For a giant such as Google, the new European General Data Protection Regulation (GDPR) rules might seem like a tough task to implement. Yet it believes it won’t be bearing the brunt of the complex set of changes.

Instead, the digital giant believes the correct handling of consumer data is an “ecosystem challenge”, and that advertisers are the ones facing the biggest hurdles when trying to implement the new rules.

One of the challenges it does have to tackle, however, is determining whether its services need to be labelled as ‘processor’ or ‘controller’ – while the controller obtains the consent from the end user and decides how to process personal data, the processor handles the personal data on behalf of the controller.

As a result, Google has been updating its contracts and letting every party in the ad ecosystem – whether it be advertisers, publishers or agencies – know if Google is a controller or processor when they use its services.

Speaking during a press briefing last month, Google said it hopes to have all its new contracts in place by May, and that it has started rolling them out already. One of its services, AdWords, is already GDPR-compliant, it claims.

“We’ve had to make that binary decision for every product, whether we’re a controller or a processor, and explain why that’s the case based on how we’re handling that data to our clients, agencies and any other people using those Google products,” Jessica Stansfield, head of global product policy for EMEA, said.

The digital giant says it is looking to apply the GDPR changes on a global scale, as clients and agencies need to be aware if they’re targeting anyone within the European Economic Area or handling data of those users.

“GDPR has that extra-territorial scope. Whether you’re in the Middle East, the US or Singapore, you need to be thinking about GDPR and [know] that you’re handling those users’ data in the right way,” she said.

Sourced through Scoop.it from: www.marketingweek.com