As iOS 14 betas continue to roll out and the software’s full release grows near, more people are noticing just how revolutionary some of its privacy and security features appear to be.
There’s some exciting stuff there, but one of the most interesting – and, until recently, overlooked – features is called “Approximate Location.”
It means enormous changes for location-based services on iOS, and could affect many third-party apps in ways that aren’t entirely clear yet. Here are the significant points all iPhone users should know.
Approximate Location Will Hide Your Exact Location
Based on the details that Apple has given, Approximate Location is a new tool that can be enabled in iOS. Instead of switching off location-based data, this feature will make it…fuzzy. Apple reports that it will limit the location data sent to apps to a general 10-mile region.
You could be anywhere in that 10 miles, doing anything, but apps will only be able to tell that your device is in that specific region. This is going to change several important things about apps that want to know your location, but is a big boon for privacy while still enabling various app services.
Limited Data About Movement Will Be Shared
Not all the details are certain yet, but we do know that apps will be able to track when a device moves from one region to another. Apps will probably be able to extrapolate on that data and know that you were somewhere along a particular border between one region and another.
However, companies still won’t be able to tell what exactly you were doing near the border, or how long you stayed near the border before crossing over. If you cross over the same borders a lot, then apps will probably be able to make some basic guesses, like you’re commuting to work, dropping kids off at school, or visiting a preferred shopping center, but that’s basically all they will be able to tell.
Some Apps Won’t Have a Problem with This
For many third-party app services, these new 10-mile Approximate Location Regions won’t pose much of a problem. Apps that are recommending nearby restaurants you might like, parks you can visit, available hotels, and similar suggestions don’t need to know your exact location to be accurate – the 10-mile zone should work fine. The same is true of weather apps, and a variety of other services.
But not all third-party apps are interested in location data just to offer services. They also want to use it for their own ends…and that’s where things get more complicated.
Location-Based Advertising Is up for a Challenge
A whole crowd of third-party apps want to track your exact location, not for services, but to collect important data about their users. Even common apps like Netflix tend to do this! They are tracking behavior and building user profiles that they can use for advertising purposes, or provide to advertisers interested in building these profiles themselves.
Apple has already changed other types of tracking to require permission from app users. But turning on Approximate Location is another hurdle that blocks apps from knowing exactly what users are doing. Not only does this make it more difficult to build behavioral profiles, but it also makes it hard or impossible to attribute a user visit to any specific online campaign.
There are solutions to this, but it will be a change of pace for advertisers. Apps can use Wi-Fi pings, check-in features, and purchase tracking to still get an idea of what people are doing, and where. That’ll require a lot more user involvement than before, which puts privacy in the hands of the customer.
It’s Not Clear How This Will Affect Apps That Depend on Location Tracking
Then there’s the class of apps that needs to know precise locations of users to work properly.
For example, what happens when an app wants to provide precise directions to an address after you have chosen it? Or – perhaps most likely – will alerts pop up when you try to use these services, requiring you to shut off Approximate Location to continue? We’ve already seen how this works with Apple Maps, which asks you to allow one “precise location” to help with navigation, or turn it on for the app entirely.
Then there’s the problem with ridesharing and food delivery apps. They can’t offer some their core services with Approximate Location turned on, so we can expect warnings or lockouts from these apps as well.
But even with this micromanaging, more privacy features are probably worth it.
While it may have slipped the attention of many consumers, online businesses around the world were rocked by Apple’s June 2020 decision to make the IDFA fully opt-in. What does that mean exactly?
Well, IDFA stands for Identifier for Advertisers, and it’s a protocol that creates an ID tag for every user device so that device activity can be tracked by advertisers for personalized marketing and ad offers.
While IDFA made it easy to track online behavior without actually knowing a user’s private info, the practice has come under some scrutiny as the importance of online privacy continues to increase.
While Apple still provides the IDFA, it’s now entirely based on direct permission granted by users. In other words, if an app wants to track what a device is doing through an IDFA, a big pop-up will show up that says, roughly, “This app wants to track what you’re doing on this device so it can send you ads. Do you want to allow that?” Users are broadly expected to answer no.
So, what does that mean for advertisers and for your personal user experience going forward? Continue reading to learn what it means for you.
You Will Still Get Online Ads
Apple’s change is a big one for mobile advertisers, but it doesn’t mean that ads will disappear from your iPhone. Consumers will still get ads in all the usual places on their phones. That includes in their internet browsers, and in some of the apps that they use.
The big difference is that those ads will be far less likely to be 1) personalized based on what you like doing on your phone and 2) retargeted based on the products and ads you’ve looked at before. So the ads will still appear, but they will tend to be more general in nature.
Big Platforms Will Need to Get More Creative with Tracking
IDFA option, advertising platforms face a need for more innovation. Advertising
lives off data, and Apple’s move encourages smarter data strategies.
What’s that going to look like? We’ll have to wait and see, but one potential solution is “fingerprinting” a device, or making a device profile, a lot like marketers make buyer personas. This involves gathering ancillary data about a device’s IP addresses, location, activity periods, Bluetooth, and other features, then combining it into a profile that shows how the device is being used and what that says about the user.
option is to develop more ways to track “events” instead of devices. An app
event could be anything from logging on for the first time to reaching the
first level of a game, etc. By looking at events across the entire user base,
advertisers can divide users into different groups of behavior and target ads
based on what that behavior says about them.
Developers and Advertisers Will Design New Ways to Monitor Apps
still need app data from iOS to make effective decisions about ads. Since
individual device data is now largely out of reach for them, we’re going to
start seeing more innovation on this side, too. Companies are going to start
focusing on broad data that they do have to make plans based on what they do
know – in other words, what users are doing directly on the app itself, instead
of on the entire device.
Apple is helping with this, too: The company has announced a new SKAdNetwork platform that is essentially designed to replace some of what the IDFA program used to do. It doesn’t track individual device activity, but it does track overall interaction with apps, so creators will still know things like how many people are downloading apps, where they are downloading from, and what features are getting the most use, etc. The key will be finding ways to make intelligent ad decisions from that collective data, and looking for synergistic ways to share it with partners – something advertisers traditionally haven’t done much in the past.
Retargeting Will Refocus on Contact Information
is the ad tactic of showing a user products and ads they have already viewed in
the past, which makes a purchase more likely. It’s a very important part of the
sales process, but becomes more difficult when device activity can’t be
directly monitored. However, there’s another highly traditional option for retargeting:
Getting a customer’s contact information. Depending on how active someone is on
the Web, something like an email address or phone number can provide plenty of
useful retargeting data. Expect a renewed focus on web forms and collecting
contact information within apps.
Online Point of Sale Will Become Even More Important
The online shopping cart is already a locus of valuable information: Every time you add a product, look at shipping prices, abandon a shopping cart, pick a payment method, choose an address, and complete an order – all of it provides companies with data they can use for retargeting, customer profiles, personalized ads and discounts, and so on.
