Home Ad Exchange News IAB Tech Lab Blesses Its First Set Of Data Clean Room Specs

IAB Tech Lab Blesses Its First Set Of Data Clean Room Specs

Comic: Mr. Clean Room

The IAB Tech Lab formally released its first data clean room guidance for advertisers and publishers on Wednesday.

With it, the Tech Lab also shared the first version of the Open Private Join and Activation (OPJA) specifications, which sets use cases for data clean rooms and directions for how to match encrypted audiences.

The new standards haven’t undergone major changes since the pre-release drafts were initially published for feedback in February, said Shailley Singh, IAB Tech Lab COO and EVP of product.

One upgrade to the OPJA standard is interoperability with the IAB’s Ads.cert standard. This should make it easier for advertisers and publishers that use the encryption standard to launch data clean room activations.

Ads.cert creates a cryptographic key so that no ad tech intermediary can fudge a bid request or use unverified data, such as a fake device ID or IP address.

“The next step is adoption,” Singh said, “to rally the industry to adopt the standard for further activation purposes and clean rooms.”

Recommendations, not rules

The clean room guidelines and the new OPJA specifications are more like best practices than industry-changing specs, like the trio of Ads.txt, Sellers.json and Ads.cert, which required the IAB to push hard for widespread adoption.

The main purpose of these OPJA standards is to help companies more easily and securely use data clean rooms for audience matching and attribution.

Advertisers especially should be aware of and consider a number of so-called collusion scenarios before setting up a clean room-based campaign. “Collusion scenario” refers to any situation in the cryptographic supply chain sequence where more than one component is owned by one company, like a publisher with an SSP or a platform that combines a DSP and an SSP.

If an advertiser unwittingly uses a clean room setup whereby the media company owns the ad system, the publisher could see unencrypted audience data flowing between the two components it owns.

In that case, the publisher theoretically could infer the encrypted match keys of the advertiser’s first-party data. The data would be sitting there, unencrypted and identifiable with a little bit of data science work.

If the media company really wanted to take it to the next level of bad actor activity, it could generate labels so that the advertiser overbids on inventory or artificially inflates match rates.

That’s if the publisher owns the SSP, is a conscious fraudster and is dealing with an advertiser that is unaware of the fact that the SSP and media are co-owned. It happens.

Clean and clear

The IAB Tech Lab’s guidelines provide the questions to be asked and the implementation basics that should be applied in order to prevent that type of deliberate fraud or even sincere mistakes that might expose an advertiser’s or publisher’s data.

In most cases, advertisers are what one might think as the “flats” and publishers are the “sharps,” because buyers are the ones with the money. Sure, if an advertiser owns the ad system, it could generate artificially high or low match rates that bamboozle a publisher, but why bother? An advertiser doesn’t profit in that scenario.

These initial clean room specs are a sound starting place for brands and for publishers, and the vendors in between them in a direct advertising deal. But data clean rooms themselves don’t become interoperable.

For example, an advertiser, agency, DSP, SSP, media company and clean room tech provider could all get on the same page and run a clean room-based campaign using these standards. But the idea isn’t for a publisher or advertiser that uses a number of clean room vendors for different campaigns to standardize data across them all.

For now, the IAB Tech Lab wants to help make data clean rooms tech less daunting to ad buyers and sellers, which is why the first priority is to create step-by-step implementation basics.

Marketers or publishers who are new to this “could easily get lost in the details,” Singh said.

“It’s a big step for data cleans room, though,” he said, “to have standardization.”

Must Read

‘Incrementality’ Is The Buzzword That Stole Prog IO

Well, that’s a wrap on Programmatic IO Las Vegas 2024! The AdExchanger editorial hopped on stage for a live recording of The Big Story to round up all the moments that made us go “a-ha” this week, including observations on commerce media, CTV and generative AI.

Paramount And Shopsense Add Programmatic Demand To Their Shoppable Ad Network

What if the new storefront is a person sitting on their couch and scrolling their phone?

Scott’s Miracle-Gro Is Seeing Green With Retail Media

It’s lawn season – and you know what that means. Scott’s Miracle-Gro commercials, of course. Except this time, spots for Scott’s will be brought to you by The Home Depot’s retail media network.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Walled Garden Platforms Are Drowning Marketers In Self-Attributed Sales

Sales are way up; ROAS is through the roof across search, social and ecommerce. At least, that’s what the ad platforms say.

Comic: Working Hard or Hardly Working?

Shadier Than Forbes? Premium Publishers Are Partnering With Content Farms To Make A Quick Programmatic Buck

The practice involves monetizing resold subdomains jammed with recycled MFA articles produced by notorious content farms.

Adalytics Claims Colossus SSP Is Misdeclaring IDs In Its Bid Requests

Colossus SSP, a DEI-focused supply-side platform owned by Direct Digital Holdings (DDH), is the subject of Adalytics’ latest report released Friday. It’s a doozy.