Three ways every publisher should be preparing for GDPR

The May 25th deadline for publishers to be compliant with the new GDPR regulations looms ever closer. When it comes into effect, the burden on website owners for gaining consent from consumers to use their data to deliver personalized content and ads will increase dramatically.  

Publishers worldwide are rightly asking themselves one big question: how can we continue to operate as a business after the GDPR comes into effect when up to 80 percent of our revenue comes from online advertising? While the business challenges and risk to free news and information shouldn’t be underestimated, a free, open-source and industry-wide solution is on the way. When it launches this spring, publishers will be able to continue funding themselves through relevant online advertising, protecting free access to news and entertainment for consumers in the EU and worldwide.

Led by the IAB Europe, this consent solution will be most visible to consumers as a pop-up they engage with when they land on a publisher’s site. The pop-up will clearly inform their audience about what companies are asking for their permission to use information about them and for what purposes. Publishers will be able to control over who can and cannot track visitors to their site and for what purposes.

The good news for publishers is that the framework has already entered testing and the early signs are promising. With it, publishers, advertisers, and the adtech community will have a common language with which to identify and share whether a consumer has given consent for their data to be used for the purposes of online advertising.

With so many things to get up to speed on, what are the top three actions publishers should be taking now that the framework is publicly available?

Get the right decision makers up-to-speed now
Publishers will need to have the right technical, policy, and commercial decision makers informed and aware of what’s required of them when the time comes. Make sure this issue is on the radar of your CTO, CIO, CEO and that time and the necessary resources have been allocated to act quickly when the solution becomes available, from implementing the user experience on your site to handling reader enquiries about the change.

Ask important questions sooner rather than later
Publishers should begin now to decide on what their most important needs are regarding GDPR, and what solution based on the industry framework best fits those needs. What kind of experience do you want consumers to have on your site? Who are your most vital partners that will need to be made visible to consumers or require consent? What are the biggest threats to your brand and revenue and how can you leverage the framework to mitigate those? Don’t wait until May 25th to align key stakeholders on that decision.

Plan to prepare your readers
Well before May 25th, the EU’s 430 million internet users will begin seeing the transparency and consent pop-up on their trusted news sources and online entertainment sites. It’s important that they’re prepared and understand how their browsing experience will change should they not consent to the use of their personal data. Begin working out how you’ll inform and prepare your readers ahead of this, whether via notification on site, email communications, or your social channels. The more users are educated, the more likely the transition will be smooth and less challenging on consumers and publishers.

Every change in regulation brings unintended consequences. The ambition of GDPR in putting more control into the hands of consumers should be lauded, but the risk it poses to the publishers delivering quality, independent editorial news should concern us all. Publishers that begin getting GDPR-compliant consent from consumers early stand the best chance of having a critical mass of consent by May 25th.


Somer Simpson is the GDPR Product Lead at Quantcast, and has played a central role in developing the IAB Europe’s industry-wide and open source GDPR consent solution for publishers.