Nothing Apple is doing will affect online POS data, so we can expect it to become even more important. However, most POS data currently stays in house, so the big question is if – and how – large ad platforms might use it in the future. Which brings us to another important point: auctioning data.
Auctioning Mobile User Data Is Less Viable Than Ever
A big secondary market for mobile advertising is selling device data to other advertisers (it’s also technically a black market when it happens on the dark web with stolen data, but there’s a legitimate version, too). Now bids for iOS data don’t really have anywhere to go – how can you bid on a list of device use information when that data isn’t being collected anymore? And if someone is selling that data, how do you know if it’s not outdated or just fake?
These secondary auction markets and “demand-side platforms” (DSPs) have been facing pressure in recent years over fears they aren’t exactly healthy for the industry. Apple nixing the IDFA won’t end them, but it will refocus the secondary selling on top-level data (the kind we discussed in the points above) and less on more personal user data.
This Is Just the Beginning
The era of
device tracking has only begun to change. Apple’s decision about IDFA was expected,
and is only the beginning of the shift away from this tactic. Google is also expected
to make a similar change with its own version of the technology, GAID (Google
Ad Identifier). Meanwhile, major web browsers like Safari and Chrome are
dropping support for third-party cookies as well.
This is great
for customer privacy, which is clearly a new core concern for the big tech
names. It’s also ushering in a new age of marketing where advertisers will have
to grapple with unseen data – and find new ways to move ahead. In some ways, it’s
an analyst’s dream come true.
Last year, tech companies couldn’t get enough of letting you use their products less.
Executives at Apple and Google unveiled on-device features to help people monitor and restrict how much time they spent on their phones. Facebook and Instagram, two of the biggest time sucks on the planet, also rolled out time spent notifications and the ability to snooze their apps — new features meant to nudge people to scroll through their apps a little less mindlessly.
These companies all became fluent in the language of “time well spent,” a movement to design technology that respects users’ time and doesn’t exploit their vulnerabilities. Since the movement sprang up nearly seven years ago, it has invoked mass introspection and an ongoing debate over technology use, which people blame for a swath of societal ills including depression and suicide, diminished attention spans, and decreased productivity.
But a year after Big Tech rolled out their time-well-spent features, it doesn’t seem like they’re working: The time we spend on our devices just keeps increasing.
Fortunately, the problem might not be that bad in the first place. Though correlations exist, there’s no causal link between digital media usage and the myriad problems some speculate it causes.
“Every time new tech comes out, there’s a moral panic that this is going to melt our brains and destroy society,” Ethan Zuckerman, director of the Center for Civic Media at MIT, told Recode. “In almost every case, we sort of look back at these things and laugh.”
What “time well spent” has done is spurred a whole cottage industry to help people “digitally detox,” and it’s being led in part by the big tech companies responsible for — and that benefit from — our reliance on tech in the first place. As Quartz writer Simone Stolzoff put it, “‘Time well spent’ is having its Kendall Jenner Pepsi moment. What began as a social movement has become a marketing strategy.”
Politicians are also jumping on the dogpile. Sen. Josh Hawley (R-MO) has proposed a bill to reduce what some call social media addiction by banning infinite scrolling and autoplay and by automatically limiting users to spending a maximum of 30 minutes a day on each platform. The bill currently has no cosponsors and is unlikely to go to a vote, but does demonstrate that the topic is on lawmakers’ radar.
These efforts, however, have yet to dent our insatiable need for tech.
The data on device usage
American adults spent about 3 hours and 30 minutes a day using the mobile internet in 2019, an increase of about 20 minutes from a year earlier, according to measurement company Zenith. The firm expects that time to grow to over four hours in 2021. (Top smartphone users currently spend 4 hours and 30 minutes per day on those devices, according to productivity software company RescueTime, which estimates average phone usage to be 3 hours and 15 minutes per day).
We’re spending more time online because pastimes like socializing that used to happen offline are shifting online, and we’re generally ceding more of our days to digital activities.
The overall time Americans spend on various media is expected to grow to nearly 11 hours per day this year, after accounting for declines in time spent with other media like TV and newspapers that are increasingly moving online, according to Zenith. Mobile internet use is responsible for the entirety of that growth.
Nearly a third of Americans said they are online “almost constantly” in 2019, a statistic that has risen substantially across age groups since the study was conducted the year before.
Not all our online activities are on the uptick, however.
Online measurement company SimilarWeb has found that time spent with some of the most popular social media apps, like Facebook, Instagram, and Snapchat, has declined in the wake of “time well spent” efforts — though the decline could instead reflect the waning relevance of those social media behemoths. At least for now, the average amount of time on those apps is still near historic highs:
Since overall time spent online is going up, the data suggests we’re just finding other places online to spend our time, like with newer social media like TikTok or with online video games.
Some have argued that sheer time spent isn’t important psychologically, but rather it’s what we’re doing with that time online. And what we’re doing is very fragmented.
Rather than use our devices continually, we tend to check them throughout the day. On average, people open their phones 58 times a day (and 30 of those times are during the workday), according to RescueTime. Most of those phone sessions are under two minutes.
Even on our phones, we don’t stick to one thing. A recent study published in the journal Human-Computer Interaction found that people switched on average from one screen activity to another every 20 seconds.
And what’s the result of all these hours of fragmented activity? Just one in 10 people RescueTime surveyed said they felt in control of how they spend their day.
What to do with our growing smartphone usage
It’s tough to separate finger-wagging judgments about tech from valid concerns about how tech could be degrading our lives. But the perception, at least, that tech is harming our lives seems to be very real.
Numerous articles instruct people on how to put down their phones. And richer Americans — including the people making the technology in the first place — are desperately trying to find ways to have their kids spend less time with screens.
MIT’s Zuckerman suggests building better “pro-civic social media,” since he thinks it’s already clear we’re going to spend lots of our time online anyway.
“I am deeply worried about the effects of the internet on democracy. On the flip side, I was deeply worried about democracy before everyone was using the internet,” he said. “What we probably have to be doing is building social media that’s good for us as a democracy.”
This social media would emphasize the best aspects of social media and would better defend against scourges like content that promotes political polarization and misinformation. He gave the example of gell.com, which uses experts to outline arguments for and against major social issues, and then encourages user participation to further develop and challenge the ideas.
Nir Eyal, author of Indistractable: How to Control Your Attention and Choose Your Life, thinks we’re overusing the language of addiction when it comes to technology usage. If we really want to limit our technology usage, he told Recode, solutions are close at hand.
“We want to think that we’re getting addicted because an addiction involves a pusher, a dealer — someone’s doing it. Whereas when we call it what it really is, which is distraction — now in the US, we don’t like to face that fact — that means we have to do something that’s no fun,” Eyal said.
Instead of blaming tech companies, he asks people, “Have you tried to turn off notifications, for God’s sake? Have you planned your day so that you don’t have all this white space where you’re free to check your phone all the time?”
