The Cookie Has Five Years Left Says Merkle’s Paul Cimino

briligSince being acquired in September 2012, Paul Cimino’s Brilig Data Exchange serves not only its own customer base but also that of its new owner, Merkle, and all of the first- and third-party data it looks to leverage on behalf of its Merkle clients across marketing campaigns.

In an ongoing effort to understand how data is applied in digital advertising, we asked Cimino, VP/GM Brilig Digital Data Solutions at Merkle, about  industry trends and how the data exchange works.

AdExchanger: The Brilig Data Exchange is positioned as a cooperative. How does that cooperation manifest itself?

PAUL CIMINO: There are a couple of key ways. One is that all of the sellers of Brilig agree to be part of a composite market or a segment-building market. And, we have tools that allow buyers to construct an audience from a variety of sources.

Today, we’re serving networks, agency trading desks and arbitrage agents connected to DSPs. And we partner with the DSPs as channel partners.

Secondly, we service Merkle as its digital data platform.

So, how does one build a segment?

There are three use cases to build what we call a composite or custom segment.

One case is where you have a hypothesis about your audience. Let’s say you’re a sports energy drink and you want younger men and women who have certain attributes. You would go through the system and construct that from the data of all the co-op members.

The second way is to index the 12,000 segments we have against a pixel that is appearing with your ad – whether it’s an ad network, a programmatic “something” on an exchange, or a demand-side platform. The system will cross-tabulate all of the data segments that are performing against that ad and give you a kind of Top 10 Recommended Segments from an ROI perspective.

Then the third way is to index your site traffic and produce a cluster of segments that are highly indicative of successful customers who are coming to your website. You can look at people who have converted versus the general audience, and then clone more.

So if I’m a seller, to get going with Brilig I may need to put a pixel on my site in order to create a cookie pool.  Then Brilig syncs its platform data with my site’s data so I can tap more audience through Brilig. Same is true if I’m a buyer – I bring my cookies and they are synced with Brilig to find more audience.  Right?

Yes. We have to synchronize user IDs, and Brilig has a library of ways to do that. Whether we call the entity or the entity calls us – which we call “push” or “pull” – whether it’s a pixel that we give them outright or we piggyback off an existing pixel, you have to have very low drag in terms of integration and ways of joining user universes.

Let’s say Brilig contracts with AdExchanger; we would probably give you a pixel, or we would piggyback off an existing pixel, and every time that we see a user in common – whether we see them and tell you “Have you seen this person?” or you see them and tell us “Have you seen this person?” – we would synchronize those two data fields.

For example, if my computer sees me, and Brilig calls me “123” and AdExchanger calls me “ABC,” Brilig links those two things. That’s not unique, that’s just the current currency of linking. We use cookies, IPs and a variety of other information to key who people are.

Why, as a publisher, would I want to sync my data to Brilig’s co-op?

The main reason would be to sell your data.

It’s sort of like reach extension. If you established a segment called “technical buyer” on AdExchanger, for example, through Brilig you can do a couple of things. You can sell it outright to a buyer through the exchanges or most of the other buying centers. Or you could sell that segment within AdExchanger’s site. You could use that segment to target ads within your site to chop up your premium inventory into more valuable slices – kind of where the data management platform (DMP) argument is going – although we’re not professing that we’re a DMP.  We’re a sort of big data audience platform.

How about a use case from a buy-side perspective?

Let’s take it from a demand-side platforms perspective. They would not have a pixel on their website. They in fact might have a cookie pool that has been created over the course of the past couple of months, and they bring it to Brilig. Now they want to target this cookie pool and segment it better, according to the marketer’s campaign specifications. So they would sync with Brilig, then create these segments and target them through exchanges and exchange-like sources like SSPs or even potentially direct site buys.

Then there’s one additional service we provide that is cooperative in nature, which is the matching of first-party data to the Internet at large.

How does that work?

Brilig works with a cadre of 10 different matching agents of all different types. We’ve found that the third-party cookie is dying as the number of machines that you can see on the Internet versus the number that you can cookie has been dropping over the last three years. It’s now at around 50%.

That’s for two reasons. One is that the browsers are getting stingy – like Safari and Firefox. They’re coming with the third-party cookie turned off. The second main reason is that non-cookieable devices – phones and iPads, Kindles and the like – are generating traffic somewhere between 35% and 40% of our overall traffic. So 35-40% of traffic is not from computers.

So you need a multi-device approach of identifying people. One of the available pieces of information is the cookie. But if you can’t cookie people, what do you do?

I can’t cookie your iPhone or your Android phone. If you are at home or you go to the same place every day, I can see the IP and part of the user agent – enough information to reasonably identify you over and over and keep that good sync between the data – the first- and third-party data and the targeting opportunity that’s out there.

With these 10 matching agents we’ve built a cooperative of matching, because most of the matching that you see out there is single-circuit. It’s “A” matching agent and “A” campaign and “A” advertiser. Among the most frequent complaints is scale. That’s what Brilig battles.

