5. December 2021

Superpower of Online Marketers

And why is it so important to understand data capture and privacy regulation

Anyone who wants to better understand the latest stock crash of Snapchat (-25% in one day) and many market companions (share price losses of around $150 billion at the end of October) should keep on reading.

Marketing is still first and foremost the art of awakening a need, and we are naturally oriented toward the customer or the needs of the target group. In addition, there is a lot of technology involved.  During my time at Google (2011 – 2015), we told CMOs that in the future they would manage a larger IT budget than the CIO. What was the full stack engineer in technology, is today in marketing the increasingly established function of full stack marketer.

New buzzwords like 1st party data, cookieless and consentless are taking over the trade conventions. More and more often, the terms’ privacy, GDPR, cookie consent and Schrems-II ruling (data transfer from the EU to third countries such as the USA) also come up in this context. The Wunderwuzzis now have one more discipline to worry about. However, the new discipline must be understood first, and this is where it usually fails.

The most important thing is to be able to explain the new challenges to your own management. This is another area where things frequently fail: How do I explain that we are on a long journey from a 3rd party cookie world to a 1st party data world?

So what is this latest paradigm shift in website tracking or collection of the all-important data all about? Under the catchphrase “Data is the new Oil”, online marketers need to look at data collection, “Data Capture”, and understand what we can use to ensure the beginning of the all-important data value creation. Themed “Garbage In – Garbage Out”, online marketing is being put to the test. Data-driven decisions with data that is always flawed are a dead end.

The earlier mentioned case study of Snapchat with a share price loss of $1.7 billion dollars in one day at the end of October 2021 allows us to better determine the importance of data: A change in tracking on Apple devices at the end of Q2 (cue ATT) pushed Snapchat’s Q3 revenue performance significantly below analysts’ expectations. As a result of this revenue development, analysts have lost confidence in the ability of this category of app businesses to grow, which could have been avoided. Looking at cause and effect, one can see that Snapchat has made dangerous dependencies in tracking and obviously has no plan B to Apple’s walled garden.

What does this mean for website tracking and specifically data collection or: what is the current need for online marketers?

In order to stay competitive, it is essential to understand what is going on in browsers and ensure data sovereignty for your own business.

The 2 most important goals from a business perspective are:

  • Protect data scope and quality from forced data loss
  • Ensure legal compliance

These two goals can-and must-be achieved with one move. Recently the technological possibility of using server-side tagging or hybrid tracking to capture data from the browser, while allowing the tagging to take place on a server first, has emerged.

This has several advantages:

  • Better data quality
  • Shorter loading times due to reductions of needed JavaScript’s
  • Data is collected 1st party and belongs to the company

What remains with solutions such as client-side tagging is the loss of data due to non-consent as well as the legal uncertainty according to GDPR  and ePrivacy.

With JENTIS, a European solution, three additional benefits can be added:

  • “Consent-less” data collection becomes legally compliant due to pseudonymisation
  • Consent makes it possible to collect additional data with a personal reference in a legally compliant manner
  • Data can be transferred to the USA in a legally compliant manner due to pseudonymisation

And here we come to the dilemma for the Wunderwuzzis. The jurisdiction of the ECJ in the ruling on the Privacy Shield (Schrems II) in July 2020 has made it clear that servers of US companies in Europe also carry this legal uncertainty. This ruling goes against the US Cloud Act, which allows unbureaucratic access to all available global data of non-US citizens at any time, even outside the USA. Thus, we Europeans are not protected or, even better, European companies cannot protect their customers’ data at all if it is stored in a US cloud and is neither pseudonymized nor encrypted.

Next point: According to GDPR §44- §49, personal data may only be transferred to a secure/unsecure third country under special conditions – a point that affects the entire marketing stack when tools from US companies such as Google, Adobe, Facebook, Tealium, etc. are used. The most important error in thinking or the biggest stumbling block on the company side, which we see at JENTIS at this point almost every day, lies in the challenge of being able to pseudonymize data correctly.

For example, the user’s IP address: this data must still be pseudonymized within the EU before it is transferred to a US company. Technical options to have data pseudonymized by a US provider in the marketing stack are not legally compliant, as they take place outside the EU legal area and cannot be verified.

All server-side tracking services from US providers are also affected by this legal requirement. If you use such a solution, you import the privacy problem into the entire marketing stack of the company.

The most important tip from this post:
If you don’t understand my explanation, I would suggest asking your provider and demanding that the legal conformity of the data pseudonymization according to GDPR (keyword Schrems II) is confirmed to you in writing. Feel free to contact me if any of you manage to get a letter from a service provider in your hands!

To conclude this post, I have only one more appeal to make:
Before you use a new tool, please check in detail whether it conflicts with data sovereignty, European jurisdiction or correct pseudonymization, and ask critical questions!

More articles

News

Denmark: Google Analytics declared unlawful

Google Analytics can no longer be used in a legally compliant manner without further measures. With its decision, Denmark's agency joins other data protection authorities in Europe.

Blog

The Founder Story of JENTIS

Looking back to the foundation of a company

Blog

International data transfers

Was Sie über den internationalen Datentransfer im Rahmen der DSGVO wissen müssen