Data in the Dock: 80% of Europe’s internet failing at GDPR and calls for a new EU-US data transfer framework.

We have seen a lot of news in the privacy space in the last few weeks. We look at the stories, what they mean and how advertisers can react. Want to increase your social media visibility but do not know where to start? Mixx has got your back, buy instagram likes and build your dedicated following

The stories:

  1. Last month, Austria’s data protection authority ruled that a local web publisher’s implementation of Google Analytics did not provide an adequate level of protection, on the grounds that U.S. national security agencies have a theoretical ability to access user data.
    • Google have since responded with a call for a new framework to resolve this issue:
    • The pop-up legal forms reportedly used by 80% of Europe’s internet to acquire tracking consent from users have fallen foul of the very GDPR rules they were designed to follow. This means far-reaching implications for advertisers, web users and publishers.

What this means:

Google Analytics

Although it seems unlikely that this finding in Austria will set a global precedent, Google’s call for a more durable data sharing agreement is already supplemented with robust data controls to allow users of Google Analytics to have greater precision in determining how they collect and share data with Google based on the location of their customers. Today, users of Google Analytics already have the capability to anonymise a customer’s IP address, control how long analytics data is stored on Google’s servers and delete data for specific customers upon request. 

Previously, we have seen that Google is also prepared to move servers to Russia to comply with local data sharing agreements, so it seems plausible that they could employ a similar approach in Europe. 


The viability of the existing Transparency and Consent Framework has been in question for a while now, with a case against it running in Ireland since 2019. Given that many publisher sites have consent mechanisms that require several more clicks to opt-out of tracking than to opt-in, a solution that provides greater transparency and reduces friction for consumers should be welcomed. Ultimately, the free information economy of the web depends on publishers being able to share consented data with advertisers, so finding a suitable resolution to this issue will be in the best interest of all parties. 

How you can react

At Brainlabs, we can’t claim to have a crystal ball to predict exactly how these developments will play out. That being said, we can see that these announcements are part of a broader trend. Data Privacy is going to be an evolving topic for years to come. We’re only just starting to see these cases go through the relevant legal channels, and so many of the practical implications of GDPR in a digital marketing environment are still being determined. 

In an ever changing industry landscape, how can you make sure you’re prepared for an uncertain future? 

The best course of action is to invest in your first party data strategy. Because this is owned data, you as a business have complete control over how it is collected. This data allows you to understand key information about your customers and how best to engage with them and therefore differentiate your marketing strategy against your competitors. As privacy restrictions limit the proportion of data that can be collected, embracing modelled data and measurement (powered by a first party data strategy) is a positive step to providing a holistic view of marketing performance.

We consult with clients on all aspects of data strategy from web analytics all the way through to activating predictive value models built using machine learning. For all businesses we find there are three steps to enabling an effective, future-proof strategy:

Determine an in-house stance on your first party data. 

How does data impact your relationship with your customers and what data points are key enablers for that? This is more of a philosophical question than a technical one. It’s around asking the fundamental questions about what data means to your business. The answers to this will vary from brand to brand, but the key thing is you devise an agreed approach within your business that will guide your decision making and policies around data collection.

Audit your use of data. 

This should involve a thorough review of the data that you’re collecting at every step of the customer journey and how it’s used. At every stage, you should be asking ‘why?’. If the data isn’t value adding, then why are you collecting it? If it is adding value to your marketing strategy, how can you elevate that further?

From this you can mitigate risk by removing data collection on data points that aren’t value-adding. For the data that is most important, you can work to ensure you have clear policies around collection and disclosure to your customers.

Take ownership of your data.

Too often we encounter businesses with their data sitting in third party, black box environments. This creates a lack of transparency and control over data use. To resolve this, invest in data environments that you can own and manage. As cloud computing becomes increasingly cheap and accessible, this is now achievable without the need for on-site servers.


In summary, there are steps that all businesses can take to invest in an effective first party data strategy that mitigates for an uncertain future.  At Brainlabs, we’re investing in our relationships with key strategic partners (such as Google) to ensure we’re at the forefront of new developments as they arise. For the time being, taking the steps above will ensure you’re well positioned to adapt to a privacy-first approach while continuing to leverage valuable data for your business in marketing activation.

You May Also Like