ExchangeWire have invited hundreds of thought leaders to share their thoughts on what next year will hold, across a range of topics. GDPR hasn't caused the Armageddon the industry expected, but is it still too early, or are many challenges brought about as a direct result of GDPR being swept under the carpet? Our experts share their views.

GDPR will further unfold in 8 key ways

"1) The DPAs will get tougher: Over the summer, many ad tech executives have been heard complaining about the lack of clarity and enforcement of the so-called Regulator. I want to assure everyone: enforcement is coming. If 2018 was the year of tolerance, 2019 will be the year of fines.

"2) The CNIL will lead the way in Europe: France is notable for many things, from fast trains to gilets jaunes. The CNIL (Commission nationale de l’Informatique et des libertés), once taken aback by the GDPR, is now back in force and ready to show the world how data protection is done.

"3) IAB Europe will shift gears: the Transparency and Consent Framework was a major achievement for the ad tech industry in 2018. Expect auditing of vendors, CMPs, and more granular purposes in 2019.

"4) Consent will become a campaign must-have: It’s been in the works for a while, but expect a frenzy of consent reading starting in the New Year. Soon, everyone will start reading everyone else’s consent string.

"5) Data privacy will take over the world: Although GDPR is probably too hard to enforce for many regions of the world, similar legislations will appear in most regions. It goes like this: data is increasingly becoming an essential part of any economy; everyone wants to trade with the EU, therefore everyone will align with the EU legislation.

"6) CCPA will be the new key acronym from June onwards: By June, we will have a clearer understanding of CCPA’s final form, California’s 'soft GDPR', which is due to be implemented on the 1st of January 2020. Once again, it will be all hands on deck.

"7) Expect the U.S. to adopt a 'soft GDPR' federal law: With a democratic majority in the House from January, and with CCPA just 12 months away, American lawmakers will catch up to the rest of the world. Once this is passed, the world will have finalised its data privacy mutation.

"8) There will be an heavier price for data breaches: It is clear that supervisory authorities have had enough of big corporate data breaches; expect large companies to finally transform their approach to transparency and data security."

Vincent Potier, Founder, London Digital Ventures

The end of the centralised internet

"If 2017 was the year of the data breach, 2018 was about accountability. In an economy where data flows like water, brand trust is the highest ranked factor in users' willingness to share data. Beyond GDPR, privacy’s biggest change will come through the age of the centralised internet ending. Decentralised services give people the power to hold their own data, only choosing to share with brands they respect.

"To quote David Gorodyansky, 'the first three companies to a billion users made money from your privacy, the next three will be about protecting that privacy'. Trust becomes a competitive advantage."

Howard Pull, Strategic Development Director, MullenLowe Profero

A correct approach to data management

"Privacy-driven laws and data protections will continue to receive attention in 2019, with other regions of the world following the lead, enforcing higher standards of data collection and protection. Taking the correct approach to data management will not only ensure compliance with GDPR regulations, but also help to better serve the needs of the digital customer through more effective and personalised targeting.

"It's time for advertisers, publishers, and ad-tech platforms around the world to bridge data silos across different devices – from wearables to mobile – with the needs of the user placed firmly at the centre, not only to improve data practices but, most importantly, to restore customer trust."

Beatrice Olivas, Chief Revenue Officer, Motive Interactive

Increase in the complexity of compliance discussions

"Since the implementation of the GDPR in May 2018, the industry has learned a lot it can take forward as we move into 2019. We’re likely to continue seeing regulators guiding companies on the changes required to ensure compliance. It is highly likely that these warnings, and possible fines, will have a significant formative impact on how publishers implement their respective consent strategies.

"With additional legislation set to go live in the U.S. in 2020, the amount of discussion and complexity of the conversations around compliance will increase in 2019, as companies adapt their strategies to achieve compliance with these newly implemented regulations."

Brian Kane, COO and Co-founder, Sourcepoint

Marketers must bring transparency to the fore

"After a turbulent 2018, with the introduction of the GDPR and high-profile data breach cases to follow, 2019 is not likely to calm down on the regulatory side. With the impending ePrivacy regulation and whispers of multiple stateside laws, it is apparent that compliance will remain a priority for companies across the board.

"As data privacy remains high on the global agenda, and consumer faith wavers, efforts to strengthen consumer trust must continue to be made with marketers bringing transparency to the forefront of operational processes."

Gabe Morazan, Director of Product, Digital Governance, Crownpeak

Redefining the rules of the game

"GDPR has been a very positive change for the industry – after years of privacy breaches, this legislation has redefined the rules of the game. The industry is starting to see the new rules be enforced in the European Union, and there’s already a movement among other countries towards similar regulations.

"This is a step in the right direction; and in 2019 we will see more global companies stepping forward as the leaders for enforcing privacy worldwide."

Rivi Bloch, Division CEO, Taptica

Changes outside the EU will have a big impact

"We expect GDPR and, more broadly, data, privacy, and transparency to continue to have a big impact in 2019, especially with the expected ePrivacy regulation, and the changing or introduction of regulations outside of Europe and the EU. Therefore, remaining agile and adaptive in response to this, as well as remembering that cookies and device IDs are not the only data sets available, will be paramount to ongoing success.

"Marketers and ad tech alike need to continue to reduce reliance on user-based targeting strategies where possible, especially when macro, location, and contextual data can fuel incredible insights and campaigns."

Evangelos Sideras, Joint Managing Director UK, MiQ