SAN JUAN, Puerto Rico—Whether it’s Cambridge Analytica or Starwood Resorts, messy and highly publicized consumer data controversies impact every company dependent on such data—regardless of their own practices. This was one of the main takeaways from a panel discussion at the recent Beet Retreat 2018 whose participants represented smart-TV data collector Inscape, analytics and measurement provider iSpot.tv and Nielsen Catalina Solutions.

A consensus also emerged during the session that ultimately, one or more companies will figure out how to compensate consumers for their data beyond simply dispensing coupons and swag, perhaps one of the major credit card providers.

The panel was moderated by consultant Howard Shimmel, most recently of Turner Broadcasting, who at the outset mentioned the Starwood data breach because it was in the headlines that very morning. He asked whether despite the availability of great content and technology, “immense demand and an appetite to scale,” there will be enough data available given new legislation like GDPR in the European Union and CCPA in California.

Jodie McAfee of Inscape, a subsidiary of smart-TV manufacturer VIZIO, related the “classic case of no good deed goes unpunished” that occurred in 2015. VIZIO had just pushed to TV owners notification of how it collects household viewing data and where the data ends up. One of those owners was a reporter for Pro Publica who wrote a mostly “inaccurate” story about how TV’s can spy on them, according to McAfee.

“Two class action lawyers saw the article, found two plaintiffs and sued us and the rest was a complete mess,” said McAfee.

Among the more interesting learnings from the whole episode, the Federal Trade Commission thought that the language explaining what VIZIO does with owners’ viewing data was too buried. It should be “separate and prominent” from the TV setup process, which is what VIZIO ended up doing.

“Unless and until the consumer clicks ‘I accept,’ data collection is default off on our TV’s, so it is a full, true opt-in regime,” said McAfee.

Another relevant learning was the FTC’s view of the so-called value exchange that most advertising and media companies believe underpins the collection of consumer data. The government said “everybody needs to stop promising this idea that when the consumer opts in they’re going to get these bells and whistles around greater search and recommendation or whatever. Just knock it off. That’s not necessary and it’s kind of bullshit. Just tell them what you’re doing,” McAfee said.

The architects of GDPR hold the same view, according to McAfee. “It’s in GDPR. Don’t promise anything special. Just be clear about what you’re doing. That’s all anybody cares about.”

With an opt-in rate of 90% in the United States, “What we’ve learned is if you’re front and center with it and you are completely transparent about what you’re doing and how you’re doing it, pretty much everybody, at least in the United States, they’ll opt in and they’re fine with it,” McAfee added.

Robert Bareuther of analytics and measurement firm iSpot.tv said the company gets “a tremendous amount of raw data from our valued partner VIZIO and we take that raw data and we decipher it into how households view content” and then measure business outcomes for advertisers. “We never see any private data, but it’s very important to us that rules are followed and you don’t breach anything. I think VIZIO’s done a spectacular job of making sure that everything’s on the up and up,” said Bareuther.

Nielsen Catalina’s Matt O’Grady said his company doesn’t touch any personally identifiable information about consumers, “but our applications for measurement and targeting are highly dependent upon PII. I’m dependent upon everybody in the ecosystem not violation or for lack of a better expression not screwing up.”

As for the impact of Facebook’s Cambridge Analytica misadventure, “that made our liability statements and our onboarding much more difficult than it had ever been before,” said O’Grady.

Asked by Shimmel whether CPPA in California will end up looking like GDPR, O’Grady said the initiative is “a very healthy democracy in the sense that the pendulum can swing and people can really get a chance to voice their concerns. But I think a good substantial part of that opt-in is going to be re-written” before the law takes effect in January of 2020.

So will marketers ever end up having to actually pay consumers directly for their data, along with letting them control their data? “If I was involved in that, I don’t want a coupon,” said O’Grady. “I want true compensation for that. Somebody’s going to come along and figure out how to crack this nut. I don’t know if it’s going to be five years or twenty years from now, but I really do believe that we’re heading in that direction and there’s an enormous opportunity for somebody to come up with the vault concept.”

This video was produced in San Juan, Puerto Rico at the Beet.TV executive retreat. Please find more videos from the series on this page. The Beet Retreat was presented by NCC along with Amobee, Dish Media, Oath and Google.