GDPR and its Impact on the Internet

12 September 2019
Reading: 6 min

GDPR and its Impact on the Internet

I go to the Internet to find out how long it takes to boil an egg. Once I open a website, the “We use cookies” window immediately pops ups. It is displayed in the corner of the screen, which makes it hard for me to focus on the content of the article. Being irritated at this hindrance, I push “Accept” without giving it a second thought.

Ten minutes after the water starts boiling, got it! I have this information now, but my conscience is bothering me a tad as though I have just sold my personal data to the devil himself and have waived my right to confidentiality because I was too lazy to read the cookie policy.

Cookie policy windows that keep popping up are yet another manifestation of the GDPR’s impact. What is GDPR and in what other ways does it influence user experience and the Internet in general?

GDPR and its Impact on the Internet

What you need to know about GDPR

GDPR (General Data Protection Regulation) is a piece of EU legislation with the main purpose to protect users and their data. It replaced the 1995 Data Protection Directive and went into effect on May 25, 2018.

According to the GDPR directive, personal data is any information related to a person such as a name, a photo, an email address, bank details, updates on social networking websites, location details, medical information, or a computer IP address.

It can also include such confidential data as racial and ethnic origin, religious or philosophical ideas, political views, genetic and biometric information, sexual life information.

Companies can no longer store this information without a particular reason. They are allowed to store only data necessary for their functioning with your consent on that.

It is the largest legislation of its kind and has had a far-reaching effect, extending beyond the borders of the EU.

GDPR applies to all businesses and organizations established in the EU, regardless of whether the data processing takes place in the EU or not. Even non-EU established organizations will be subject to GDPR. If the business offers goods and/or services to citizens in the EU, then it’s subject to GDPR.

There are penalties for companies and organizations that don’t comply with GDPR. The fines are up to 4% of annual global revenue or 20 million euros, whichever is greater.

User rights guaranteed by GDPR

  • The right to access. Users have the right to request access to their personal data and to ask how their data is used by the company. The company must provide this information free of charge and in electronic format if requested.
  • The right to be forgotten. If consumers are no longer customers, or if they withdraw their consent from a company to use their personal data, then they can ask a company to delete their data.
  • The right to be informed. Individuals must be informed about what data is gathered, and they must give their consent on that. Consent must be freely given rather than implied.
  • The right to be notified. In case of a data breach, companies must notify the users within 72 hours of first having become aware of the breach.

What impact did GDPR have on the Internet?

How has the Internet changed since the new regulation went into effect? Is GDPR actually working? Or are we still caught in an information dystopia?

GDPR has changed the general attitude towards personal data. The Regulation has highlighted the issue of data protection and it is now taken much more seriously. Suffice it to say that 500,000 organizations have registered data protection officers across Europe since GDPR came into force.

GDPR and its Impact on the Internet

Data from the GDPR Small Business Survey

Before GDPR, organizations could use the email address that you stated during the registration process to send you newsletters and ads. Now, they are required to introduce some changes to the fill-out forms so that users are able to choose whether they want to receive the newsletter or not.

A study claims that there’s also a considerable drop in the use of third-party cookies that were initially placed to facilitate user data collection. They were used for a variety of purposes such as storing search queries, detecting user behavior patterns and information tracking.

According to Sizmek, almost 80% of organizations expect their audience targeting with third-party data to be limited due to GDPR. However, contextual targeting can fill this gap. The same report claims that 87% of marketers are planning to increase contextual targeting in the next 12 months.

GDPR and its Impact on the Internet

How much have organizations spent to comply with GDPR?

Neill Burton (Zeropark) on how GDPR influenced the affiliate marketing industry

GDPR and its Impact on the Internet

We have reached out to Neill Burton, Head of Account Management at Zeropark, to discuss how GDPR has affected Zeropark and affiliate marketing in general.

Could you tell us how GDPR has impacted your traffic volumes? And why?

Zeropark was not hugely impacted when GDPR was put into place as a large proportion of our traffic comes from Toolbars, Push Notifications or other services where the user has to implicitly give permission for the ad-on, notification or app to show adverts. To put it shortly because most of our formats are opt-in at Zeropark traffic volumes were barely affected.

How has GDPR impacted affiliate marketing?

Any campaign which collects data on a user has to be very open about what they are collecting and have an agreement for this data, so it has made Lead Generation and Pin Submit campaigns more complicated. Also, the data an affiliate can collect on a client has become more limited.

Affiliates working with EU countries are now facing certain limitations on data collection. Companies are forking over huge sums of money to comply with the new data protection regulations.

However, from the user point of view, the changes have proved to be positive. Now, EU residents have more control over their personal data, they can set up cookies to prevent data leakage, ask for information on what data has been gathered and for what purposes and withdraw their consent from a company to use their personal data.

In 2018, only a few companies were subjected to fines. In 2019, however, everything changed. For instance, Google was fined $50 million.

According to a 2019 small business survey, the majority of entrepreneurs (86%) said it was essential to comply with GDPR.

So, changes do happen — but gradually.

Have a story to tell about traffic arbitrage?
Become a ZorbasMedia contributor!
Become an author