“I was horrified.” That was reporter Eric Wood’s reaction to “unified profile” — the idea of collecting every online data point about a person into a single system. Modern consumers, says Adobe executive vice-president of marketing Brad Rencher, are “everywhere — they’re on mobile, social and they’re in your store. And they have multiple touchpoints including your loyalty programs, commerce systems, your support pages.” With that data spread out, it’s hard to personalize marketing across platforms. That’s why Rencher’s keynote at today’s Adobe Summit in Las Vegas focused on consolidating it into one profile tracking every data point about you.

Personalization began innocuously enough. Ideally, the approach helps both consumer and company. People get annoyed when they’re constantly presented with ads for stuff they’d never buy — no man, for example, wants a barrage of tampon ads. Audience precision clears out the junk. It also makes company operations more efficient: If businesses can get the right message to the right person and the right time, they’ll waste less time and make more money. In personalization, localization found an easy home: after all, what’s more personal than connecting in someone’s native language?

But as I sit in the dark convention center listening to Rencher’s keynote, I have to ask: how personal is too personal? He starts talking about a woman who goes online to book a hotel, then hears the phone ring. Just as I would, she gets distracted, forgetting all about her en medias reservation. As someone who’s actually had this happen, and wound up paying double for the hotel as a result, I think, so far so good. Then Rencher begins to brag about how an ad for the hotel could follow her around — not just Google AdSense, the program that drops cookies in order to display bounceback ads on subsequent sites you visit, but Facebook display ads, texts — basically everything I use to communicate. Here, buy me, look at this, don’t you forget about me! Rencher sees a world with full integration of all your data everywhere — a single, unified profile where every data point about your life inevitably interacts. “How do we create a unified profile that enables you [the Adobe customer] to deliver a unified experience?” he asks.

It’s creepy.

And in Germany, it’s essentially illegal. The General Data Protection Regulation (EU/2016/679), more commonly known as GDPR, is a European regulation that shifts the definitions of personally identifiable information (PII) and what companies are allowed to do with it. Rencher calls GDPR the “four letters that will impact all of us.”

On July 5, 2017, Germany became first to adopt this standard. And just as your unified profile would follow you around, this European guidance is moving into other countries. US adoption begins May 25, 2018. Because translation companies are the ones personalizing websites, apps, and other data collection points, GDPR might come for localization next. The web, as we often say, is international, after all. You could be a New Zealand company translating into Ewe for a client in Brazil, but it doesn’t matter. As long as anyone in a GDPR-enforceable country can click on that translated site, this affects you.

“How many of you in your organizations are able to recognize an inbound web hit is coming from Germany and be able to treat that data differently?” Rencher asks, “These are not easy challenges to solve if you’re dealing with and using legacy systems. Stitching all that data together can take months if not years.”

In addition to regulatory difficulties, Adobe also has a hard time dealing with the ethical implications of unified profile. In a post-keynote presser, reporters from NewsCorp, CMO Australia, IT Business, TechCrunch and others railed Adobe CEO Shantanu Narayen, chief technical officer Abhay Parasnis and Rencher, asking the same question about user privacy again and again.

After stressing that the onus of privacy protection falls on the user, Narayen said, “I think the rich number of questions around data and privacy really show that it’s front and center on people’s minds — on the enterprise’s mind.”

The ethics around data collection, whether people should opt in or out, and how well users truly understand the decision, are a topic for another day. But in the meantime, the localization industry should be thinking about how to prepare for a swingback. As more users turn off cookies and turn on ad blockers to keep AdSense et al from following, “personalization” could become a dirty word. And personalization is how we sell. If a swingback comes — if the broader public tires of ads or data collectors tracking them across platforms — will localization need a new message?