Why are publishers unhappy with Google’s GDPR proposal?

1 May 20181.68k Views

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Google logo on its office in Mountain View, California. Image: JHVEPhoto/Shutterstock

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Major publishing groups air concerns about Google’s proposed GDPR strategy.

Four major publisher trade groups have said that Google’s GDPR compliance plan will force media companies to shoulder an unfair burden in terms of ensuring the regulation is adhered to from 25 May.

Publishers address Pichai

In an open letter to CEO Sundar Pichai published on 30 April, the four trade associations criticised the scale of work they would need to do in order to continue using Google’s advertising services in the EU, as well as the effect the plans would have on adtech vendors themselves.

The groups behind the letter are Digital Content Next, the European Publishers Council, News Media Alliance and the News Media Association. Members of the group read as a ‘who’s who’ of digital media outlets – The New York Times, Bloomberg, Reuters and AP are just a handful of titles, publishers and agencies represented by the groups.

Google accused of last-minute announcements

The groups criticised the timing of Google’s announcement of its GDPR plans in March. They wrote: “As the major provider of digital advertising services to publishers, we find it especially troubling that you would wait until the last minute before the GDPR comes into force to announce these terms, as publishers have now little time to assess the legality or fairness of your proposal and how best to consider its impact on their own GDPR compliance plans, which have been underway for a long time.”

Google outlined its plans on its AdWords blog on 22 March and it is this same proposal that publishers believe burdens the media with the bulk of compliance responsibilities.

In essence, Google says publishers themselves are responsible for obtaining consent from EU visitors if Google ads are served on their sites. The publishers will also have to share that data with the tech giant, which will apparently use it to test algorithms, improve UX and ensure ad forecasting accuracy. Liability for GDPR violations will also reside with the publishers.

Many people believe that Google’s dominance in the online ecosystem allows them to dictate the terms of GDPR to suit its existing business model, but only intervention from GDPR regulators themselves is likely to enforce any change from the company itself.

Google views itself as a data controller, which determines the means and purposes for processing the personal data, while media firms want it to identify as a data processor in certain situations.

Working on a range of tools

Google told MarTechToday: “Guidance about the GDPR is that consent is required for personalised advertising. We have always asked publishers to get consent for the use of our adtech on their sites, and now we’re simply updating that requirement in line with the GDPR.

“Because we make decisions on data processing to help publishers optimise ad revenue, we will operate as a controller across our publisher products in line with GDPR requirements, but this designation does not give us any additional rights to their data. We’re working closely with our publisher partners and are committed to providing a range of tools to help them gather user consent.”

A rock and a hard place?

Fatemeh Khatibloo, an analyst at Forrester, told Ad Age: “The way they [Google] are handling it is on point, but that also puts pubs between a rock and a hard place. Publishers are on the hook to get consent, but they don’t have a ton of control over what Google does with their data after a user leaves their site. And that’s the problem.”

While publishers that are unhappy with the proposals from Google could move to other services, the latter’s network is unmatched in terms of size and scope, with more revenue opportunities.

This confusion points to a general trend around GDPR in terms of the differences in how the principles-based regulation is being interpreted by different organisations, enterprises and industries.

Google logo on its office in Mountain View, California. Image: JHVEPhoto/Shutterstock

Ellen Tannam is a writer covering all manner of business and tech subjects

editorial@siliconrepublic.com