By 
Happy birthday, GDPR! Can you believe just five years ago the European Union put into effect the General Data Protection Regulation?
The law went into effect in May 2018, mere months after Facebook’s Cambridge Analytica scandal. And it created a snowball effect for data privacy regulation, as US states and other countries followed in its wake.
The effects of GDPR have been massive, but they’ve also taken time to unfurl. It took five years, for example, for GDPR to net its first billion-dollar fine (though Meta is contesting it). And the law’s effect on competition, publishers and ad tech companies is still underway.
On this week’s episode, we bring on Garrett Johnson, a professor at Boston University’s Questrom School of Business. He has conducted research into how the law affected a number of metrics, including sites’ tagging strategies, consent rates, overall traffic and, ultimately, the impact on conversions.
We also discuss a recent casualty of GDPR: the third-party data company AddThis. The widget stopped collecting data in Europe almost a year after GDPR went into effect, but took another four years to wither on the vine completely.
Owner Oracle, which paid somewhere around $200 million for the tech in 2016 when it wanted to “bulk up” on audience data, told publishers to remove the widget from its site this spring as part of the shutdown.
But if GDPR did in AddThis, why did it take so long for it to fade into the sunset? We get into the nuances of regulation and how ad tech products work.
