What does “identity” look like in a GDPR world?

Identity, quite literally, defines who we are.

Previously confined to a single piece of paper, then a larger computer database, and now spread across multiple devices and platforms, many are questioning the future of identity and how digitisation has affected the way consumers, businesses and governments view the term.

While we typically think of identity in the context of a person – i.e. being able to identify a specific individual – the term takes on a different meaning when we enter a B2B context. In a business environment, the term “account identity” looks at a larger set of people within the account to whom marketers need to be targeting.

With the GDPR (General Data Protection Regulation) taking effect in May earlier this year, how will this new regulation affect businesses and the way they view identity?

How will the GDPR affect businesses?

Marketers are sceptical of the GDPR and there is still a lot of uncertainty around how the new regulation will impact companies. In a worldwide survey conducted in Q3 this year, 54% of marketing executives believed they will no longer be able to use behavioural signals such as web browsing data and search histories if they wish to stay compliant with the GDPR. Similarly, about half thought that the GDPR meant that using third-party data and email addresses may not be safe to use either.

While the new regulation does appear to have a large and direct impact on the way online advertising is carried out in the B2C space, I believe that the B2B world will not feel the same pain. Sure, some personalisation may be lost, but businesses can still market very effectively based on account-level data and customer experience will not be dramatically degraded.

By understanding which account a person is connected to, businesses still have a lot of information on which to base customer content, marketing campaigns and other interactions. The key is levelling data up to an account level so the personalisation of the customer experience is done for each account rather than at the individual level.

Better data, better results

The GDPR shouldn’t be viewed as a threat to businesses, but rather an opportunity. Data providers who engage in appropriate methods of data collection – those providers who have the ‘good’ data -will stand out and the chaff which populates the data market today will be thrown out. In a way, GDPR will help ‘clean’ the data market and help ensure that the right data is being used to build accurate customer identities. With a better data set, companies will be able to better customise and personalise the user experience, increase conversion rates and improve campaign performance.

For companies engaged in digital advertising, understanding who is actually viewing those digital ads helps inform campaign performance and manage return on ad spend, thus saving money too; and in the B2B context, tying those identities back to the account level allows businesses to create custom experiences for each account, which is key for ABM programs.

Managing a mobile identity

A lot of these advertising experiences happen on mobile devices, and businesses need to ensure that content is available where and when people want to access it. Yet mobile web experiences go beyond just ensuring that the website loads correctly on a mobile device.

With the proliferation of devices that generate data (computers, laptops, tablets, phones, wearables) and the amount of data available (transactional, social, etc.), managing identity is also becoming a very complex endeavour.

This is where businesses need a consistent and unique identifier to help tie together the identity of the user across multiple platforms and then serve a consistent experience based on that user’s information. What’s more, this data can then be boiled up to the account level and kept in the account record, so all actions taken are tracked, regardless of platform.

The weight of identity

Identity is certainly becoming more important; the expectation of reaching people in more channels coupled with a further expectation of personalisation is going to weigh heavy on marketers’ shoulders.

But the GDPR is not the bringer of doom like many thought it would be. While the regulation is changing what identity looks like at an individual level, B2B companies can still gather a lot of information at the account level instead. As marketers start trying to manage the account journey, tying the individual to the organisation (and their role within it) will be imperative.


By Anudit Vikram, SVP of Audience Solutions,  Dun & Bradstreet

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.