For those who are addicted — a percentage he says is probably in line with the portions of the population that are addicted to anything else, like alcohol or gambling — he thinks tech companies should notify users that they’re in the top percentiles of usership and offer them resources, such as software tools and professional assistance (and his book).
In the meantime, the time we spend on our digital devices will continue to increase, and there’s still a need for conclusive research about whether that actually matters. Perhaps while we wait for clarity, we can turn off our notifications about how much time we spend on our phones.
„While travel blogging is a relatively young phenomenon, it has already evolved into a mature and sophisticated business model, with participants on both sides working hard to protect and promote their brands.Those on the industry side say there’s tangible commercial benefit, provided influencers are carefully vetted.„If people are actively liking and commenting on influencers‘ posts, it shows they’re getting inspired by the destination,“ Keiko Mastura, PR specialist at the Japan National Tourism Organization, tells CNN Travel.„We monitor comments and note when users tag other accounts or comment about the destination, suggesting they’re adding it to their virtual travel bucket lists. Someone is influential if they have above a 3.5% engagement rate.“For some tourism outlets, bloggers offer a way to promote products that might be overlooked by more conventional channels. Even those with just 40,000 followers can make a difference.Kimron Corion, communications manager of Grenada’s Tourism Authority, says his organization has „had a lot of success engaging with micro-influencers who exposed some of our more niche offerings effectively.“Such engagement doesn’t come cheap though.“
“That means extra pressure in finding the right influencer to convey the relevant message — particularly when the aim is to deliver real-time social media exposure.„We analyze each profile to make sure they’re an appropriate fit,“ says Florencia Grossi, director of international promotion for Visit Argentina. „We look for content with dynamic and interesting stories that invites followers to live the experience.“One challenge is weeding out genuine influencers from the fake, a job that’s typically done by manually scrutinizing audience feedback for responses that betray automated followers. Bogus bloggers are another reason the market is becoming increasingly wary.“
Apple on Wednesday warned investors that its revenue for the last three months of 2018 would not live up to previous estimates, or even come particularly close. The main culprit appears to be China, where the trade war and a broader economic slowdown contributed to plummeting iPhone sales. But CEO Tim Cook’s letter to investors pointed to a secondary thread as well, one that Apple customers, environmentalists, and even the company itself should view not as a liability but an asset: People are holding onto their iPhones longer.
That’s not just in China. Cook noted that iPhone upgrades were “not as strong as we thought they would be” in developed markets as well, citing “macroeconomic conditions,” a shift in how carriers price smartphones, a strong US dollar, and temporarily discounted battery replacements. He neglected to mention the simple fact that an iPhone can perform capably for years—and consumers are finally getting wise.
As recently as 2015, smartphone users on average upgraded their phone roughly every 24 months, says Cliff Maldonado, founder of BayStreet Research, which tracks the mobile industry. As of the fourth quarter of last year, that had jumped to at least 35 months. “You’re looking at people holding onto their devices an extra year,” Maldonado says. “It’s been considerable.”
A few factors contribute to the trend, chief among them the shift from buying phones on a two-year contract—heavily subsidized by the carriers—to installment plans in which the customer pays full freight. T-Mobile introduced the practice in the US in 2014, and by 2015 it had become the norm. The full effects, though, have only kicked in more recently. People still generally pay for their smartphone over two years; once they’re paid off, though, their monthly bill suddenly drops by, say, $25.
The shift has also caused a sharp drop-off in carrier incentives. They turn out not to be worth it. “They’re actually encouraging that dynamic of holding your smartphone longer. It’s in their best interest,” Maldonado says. “It actually costs them to get you into a new phone, to do those promotions, to run the transaction and put it on their books and finance it.”
Bottom line: If your service is reliable and your iPhone still works fine, why go through the hassle?
“There’s not as many subsidies as there used to be from a carrier point of view,” Cook told CNBC Wednesday. “And where that didn’t all happen yesterday, if you’ve been out of the market for two or three years and you come back, it looks like that to you.”
Meanwhile, older iPhones work better, for longer, thanks to Apple itself. When Apple vice president Craig Federighi introduced iOS 12 in June at Apple’s Worldwide Developers Conference, he emphasized how much it improved the performance of older devices. Among the numbers he cited: The 2014 iPhone 6 Plus opens apps 40 percent faster with iOS 12 than it had with iOS 11, and its keyboard appears up to 50 percent faster than before. And while Apple’s battery scandal of a year ago was a black mark for the company, it at least reminded Apple owners that they didn’t necessarily need a new iPhone. Eligible iPhone owners found that a $29 battery replacement—it normally costs $79—made their iPhone 6 feel something close to new.
“There definitely has been a major shift in customer perception, after all the controversy,” says Kyle Wiens, founder of online repair community iFixit. “What it really did more than anything else was remind you that the battery on your phone really can be replaced. Apple successfully brainwashing the public into thinking the battery was something they never needed to think about led people to prematurely buy these devices.”
Combine all of that with the fact that new model iPhones—and Android phones for that matter—have lacked a killer feature, much less one that would inspire someone to spend $1,000 or more if they didn’t absolutely have to. “Phones used to be toys, and shiny objects,” Maldonado says. “Now they’re utilities. You’ve got to have it, and the joy of getting a new one is pretty minor. Facebook and email looks the same; the camera’s still great.”
In the near term, these dynamics aren’t ideal for Apple; its stock dropped more than 7 percent in after-hours trading following Wednesday’s news. But it’s terrific news for consumers, who have apparently realized that a smartphone does not have a two-year expiration date. That saves money in the long run. And pulling the throttle back on iPhone sales may turn out to be equally welcome news for the planet.
According to Apple’s most recent sustainability report, the manufacture of each Apple device generates on average 90 pounds of carbon emissions. Wiens suggests that the creation of each iPhone requires hundreds of pounds of raw materials.
Manufacturing electronics is environmentally intense, Wiens says. “We can’t live in a world where we’re making 3 billion new smartphones a year. We don’t have the resources for it. We have to reduce how many overall devices we’re making. There are lots of ways to do it, but it gets down to demand, and how many we’re buying. That’s not what Apple wants, but it’s what the environment needs.”
Which raises a question: Why does Apple bother extending the lives of older iPhones? The altruistic answer comes from Lisa Jackson, who oversees the company’s environmental efforts.
“We also make sure to design and build durable products that last as long as possible,” Jackson said at Apple’s September hardware event. “Because they last longer, you can keep using them. And keeping using them is the best thing for the planet.”
Given a long enough horizon, Apple may see a financial benefit from less frequent upgrades as well. An iPhone that lasts longer keeps customers in the iOS ecosystem longer. That becomes even more important as the company places greater emphasis not on hardware but on services like Apple Music. It also offers an important point of differentiation from Android, whose fragmented ecosystem means even flagship devices rarely continue to be fully supported beyond two years.
