Another Report Shows The GDPR Benefited Google And Facebook, And Hurt Everyone Else

from the it's-not-like-we-didn't-warn-you dept

We warned folks that these big attempts to "regulate" the internet as a way to "punish" Google and Facebook would only help those companies. Last fall, about six months into the GDPR, we noted that there appeared to be one big winner from the law: Google. And now, the Wall Street Journal notes that it's increasingly looking like Facebook and Google have grown thanks to the GDPR, while the competition has been wiped out.

“GDPR has tended to hand power to the big platforms because they have the ability to collect and process the data,” says Mark Read, CEO of advertising giant WPP PLC. It has “entrenched the interests of the incumbent, and made it harder for smaller ad-tech companies, who ironically tend to be European.”

So, great work, EU. In your hatred for the big US internet companies, you handed them the market, while destroying the local European companies.

In 2018, both appeared to have outgrown the digital advertising market in the region, according to a comparison of company filings with regional estimates, suggesting they continued to gain share. Facebook’s revenue from ads shown in Europe rose 40% in 2018. Google’s revenue in Europe, the Middle East and Africa—the vast majority of which comes from advertising—rose 20% last year.

By comparison, Europe’s digital advertising market grew by only 14% over the same period, according to estimates from IAB Europe, an online-ad trade group.

As the article itself notes, for advertisers, the GDPR has driven them directly into the hands of the biggest internet players, because they know that those companies can handle the compliance costs, while no one else can:

L’Oréal SA’s chief digital officer, Lubomira Rochet, says the cosmetics company has decided to focus its ad spending on Google, Facebook and Amazon.com Inc. because “those guys have the capabilities to really treat the data in the way that it should be treated.”

Now, most people might find it laughable to claim that Facebook and Google are treating data "the way it should be treated," but from an advertiser's standpoint, you can totally see where they're coming from.

Of course, when we suggested this is how things would play out, people yelled at us that if this were true, why were those companies pushing back on the regulations, and the answer to that is pretty straightforward. The compliance costs are still massive, and it has been costly to deal with the GDPR. But, it's been costlier for the smaller players who can't take it. So we end up reducing competition, and making it that much more difficult for competitive entrants and upstarts to take on these giants. That doesn't seem like a good trade-off.

Filed Under: advertising, competition, dominance, eu, gdpr, privacy
Companies: facebook, google


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    ryuugami, 27 Jun 2019 @ 3:52am

    We warned folks that these big attempts to "regulate" the internet as a way to "punish" Google and Facebook would only help those companies.

    This again, Mike.

    Here's what I wrote last time you insisted on this BS, and I still stand behind it 100%:

    *facepalm*

    Why do you Americans insist that all the EU wants is punish the US companies because they're more successful than European ones? Again, the point is NOT to "punish Google". The point is to allow us to have privacy. If it makes Google weaker, so be it. If it makes Google stronger, so fucking be it. As long as I get my privacy, any impact on Google's dominance is utterly irrelevant.

    reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 27 Jun 2019 @ 4:03am

      Re:

      You're assuming that the GDRP actually achieves its stated aim. This is yet to be seen.

      Are you happy with handing everything over to Google without getting the promised privacy? Because this might be what you're demanding.

      reply to this | link to this | view in chronology ]

      • identicon
        ryuugami, 27 Jun 2019 @ 6:44am

        Re: Re:

        That's bullshit and you know it. By that reasoning, we should just cancel every single law and regulation, as each of them has some risk of not working as intended.

        You also ignore that this is already a second stab at that goal, replacing the Data Protection Directive. If it fails, we don't reach the "game over" screen -- we can try again. (And so far it seems to be working relatively well, so that may not be needed.)

        And I have yet to see any actual proof for the "it was all a dastardly plan to exploit and crush Google, but it backfired" theory. You'd think the enforcement would be focused on the "real" targets, no?

        reply to this | link to this | view in chronology ]

        • icon
          PaulT (profile), 27 Jun 2019 @ 6:48am

          Re: Re: Re:

          You either need to calm down or work out your severe reading comprehension problem on this issue.

          You said you were happy to pay a heavy price for privacy. My only point was - what if you don't get the promised privacy? Is it still worth the price?

