Publisher growth tactics for election season | WEBINAR

Learn More

SODP

SODP Media

  • Insights
    • Articles
      • Audience Development
      • Content Strategy
      • Digital Publishing
      • Monetization
      • SEO
      • Digital Platforms & Tools
    • Top Tools & Reviews
    • Opinion
    • Podcast
  • Education
    • Publisher SEO Course
    • Events
      • Monetization Week 2025
  • Resources
  • Community
    • Slack Channel
    • Newsletter
  • About
    • About Us
    • Contact Us
    • Editorial Policy
  • English
sodp logo
SODP logo
    Search
    Close this search box.
    Login
    • Insights
      • Podcast
      • Articles
        • Audience Development
        • Content Strategy
        • Digital Publishing
        • Monetization
        • SEO
        • Digital Platforms & Tools
      • Top Tools & Reviews
        • Articles
        • Top Tools & Reviews
        • Opinion
        • Podcasts
        • Audience Development
        • Content Strategy
        • Digital Publishing
        • Monetization
        • SEO
        • Digital Platforms & Tools
        • Headless CMS Platforms
        • Digital Publishing Platforms
        • Editorial Calendar Software
        • Magazine Apps
        • Email Newsletter Platforms
        • More Best Tools Lists
    • Education
      • Publisher SEO Course
        • Publisher SEO Course
        • Events
        • Managing Millions
        • View all
    • Resources
    • Community
      • Slack Channel
      • Office Hours
      • Newsletter
        • Slack Channel
        • Newsletter
    • About
      • About Us
      • Contact Us
      • Editorial Policy
        • About Us
        • Contact Us
        • Editorial Policy
    placeholder
    SODP logo
    Become a Brand Partner

    Home ▸ Digital Platforms & Tools ▸ The impact of GDPR one year later

    The impact of GDPR one year later

    Shelley SealeShelley Seale
    May 24, 2019
    Fact checked by Vahe Arabian
    Vahe Arabian
    Vahe Arabian

    Founder and Editor in Chief of State of Digital Publishing. My vision is to provide digital publishing and media professionals a platform to collaborate and promote their efforts, my passion is to uncover talent and… Read more

    Edited by Vahe Arabian
    Vahe Arabian
    Vahe Arabian

    Founder and Editor in Chief of State of Digital Publishing. My vision is to provide digital publishing and media professionals a platform to collaborate and promote their efforts, my passion is to uncover talent and…Read more

    GDPR one year later

    What’s Happening:

    One year after the European Union introduced the General Data Protection Regulation (GDPR) law, how has the impact of it and digital privacy affected news publishers?

    Why it Matters:

    Designed to update the privacy rights of internet users and ensure that organizations are transparent and responsible when handling customer’s personal information, GDPR went into effect in May 2018 just as data privacy and consent were topping the news after episodes such as the Facebook and Cambridge Analytica data scandal. Although the law was specific to the EU, because of the open and global nature of the internet, the impact was worldwide as publishers around the globe rushed to comply. One year later, what have the effects been, and what’s next?

    Global Effect

    This extended reach across the globe has led to some unexpected outcomes, writes Danny Palmer at ZDNet. He gives one example: “European internet users looking to visit some US-based news publications may find that they can’t view the websites – instead being met with pages explaining the publication didn’t comply with the new legislation and blocked them out instead.”

    But Palmer says that beyond the flood of emails asking for explicit marketing consent and notices on websites warning of the presence of third-party cookies, there is a bigger shift taking place. Consumers largely view this as an annoyance, rather than a regulatory shift to consumer control and visibility over their own data.

    Yet, GDPR is likely only the tip of the iceberg, as countries around the world look to implement their own, similar privacy policies, including Brazil, Japan, India and South Korea. In the United States, the California Consumer Privacy Act is set to be introduced on January 1, 2020. Unlike GDPR, however, the California law doesn’t set a time limit for notifying consumers of a data breach, nor does it come with the prospect of fines for non-compliance.

    Even so, it appears to already be having some effect on how the large companies of Silicon Valley operate. Google, Facebook and Apple are all talking about privacy and consumer data. “It’s possible that the introduction of GDPR has helped spur this change on, as companies like Google work to accommodate users becoming more aware about digital privacy,” Palmer says, adding that it’s within the realm of artificial intelligence that data privacy could have the most impact.

