Game Design, Programming and running a one-man games business…

GDPR, Cambridge analytica and hitting the wrong target (again)

cliffski

This isn’t the first time the EU fucked up. Oh no. Remember that terrifying, scary time before we had the EU cookie law? that time you would surf the internet not knowing that many of the seemingly innocent sweet sites you visited did not use cookies, and how wonderfully safe and happy you felt after the EU introduced that wonderful thoughtful law that demanded that every single site on the entire web (as almost everyone uses cookies) pop up an irritating, patronizing window telling you that they used cookies? Isn the internet not much, much nicer to surf, and much safer since we had an extra mouse-click on the ‘WARNING COOKIES’ dialog for every website in the known universe?

No, of course it isn’t, that law was a complete and utter waste of everyone’s time, millions of peoples time, and continues to be, every day, as we all click on patronizing messages telling us what we already know. Its just one level above the dumbness of a warning saying “DANGER THIS SITE USES HTML”. It was a typical dumb techno-illiterate law passed by bureaucrats who didn’t even understand what they were trying to fix.

Thankfully they would never make the same mistake twice right?

Enter the GDPR, a new astonishingly useless piece of EU legislation that has resulted in the largest torrent of spam in my inbox since the invention of gmail. Suddenly everyone who I have ever had an account with has to spam me to ask me if they can continue emailing me, assuming that somehow I am incapable of hitting ‘send to spam’ and thus have NO WAY to control spam other than this clunky law of the EU. The GDPR has, as usual created a ton of work for everyone who runs a business with an online component (this is 2018 so that means everyone on the planet), whilst achieving absolutely fuck-all.

Essentially, the EU are looking at scandals like Cambridge Analytica and political social media manipulation and…. grasping at the nearest thing they have to ‘an internet privacy thing’ and passing that, without it having ANY impact whatsoever on the actual problem (which is mostly fake news), whilst taking a  wrecking ball to the idea of personalized advertising. I’m going to spell out in one sentence why this is dumb as hell:

Personalized advertising to reach genuinely interested customers is awesome. Personalized advertising aimed at undermining democracy is entirely different.

Why can’t lawmakers understand this? Trying to equate deeply targetted, niche advertising with political manipulation is completely dumb. Knowing that I’m a 48 year old white English male who drives a car, lives in a rural location, likes star wars, plays video games and works as a programmer enabled the ads I see to be relevant to me. Show me an advert for a new electric car thats in my price range… i’m genuinely interested. Show me an advert for a new virtual reality headset and I’m interested, show me an advert for baby clothes and I’m not fucking interested. Show me an advert for ladies bicycles and I’m not fucking interested.

We have learned many years ago that advertising is annoying because 95% of the time it was being shown to the wrong person. We are finally escaping that situation, with ads being shown much more in line with the genuine interests of the viewer. If you are over 65 I don#t WANT to bother you with my video game ads. If you only play FIFA, I don’t WANT to bother you with my strategy PC game ads. By ensuring advertisers have no access to personalized information, you make advertising WORSE.

The solution to true scandals like the whole trump/brexit/cambridge analytica scandal is simple. You ban political ads on social media. We already ban them on British TV, we can easily pass a law that bans them on facebook. Thats fine, easy, simple, and it does not require us to take the entire advertising industry, attempt to wreck it AND at the same time make the experience WORSE for both advertisers and consumers.

Simply put, the people who think they will solve political advertising with GDPR are idiots. Its the wrong method, aimed at the wrong target, by people who have no idea how the modern ad market works. Its also hilarious to think Russian state-sponsored bot networks are going to comply with the GDPR. I voted to remain in the EU, but every time they pull something like this, they make the whole system look like a bunch of idiots.

I have a cold, I may seem grumpier than usual :D

8 thoughts on GDPR, Cambridge analytica and hitting the wrong target (again)

  1. As someone who’s massively affected by the new GDPR regulations (we run browser-based games) I have to disagree with you on your basic premise: GDPR is not (only) about preventing spam and not at all about political ads. We’re talking about a EU regulation here…you can safely assume it’s been in the making long before anyone had ever heard the name “Cambridge Analytica” and before Trump was even elected.