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 27 Jun 2019 @ 8:25am

            Re: Re: Re: Re:

            You either need to calm down or work out your severe reading comprehension problem on this issue.

            Smooth.

            You said you were happy to pay a heavy price for privacy. My only point was - what if you don't get the promised privacy? Is it still worth the price?

            Yes.

            Risk vs reward. I like my chances with this one. Besides, the price ain't all that heavy.

            reply to this | link to this | view in chronology ]

            • icon
              PaulT (profile), 27 Jun 2019 @ 8:54am

              Re: Re: Re: Re: Re:

              "Besides, the price ain't all that heavy."

              The price of potentially handing foreign-run corporations control of everything while making it more difficult for local companies to compete isn't a heavy price? Or, was there another price you were thinking of?

              It's not all doom and gloom, but it's pretty clear that this is another situation where we stand to lose more than we gain - and those costs were well warned about to anyone who was actually listening. As an EU resident and (currently) citizen, I hope you're right but I fear that anyone not at least mildly concerned about this hasn't been paying attention.

              reply to this | link to this | view in chronology ]

              • This comment has been flagged by the community. Click here to show it
                identicon
                Hot Mike Mayhem, 27 Jun 2019 @ 9:49am

                Oh look who's suddenly against foreigners and mega-corporations!

                The price of potentially handing foreign-run corporations control of everything while making it more difficult for local companies to compete isn't a heavy price?

                After hating on persons who advance US national interests and are against globalism, PaulT now reveals that he too is for local control.

                reply to this | link to this | view in chronology ]

                • icon
                  PaulT (profile), 28 Jun 2019 @ 1:33am

                  Re: Oh look who's suddenly against foreigners and mega-corporati

                  After failing to understand the words in front of him, the local moron reveals that he's happy to take a victory that only exists in his head, free for the weight of facts and logic.

                  reply to this | link to this | view in chronology ]

              • identicon
                ryuugami, 27 Jun 2019 @ 6:09pm

                Re: Re: Re: Re: Re: Re:

                The price of potentially handing foreign-run corporations control of everything while making it more difficult for local companies to compete isn't a heavy price? Or, was there another price you were thinking of?

                The non-GDPR alternative is not domination by European corporations, it's domination by foreign corporations with us having no recourse if they screw us over (in the particular ways covered by the GDPR).

                So the price we may have to pay is not "handing control over", it's "slightly increasing the stranglehold they already had", only this time we have some rules to make it a slightly less unpleasant stranglehold.

                reply to this | link to this | view in chronology ]

                • icon
                  PaulT (profile), 28 Jun 2019 @ 1:34am

                  Re: Re: Re: Re: Re: Re: Re:

                  "only this time we have some rules to make it a slightly less unpleasant stranglehold."

                  Once again, you're assuming the rules will have exactly the intended effect and no other. Why you insist on rejecting the words I'm saying and double down on the mistake I'm pointing out is a mystery.

                  reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 27 Jun 2019 @ 10:17am

              Re: Re: Re: Re: Re:

              "Risk vs reward. I like my chances with this one. Besides, the price ain't all that heavy."

              Sounds like the excuse of a scoundrel. The price may not be too heavy for you, but what about others? What's that ... you don't give a shit about others? Why am I not surprised.

              What do you think is privacy anyway and how will this four letter acronym give you the privacy that you desire? They will still track yer ass.

              reply to this | link to this | view in chronology ]

              • identicon
                ryuugami, 27 Jun 2019 @ 6:15pm

                Re: Re: Re: Re: Re: Re:

                Sounds like the excuse of a scoundrel. The price may not be too heavy for you, but what about others? What's that ... you don't give a shit about others? Why am I not surprised.

                Oh fuck off. Unlike with the Article 13/17, which was pushed against the will of the citizens, my impression is that in Europe the GDPR is generally viewed as a positive (the majority of the opposition is from Americans).