“In reality, the big picture is still very good for Apple,” Maldonado says. Compared with Android, “Apple’s in a better spot, because the phones last longer.”
That’s cold comfort today and doesn’t help a whit with China. But news that people are holding onto their iPhones longer should be taken for what it really is: A sign of progress and a win for everyone. Even Apple.
European Union lawmakers proposed a comprehensive update to the bloc’s data protection and privacy rules in 2012.
Their aim: To take account of seismic shifts in the handling of information wrought by the rise of the digital economy in the years since the prior regime was penned — all the way back in 1995 when Yahoo was the cutting edge of online cool and cookies were still just tasty biscuits.
Here’s the EU’s executive body, the Commission, summing up the goal:
The objective of this new set of rules is to give citizens back control over of their personal data, and to simplify the regulatory environment for business. The data protection reform is a key enabler of the Digital Single Market which the Commission has prioritised. The reform will allow European citizens and businesses to fully benefit from the digital economy.
For an even shorter the EC’s theory is that consumer trust is essential to fostering growth in the digital economy. And it thinks trust can be won by giving users of digital services more information and greater control over how their data is used. Which is — frankly speaking — a pretty refreshing idea when you consider the clandestine data brokering that pervades the tech industry. Mass surveillance isn’t just something governments do.
It’s set to apply across the 28-Member State bloc as of May 25, 2018. That means EU countries are busy transposing it into national law via their own legislative updates (such as the UK’s new Data Protection Bill — yes, despite the fact the country is currently in the process of (br)exiting the EU, the government has nonetheless committed to implementing the regulation because it needs to keep EU-UK data flowing freely in the post-brexit future. Which gives an early indication of the pulling power of GDPR.
Meanwhile businesses operating in the EU are being bombarded with ads from a freshly energized cottage industry of ‘privacy consultants’ offering to help them get ready for the new regs — in exchange for a service fee. It’s definitely a good time to be a law firm specializing in data protection.
GDPR is a significant piece of legislation whose full impact will clearly take some time to shake out. In the meanwhile, here’s our guide to the major changes incoming and some potential impacts.
Data protection + teeth
A major point of note right off the bat is that GDPR does not merely apply to EU businesses; any entities processing the personal data of EU citizens need to comply. Facebook, for example — a US company that handles massive amounts of Europeans’ personal data — is going to have to rework multiple business processes to comply with the new rules. Indeed, it’s been working on this for a long time already.
Last year the company told us it had assembled “the largest cross functional team” in the history of its family of companies to support GDPR compliance — specifying this included “senior executives from all product teams, designers and user experience/testing executives, policy executives, legal executives and executives from each of the Facebook family of companies”.
“Dozens of people at Facebook Ireland are working full time on this effort,” it said, noting too that the data protection team at its European HQ (in Dublin, Ireland) would be growing by 250% in 2017. It also said it was in the process of hiring a “top quality data protection officer” — a position the company appears to still be taking applications for.
The new EU rules require organizations to appoint a data protection officer if they process sensitive data on a large scale (which Facebook very clearly does). Or are collecting info on many consumers — such as by performing online behavioral tracking. But, really, which online businesses aren’t doing that these days?
The extra-territorial scope of GDPR casts the European Union as a global pioneer in data protection — and some legal experts suggest the regulation will force privacy standards to rise outside the EU too.
Sure, some US companies might prefer to swallow the hassle and expense of fragmenting their data handling processes, and treating personal data obtained from different geographies differently, i.e. rather than streamlining everything under a GDPR compliant process. But doing so means managing multiple data regimes. And at very least runs the risk of bad PR if you’re outed as deliberately offering a lower privacy standard to your home users vs customers abroad.
Ultimately, it may be easier (and less risky) for businesses to treat GDPR as the new ‘gold standard’ for how they handle all personal data, regardless of where it comes from.
And while not every company harvests Facebook levels of personal data, almost every company harvests some personal data. So for those with customers in the EU GDPR cannot be ignored. At very least businesses will need to carry out a data audit to understand their risks and liabilities.
Privacy experts suggest that the really big change here is around enforcement. Because while the EU has had long established data protection standards and rules — and treats privacy as a fundamental right — its regulators have lacked the teeth to command compliance.
But now, under GDPR, financial penalties for data protection violations step up massively.
The maximum fine that organizations can be hit with for the most serious infringements of the regulation is 4% of their global annual turnover (or €20M, whichever is greater). Though data protection agencies will of course be able to impose smaller fines too. And, indeed, there’s a tiered system of fines — with a lower level of penalties of up to 2% of global turnover (or €10M).
This really is a massive change. Because while data protection agencies (DPAs) in different EU Member States can impose financial penalties for breaches of existing data laws these fines are relatively small — especially set against the revenues of the private sector entities that are getting sanctioned.
In the UK, for example, the Information Commissioner’s Office (ICO) can currently impose a maximum fine of just £500,000. Compare that to the annual revenue of tech giant Google (~$90BN) and you can see why a much larger stick is needed to police data processors.
It’s not necessarily the case that individual EU Member States are getting stronger privacy laws as a consequence of GDPR (in some instances countries have arguably had higher standards in their domestic law). But the beefing up of enforcement that’s baked into the new regime means there’s a better opportunity for DPAs to start to bark and bite like proper watchdogs.
GDPR inflating the financial risks around handling personal data should naturally drive up standards — because privacy laws are suddenly a whole lot more costly to ignore.
More types of personal data that are hot to handle
So what is personal data under GDPR? It’s any information relating to an identified or identifiable person (in regulatorspeak people are known as ‘data subjects’).
While ‘processing’ can mean any operation performed on personal data — from storing it to structuring it to feeding it to your AI models. (GDPR also includes some provisions specifically related to decisions generated as a result of automated data processing but more on that below).
A new provision concerns children’s personal data — with the regulation setting a 16-year-old age limit on kids’ ability to consent to their data being processed. However individual Member States can choose (and some have) to derogate from this by writing a lower age limit into their laws.
GDPR sets a hard cap at 13-years-old — making that the defacto standard for children to be able to sign up to digital services. So the impact on teens’ social media habits seems likely to be relatively limited.
The new rules generally expand the definition of personal data — so it can include information such as location data, online identifiers (such as IP addresses) and other metadata. So again, this means businesses really need to conduct an audit to identify all the types of personal data they hold. Ignorance is not compliance.
GDPR also encourages the use of pseudonymization — such as, for example, encrypting personal data and storing the encryption key separately and securely — as a pro-privacy, pro-security technique that can help minimize the risks of processing personal data. Although pseudonymized data is likely to still be considered personal data; certainly where a risk of reidentification remains. So it does not get a general pass from requirements under the regulation.
Data has to be rendered truly anonymous to be outside the scope of the regulation. (And given how often ‘anonymized’ data-sets have been shown to be re-identifiable, relying on any anonymizing process to be robust enough to have zero risk of re-identification seems, well, risky.)
