“Frankly, I don’t want to be here.” As he led off Evidon Empower in London on Tuesday with those words, Information Commissioner Christopher Graham wasn’t implying that he was unhappy to be addressing the standing-room-only crowd of business leaders, regulators, attorneys and more. He meant that earlier action by the advertising industry on consumer privacy, based on an understanding of the imperative—and the business benefit—of giving consumers real control over their data, might have precluded his talking about enforcing a law now. But he was equally adamant that there’s a way forward, and that convincing businesses to comply with the ePrivacy Directive shouldn’t really be that hard. covered by Marketing Week on Wednesday—people feel better about brands that prove they care about consumer privacy, with 48% even saying directly that they’re more likely to purchase from transparent brands. For some good examples of how proactive businesses are using Evidon to comply, click here and here. Always one to instigate a good debate, Exchangwire’s Ciaran O’Kane moderated the day’s first panel on the law and how to comply. The sell-side on the panel concurred that it really shouldn’t be so hard. Philip Milton of DCMS made it plain: “Get an audit, find out what cookies you use, and depending on what comes out, decide which are intrusive, then what you need to do to inform consumers.” Michael rightly pointed out that, for companies to do this right, they should be prepared to make an effort: “Don’t try to just scrape across the finish line; embrace where this is going, work together and educate.” Do we now know the answer to Ciaran’s question “how do we reach compliance nirvana?” Not exactly. But the conversation certainly helped get us closer. Things certainly didn’t get any less complex as Field Fisher Waterhouse’s Eduardo Ustaran spoke with regulators and legal experts on their expectations of businesses in light of the Directive. Thomas Kranig, President of the Bavarian State Office for Data Protection, demonstrated that complexity from the start, stating that, with 18 different data protection authorities across Germany, who could all interpret consent in their own way, the answer to “what is consent” isn’t easy! CNIL’s Alain Pannetrat spurred discussion with a key point: if a consumer lands on a web page and simply navigates away, they haven’t given their consent to be tracked. Are they cookied anyway? The answer is that it depends on which consent solution a website is using. Evidon’s solution can be integrated into a site to prevent tracking if the user leaves before providing consent. To find out more about how it works, contact us. Hester de Vries of law firm Kennedy Van der Laan remarked on what she’s been hearing from Dutch companies, including the fact that many feel that they will be at a competitive disadvantage with other European businesses once enforcement begins on the Dutch explicit consent requirement. Pointing to a frustrating lack of adoption in his own country, Alain closed by exclaiming “In France, if all companies would follow even the ICO’s guidelines, we’d be happy!” That key theme emerged yet again: taking some action to inform consumers and give them control over their data, despite confusion over exact requirements, can only be a good thing. The day closed with a discussion amongst some of the biggest brands in the world—Nestlé and BP—and how they’re looking at compliance. Nestlé’s Nathan Howe made the point that, with extreme and often unknown tracker proliferation across a web presence as large as theirs, they need to make sure they’re employing an auditing solution that can find everything and continually assess their sites. “Then we have to take the information we get from the audit and present it to our business,” he said. With multiple stakeholders, from the marketers employing trackers to capitalize on data, to the engineers making sure those trackers don’t hinder their website, to the privacy leads making sure they’re respecting the consumer, strong internal communications is key. BP's Ellis Parry noted that compliance can be “Easier for less complicated sites that are not built for a heavy consumer audience.” Following on BP’s example, other business to business brands might find that compliance can arranged with lower overhead and a more modest approach to consent, as the trackers used are often smaller in number and less intrusive. Ultimately, Nathan brought things full circle, making the same point about the value of a strong compliance strategy that Commissioner Graham made at the start. “In the end, anything that happens with our website impacts our brand,” he said. Master of Ceremonies Eduardo Ustaran closed the day with a challenge to the market. “We’ve crossed the line,” he said. “We see examples of leader companies doing it now; from now on, it’s a matter of what everyone else does.” With every uncertainty still not figured out, businesses still owe it to consumers—and to themselves—to take action now and implement a robust consent solution. For a look at Evidon and Field Fisher Waterhouse’s compliance solutions, please join us for a webinar next week. Check back here for the precise date shortly. To read more coverage of the Evidon Empower EU II, check out the V3.co.uk article here.