You’ve been subjected to this outpouring of concern for your privacy rights in response to the May 25th implementation of the General Data Privacy Regulation (GDPR).
Formulated by the European Union and applicable to any company that does business in any EU country, the GDPR mandates that individuals have four basic rights in relation to companies that collect data about them: the right to opt in to data collection, the right to opt out, and to easily accessible information as to how to opt out, and the right to be forgotten, i.e. to have their data removed from the company’s database or Customer Relationship Management system (CRM).
Until about 15 years ago, the need for such protections may not have been obvious. While publications and mail order companies had rented their mailing lists for decades, receiving junk mail in your physical mailbox wasn’t nearly as creepy, annoying, or flat-out foolish as being stalked by the ghost of past online interactions. Anyone who has ever been blasted with endlessly repeating ads for refrigerators after just making that once-a-decade purchase can relate to this tweet by English writer Jac Rayner, which went viral for good reason.
So the big question on the minds of advertisers, and perhaps ordinary people as well, is whether GDPR will have any effect in slowing the barrage of “personalized” advertising, based not on the publication you’re reading or the show you’re watching -- in other words, on the vessel for the ad — but rather generated by your behavior in the form of what you’ve searched for, looked at, or bought online.
I don’t know the answer but think that perhaps this is the wrong question. What we should be asking is how to leverage technology to enhance the agency of the consumer, not the reach of the (ad) agency. Rather than panicking (if you’re the advertiser) or celebrating (if you’re the “target”) over the fact that it may be more difficult for companies to dog your digital trail, the conversation we should be having is about how to invert the advertising power relationship altogether.
What we should be asking is how to leverage technology to enhance the agency of the consumer, not the reach of the (ad) agency.
In 2006, the always-prescient technology journalist, Doc Searls, wrote an article (and subsequently, a book) titled "The Intention Economy." Its premise was simple: Rather than advertisers trying to break through the noise in the hopes of enticing consumers to purchase something regardless of whether we want or need it, consumers should apply technology to find the vendors with the most attractive products at the point that we are actually eager and ready to buy. Rather than trying to attract our attention, companies should make themselves available to meet us at the moment of intention.
"The Intention Economy is about buyers finding sellers, not sellers finding (or 'capturing') buyers,” he wrote.
Rather than searching for loopholes or workarounds to GDPR that will let them continue to follow us wherever we go, manufacturers and retailers should instead be asking how they can enable consumers to reach out to them in a more meaningfully targeted and personalized way. After all, as Searls notes, “…intent is the noun that matters most in any economy that gives full respect to what only customers can do, which is buy.” So rather than simply trying to maintain the relevance and legality of their Customer Relationship Management systems (CRM), companies should complement them by investing in helping consumers build and maintain their own Vendor Relationship Management (VRM) systems.
With a VRM, consumers once again become the guardians of our own data, which we then selectively share with companies based on our needs. Here’s an example of how Searls envisions it working:
“In the Intention Economy, a car rental customer should be able to say to the car rental market, 'I'll be skiing in Park City from March 20-25. I want to rent a 4-wheel drive SUV. I belong to Avis Wizard, Budget FastBreak and Hertz 1 Club. I don't want to pay upfront for gas or get any insurance. What can any of you companies do for me?' and have the sellers compete for the buyer's business.”
In this scenario, the individual is choosing to broadcast a specific set of requirements to a subset of companies, who then have the opportunity to compete with each other to provide the most personalized and attractive solution. It’s obvious to see how the individual wins. But so does the company, because now it is steered directly to only those consumers who are actively seeking its product or service. Of course, the company still needs to advertise, but it will be better served by doing it the old-fashioned way — by placing ads in publications and sites frequented by travelers — rather than by paying to follow around every set of eyeballs that’s lingered over any online picture of a ski slope.
As of today, the American government has shown itself to be far less concerned with consumers’ privacy than its European counterparts, and only those American companies doing business in the EU are required to comply with GDPR. But it’s just a matter of time before spam-weary, hacker-averse Americans become more militant and savvy about how to reclaim their own data. And when they do, companies should embrace this revolt as an opportunity to change their most fundamental business practices in a manner that benefits both consumers and themselves.
It’s one of the few win-win scenarios that capitalism allows. Who wouldn’t opt in to that?