To be clear, given GDPR’s running emphasis on data protection via data security it is implicitly encouraging the use of encryption above and beyond a risk reduction technique — i.e. as a way for data controllers to fulfill its wider requirements to use “appropriate technical and organisational measures” vs the risk of the personal data they are processing.
The incoming data protection rules apply to both data controllers (i.e. entities that determine the purpose and means of processing personal data) and data processors (entities that are responsible for processing data on behalf of a data controller — aka subcontractors).
Indeed, data processors have some direct compliance obligations under GDPR, and can also be held equally responsible for data violations, with individuals able to bring compensation claims directly against them, and DPAs able to hand them fines or other sanctions.
So the intent for the regulation is there be no diminishing in responsibility down the chain of data handling subcontractors. GDPR aims to have every link in the processing chain be a robust one.
For companies that rely on a lot of subcontractors to handle data operations on their behalf there’s clearly a lot of risk assessment work to be done.
As noted above, there is a degree of leeway for EU Member States in how they implement some parts of the regulation (such as with the age of data consent for kids).
Consumer protection groups are calling for the UK government to include an optional GDPR provision on collective data redress to its DP bill, for example — a call the government has so far rebuffed.
But the wider aim is for the regulation to harmonize as much as possible data protection rules across all Member States to reduce the regulatory burden on digital businesses trading around the bloc.
On data redress, European privacy campaigner Max Schrems — most famous for his legal challenge to US government mass surveillance practices that resulted in a 15-year-old data transfer arrangement between the EU and US being struck down in 2015 — is currently running a crowdfunding campaign to set up a not-for-profit privacy enforcement organization to take advantage of the new rules and pursue strategic litigation on commercial privacy issues.
Schrems argues it’s simply not viable for individuals to take big tech giants to court to try to enforce their privacy rights, so thinks there’s a gap in the regulatory landscape for an expert organization to work on EU citizen’s behalf. Not just pursuing strategic litigation in the public interest but also promoting industry best practice.
The proposed data redress body — called noyb; short for: ‘none of your business’ — is being made possible because GDPR allows for collective enforcement of individuals’ data rights. And that provision could be crucial in spinning up a centre of enforcement gravity around the law. Because despite the position and role of DPAs being strengthened by GDPR, these bodies will still inevitably have limited resources vs the scope of the oversight task at hand.
Some may also lack the appetite to take on a fully fanged watchdog role. So campaigning consumer and privacy groups could certainly help pick up any slack.
Privacy by design and privacy by default
Another major change incoming via GDPR is ‘privacy by design’ no longer being just a nice idea; privacy by design and privacy by default become firm legal requirements.
This means there’s a requirement on data controllers to minimize processing of personal data — limiting activity to only what’s necessary for a specific purpose, carrying out privacy impact assessments and maintaining up-to-date records to prove out their compliance.
Consent requirements for processing personal data are also considerably strengthened under GDPR — meaning lengthy, inscrutable, pre-ticked T&Cs are likely to be unworkable. (And we’ve sure seen a whole lot of those hellish things in tech.) The core idea is that consent should be an ongoing, actively managed process; not a one-off rights grab.
As the UK’s ICO tells it, consent under GDPR for processing personal data means offering individuals “genuine choice and control” (for sensitive personal data the law requires a higher standard still — of explicit consent).
There are other legal bases for processing personal data under GDPR — such as contractual necessity; or compliance with a legal obligation under EU or Member State law; or for tasks carried out in the public interest — so it is not necessary to obtain consent in order to process someone’s personal data. But there must always be an appropriate legal basis for each processing.
Transparency is another major obligation under GDPR, which expands the notion that personal data must be lawfully and fairly processed to include a third principle of accountability. Hence the emphasis on data controllers needing to clearly communicate with data subjects — such as by informing them of the specific purpose of the data processing.
The obligation on data handlers to maintain scrupulous records of what information they hold, what they are doing with it, and how they are legally processing it, is also about being able to demonstrate compliance with GDPR’s data processing principles.
But — on the plus side for data controllers — GDPR removes the requirement to submit notifications to local DPAs about data processing activities. Instead, organizations must maintain detailed internal records — which a supervisory authority can always ask to see.
It’s also worth noting that companies processing data across borders in the EU may face scrutiny from DPAs in different Member States if they have users there (and are processing their personal data).
Although the GDPR sets out a so-called ‘one-stop-shop’ principle — that there should be a “lead” DPA to co-ordinate supervision between any “concerned” DPAs — this does not mean that, once it applies, a cross-EU-border operator like Facebook is only going to be answerable to the concerns of the Irish DPA.
Indeed, Facebook’s tactic of only claiming to be under the jurisdiction of a single EU DPA looks to be on borrowed time. And the one-stop-shop provision in the GDPR seems more about creating a co-operation mechanism to allow multiple DPAs to work together in instances where they have joint concerns, rather than offering a way for multinationals to go ‘forum shopping’ — which the regulation does not permit (per WP29 guidance).
Another change: Privacy policies that contain vague phrases like ‘We may use your personal data to develop new services’ or ‘We may use your personal data for research purposes’ will not pass muster under the new regime. So a wholesale rewriting of vague and/or confusingly worded T&Cs is something Europeans can look forward to this year.
Add to that, any changes to privacy policies must be clearly communicated to the user on an ongoing basis. Which means no more stale references in the privacy statement telling users to ‘regularly check for changes or updates’ — that just won’t be workable.
The onus is firmly on the data controller to keep the data subject fully informed of what is being done with their information. (Which almost implies that good data protection practice could end up tasting a bit like spam, from a user PoV.)
The overall intent behind GDPR is to inculcate an industry-wide shift in perspective regarding who ‘owns’ user data — disabusing companies of the notion that other people’s personal information belongs to them just because it happens to be sitting on their servers.
“Organizations should acknowledge they don’t exist to process personal data but they process personal data to do business,” is how analyst Gartner research director Bart Willemsen sums this up. “Where there is a reason to process the data, there is no problem. Where the reason ends, the processing should, too.”
The data protection officer (DPO) role that GDPR brings in as a requirement for many data handlers is intended to help them ensure compliance.
This officer, who must report to the highest level of management, is intended to operate independently within the organization, with warnings to avoid an internal appointment that could generate a conflict of interests.
Which types of organizations face the greatest liability risks under GDPR? “Those who deliberately seem to think privacy protection rights is inferior to business interest,” says Willemsen, adding: “A recent example would be Uber, regulated by the FTC and sanctioned to undergo 20 years of auditing. That may hurt perhaps similar, or even more, than a one-time financial sanction.”
“Eventually, the GDPR is like a speed limit: There not to make money off of those who speed, but to prevent people from speeding excessively as that prevents (privacy) accidents from happening,” he adds.
