GDPR One Year Later: Where It Stands & Where It's Going

If you’re like me, during early spring of 2018, you started hearing all this buzz around the European Union’s General Data Protection Regulation (GDPR).

Though most of us barely knew anything about what it was about or what it entailed, it wasn’t something that could be simply brushed off when we started seeing HubSpot, Google, and Facebook talking about changes they were going to implement to stay in compliance.

After all, a single act of non-compliance could result in millions of dollars in fines and potential reputation hits.

We soon realized that even though the GDPR is intended to help protect the data privacy of people in 27 European countries, the necessity to do something for many of us US-based marketers was very real.

Recap: What Is the GDPR?

In short, GDPR is a measure put into effect to protect European contacts’ personal data. It’s a way the European Union took a firm and aggressive stance on protecting consumers’ privacy.

This means marketers needed to implement new measures of consent-requesting for any form of data collection, location sharing, or communication preferences. It basically put control of data back in the consumers’ hands.

For more information about how marketers needed to adapt to the GDPR, check out the talk Stephanie Baiocchi, IMPACT’s Director of Audience Engagement & Community, gave at IMPACT Live 2018.

What Effect Did the GDPR Have on Marketing Efforts?

In short, this meant we needed to put consent as the top priority when dealing with any form of marketing communications.

In fact, a single fine can range in the millions of dollars, as we’ve seen Google experience first-hand.

Now, after the dust has settled around these new data privacy safeguards, we’re living in a post-GDPR environment, as MarketingLand refers to it.

With more clear information about privacy and data sharing, there are a few notable trends we can gather since the GDPR took effect.

Lower Location Opt-Ins

With location sharing now required to be opt-in, privacy rights are on everyone’s mind.

According to a study from Airship, northern and western Europe have the lowest location opt-in rates of all the regions studied at 4.4% and 2.1%, respectively.

Wondering how North America has fared since GDPR?

Location opt-in rates in 2018 (pre-GDPR) were about 35.1%. Since GDPR, rates have fallen to 9.7%.

You may be surprised to hear, however, that there are a few outlier markets and locations for which opt-in locations have actually taken an upswing.

One of these is contacts located in Latin America and the Caribbean, which have seen an increase of 116%. (I suppose if you’re living the dream in the Bahamas, why not rub it in and share it with the rest of us!)

Aside from location-specific regions, a few industry verticals have also seen an uptick in year over year location opt-in rate.

Of these, the entertainment industry, as well as the food and drink industry, have seen increases of 43.1% and 161.5%, respectively.

Location Sharing Disparity Among Android and Ios Users

Another interesting trend is the difference in location sharing preferences among users of different mobile operating systems.

Android users tended to block location sharing more often than iOS users, which may be due to the fact that iOS provides the option to only share location while the specific app is being used.

The new Android Q update seems to address this issue, so it is likely we will see future location sharing numbers more comparable to iOS users.

GDPR: What’s Next?

The GDPR rollout presented a learning curve for many marketers, but it provided a great training ground to approach our marketing efforts with the agility needed to address similar policy enactments in the future.

“The best part about being a year into the of GDPR enactment is that the tools for managing data privacy have only improved and made the process easier,” Stephanie Baiocchi reflected.

“What used to be more complex is getting easier as more people are demanding the functionality. Looking ahead, I would encourage marketers to not get comfortable and think that just because they set up some things a year ago that everything is good to go. Remember, it's not about checking a legal box. It's about respecting the people who trust you with their personal data.”

With other protection policies in the works, such as the California Consumer Privacy Act (CCPA) — which is gearing up to be the highest level of data privacy protection in the nation going into effect in January 2020 — it’s good that we’ve had our privacy warm up to tackle the coming changes that are much closer to home for the majority of us!