“Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.
Today’s column is written by Zora Senat, VP of Partnerships at Infutor Data Solutions.
The world of cookies is evolving.
The new cookie-less world will require a different mindset for marketers and advertisers, and the involvement of more organizational participants in acquiring, utilizing and maintaining user data in a compliant way.
We spend a lot of time discussing strategies to accomplish this with clients who sit on the supply-side and the buy-side. Outlined below are five consistent themes marketers must track to ensure they are ready for the end of third-party cookies.
First, there needs to be a bigger emphasis on security for user data – as a good business practice and for regulation purposes.
When organizations focus more heavily on the collection of first-party data, the result is more data to protect. The latest consumer data privacy laws in Virginia, California, the EU and elsewhere make it essential that user data is well protected, forcing companies to think forward about InfoSec policy and enforcement.
And more of that data will be personally identifiable information (PII), like email addresses. Although not considered as sensitive as, say, Social Security numbers or credit card info, email addresses are prime competitive data and can be misused in damaging ways, such as phishing or unsolicited email marketing.
Careful information security protocols, audits, encryption, and employee training are just some of the steps businesses should take to ensure information security.
Brush up on consumer disclosures and privacy rights
The California laws impact many non-California marketers whose campaigns or sales reach a sizable number of Californians. Similarly, marketers whose campaigns reach EU citizens in the EU need to comply with GDPR.
These new and upcoming laws add to a growing set of best practices, requiring all brands to better understand consumer disclosures and privacy rights.
All of these regulations require granular disclosures based on each data category, with different specifics about how the data is collected, used, sold or shared. Users also now have the ability to opt-out of certain kinds of targeted marketing, and to access or delete their personal info. Businesses should understand and be clear how these opt-out methods work with their organizations and ensure that all relevant privacy policies and other notices are properly amended.
Understand the rules and requirements around first-party data linkage
Brands also need to better understand the new tools – and the new rules – for linking first-party data with other kinds of data.
Customer data platforms (CDPs), for instance, have become a popular technology to assemble profile, session and transaction data about customers in one location anchored to a single identity’s profile.
At the same time, the new privacy laws are creating restrictions about linking certain kinds of data without consent.
For example, these laws set rules for directly connecting PII like a name or email address with, say, certain kinds of location data. On the other hand, some data architecture strategies – like hashing email addresses, encryption or the use of anonymized cohorts – can allow value to be pulled from connected datasets in a more indirect and privacy-protective way.
Actively test new ID resolution solutions
As third-party cookies fade away, vendors are offering various solutions that enable targeting toward people who are not customers or who have not visited your website. This kind of ad targeting has been particularly useful in finding new customers.
For instance, Google’s FLoC proposal within the Privacy Sandbox assigns users to a cohort based on browsing behavior, but hides the individual browsing data. The advertiser only sees that this user is part of a cohort interested in, say, skiing, not the user’s individual browsing to this skiing-related page or that one.
Other organizations like LiveRamp are creating alliances between publishers to share first-party data, resulting in large and ad hoc “walled gardens” that offer some of the advantages owned by the current triopoly of Amazon, Google or Facebook. And The Trade Desk recently handed over its Unified ID 2.0, an email-based alternative to third-party cookies, to Prebid to independently operate the technical infrastructure.
As the industry tries to sort out the best ways to respond to third-party cookies, publishers and advertisers should educate themselves by testing new technologies to target and track consumer interactions with browser-based advertising such as authenticated traffic solutions, people-based identity resolution, and cookieless contextual targeting.
Setting technology aside, an improvement in effort and creativity around building better, more transparent interactions to secure a consensual relationship with a consumer's data should be at the top of the list.
Understand the true value of consent
Some publishers and advertisers present the idea that, by sharing their user data, users can get ads that are more targeted to their needs. But others are finding that financial or other incentives are needed to get key info, such as email addresses.
This means brands need to assess new incentives so users will voluntarily share more of their data, starting with the lowest barrier to entry by articulating that the on-site experience will improve with the benefit of personalized advertising. The chosen method for obtaining consent really comes down to the value exchange - the higher the value of the content, the more a consumer will "pay" to obtain it. If the value is low, the barrier to entry should be as well.
The caution here is that brands should ensure these “data for benefits” approaches are cleared with privacy law experts, as the CCPA potentially could require analysis and disclosures if a consumer is offered a financial incentive in exchange for providing personal information. However, the scope of this requirement is not yet clear or universally agreed upon.
New world, new boundaries
This new world – fewer cookies, a heavier focus on first-party data, new ways to connect data, more rules around the use of that data – is still coming into view. But, like any new frontier, marketers can navigate it with a conceptual understanding of its limitations and boundaries.