Megan Gell
Jan 15, 2019

GDPR: how has it changed data protection in Asia?

Eight months on, we look at how the EU’s data protection regulation has impacted APAC advertisers and consumers.

The value of owning one's own data as a brand is coming to the fore after GDPR, according to industry insiders.
The value of owning one's own data as a brand is coming to the fore after GDPR, according to industry insiders.

When the European Union’s GDPR (General Data Protection Regulation) came into effect last May, many marketers feared the end of easy consumer data collection while consumers themselves faced inboxes full of opt-in requests from oft-forgotten organisations.

The more optimistic among us looked for the long-term benefits — building greater transparency, a shift towards quality over quantity — and saw GDPR as a timely catalyst for businesses to redefine their data strategy.

So what has been the real impact in Asia? 

“GDPR has been a good nudge for businesses,” says Patrick Milburn, managing director, Hong Kong, of the web analytics agency Mezzo Labs. “There has been a maturing of the conversations about data and they are wider in scope. In Singapore and Hong Kong, we see companies rethinking their data architecture and using data in more intelligent ways. People were starting with data rather than what it is they were actually trying to provide – that's changed.

“Over the next couple of years we expect to see more c-level backing, that is businesses putting data at the centre of what they do rather than specific types of data work – especially in Greater China.”

DIY data

As regulations around data privacy have become more stringent, clients' own data is gaining more recognition and importance, according to Vikram Bansal, chief data officer, Dentsu Aegis Network APAC.

“There is no better place to start understanding your customers,” he says. “The value of owned assets is coming to the fore. The obsession with other data sources that offer PII [Personally Identifiable Information] data (or close to PII) is abating, not just because it now needs legal validation, but also because its performance has in many cases not been commensurate with the high pricing.”

This is triggering a more concerted effort to deploy the most appropriate marketing technology (think Adobe, Salesforce, Microsoft, Oracle, IBM and Google) to enable the capture, nurture and valuation of 1st-party data (1PD).

GDPR In Europe came into effect on 25 May 2018

However, many brands still hold the view that they lack good quality data or don't have enough data that can truly be utilised effectively. “This leads them to look outside for relevant 3rd-party data options, rather than finding ways to fix their own data first,” says Bansal. “Advances in technology now allow data transformation and normalisation across disparate data. This coupled with advanced analytics makes the generation of unified data sets with a ‘single’ user ID possible.”

Even better, as this identifier resides within clients’ walled gardens, abuse of such data in contravention of GDPR guidelines is unlikely.

Siddharth Surana, chief digital officer, India & SEA, Havas Group, sees first-party data as key to delivering personalised customer experiences. “The focus continues to be 1PD that helps clients drive meaningful conversations and personalised experiences. We see a shift away from 3PD providers and a higher reliance on consumer activation data from the likes of Google.”

Partnering up

But for most companies there simply isn't enough 1PD, especially for younger brands. This is where second and third-party data (2PD and 3PD) comes in, but it hasn't always been smooth sailing. 2PD is another company’s first-party data sold directly from the source, while 3PD is data sold by an intermediary.

“Over the years 3PD has earned a bad name,” says Bansal. “There are many reasons for this, but key amongst them has been a lack of sufficient expertise in client and agency organisations to truly evaluate efficacy of different data sources, lack of skills to activate against such data sources, and the almost zero ability to measure performance delivered by these data sources.”

As a result, brands are now hiring better skilled people, utilising agencies that truly understand the value of different types of data, and deploying the latest analytics and tech solutions to extract better outcomes from 3PD sources.

“Good quality 3PD does not just provide scale and reach, but crucially behavioural and intent signals that provide a sharper view of a customer’s [or] potential customer’s interests, behaviours and purchase intentions,” says Bansal. “1PD in conjunction with appropriate 3PD can dramatically improve the likelihood of conversions whether it be awareness, consideration or purchase.”

1PD remains very valuable, and the most important data asset a company has on its customers, however it is unwise to ignore the power of 2PD and 3PD when it comes to enrichment, user journey mapping and attribution

Evgeny Popov, vice president, data solutions APAC at Lotame agrees: “There is never enough 1st-party data. Brands will continue to look for pockets of data to complement and enrich their scarce 1st-party digital footprint – except perhaps some of the Fortune 500 companies with a wealth of 1PD already available.

“1PD remains very valuable, and the most important data asset a company has on its customers, however it is unwise to ignore the power of 2PD and 3PD when it comes to enrichment, user journey mapping and attribution.”

Mezzo Labs' Milburn is seeing companies negotiating more data partnerships (2PD) “because you can be really specific about the data you want”.

A key impact of GDPR has been that many smaller — or shadier — 3PD providers have been forced out of the market due to an inability or unwillingness to comply. Those that are left are providing fully transparent solutions. 

“GDPR has had a big impact on third-party data providers,” says Popov. “Globally we’ve been working for two years on becoming compliant – it's a serious undertaking. We have 300 data partners that we also have to ensure are GDPR-compliant.”

Popov says having this new level of transparency around data has changed the conversation with clients. “Before it was all about scale and reach, now it's all about the quality of the data – its validity and accuracy,” he says. “Initially clients were skeptical about relying on third-party data, but full disclosure promotes trust. Now they don't care where the data comes from, only how accurate it is. We don't even have those discussions anymore.”

Organisational structure

For all these external changes, it is the internal ones that are having the most effect, according to Bansal: “Organisations that maximise the use of their data will be the ones who drive better customer experiences and ultimately better business outcomes. Data is indeed leading to the breaking of intra-organisation silos with many client organisations now actively pursuing data and digital-led transformations.”

It is also impacting the level of investment in data-trained talent. “Probably the biggest impact of GDPR has been heightened awareness around the use of data, and the realisation by clients that the battle for data-led superiority will be won or lost, not at the frontlines, but by the strength of their foundations built by people across functional domains,” says Bansal.

“Every client organisation doesn’t just need data-trained marketing, digital or analytics experts, but also those who have data experts in finance, IT, legal and HR. Data is the language that every person in an organisation needs to understand, appreciate and leverage.”

Related Articles

Just Published

11 hours ago

Pepsi unveils a new logo: a look back at the logos ...

A bold leap forward, the design reflects changing consumer tastes and the brand's digital ambitions. Also, it comes just in time for Pepsi’s 125th anniversary.

12 hours ago

2022 new-biz review: Which creative agencies came ...

Campaign looks at the top ad agencies ranked by gross new-business billing in 2022.

12 hours ago

From accounting to advertising, FCB's accidental ...

CREATIVE MINDS: A fan of Greek mythology, tattoos, Ryan Gosling and Shah Rukh Khan, in no particular order, Moumita Das' secret to success includes thriving under pressure.

14 hours ago

The importance of delivering a personalised ...

Privacy can no longer be a business afterthought; it must be a strategy from inception, says Cybage executive.