Another right to be forgotten
Under GDPR, people who have consented to their personal data being processed also have a suite of associated rights — including the right to access data held about them (a copy of the data must be provided to them free of charge, typically within a month of a request); the right to request rectification of incomplete or inaccurate personal data; the right to have their data deleted (another so-called ‘right to be forgotten’ — with some exemptions, such as for exercising freedom of expression and freedom of information); the right to restrict processing; the right to data portability (where relevant, a data subject’s personal data must be provided free of charge and in a structured, commonly used and machine readable form).
All these rights make it essential for organizations that process personal data to have systems in place which enable them to identify, access, edit and delete individual user data — and be able to perform these operations quickly, with a general 30 day time-limit for responding to individual rights requests.
GDPR also gives people who have consented to their data being processed the right to withdraw consent at any time. Let that one sink in.
Data controllers are also required to inform users about this right — and offer easy ways for them to withdraw consent. So no, you can’t bury a ‘revoke consent’ option in tiny lettering, five sub-menus deep. Nor can WhatsApp offer any more time-limit opt-outs for sharing user data with its parent multinational, Facebook. Users will have the right to change their mind whenever they like.
The EU lawmakers’ hope is that this suite of rights for consenting consumers will encourage respectful use of their data — given that, well, if you annoy consumers they can just tell you to sling yer hook and ask for a copy of their data to plug into your rival service to boot. So we’re back to that fostering trust idea.
Add in the ability for third party organizations to use GDPR’s provision for collective enforcement of individual data rights and there’s potential for bad actors and bad practice to become the target for some creative PR stunts that harness the power of collective action — like, say, a sudden flood of requests for a company to delete user data.
Data rights and privacy issues are certainly going to be in the news a whole lot more.
Getting serious about data breaches
But wait, there’s more! Another major change under GDPR relates to security incidents — aka data breaches (something else we’ve seen an awful, awful lot of in recent years) — with the regulation doing what the US still hasn’t been able to: Bringing in a universal standard for data breach disclosures.
GDPR requires that data controllers report any security incidents where personal data has been lost, stolen or otherwise accessed by unauthorized third parties to their DPA within 72 hours of them becoming aware of it. Yes, 72 hours. Not the best part of a year, like er Uber.
If a data breach is likely to result in a “high risk of adversely affecting individuals’ rights and freedoms” the regulation also implies you should ‘fess up even sooner than that — without “undue delay”.
Only in instances where a data controller assesses that a breach is unlikely to result in a risk to the rights and freedoms of “natural persons” are they exempt from the breach disclosure requirement (though they still need to document the incident internally, and record their reason for not informing a DPA in a document that DPAs can always ask to see).
“You should ensure you have robust breach detection, investigation and internal reporting procedures in place,” is the ICO’s guidance on this. “This will facilitate decision-making about whether or not you need to notify the relevant supervisory authority and the affected individuals.”
The new rules generally put strong emphasis on data security and on the need for data controllers to ensure that personal data is only processed in a manner that ensures it is safeguarded.
Here again, GDPR’s requirements are backed up by the risk of supersized fines. So suddenly sloppy security could cost your business big — not only in reputation terms, as now, but on the bottom line too. So it really must be a C-suite concern going forward.
Nor is subcontracting a way to shirk your data security obligations. Quite the opposite. Having a written contract in place between a data controller and a data processor was a requirement before GDPR but contract requirements are wider now and there are some specific terms that must be included in the contract, as a minimum.
Breach reporting requirements must also be set out in the contract between processor and controller. If a data controller is using a data processor and it’s the processor that suffers a breach, they’re required to inform the controller as soon as they become aware. The controller then has the same disclosure obligations as per usual.
Essentially, data controllers remain liable for their own compliance with GDPR. And the ICO warns they must only appoint processors who can provide “sufficient guarantees” that the regulatory requirements will be met and the rights of data subjects protected.
tl;dr, be careful who and how you subcontract.
Right to human review for some AI decisions
Article 22 of GDPR places certain restrictions on entirely automated decisions based on profiling individuals — but only in instances where these human-less acts have a legal or similarly significant effect on the people involved.
There are also some exemptions to the restrictions — where automated processing is necessary for entering into (or performance of) a contract between an organization and the individual; or where it’s authorized by law (e.g. for the purposes of detecting fraud or tax evasion); or where an individual has explicitly consented to the processing.
In its guidance, the ICO specifies that the restriction only applies where the decision has a “serious negative impact on an individual”.
Suggested examples of the types of AI-only decisions that will face restrictions are automatic refusal of an online credit application or an e-recruiting practices without human intervention.
Having a provision on automated decisions is not a new right, having been brought over from the 1995 data protection directive. But it has attracted fresh attention — given the rampant rise of machine learning technology — as a potential route for GDPR to place a check on the power of AI blackboxes to determine the trajectory of humankind.
The real-world impact will probably be rather more prosaic, though. And experts suggest it does not seem likely that the regulation, as drafted, equates to a right for people to be given detailed explanations of how algorithms work.
Though as AI proliferates and touches more and more decisions, and as its impacts on people and society become ever more evident, pressure may well grow for proper regulatory oversight of algorithmic blackboxes.
In the meanwhile, what GDPR does in instances where restrictions apply to automated decisions is require data controllers to provide some information to individuals about the logic of an automated decision.
They are also obliged to take steps to prevent errors, bias and discrimination. So there’s a whiff of algorithmic accountability. Though it may well take court and regulatory judgements to determine how stiff those steps need to be in practice.
Individuals do also have a right to challenge and request a (human) review of an automated decision in the restricted class.
Here again the intention is to help people understand how their data is being used. And to offer a degree of protection (in the form of a manual review) if a person feels unfairly and harmfully judged by an AI process.
The regulation also places some restrictions on the practice of using data to profile individuals if the data itself is sensitive data — e.g. health data, political belief, religious affiliation etc — requiring explicit consent for doing so. Or else that the processing is necessary for substantial public interest reasons (and lies within EU or Member State law).
While profiling based on other types of personal data does not require obtaining consent from the individuals concerned, it still needs a legal basis and there is still a transparency requirement — which means service providers will need to inform users they are being profiled, and explain what it means for them.
And people also always have the right to object to profiling activity based on their personal data.
Google will introduce an ad blocker to Chrome early next year and is telling publishers to get ready.
The warning is meant to let websites assess their ads and strip any particularly disruptive ones from their pages. That’s because Chrome’s ad blocker won’t block all ads from the web. Instead, it’ll only block ads on pages that are determined to have too many annoying or intrusive advertisements, like videos that autoplay with sound or interstitials that take up the entire screen.
Sridhar Ramaswamy, the executive in charge of Google’s ads, writes in a blog post that even ads “owned or served by Google” will be blocked on pages that don’t meet Chrome’s guidelines.
Instead of an ad “blocker,” Google is referring to the feature as an ad “filter,” according toThe Wall Street Journal, since it will still allow ads to be displayed on pages that meet the right requirements. The blocker will work on both desktop and mobile.
