How GDPR and iOS 14 Affect the Ads You Display

How GDPR and iOS 14 Affect the Ads You Display

On iOS, you can turn off the user data collection and this can affect not only the app budget. Let's talk about GDPR, iOS 14, and what we see in the display ads and why.

Digital marketers around the globe are pulling their hair out because of Apple’s unprecedented step. The company offered its clients to decide themselves whether to transfer their personal data to applications and other third-party resources that collect information about the user for marketing purposes or not. 75% of users said ‘no’.

According to Bloomberg, this might cost Facebook between 7% and 20% in revenue decline. The social network earns from advertising royalties from companies that want to convey the value of their product to the consumer with a profile suitable for them. To determine this eligibility, Facebook and other applications collect user data.

In this article, we will not discuss the advertisers’ sorrow due to the fall of their campaign effectiveness. As creative people, they will come up with a way to catch the eye of their ideal customer.

Instead, let's talk about the type of data, some GDPR sections, and the new reality where individuals refuse to share any user data.

Alexander Poznyakov, Digital Marketing Lead, TECHIIA Holding

Alexander Poznyakov, Digital Marketing Lead, TECHIIA Holding

Find the ones you need, not trace them

Typically, apps, brand pages, and other consumer searchers collect unnamed data. They cannot be used to trace a specific person. For example, a girl, 25-35 years old, uses an iPhone and lives in Kyiv. This description does not allow us to understand who it is about. This is the type of data that platforms share, such as, for example, Demand-Side Platform (DSP) and Supply-Side Platform (SSP).

The first one buys online advertising the moment the user opens the page. Its task is to buy advertising impressions as profitable as possible, find users that best meet advertisers' requests, and display ads.

The second is a solution for website owners, applications, and external digital ads media, which helps to make money on their resources by "renting" the space allocated for advertising.

Personal data may include the name, surname, and address. But this is not always necessary. For example, the data may state that a young man of 25-35 years old bought a light green Lamborghini Urus in Kyiv this week. We do not see either the name or the address, but we already have some relevant data - not many people of that age bought an expensive car of this particular color in this particular city.

Sensitive information is data that can be used against a person. For example, medical: injuries, illnesses, complaints, medications, procedures. Such information should not be disclosed or transferred for obvious reasons.

It is impossible not to transfer.

As always, there is a nuance. Neither small nor medium-sized businesses can afford to maintain the entire in-house IT infrastructure. This means that renting hosting, servers, data center services is inevitable. There are probably only a few large businesses that might have that infrastructure in-house.

There is a privacy policy to regulate data transfer. It clearly describes in detail what exactly happened to the user’s information: what exactly was transferred, how, where, for what period, etc.

By accessing the site, a person can accept data transfer or decline it. Regardless of the decision, the experience of using the resource cannot be improved or worsened: these are the requirements of the logic and the General Data Protection Regulation - GDPR.

The regulation was developed and adopted in order to protect the rights of Internet users. It regulates the transfer, processing, storage of personal data of anyone on the EU territory or EU citizens anywhere in the world. Despite the document being adopted by a European institution, it is legitimate throughout the world.

There will not be fewer ads.

Since online advertising inevitably uses potential buyers’ data, the GDPR brings clarity to this market as well. By itself, advertising on social networks, on websites, in search will not disappear. People who do not allow a mobile device to track themselves as a potential advertising target will still see a promo every 4 posts on Facebook, they will still be "chased" by ads on the side of the main block of information. The question is what ads will be displayed. Will it be casino advertisements, questionable medicine, psychotropic substances, weight loss aids, weight gain, hair loss, etc? Or maybe something even more “spicy”.

The Law of Ukraine on Advertising could protect against this, but it offers us only abstract principles (section 2, article 7). They oblige advertisers to display information accurately, reliably, ethically, humanistically, decently, and never harm children or adults. The word "Internet" appears once in the document in the context of alcohol advertising.

Hard-to-prove categories have freed the hands of affiliate marketers - traffic specialists who attract users. They can direct traffic to the gray market and turn an unpleasant and not always acceptable creative until the account is blocked. They usually use only geo (Ukraine) and age (as a rule, an adult solvent audience) settings.

The GDPR sets the rules and indicates the fact of the violation. Companies that operate in the legal field listen to them. But lawless companies or individuals never worry about the rules and sanctions. By lawless, I mean the ones who steal your data. The most common scheme is sweepstake offers. These are online draws with winners selected at random. As a rule, expensive equipment, travel company offers, gift certificates are offered as the main prize. In order to participate, you need to put your contact information.

The speed of work of such people and organizations allows them to "escape" from any legal regulation. They will never be banned or fined for taking possession of personal data fraudulently. It's good if it's an innocent email. But do not forget that using your phone number, they can steal money from your bank card.

You are the ones to make a choice

Transparent companies get their documents and processes in line with the GDPR requirements. But ads on mobile or other devices will not vanish. What kind of advertising will be shown to a particular person depends on how much user data he or she will allow collecting. And this is true in terms of law-abiding companies that collect data in order to further offer the most suitable product or service for each specific person.

Those who shall disclose more personal information will see offers from cinemas, travel companies, electronics stores, and other useful services. Those who refuse to transfer their personal data will watch everything that is displayed to a large audience. This will include creatives by thematic niches: nutritional supplements (nutra), gambling, dating, and adult entertainment, with a promise to change your life for the better.

You are the ones to make a choice. But don't say I didn't warn you.

Original article on

Subscribe to news
Latest news
Produced by WePlay Studios, the event was chosen as the best one by fans worldwide in the AI, Metaverse & Virtual — Entertainment, Sports & Music category.
WePlay Studios and Grammy Award-winning producer Larrance "Rance" Dopson are joining forces to create more content focusing on cultural themes.
Corporate Social Responsibility Report for 2020-2023