Facebook, owned by Meta Platforms Inc., has long faced scrutiny for its data privacy norms and ad targeting capabilities. In 2022, the company was investigated by EU authorities for its compliance with GDPR. In response, Facebook will now support ad targeting under ‘Consent’ rules instead of the previously announced ‘Legitimate Interests’ basis of data usage.

What does this mean for marketers on Facebook? How does this new development fit the industry’s increasing push toward privacy-sensitive marketing? To answer these questions, let us first trace how Meta’s new targeting rules came about.

Meta Announced a Major Update to Ad Targeting in Jan 2023

According to this newest update, all ad targeting on Facebook in the EU region will now move to a consent-based model. This impacts users in Europe, the European Economic Area (EEA), and Switzerland while, interestingly, excluding the UK. This means that the way Facebook processes certain data for behavioral advertising will change.

Marketers can expect platform changes to be rolled out in the upcoming months as the company engages with regulators without immediate impact.

This change is not an isolated event nor a proactive stance by Meta in a highly privacy-sensitive world. Instead, this is part of the company’s ongoing response to regulatory pressures that it has faced from EU authorities, notably the Irish Data Protection Commission (DPC).

In Europe, every organization needs a legal basis – i.e., a legally justifiable reason – to process data. This act of processing also refers to data that are stored, transferred, or aggregated, crucial for marketing activities such as customer experience (CX) personalization, buyer persona targeting, and ad retargeting.

Facebook has always maintained that its social media experience is inherently personalized, including the ads users see, necessitating user data collection. Therefore, it has relied on a legal basis called ‘Contractual Necessity’ when it comes to displaying ads based on behavioral information. However, in recent years, regulators across Europe have pointed out errors in this rationale, arguing that the social media experience can go on unhindered even without collecting behavioral data.

In other words, Facebook is not contractually compelled to collect this information. As a result, the company changed the legal basis for data processing from Contractual Necessity to Legitimate Interests.

Enter Consent, A Gamechanger

In January, Facebook explicitly mentioned that the update to a Legitimate Interest’s legal basis does not mandate the use of consent for processing behavioral data. This is because content collection and maintenance mechanisms can be complex and potentially deter marketers from leveraging the platform to reach their target audiences. In many ways, the newest update comes as a blow to Facebook’s massive ad revenues.

In August 2023, the Irish DPC reinterpreted the GDPR, considering recent legal rulings and the upcoming Digital Markets Act (DMA). This new law, which sets down a narrow definition of online platforms as gatekeepers, can transform the role of social media in AdTech and marketing. Under the DMA, marketers who depend on platforms like Facebook will benefit from a fairer business environment.

So, in preparation, behavioral data collected by Facebook will soon be processed under the Consent legal basis. While this does not prevent personalization or ad targeting per se, marketers can expect a massive transformation in the type of data that will be available, the strategies to use it, and overall customer journey design.

Strategies for Marketing with Limited Third-Party Data

Restrictions on data collection are nothing new to marketers. In January 2020, Google announced that it would gradually phase out support for third-party cookies, which are extensively used for personalization. Similarly, Meta-based marketers in the EU will be restricted in using behavioral data for ad targeting and personalization. What are some of the steps you can take?

1. Build your zero-party data collection capabilities

Zero-party data – i.e., information proactively and willingly shared by the customer – is among any company’s most crucial information assets. This can include survey responses, registration forms, requests for quote (RFQ) submissions, information shared on the download page, etc.. Customers who provide companies with first-party data typically bring a high degree of intent and are already primed for conversion.

With Meta platforms (both Facebook and Instagram) providing marketers with only partial behavioral information, you need a stronger bedrock for your targeting strategies. Social media ads shared in groups or stories are a great way to collect zero-party information, as are your pillar web pages.

2. Formulate a contextual advertising strategy

Contextual advertising relies on inferences and associations drawn between the content on a web page and the type of user that might pursue it. For example, a reader catching up on geopolitics on WSJ may also be interested in a new productivity app that saves them time. Here, you have no data on the visitor or their exact preferences, past browsing histories, etc. However, the context provides valuable hints on the reader’s interests and possible intent.

Forming accurate buyer personas and ideal customer profiles (ICP) is crucial to an effective contextual advertising strategy. Through keyword targeting as well as topic targeting, you can position your product/service ads on the right pages. This will reduce your reliance on behavioral data and make you immune to changes such as Meta’s new (and possibly upcoming) ad targeting changes.

3. Train your sales and marketing team on the importance of consent

The shift from behavioral data to consent-led marketing is not just technological. It also signals a culture shift, where organizations place the intended buyer in the driver’s seat of their CX journey. Accordingly, sales and marketing teams need to be trained on the meaning and importance of consent – how does consent work? How long does it last? What areas does it cover, or not? Marketers also need to start challenging the data they use, questioning whether or not it was obtained ethically and with consent.

4. Leverage your genuine connections with customers

As access to third-party data gets more limited, your customer connections will matter more than ever before. Previously, behavioral targeting allowed marketers to show relevant ads repeatedly to users who had expressed an interest in their product/service in the past.

This repeated interaction would boost the chances of conversion. Behavioral data restrictions mean marketers need to go back to the drawing board and reemphasize genuine human connections. Here are a couple of ideas:

• B2B influencer marketing: Influencers are a great and third-party data-free way to reach your target audience. It helps you share high-quality and relevant content with customers already interested in your offerings.
• Referral networks: Your loyal customers can be leveraged as brand advocates through innovative and rewarding referral programs. Not only does this help reduce customer acquisition costs without needing third-party data, but it also helps existing customers reengage with your brand.

5. Invest in a GDPR-friendly Martech stack

Finally, your end-to-end marketing technology stack must transform to adapt to the GDPR and consent-related laws. Fortunately, most data tools, like customer relationship managers (CRM), customer data platforms (CDP), etc., come with GDPR support. Organizations must also train their teams to comply with these tools so that reliance on behavioral data is deprioritized.

Closing Thoughts

Meta’s new ad targeting rules are not entirely unexpected. We have already mentioned how browsers are phasing out third-party cookie support; similarly, Apple’s 2021-launched App Tracking Transparency (ATT) feature asks users to opt in/out of tracking for every individual app. Usage numbers for privacy-sensitive browser Brave, have now doubled for the fifth year.

All of this points to one thing: customers today are increasingly aware of their data privacy rights. They question the validity of marketing techniques that use their information without consent. As marketers optimize their social media and ad targeting strategies for an era of limited third-party data availability, a more thoughtful approach, human-centric marketing, and compliant data processing will prove essential.

Up next, read how marketing automation aids GDPR compliance.