Link to home page
Link to home

News from the open internet

Data Privacy

How new privacy regulations are reshaping APAC marketers’ data strategies

Password field with asterisks floating away from and outside of it.
Illustration by Robyn Phelps / The Current

For marketers managing campaigns across the Asia-Pacific region, the rules of data-driven advertising are changing fast.

New privacy laws are emerging, each with distinct requirements and enforcement priorities. India’s Digital Personal Data Protection Act (DPDPA), Vietnam’s Personal Data Protection Law (PDPL), Australia’s children’s privacy reforms, and updated guidance under South Korea’s Personal Information Protection Act (PIPA) are just some of the recent regulatory changes forcing marketers to rethink how they run regional campaigns.

While a consistent privacy framework has emerged in Europe under General Data Protection Regulation (GDPR) framework, APAC’s regulatory landscape is highly fragmented. These new regulations not only reinforce the region’s complexity but also point to increased fragmentation in the future, said Céline Gauthier-Darnis, executive vice president of APAC & MENAT at Equativ.

These growing differences are increasingly shaping how marketers may collect data, target audiences and measure performance.

Campaign planning requires a market-to-market approach that emphasizes privacy by design. According to Gauthier-Darnis, “This development accelerates the shift away from solutions that rely solely on different third-party identifiers.”

Gauthier-Darnis advocated for designing campaigns under the assumption that signal availability will vary across markets.

“We’re building strategies that can work with a mix of first-party data, contextual signals and privacy-conscious identity solutions,” she said. “It’s crucial not to rely on a single identifier or data source.”

Balancing performance expectations and regulation

As new APAC privacy laws come into effect, marketers face what Adrian Treahy, lead data and technology consultant at TrinityP3, called a “signal-performance paradox.”

“The data used to optimize ad performance is disappearing, but performance targets and ROI expectations have not gone away,” he said.

To adapt, Treahy said marketers should rethink their measurement frameworks. “Marketers need to develop new strategies and capabilities to overcome this, such as moving to MMM and measure total sales lift over click rates”.

Gauthier-Darnis agreed that balancing performance expectations and regulation is the biggest challenge for APAC marketers.

“The expectation is global impact, but you are dealing with different local regulations,” she said. “Advertisers want consistent measurement and targeting, but that is challenging since each country has individual rules.”

To operate effectively in the region, Gauthier-Darnis said APAC marketers need to keep in mind flexible campaign design.

“You need to run different activations in Australia, Japan or India, even if the campaign itself is the same,” Gauthier-Darnis explained. “The key is finding an approach that delivers performance without relying on signals that may not be available everywhere.”

Rethinking data strategies

Treahy predicts that regulatory frameworks across APAC will continue to tighten, moving from merely encouraging compliance to enforcing accountability. “It’s truly the end of the ‘spray and pray’ marketing approach,” he said.

To stay privacy-conscious while optimizing campaigns regionally, Treahy said, marketers must shift “from a focus on data volume to strategies that focus on data velocity and trust. “The use of well-thought-through creative is critical to building value-based data exchange campaigns.” For example, customers might be offered a value exchange for personal data.

Looking ahead, Gauthier-Darnis predicts that privacy regulation across APAC will likely become stricter, but “not in a unified way.”

“More countries are introducing GDPR-inspired frameworks, while others are focusing on specific areas such as children’s data,” she said.

For marketers, she believes the safest long-term strategy for marketers is to “invest in an approach that is privacy resilient by design.”

That means integrating privacy considerations and related compliance into campaigns set up from the start, rather than treating it as a legal checkpoint at the end.

Treahy agreed that organizations must build stronger internal capabilities around privacy.

“Marketers can no longer implement one-size-fits-all campaigns focused on broad reach or overly simplistic data segmentation strategies,” he said.

This information is provided solely for background and is not a representation or guarantee of any future performance.