In the months leading up to the implementation of the General Data Protection Regulation (GDPR), research firms, consultancies, advertising agencies, and media conglomerates began development consent management platforms (CMPs) based on the GDPR Transparency & Consent Framework from the Interactive Advertising Bureau.
Two years later, the first Hype Cycle study focused solely on digital advertising from Gartner says that vendors offering CMPs have largely overpromised and undelivered the return on investment of their solutions, which were meant to obtain data processing consent from users based in the European Union.
The global research and advisory firm said, in a press release, that CMPs have reached a peak of inflated expectations, brought about by the mini gold rush that kicks off among privacy tech vendors that hurried to help businesses tick the necessary boxes around GDPR. Gartner says that today the technology has been pushed to its limits and it creates widespread failure.
Today is the second anniversary of the California Consumer Privacy Act and marks a time where privacy regulations coming into force around the world and businesses are looking for complex solutions that allow them to operate across multiple geographies while following distinct consent requirements. Gartner believes that many businesses divert resources to the acquisition of technology and fall flat when the time comes to build platform expertise or vet consent.
One of the VPs of research at Gartner, Andrew Frank, said that after a CMP is implemented, businesses have to balance customer experience, which is degraded if users are offered too many privacy choices, which the data suggests leads to opt-out settings and high abandonment rates. Failing to offer privacy choices may help a business in retaining a prospect or customer, but it also exposes the business to legal action from regulators that will fine businesses that process data without clear consent.
Gartner said that most CMPs leave it to their customers in how they design the user interface and consent options, leading many businesses to create dark patterns that trick users into opting in. This in turn breaks the compliance mechanism set up by the Interactive Advertising Bureau (IAB) which enabled consented data flows for real-time bidding.