Good & bad of the new CNIL study on perception of digital services and readiness to pay vs targeted advertising:
1. “Paid offers that allow them to better protect their personal data”:
This line in the CNIL write-up shows part of the issue. Campaigners and some regulators view “pay or OK” approaches – i.e. “subscription or ads” – as means of offering users “better protection” for their personal data.
That is an unfortunate myth, as profile-based advertising is not about stealing your data or removing protections.
I work alongside organisations from all over the adtech sector, and have never seen any keen on stripping away data subjects’ protections. Most don’t know or even care about who the data subject actually is and purely want to (help) broadcast a message to a group sharing certain characteristics.
Yes, there are bad actors just like everywhere else, but do you attack charities in general just because some bad actors structure their activities as a charity for tax evasion?
That’s beside the point – targeted advertising is a violation of fundamental rights”, some will say, but that’s not what the courts or legislators have found. Otherwise, they would have banned it altogether.
2. How many are ready to pay versus how many actually pay:
Campaigners are quick to allege “North Korean” percentages in the context of the “pay or OK” debate, but the reality is more nuanced, as shown by companies such as Didomi with its consent benchmark. The CNIL study reinforces this: the percentages are higher, and could be even higher if more paying options were available.
An issue with the CNIL’s approach is that it is commonplace for people in surveys to overreport own behaviour perceived by society at large as positive and to underreport own behaviour perceived as negative, so in the absence of details on methodology, sampling and questions it is unclear how accurate those percentages are.
So don’t rely on this study as a market study before launching a “pay” product – your own research will probably be more important.
3. Importance of data protection:
The percentages show that data protection is important to users – but what that means is a little unclear. Here again, the lack of details on methodology & questions is unfortunate. Do users seeing an “ads” version believe the provider is not protecting their personal data? Nothing in the CNIL’s document suggests that this is the case *from the users’ perspective*, only from the CNIL’s perspective.
The wording suggests that these questions on the importance of data protection were formulated more broadly, focussed on general perceptions rather than specifically tied to “pay or ads” business models. Ultimately, data protection has become a key element for trust – and that trust disappears quickly if an organisation is perceived not to be doing what it can to protect the personal data of its users.
***
Machine translation attached. Original in French:
https://lnkd.in/e_UnWkSN
privacy GDPR”
Did this analysis get you thinking? Reach out!
DataLaws.net is entirely open-access, and instead of getting your data in exchange for this content, how about another trade? If this commentary saved you research time or sparked an idea, feel free to invite me over for tea, chai or a hot chocolate next time you are around Brussels or Antwerp - or invite me over to your offices for a chat!
Get in touch ↗ Let's connect on LinkedIn ↗