                Or can you point me to the mass protests against it? We Europeans aren't exactly shy about protesting.

                reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 27 Jun 2019 @ 7:18am

          Re: Re: Re:

          It is becoming clearer and more probable that World War 4 will be fought against these mega-corporations by the winners of World War 3.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 27 Jun 2019 @ 7:24am

            Re: Re: Re: Re:

            All the pushing and provicating aimed against them presently seems to only be making them stronger.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 27 Jun 2019 @ 7:34am

              Re: Re: Re: Re: Re:

              Provoking a fight to break these giants up into smaller giants is only a smokescreen.. not going to happen unless these giants become like living cells self-replicating themselves with equal power and control of their former size.

              reply to this | link to this | view in chronology ]

        • icon
          Thad (profile), 27 Jun 2019 @ 8:25am

          Re: Re: Re:

          By that reasoning, we should just cancel every single law and regulation, as each of them has some risk of not working as intended.

          Reductio ad absurdum cuts both ways.

          It's just as accurate to say that by your reasoning, we should just pass every single bill and proposed regulation, as all of them claim they'll have a positive result, and we can't know for sure whether they'll achieve their stated aims until we try them out for a few years.

          reply to this | link to this | view in chronology ]

          • identicon
            ryuugami, 27 Jun 2019 @ 6:30pm

            Re: Re: Re: Re:

            It's just as accurate to say that by your reasoning, we should just pass every single bill and proposed regulation, as all of them claim they'll have a positive result, and we can't know for sure whether they'll achieve their stated aims until we try them out for a few years.

            That's not what I said or implied. Laws and regulations do have unintended (or intended but hidden) consequences, and I'm saying they have to be weighted against the positives, including the risk of the positives not appearing, to see if it would be worth it. In many cases, it wouldn't. In this case, I believe the potential and actual consequences are an acceptable cost.

            Without taking a few calculated risks here and there, no progress can be made at all.

            reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 27 Jun 2019 @ 7:47am

      Re:

      You think the EU gives two f*?$$ for european privacy? Haha good luck with that. They just don't want google and these global corporations to be the only entities with that data and controlling its use.

      reply to this | link to this | view in chronology ]

    • icon
      Mike Masnick (profile), 27 Jun 2019 @ 10:13am

      Re:

      Yes, I know, you write that every time and it continues to be off base. Part of the reason why the privacy concerns are totally legitimate is because we don't have options and we don't have competition. So, making the big companies bigger and hoping that a bunch of weak, confusing, unworkable regulations "protects" an amorphous concept of "data protection" is a huge own goal.

      It puts more power in the hands of the very companies no one trusts. It also enables them to then better shame future laws. And wipes out competition and innovation that might actually protect our privacy.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 27 Jun 2019 @ 10:24am

        Re: Re:

        then better shame future laws

        shame = shape?

        reply to this | link to this | view in chronology ]

      • identicon
        ryuugami, 27 Jun 2019 @ 7:03pm

        Re: Re:

        Thank you for responding.

        The thing is, we've tried competition and innovation for a couple of decades, and it's only gotten worse. So much worse. As a tech-savvy user with 20 years of experience tinkering with computers, I'm (mostly) doing fine, but it takes a VPN and a zillion browser plugins -- and my efforts break half the web for me. It's the half I usually don't need, so I'm fine with that, but many people wouldn't be, and couldn't work around the breakage if they needed to.

        we don't have options and we don't have competition

        And, unfortunately, I don't believe we'll ever get them without additional regulation. I don't want it, but I think we need it. And I don't know how a regulation could promote competition of privacy-focused services without a regulation mandating the privacy baseline you mustn't go under.

        a bunch of weak, confusing, unworkable regulations "protects" an amorphous concept of "data protection"

        Isn't that the whole point behind GDPR? Replacing a bunch of weak, confusing, unworkable regulations of an amorphous concept with a strong, clear (as regulations go), unified regulation of a well-defined concept, with relatively clear enforcement mechanism, massive potential penalties, and very few loopholes? How successful it was in doing that is certainly debatable (and I'm pretty sure I know where you'd stand in that debate), but I think it's a massive improvement over the ineffectual mess we had before.

        reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 27 Jun 2019 @ 11:01pm

          Re: Re: Re:

          And, unfortunately, I don't believe we'll ever get them without additional regulation. I don't want it, but I think we need it. And I don't know how a regulation could promote competition of privacy-focused services without a regulation mandating the privacy baseline you mustn't go under.

          The problem then is that the data would seem to indicate the exact opposite, in that 'more regulation'(the GDPR in this case) reduced competition, locking in the biggest players and giving them even more power. Far from encouraging more competition it reduced it, so if your goal is more companies in the field then the GDPR would seem to have been rather counter-productive.

