Mirroring efforts led worldwide to regulate data collection, such as Europe’s GDPR or California’s CCPA, Southeast Asian markets have gradually adopted their own privacy regulations, implementing more stringent guidelines for collecting and utilizing consumer data.
"While many are turning to Europe, which led the charge with the GDPR, and the U.S., where state privacy laws are introduced seemingly every other week and a federal law might be around the corner, strong privacy signals are also emerging from Southeast Asia. In this region, data privacy is becoming a key focus for businesses, highlighted by regulations such as Singapore's PDPA and Indonesia's PDPB, and others in Asia like Japan's APPI and India's DPDP,” according to François Veyrat, Senior Sales Account Executive at Didomi.
According to Singapore’s PDPA (Personal Data Protection Act, 2012), data collection is subject to consent, notification, and purpose limitations. Likewise, in most Southeast Asian markets, obtaining explicit consent from users to collect data on websites and apps has become a common requirement, in line with international standards for data privacy. As a result, Asia is now the fastest-growing market for Consent Management Platforms. However, since regulations remain mostly distinct by market, brands can decide whether to follow the most strict one as a benchmark for all or adapt to each local environment.
Additionally, much like internet users all over the world, SAPAC netizens are themselves deeply concerned about their data privacy. Ad-blocker adoption has surged throughout the region, with 47% of Southeast Asian web users employing them, surpassing the global average of 43%. Vietnam, Indonesia & Taiwan are within the top 5 countries with the highest ad blocker usage rate. This trend presents a challenge for brands aiming to advertise to these markets, further emphasizing the importance of cultivating trustful, value-based relationships with their users.
In response to both regulatory efforts and changing attitudes towards data collection, third-party cookie deprecation has emerged as a global trend, notably led by tech giants. Apple’s Safari & Mozilla’s Firefox browsers set a precedent by blocking third-party cookies by default as early as 2019. Following suit, in 2020, Google announced its intention to gradually phase out third-party cookies as well. While the timeline has been extended to the first half of 2025, third-party cookies have already been phased out for approximately 1% of Chrome users. With about three-quarters of APAC internet users relying on Chrome, the deprecation of third-party cookies is poised to significantly impact advertisers and their media agencies’ targeting capabilities in the region.
In light of these developments, advertisers will gradually have access to less and less first and third-party data. Therefore, it is key for brands to assess the impact of these evolutions on their business use cases so that they can stay ahead of the curve and explore different solutions for more resilient data collection.
“As a leading multi-regulation Consent Management Platform (CMP), we have the privilege of being at the forefront of the privacy industry. While there is a clear demand for compliance tools coming from SEA, we also observe the global trend of zero*- and first-party data becoming the new gold standard, especially as the deprecation of third-party cookies in Chrome looms closer," says François Veyrat.
To switch their focus away from third-party cookies, brands must assess their first-party data readiness and pinpoint gaps to be addressed before deploying resilient activation use cases across different streams (media, CRM, CRO…). Educating all stakeholders on this new paradigm, especially at the market level, setting up transparent governance, and empowering teams to identify collaboration opportunities should also be prioritized to support this transition.
With first-party data being increasingly critical to advertisers, deploying a Consent Management Platform and a Preference Center will be essential to keep up with the most recent legal updates while saving on tech resources to guarantee actionable data.
Brands can leverage market best practices to optimize their cookie-consent banners and maximize their volume of collected data while modeling features such as Google Consent Mode can help compensate for data loss in Google’s analytics & media tools.
Considering the context, we strongly believe that server-side will become the new measurement standard. Compared to client-side measurement, it guarantees better control, resilience, and agility in data collection in an ever-changing context. With server-side measurement, businesses can regain control over the data transmitted to technology partners, enrich their data collection in real-time, and improve their user experience with faster load times. To learn more about server-side measurement, watch our dedicated Cheat Sheet episode.
While the recent shift in data protection norms might be akin to a sea change in the digital space, Southeast Asian businesses are equipped with the tools to evolve and even flourish in this changing environment, both locally and on the international stage. Partnering with an agency like fifty-five is key to finding the right solution to your needs - don’t hesitate to contact us if you’d like to know more!
* "Zero-party data is that which a customer intentionally and proactively shares with a brand. It can include preference center data, purchase intentions, personal context, and how the individual wants the brand to recognize [them]." Salesforce / Forrester Research
Discover all the latest news, articles, webinar replays and fifty-five events in our monthly newsletter, Tea O'Clock.
.svg)
.jpg)
