Inconsistent application of GDPR has lead to Broken User Experiences

Ben Davis of Marketing Week recently wrote a piece about how inconsistently and often poorly GDPR was being applied online. Citing examples where several USA publishers simply barred EU traffic, or other more numerous cases where publishers where using 3rd party compliance consent software or Consent Management Platforms (CMPs) like Quantcast to give the feeling that GDPR was being adhered to, whilst the various settings seemed to have little or no impact when applied.

GDPR still seems like a minefield for most consumers who are more confused than before as to what their rights really are, as in many ways not much has changed and most of the potentially dangerous 3rd party trackers are largely still in place. The two direct and measurable impacts so far are that spam is down considerably - and most companies are now at least moving towards ’Explicit Consent’ - in terms of the language and approach they use for sign-ups.

The same cannot be said for marketing opt outs, especially cookie based ones. Users are being presented with vastly different scenarios and opt outs - in the worst case - where one site presented options for 338 third party individual service providers / vendors and forced users to select each one to opt out of - rather than being able to deselect all and then tick the handful you’re comfortable with. Such an approach clearly goes against the GDPR guidance which is that opting out has to be simple and easy.

More worryingly in relying on 3rd party systems - those opt-outs often don’t seem to work - with all the same trackers still being active after you’ve specified and saved your preferences. All in all there seems to be a real lack of clarity here, and certain companies are abusing the system somewhat to still leave their customers woefully exposed to 3rd party ’predators’ as such. From a security standpoint there is no way that if you are using 300 different trackers on a site that you are also having the high levels of security mandated by GDPR.

For me the most telling paragraph in Ben Davis’ article was the following:

"Let’s end on a wistful note. USA Today, as developer Marcel Freinbichler points out on Twitter, “decided to run a separate version of their website for EU users, which has all the tracking scripts and ads removed. The site seemed very fast, so I did a performance audit. How fast the internet could be without all the junk.” The result was that the site required just 500KB of data to load, rather than 5.2MB."

You can read that full article on: Marketing Week

Having had a look at the USA Today EU edition, whilst fast it is essentially basic feed of recent articles with no functionality other than viewing a reverse chronological list of articles, without even a search, so whilst not blocked is taking USA Today back to the early blog age.

One aspect which Ben didn’t cover is that most media sites are now almost entirely un-usable on mobile devices. When they pop up in apps such as Facebook and Twitter, you frequently can no longer see the actual content behind the layers of permissioning, and frequently once you have or have not given permission (often makes no difference) the site is not working as intended.

In contrast to all of the above, we at Affino have put a lot of hard graft into getting GDPR properly and legitimately correct, with everything baked into our core Publishing / Unified Digital Business Platform. We put in every effort to make things simple, easily applicable, fully transparent and wholly consistent with the letter and intent of GDPR - which is about improving the customer experience and better protecting your customers’s data / privacy. Whilst maximising the capture and utility of permission and preference based data.

At some point in the near future, GDPR compliance will be a clear competitive advantage for those whom customers choose to do business with. And those who pay lip-service to the intent will find an increasing number of customers going elsewhere. As a consumer - proper GDPR compliance is not just a nice to have, it is an essential ingredient of trust and reputation.