          Add even more regulations on top of that and you're likely to just see the likes of Google and Facebook get even more power, as the bar to enter and stay in the industry rises even higher, knocking out more of those at the bottom.

          Getting companies to care about customer privacy is a good goal, but the how is the tricky part, and a method that just empowers the top companies and entrenches their positions even more probably isn't going to accomplish the goal very well.

          reply to this | link to this | view in chronology ]

    • icon
      ECA (profile), 27 Jun 2019 @ 12:09pm

      Re:

      Interesting retort.
      But you also have seen what "Being the only Store in a small town" ideal is common for corps..

      Yea, Im the only one..
      Yea, I can do anything I want..
      Yea, no one can do anything without ME!!..

      Who will the gov goto now? if they wish any info??
      Google/amazon.FB have it..

      reply to this | link to this | view in chronology ]

    • icon
      Darkness Of Course (profile), 27 Jun 2019 @ 7:09pm

      Re: Because they never go after others.

      EU always focuses on Google 1st, Amazon 2nd, apple 3rd, then everyone else.

      They have cash. EU fines them. To get cash. To harm them to make them pay.

      Then they enact stupid techno-phobic laws that hand the business to American companies. Typical EU, tragic levels stupidity and refusal to listen to reason.

      Why? Same old reason, American corps got cash. No other reason needed.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Jun 2019 @ 5:39am

    So This is what will happen when article 13 comes into force,
    small companys will probably block most users uploads of videos,
    and audio .
    Only big tech companys will have the money to build complex filters
    to block all video and audio that might be infringing.
    Google does not hand over their user data to private companys like facebook ,google has not been hacked and lost private user data
    to basic hacks .
    Google use,s user data to display ads that may be relevant
    or simply puts ads on videos on youtube.
    Google has the expertise and staff to protect the privacy of users
    and it has put a lot of effort into making the chrome browser
    secure .
    theres a large gap between facebook and google in terms of
    security respect for user privacy .

    reply to this | link to this | view in chronology ]

  • identicon
    MathFox, 27 Jun 2019 @ 5:56am

    I would cynically say that Google and Facebook have the financial means to stretch GDPR compliance lawsuits long enough to make a profit of their non-compliance that is bigger than the levied fine and legal costs.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Jun 2019 @ 8:14am

    The compliance costs are still massive, and it has been costly to deal with the GDPR.

    Again with this untruth. Can you cite any real studies that lay out who paid what to become GDPR-compliant?

    I am a software developer and wrote the code for my employer's products to support GDPR. These products are deployed into large corporations and even governments around the world. All have been happy with the changes, new features they didn't have to pay anything extra for, that allowed them to be GDPR-compliant. The effort to develop those features was roughly 2 person-months, i.e. around 300 hours to design, develop, test, QA and document. That's not even close to "massive" and it didn't cost our existing customers anything (while earning us some new ones).

    What do you really have against the GDPR? Because you're way off base with regard to the cost aspect.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 27 Jun 2019 @ 10:22am

      Re:

      "The effort to develop those features was roughly 2 person-months, i.e. around 300 hours to design, develop, test, QA and document."

      What was it, a little script? Even a little script would take more time than that in order to not be a POS. I guess you were using agile.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jun 2019 @ 1:12am

      Re:

      As a developer myself, I totally agree. Also, I would have thought that for newcomers it would be even cheaper as it's generally quicker to architect this functionality into the code at the beginning rather than bolting code onto already existing code.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Jun 2019 @ 8:44am

    It is rather humorous to watch as silly folk attempt to regulate the internet, as if something like that were actually possible. Just look at their meager attempts to secure the internet, lol as that worked out exactly as planned I suppose. Based upon past experience, why would anyone then trust these idiots to regulate anything?

    reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 27 Jun 2019 @ 8:50am

      Re:

      Because fully unregulated is proven by history to be worse than badly regulated.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 27 Jun 2019 @ 10:24am

        Re: Re:

        I'm not so sure about that, guess it depends upon the particular situation. The internet was pretty much unregulated for some time and it was not the end of the world as we know it - and I'm not feeling fine.

        reply to this | link to this | view in chronology ]