Google is providing a tool that publishers can run to find out if their sites’ ads are in violation and will be blocked in Chrome. Unacceptable ads are being determined by a group called the Coalition for Better Ads, which includes Google, Facebook, News Corp, and The Washington Post as members.
The feature is certain to be controversial. On one hand, there are huge benefits for both consumers and publishers. But on the other, it gives Google immense power over what the web looks like, partly in the name of protecting its own revenue.
First, the benefits: bad ads slow down the web, make the web hard and annoying to browse, and have ultimately driven consumers to install ad blockers that remove all advertisements no matter what. A world where that continues and most users block all ads looks almost apocalyptic for publishers, since nearly all of your favorite websites rely on ads to stay afloat. (The Verge, as you have likely noticed, included.)
By implementing a limited blocking tool, Google can limit the spread of wholesale ad blocking, which ultimately benefits everyone. Users get a better web experience. And publishers get to continue using the ad model that’s served the web well for decades — though they may lose some valuable ad units in the process.
There’s also a good argument to be made that stripping out irritating ads is no different than blocking pop ups, which web browsers have done for years, as a way to improve the experience for consumers.
But there are drawbacks to building an ad blocker into Chrome: most notably, the amount of power it gives Google. Ultimately, it means Google gets to decide what qualifies as an acceptable ad (though it’s basing this on standards set collectively by the Coalition for Better Ads). That’s a good thing if you trust Google to remain benign and act in everyone’s interests. But keep in mind that Google is, at its core, an ad company. Nearly 89 percent of its revenue comes from displaying ads.
The Chrome ad blocker doesn’t just help publishers, it also helps Google maintain its dominance. And it advantages Google’s own ad units, which, it’s safe to say, will not be in violation of the bad ad rules.
This leaves publishers with fewer options to monetize their sites. And given that Chrome represents more than half of all web browsing on desktop and mobile, publishers will be hard pressed not to comply.
Google will also include an option for visitors to pay websites that they’re blocking ads on, through a program it’s calling Funding Choices. Publishers will have to enable support for this feature individually. But Google already tested a similar feature for more than two years, and it never really caught on. So it’s hard to imagine publishers seeing what’s essentially a voluntary tipping model as a viable alternative to ads.
Ramaswamy says that the goal of Chrome’s ad blocker is to make online ads better. “We believe these changes will ensure all content creators, big and small, can continue to have a sustainable way to fund their work with online advertising,” he writes.
And what Ramaswamy says is probably true: Chrome’s ad blocker likely will clean up the web and result in a better browsing experience. It just does that by giving a single advertising juggernaut a whole lot of say over what’s good and bad.
YouTube is the second most powerful search engine on the planet, and holds the top spot as the largest video network in existence.
The video site continues to grow more pervasive with the maturation of smartphone technology. Today, half of YouTube video views stem from mobile devices.
For this reason, and many others, YouTube is the master of reaching across generational boundaries to impact and engage members of GenX, GenY and GenZ. For example, YouTube currently reaches more 18-34 and 18-49 year-olds than any U.S cable network currently broadcasting.
Because of the popularity of the platform, influencers have spawned from the network and continually leave lasting impressions on their dedicated viewers. Studies suggest that recommendations from influencers are trusted 92% more than from celebrities or advertisements.
The trust factor brought forth by influencers is one of the most notable reasons as to why influencer marketing is so effective.
It’s not as simple as it looks
Leveraging influencers on YouTube is not as simple as it sounds. Because there are many performance and brand risks associated with YouTubers that need to be managed in order to deliver rockstar results.
YouTubers are legitimate masters of their craft and make their living by presenting themselves authentically. This means that brand interference regarding their voice or image is not normally welcomed.
Despite the challenges, brands and YouTubers can get along famously when the right partnership is forged.
The balancing act
By way of example, Google recently recruited famed YouTube influencer Lewis Hilsenteger from the channel Unbox Therapy to help make some noise about Android Pay.
The video depicted Lewis travelling throughout New York City, visiting destinations that accept the form of payment to prove that you could survive solely with Android Pay. This is a prime example of recruiting an influencer that expresses a brand’s message while maintaining their authenticity.
The video generated 1.7 million views while showing off the real-world capabilities of Android Pay.
No doubt successful collaborations like these and the significant revenue generation potential spurred Google to recently acquire influencer marketplace Famebit.
The 9 key steps to get millions of views on YouTube
Below you’ll find nine steps that fast-casual restaurant chain Qdoba Mexican Eats took when engaging the YouTube audience for the first time.
The results were phenomenal (and, in full disclosure, delivered under the direction of, as well as executed by digital marketing agency Evolve!, Inc.).
If you’re planning on diving into YouTube to help grow your business, use this campaign as a model – it delivered 3 million views, 84K social engagements, and 200M potential impressions, all while adhering to strict brand guidelines and beating aggressive price targets.
1. Set your goals and success criteria
As with any marketing campaign, align your influencer marketing campaign with your overall marketing and sales goals.
Define success using quality metrics, such as messaging and how the brand is portrayed, as well as quantifiable targets such as cost per video view, average length of video view, number of targeted views, and cost per conversion.
2. Set a budget
The cost per view charged for YouTube sponsorships varies WIDELY, depending on factors such as audience size, reach, demographics, engagement, their industry vertical and genre, the type of sponsorship and length of integration, the YouTuber’s desire to work with a particular brand, and whether the talent is represented by an agency.
A good rule of thumb is to target a .04 – .07 cents cost per view (CPV) for video integrations and a .08 to .15 CPV for dedicated videos.
Brands should also set aside budget for content generation (landing pages, blog posts, prizes and and/or promotions), analytics software for tracking, a promotional ad budget, and manpower.
3. Create a theme and campaign messaging that supports your goals
It can be something as simple as capturing people’s excitement as they try delicious Qdoba entrees for the first time (#QdobaUnbox), or reveling in the occasions when More is Better (#MoreIsBetter), including indulging in Qdoba’s generous array of delicious toppings (#MoreFlavorIsBetter).
Evolve even created a contest celebrating Qdoba’s key differentiating factor: Free Guacamole (#FreeGuac).
Develop brand, and campaign-specific messaging, but leave ample room for YouTubers to exercise their creative license.
Remember, integrations are NOT advertisements. Videos that come off as too commercial tend to get panned in the comments and generate lower-than-expected view counts.
4. Establish your selection criteria
What constitutes a brand match?
Start with genres, industries and channel demographics, including age, sex and geography.
Does the campaign theme fit their interests? Do they create content that would resonate with or offend your audience?
Identify any influencers that meet this criteria, fall within the audience size that you are looking to engage, and begin the outreach process.
5. Develop a pitch letter
Be clear about the campaign requirements, and set expectations: Are you looking for an integration or a dedicated video? What four or five key messages do YouTubers need to address in the video? And what is your timeline?