    Artificial Intelligence

    It’s one thing to talk about human-based data accumulation, even when those activities are automated. When we start discussing artificial intelligence, however, it becomes a whole new ballgame. Most AI-based algorithms rely on gathering and analyzing vast amounts of data, and it’s not always clear where that data came from or whether the individuals involved have given consent.

    Emma Wright, commercial technology partner at law firm Kemp Little says that the debate around ethical data collection practices is raging when it comes to AI. “AI allows the mass processing and analysis of data. In lots of areas, we’re suddenly looking for general counsels to be looking at the ethics of something, not just the legalities of something. It’s not how can you behave, it’s how should you behave.”

    Minors and Data Protection

    Another extremely sensitive area in this realm is that of children’s digital identities and the privacy surrounding that — which, rightly so, becomes much more of a security issue. The EU does not have an independent law that addresses the protection of children’s data; rather, some of its GDPR provisions warrant a higher standard to protect children’s data.

    In the US, the data of minors is protected under the Children’s Online Privacy Protection Act of 1998. The International Association of Privacy Professionals (IAPP) published a Privacy Tracker series that looks at laws from across the globe, including COPPA, and matches them up against GDPR.

    “The GDPR and COPPA were written with a different focus,” says Tay Nguyen of IAPP. “The GDPR has a wider focus on data protection for all natural persons. COPPA is narrower in its focus, prohibiting unfair or deceptive practices related to children’s data online.”

    Vendors and Other Organizational Departments

    Data privacy doesn’t begin and end with the publishers and websites themselves; the scope of responsibility extends to the security postures of suppliers and vendors, and the onus is on companies to ensure that they are compliant as well.

    Content from our partners

    build ad network guide

    How to Build Your Own Ad Network: A Step-by-Step Guide

    AI, the double-edged sword of creativity, and why publishers must embrace it

    AI, The Double-edged Sword of Creativity, and Why Publishers Must Embrace It

    Why Online Publishers Need a VPN: Protecting Data, Sources, and Revenue

    Why Online Publishers Need a VPN: Protecting Data, Sources, and Revenue

    “Many organizations have a vendor management program in place, but the increased focus of outsourcing data processing makes it imperative and urgent that GDPR compliance is confirmed,” says Bob Bruns of Forbes. “Specifically, GDPR has five articles – Articles 28, 30, 32, 33, and 36 – that pertain to the responsibilities of third parties.”

    Likewise, GDPR compliance isn’t just an IT issue within a company itself. Bruns says that companies can view this as an opportunity to help strengthen partnerships across other departments within the organization, such as human resources, legal and marketing. “Marketers, in particular, have had to undergo a shift in campaigning and data mining approaches and may need the help of legal, compliance or IT resources. Marketing should work together with other departments to make sure data is attained and managed properly, including customer consent and communication on how their personal data will be used.”

    The Bottom Line:

    A company’s entire controls framework that helps ensure GDPR compliance can also ensure data protection principles and can be applied to all areas of business. One thing that GDPR has accomplished is raising awareness about data privacy issues, though this is only the beginning of a much larger conversation about the overall ethics policies of internet technology and information.

    Editor's Picks
    What Is a Content Creator The What, Why and How of the Creator Economy
    Content Strategy

    What Is a Content Creator?

    Best Email Newsletter Platforms for Publishers
    Digital Platforms & Tools

    8 Best Email Newsletter Platforms for Publishers in 2024

    Google News SEO
    SEO

    Google News SEO Guide 2024: Best Practices for News Publishers

    Related Posts

    • Best AI Writing Tools
      10 Best AI Writing Tools
    • Best Digital Publishing Platforms
      17 Best Digital Publishing Platforms in 2024
    • Best AI Transcription Tools
      11 Best AI Transcription Tools in 2024
    • 10 Best Video Monetization Platforms in 2023
      10 Best Video Monetization Platforms in 2024
    SODP logo

    State of Digital Publishing is creating a new publication and community for digital media and publishing professionals, in new media and technology.

    • Top tools
    • SEO for publishers
    • Privacy policy
    • Editorial policy
    • Sitemap
    • Search by company
    Facebook X-twitter Slack Linkedin

    STATE OF DIGITAL PUBLISHING – COPYRIGHT 2025

    GPP logo

    Managing Millions

    Better audience engagement without the tech headaches

    How to avoid the Goldilocks Tech Trap which wreaks havoc on giving audiences what they want

    11 June 2025

    2 PM BST

    Online Event

    Learn More