Data Protection

U.S. data regulations are heating up in response to the GDPR with California passing the state’s own version of consumer data protection. This passing of state law is likely to start the domino effect that will lead to federal legislation as the protections blur across state lines.

The main takeaways from the regulation are:

  • “Californians have the right to request that a business that collects a consumer’s personal information disclose what categories and specific pieces of personal information the business has collected;
  • Californians have the right to request that a business delete any personal information about the consumer;
  • Californians have the right to direct a business not to sell the consumer’s personal information, which is referred to as the right to opt out; and
  • Californians can bring a private right of action against a company if there is an unauthorized breach of non-redacted or non-encrypted personal information.” (1)

Silicone Valley is home to numerous headquarters of some of the biggest online giants. How will a state level consumer data privacy law impact corporations with users spanning across the globe? Will other states adopt these laws? Will the problems be solved through sweeping federal legislation? These questions must be answered and those answers will likely surface in the state and federal courts. Meanwhile, most businesses will be stuck in a data privacy purgatory, stagnant until some clarity is provided.

The Importance of Data

These regulations come at a time when digital ad spend will surpass traditional ad spend in 2019, serving to further feed this fire. (2) Other than consumer trends, a major reason for the abrupt rise in ad spend is due to the online data that is collected. Radio simply cannot collect the type of data Facebook and Google have access to.

There is no doubt that data use benefits both the consumer and marketers alike. The data allows marketers to tailor their ads to likely customers, and consumers benefit from seeing ads that help them find what they want. For instance, I do not own a pet, and the data gathered from my Google searches and social media would give no indication of such. Marketers can use my data to tailor specific ads for my situation. An ad for Petsmart would be a waste of my time and their money, while an ad from Kohl’s could help me find a product I need.

The Digital Age’s data explosion has led to a more Moneyball approach within marketing. While data analytics are incredibly useful for garnering a new customer, there is a U-curve to everything, too much of something becomes problematic. The industry has either hit the downside of that u-curve, or simply needs sorting out as more data will come with advancements in technology. Maybe this legislation is a good thing, as it can draw a line in the sand on which consumer data can be used by marketers and market researchers and which cannot.

How are others responding?

In response to this data limbo, some platforms are addressing the issue on their own terms. Apple’s Safari now blocks third-party cookies and Mozilla’s Firefox gives users the option to block third-party cookies. Whether these adjustments are permanent or a response to data uncertainty is yet to be determined.

Another way market researchers have prepared for a post-GDPR marketing world is through second-party data. To refresh, first-party data is collected directly from a business; second-party data is acquired when a business purchases another business’s first-party data. This data tends to be of high quality, as it comes directly from a business. Lotame, a data provider, experienced a 460 percent increase in the number of second-party data sellers in 2018. (3)

The main idea that seems to be taking hold in the post-GDPR industry is to strive for growth but not at the cost of consumer trust. While this may seem like common sense, the lines were blurred before these data scandals. With seemingly infinite amounts of data, there were still no set boundaries. Even though many of these businesses, such as Facebook and their recent scandal, took unethical measures for profit at the expense of the consumer, they are not the only companies to push these data boundaries.

On one hand, Facebook allowed Cambridge Analytica to access user data without a user’s consent in a blatant disregard for consumer trust. But other companies, such as Netflix and Spotify, were given legal access to user data years ago, only to have this data deemed unethical upon discovery in 2018. Marketers can look for new ways to grow in ways which benefit the consumer and company involved when these boundaries are established.

Data will always hold a major place in marketing but remains in a state of uncertainty until regulations are clarified. In the meantime, this state of uncertainty provides marketers with new opportunities to gain footing in the industry as these issues get sorted. While these new protections will go down as notable and revolutionary milestone’s in marketing history, they’re just another trend marketers must adjust too.


  1. Ghosh, Dipayan. “What You Need to Know About California’s New Data Privacy Law.” Harvard Business Review, 12 July 2018,
  2. Shields, Ronan. “U.S. Digital Ad Spend Will Surpass Offline in 2019.” – Adweek, Adweek, 20 Feb. 2019,
  3. Shields, Ronan. “Inside the Rise of Second-Party Data.” – Adweek, Adweek, 19 Feb. 2019,

Contact The Bean Team