  • identicon
    Ken, 27 Jun 2019 @ 9:00am

    Question

    PaulT - what were the options? You state it yourself, fully unregulated is worse than badly regulated. Google, for example, now has "rules" to follow, or consequences, granted not significant to their whole, but still consequences. The essence of this article is not GDPR but that EU companies cannot compete with Google/others on scale. I know my company, in the EU does not rely on Google but on other EU companies. Seems as if the author just doesn't like big companies.
    I also agree with AC's comments, my company expenses about 3 weeks of dev time to tweak a few things for compliance. Other items were procedural in nature.
    Lot's of whining by Mr. Masnick

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 27 Jun 2019 @ 10:27am

      Re: Question

      "Lot's of whining by Mr. Masnick"

      Is it whining when you don't like it? What exactly constitutes whining? There is no indication of tonal inflection in his typing, what are you basing your opinion upon ... the fact that you don't agree" Well why not tell us about it?

      reply to this | link to this | view in chronology ]

    • identicon
      Rocky, 27 Jun 2019 @ 10:39am

      Re: Question

      Where I work the implementation to become "mostly" GDPR compliant cost us millions of Euro. The legal department still come up with things that have been overlooked or have taken time to legally nail down. We even had to scrap a new system which we had invested almost €600,000 into since the legal department said the core functionality of it wasn't compatible with the GDPR, it was just easier to keep doing the work manually even though it negatively impacted our customers.

      It should be said that we have millions of customers in our system which contains a wide variety of sensitive information about them.

      People saying they put in a couple of weeks of dev time to become GDPR compliant are most likely not GDPR compliant or they run a 'very' small shop.

      reply to this | link to this | view in chronology ]

      • icon
        PaulT (profile), 28 Jun 2019 @ 1:32am

        Re: Re: Question

        "Where I work the implementation to become "mostly" GDPR compliant cost us millions of Euro"

        Yep, I've seen some horror stories too, and plenty of places are still not 100% compliant for various reasons that are hard for companies to overcome. The people saying "that was easy" always seem to be sub-100 employee companies that have been in business for less than 5 years. Older, larger companies have fundamental design issues that take years to overcome in order to implement this stuff.

        You can argue they should have been doing this stuff from the beginning, but you're a fool if you think this is trivial for everyone.

        reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 28 Jun 2019 @ 1:29am

      Re: Question

      "PaulT - what were the options?"

      Competent regulation, or at least something that's better laid out. The level of confusion everywhere shows that there were problems, with communication at minimum, if not the law itself. Time will tell how many unintended consequences result, and whether they were worse than keeping the old system while fashioning a better law.

      "I know my company, in the EU does not rely on Google but on other EU companies"

      I bet it also does rely on American companies, and others around the law. I tend to find that anyone who claims they solely rely on EU companies are deliberately ignoring many things to make that statement.

      "my company expenses about 3 weeks of dev time"

      That's nice for you. Not everyone was so lucky.

      "Lot's of whining by Mr. Masnick"

      Lots of people say this without going into any specifics. I assume there's a reason for that.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Jun 2019 @ 10:13am

    honestly, any surprises here?

    reply to this | link to this | view in chronology ]

  • icon
    ECA (profile), 27 Jun 2019 @ 12:17pm

    Let them have the DATA,

    POST it everywhere..
    Let Everyone see our SS#, our CC#, and all pertinent DATA..

    After that..
    How is a corp going to tell, WHO is who? If the person on the other side is WHO they are, and all this Other great ideas..

    Personal ID>>
    Picture ID..
    (whats the problem here??)
    How about a CHIP ID?? In a CARD?>>
    (still dont stop much, as it can be captured and Stolen)
    Lets see...
    FACIAL ID? Into a computerized system, using DMV DATA??
    Almost there..
    A CHIP? in the hand/arm?? And Facial ID...
    Sounds great..
    Can we Add tracking data and GPS??
    WHY NOT,..

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Jun 2019 @ 5:35pm

    It's not all bad.

    Consider that out_of_the_blue supported GDPR. GDPR benefited Google. Therefore we can now say out_of_the_blue supports Google.

    That sound you hear is the aneurysm caused by the resident Malibu Media fanboy's own goal...

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Jun 2019 @ 5:41pm

    Reddit doesn't like this opinion piece

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.