    At least in Germany, the GDPR doesn’t even introduce _that_ many new rules…the big difference in my perception is that it is primarily a lot stricter in terms of persecution and punishment of breaches of data protection. And that is probably why everyone is panicking right now…got an angry gamer who thinks your binaries aren’t big enough? Sent him an email he didn’t want to receive once? Happen to not have a proper Privacy Statement on your website? Well…he can now trigger an investigation and – if you don’t have the proper processes and documentation in place – you might be faced with some hefty fines.

    I thoroughly believe that the intentions of the GDPR are good. I really see in our own company and in many others that people actually start to look into and think about which data they collect, why they do it, whether it is really necessary or whether the same thing could be achieved with less data. Is it a bureaucratic nightmare? Absolutely! But should the way companies collect and treat personal data be completely unregulated? Probably not.

    1. Oh I agree, the intentions are good in that they are worried about peoples privacy, and I totally 100% understand that, but the way its being interpreted by people is that you should not risk ever targeting anyone at all, which is frankly causing mayhem, and this whole idea that everyone has to be emailed AGAIN to ask if when we signed up to a mailing list we REALLY meant it…is ridiculous.

      1. Obviously, this is my interpretation of things and hence no legal advice, but sending out emails asking people whether you are still allowed to email them is in most cases unnecessary window-dressing.

        It is – even after the GDPR becomes effective – perfectly fine to communicate to your customers about the product they signed up for as long as you provide them with a quick and free way to unsubscribe if they don’t want to receive such messages anymore. And that is perfectly sensible.

        The thing you are not allowed to do is sending them emails about things that have nothing to do with what they originally signed up for. In the games business it’s a grey area whether I’m allowed to send a message about my new game B to a customer who’s purchased my other game A (I tend towards thinking that’s fine as well), but if I suddenly started sending messages to my customers about unrelated or (even worse) 3rd party products without previously asking them about whether that would be ok, I’m spamming. Simple as that.

        So if companies are now frantically sending out emails begging their customers to give them permission to send them arbitrary content by mail, that’s a problem with these companies, not the GDPR.

        And concerning targeted ads: That is still possible as well. But there must be ways for consumers to a.) see why they are targeted the way they are and b.) opt out of certain types of data collection or targeting practices. IMO, anyone who signs up for Facebook explicitly opts into being targeted and – after all – has more or less full control of the amount of data they provide to Facebook and their customers to do so. But if a company secretly collects data about me and/or my behavior on arbitrary websites without ever asking me for any kind of consent, that’s something that might be convenient and useful to advertisers, but is definitely a questionable business practice.

  2. Dude, GDPR is from April 2016, before Brexit referendum and long before anyone heard about Cambridge Analytica. And, btw – It was proposed 2012.

  3. Sorry that I have to say it but this is a disappointing blog post. You should not point the finger at people and blame them for being illiterate on a topic when you are it by yourself. Before ranting about a regulation you could read it. You missed the main point of the regulation. As others already pointed out you also missed that the law has been planned for quite some time.
    Also when you think it is okay to be tracked around the web does not mean that people who believe differently are “idiots” or “uninformed”. Under GDPR you could still allow a service to track you.

    You know when Grindr sold the HIV status data of their users? Not possible anymore. And that is a good thing.

  4. I also have a favour to ask – beforehand this blog had very nice posts about marketing and business.

    I often find myself coming back here in hope I find some more of those, but they seem to be all gone.

    I understand that is all about selling your stuff, especially in this crappy market, but can you post more of those marketing & business posts please?

  5. As an advertisee, not an advertiser I don’t want ‘personalised’ ads.
    I find them intensely irritating and context jarring – I remember one time I bought a pipe wrench, and was stalked for months by adverts for pipe wrenches. On games websites, on news websites, pipe wrenches everywhere. AND I ALREADY BOUGHT A PIPE WRENCH. I am literally the person least interested in the world in buying a pipe wrench, because I already have one.
    But I have no control over these things.
    GDPR puts me more in control of my data and what it’s used for.

    I have already had fights with marketing people about collecting information ‘in case it’s useful’.
    No.
    Only what you absolutely need to make a service work.
    And now there’s a big stick if you keep doing the wrong thing.

  6. I was expecting the comment section to be full of populism, but I’m very pleased to see that they are lot more subtle than the blog post is. GDPR is a terrific thing and it’s about time that the power goes to the people, not the big American corporations whose only interest is making money at our expense. I don’t have a Facebook account, yet Facebook has to keep records on me? It’s unacceptable.

Comments are currently closed.