Basically, what are the promotional requirements and is there any additional information you need from them when they respond to your proposal.
But bear in mind that people who have built sizeable, engaged followings can afford to be choosy about which brands they want to work with. You may want to excite them with something that’s unique about your brand.
Qdoba offered vloggers a summer of free food, in addition to the paid sponsorship.
6. Recruit enthusiastic YouTubers
This is perhaps the most time-consuming step, and the most critical to the success of your campaign.
You know you’ve hit gold when you’ve identified YouTubers who meet your brand criteria, like your brand and offer creative story lines, and sometimes bonus promotions in their response.
There are 3 routes to recruit YouTubers:
- Outreach directly to the people you want to work with via the email listed on their YouTube channel
- Work with talent agencies you know and trust
- Solicit proposals through influencer marketplaces like Famebit, Grapevine Logic or Reelio
7. Spell out everything in the contract
Flush out the creative before finalizing the contract, and include the type of integration, key messages, project timeline, the reviews process and video promotions.
YouTubers tend NOT to want the brand to weigh in on things like the Video Title or storyline outside the integration. On the same token, it is vital to be somewhat flexible when working with influencers on the creative direction of the content. These folks have built substantial followings that are enchanted by their unique voice. Setting too rigid of a structure that is outside the norm for influencers could result in a deal going south or a video not receiving the attention it deserves.
8. A/B test everything. Measure, tweak and repeat
Test various genres, campaign themes, messaging, calls to action, and amplification strategies. At this stage, we generally prefer to partner with YouTubers that have small but engaged audiences. This will allow you to get the most bang for your buck while simultaneously minimizing any potential losses for creatives that do not resonate with audiences.
Measure campaign performance, focusing on actual video views, social engagements and cost per conversions, if that’s relevant. Pivot as needed and update projected outcomes.
We use several tools simultaneously, including Simply Measured, to monitor multiple channels to gain the most clear and comprehensive picture possible.
Once the campaign has been optimized, turn up the volume. Contract larger YouTube channels, and consider using contests or launching several videos at once to support product launches.
These introduce an added layer of complexity because they need to adhere to strict timelines and you potentially need to manage multiple videos at once. On the flipside, they also generally produce much more significant results, so while efforts will become more intricate, they will also become much more fruitful.
Qdoba A/B tested several concepts before running a two week #FreeGuac campaign, which drove 2.4 million video views. Participating YouTube vloggers invited their viewers to enter into a scavenger hunt contest for the chance to win cash prizes, free food and cool SWAG.
Contests like these are ideal for scaling a campaign as almost any marketing element that engages an audience on a participatory level is going to garner more attention compared to content that is merely observed through comments and shares. The contest subsequently resulted in Qdoba collecting over 10K contest submissions.
As video continues to grow, YouTube is quickly transitioning into the premier influencer marketing channel. The power of video content is unmatched by its predecessors and influencer marketing, when managed properly, has the ability to permeate and engage an audience in unparalleled fashion.
The most challenging aspect of this discipline is that the rules of engagement are constantly in flux, meaning that for the best results, it is advisable to collaborate with specialty digital marketing agencies that work day-in and day-out crafting influencer strategies on YouTube that resonate, sell, and make a brand’s efforts worthwhile.
Marketing is only helpful when it’s meeting a need. It sounds simple, but those needs can be really tough to parse. Like any consumer, my needs evolve every day, if not every minute. I won’t stand for poorly targeted ads or messages that are irrelevant to me.
I work in marketing technology, and this industry has been talking about data-driven personalization for years. We’ve made a lot of progress, but we’re only just beginning to realize the potential of machine learning to match goods and services with a particular person in a specific situation.
Machines are changing how marketing is done. I’m not just talking about workflow automation or customer service bots. I’m talking about software that can help brands understand, meet, and even predict the subtlest of consumer needs.
It’s a new phase that I think of as Marketing 3.0. The 1.0 version, marketing in its early 20th century form, involved selling products to people who had demonstrated a need. The 1950s saw the rise of Marketing 2.0: ad men who shaped consumer desires to sell products. Machine learning allows marketers to move beyond this model and return to the original purpose of marketing, while adding speed and scale.
Marketing 1.0: Meeting needs as expressed
Marketing 2.0: Creating needs, then meeting them
Marketing 3.0: Machines analyzing needs, then meeting them
Marketing 3.0 uses machine learning to match product and consumer faster, more precisely, and in the right context; and to identify people who have an implied rather than overtly demonstrated need. Machines learn from a large pool of real-world examples, so they can predict future intent by observing past behavior. Marketers don’t have to comprehend the precise patterns that emerge from massive amounts of data or map out the rules that determine people’s behaviors.
In other words, machine learning shifts the role of the marketer from trying to manipulate customers’ needs to meeting the needs they actually have at a given moment.
Think about a BMW dealership looking to sell more of a particular model. They can use machine learning to identify indicators for people who bought a 5 Series in the past year: They researched similar cars like the Audi A6 and Mercedes E Class, they asked about mileage per gallon, and they had similar demographic traits.
Say I’m looking to buy a car and have a friend who recently bought a 5 Series. I’ve read about one of its new features: a 3D view of the car that I can see from my phone. When I search for “BMW 5 Series” on my iPhone, I’ll see a list of dealerships within a 10-mile radius of my regular commute. I call the dealership to ask about their inventory, and they know I’m ready to buy. I’m automatically matched with the sales rep who sold the same car to my friend, knows the specs I’m interested in, and can talk to me about 3D view.
I see massive opportunity to use predictive capabilities to link online and offline interactions — mobile ads, email campaigns, phone conversations, and in-person experiences. It’s becoming a reality as Google, Facebook, Apple, and Amazon continue investing in voice assistants and natural language processing technologies. Amazon is reportedly updating Alexa to be more emotionally intelligent. It’s not a huge leap to transition from making voice commands in my living room to calling a business and making a purchase directly through my Echo. A conversation is the most natural form of interaction, and the most conducive to forming relationships.
I think voice will be central to how marketers balance machine learning capabilities with the need to create human experiences. Even if machines can surface information and recommendations at exactly the right time, people still want human conversations, especially when it comes to buying complex or expensive products. I’m fine with Alexa ordering me a pizza, but not a car.
As I see it, the role of machines is to draw correlations between consumers’ behaviors and their ultimate intent. The role of the marketer is to figure out what can be automated (e.g., triggering an email after a purchase is made) and what can be augmented (e.g., predicting what products will most intrigue a customer) by using software. The next wave, Marketing 4.0, will take this a step further by meeting consumers’ expressed and unexpressed needs.
We’re moving toward a more predictive world in which machine learning powers the majority of interactions between consumers and brands. I don’t see this being at odds with human connection or authentic experiences. Marketing will be ambient and truly data-driven. It will catch up with consumer expectations and with the potential of technology to change how marketing is done