hold, where it flows, and retrieve it quickly. As well as enabling individuals to keep a close eye on security; the CCPA also allows them to sue firms for damage caused by breaches. At a site level, it will be vital for publishers to provide opportunities for individuals to exercise their rights. For instance, this will likely include clear opt out links for data sales, request forms for data disclosure — with in-built verification tools — and a comprehensive privacy policy explaining how, when, and where data is used.
Navigate compliance with native
Alongside implementation of robust safeguards and user controls, publishers will need to consider monetization in a post-CCPA world. The tight restrictions on data use might make it seem like the days of offering premium targeted ad placements are over, but this isn’t necessarily the case. In the wake of the GDPR, for instance, the New York Times didn’t stop selling ads in the EU; it shifted the basis of trading to contextual data. So, instead of targeting users according to behavior, messages were matched to their environment.
Providing a means to optimize user experience by mirroring the content they are already engaging with — while minimizing disruption at the same time — this move towards native is emerging as a viable solution for ad tailoring in the era of compliance. By linking ads to what individuals are viewing in real time, there is still a high chance messaging will resonate with unique interests, but there is no need for personal data; making it equally attractive for advertisers and publishers. In fact, such is the growing popularity of native that it’s set to attract $44 billion in American ad spend this year, and nearly two-thirds of display investment by 2020.
Of course, there are some caveats: publishers must master a balance of transparency and subtly. For example, they will need to ensure native ads are perfectly integrated with pages to limit intrusion, yet clearly labeled to avoid accidentally creating confusion. Consistent openness and seamless connection to content will be the hallmarks of success.
As publishers face an increasingly intricate web of international data regulation, it’s not hard to understand why some are taking the easy way out. But blocking is not an effective long-term answer. The end of the CCPA countdown won’t signal a halt on regulation; improving data security now is an enduring global mission. So, it’s time for publishers to adapt. Raising the data management bar to meet legislative benchmarks and exploring less data-intensive avenues of monetization will be vital to keep both audiences and advertising buyers.