Who or what are the matching agents?

The matching agents are [often] subcontractors. If you think about it, it’s a big database integration problem. Database integration has been plaguing computer scientists for decades. How do we  identify the same entity in different databases, and what do we know about them?

Cookie, IP, user agent and geo are the four primary agents.

I’ll give you two others. One of them is AcquireWeb, which is a database-scrubbing and hygiene company from offline. They’ve moved online. We’ve been working with them for a long time. They’re really good at matching IP and data to neighborhoods. They’re sort of the anchor tenant with the Zip+4 geos with either a first- or third-party data matching agent.

Another one is Bridgecorp, a newer company that has a really accurate linkage between households and IPs, which is a very dicey area because the cookie is moving around. By the IP moving around, I mean it’s getting erased and reset all the time, so you need a lot of scale and know-how to maintain the linkage.

It’s important to note that these integrated, multi-channel marketing campaigns are not just one and done. Database marketing is about setting up a framework to find the goal and trying over and over. It’s an interactive process. As I said, it’s not a one and done, which is something that’s really broken in our industry because the most frequent thing you hear is “I tried it and it didn’t work.”

In spite of all the onboarding and hashing and the rest, it does come back to enabling cookie targeting in the end. That’s the way the DSP is going to target – using cookies. The hard part is trying to take that fluid non-cookie world and bring it into this online ad cookie world. So that’s one thing that Brilig is enabling, yes?

Yes, you’re right in probably 90% of the cases, but there’s a 10% case of the market that’s starting to grow out of that. A limited cookie-based world. One of them is mobile because you can’t target by cookie, so Brilig is working with Tapad and AdTheorent and others who use IP, user agent and hash because they can’t use cookies.

The other one is what I call the smart ad networks like CPX Interactive, who is branching out to IP – platforms that are enabling it like AppNexus too. Those guys know that their cookie is dying. Yet it is still 90% about the old-fashioned way of finding cookies. It’s our counting method. It’s the common currency, and they’re branching out into other currencies.

How long do you think until the cookie as we know it dies or is significantly less important than it is today?

Five years at the most.

At my former company, my peers were the people who created cookies. We didn’t create them for this. It’s a very weak computing mechanism. It’s flawed, invasive, it’s got privacy issues, it’s going to go.

I think it will take five years to kill it. At that point, it’ll be like birds chirping and flowers blooming because we’ll find some kind of value proposition that allows consumers to trust us and opt into personalization. I term it, tailor don’t target.

Follow Paul Cimino (@paulcimino), Merkle (@MerkleCRM) and (@adexchanger) on Twitter.


Enjoying this content?

Sign up to be an AdExchanger Member today and get unlimited access to articles like this, plus proprietary data and research, conference discounts, on-demand access to event content, and more!

Join Today!


  1. Hey Paul.. Good thoughts which I happen to endorse especially as it relates to the industry eventually growing out of cookies. This is why Semcasting introduced Smart Zones based on IP Zone Targeting in 2012. Smart Zones is the underlying tech behind the IP implementation of Tapad, CPX and AppNexus. The value is of Smart Zones is that audiences now have 100% reach, are no longer defined by thin data like a single cookie, and it is of course privacy friendly – as you pointed out.


  2. Hi Ray. I’m a fan of both Semcasting and zip4/geo segmentation & targeting. The economics work for arbitragers like CPX but if we put ourselves in the shoes of the CMO, which I don’t think adtechies do enough, we realize zip4/geo has scale and respectable accuracy and privacy friendliness, but it isn’t granular enough for many targeting jobs. Segmentation about specific demos like gender or club/union membership can’t be done in geo targeting, or can they? If so we should talk 🙂

    • Actually the Smart Zones solution is not typical zip IP-Geo.. There is actually no fixed geo reference – Smart Zones defines its own delivery point references defined by demographics and psychographic clustering. 25 million of them… it is a proprietary overlay of the US. So while you’re right about Smart Zones not being a one to one connection for items like the gender and individual membership – it is statistically a more valid and more accurate construct providing100% household coverage defined by hundreds of validated variables vs. one-to-one cookie matching where this allternate universe is 50% blocked (and growing), only one in four cookies being unique, and those uniques are based on single item attribution. At the end of the day whether you are a CMO or an adtechie the math wins – Reach trumps”the cookie behind the curtain..” Happy to talk any time.

  3. Interesting perspective on the future of the cookie. At the upcoming NAI Member Summit one of the panels is titled “HTTP Cookies RIP?” Today, NAI member primarily use cookies for interest-based advertising. For many reasons, including the increase and prevalence of mobile advertising, the limitations of cookies, new technologies, browser settings, and more, companies are seeking guidance on the use of non-cookie mechanisms to monetize impressions and engage in interest-based advertising. Looking ahead, as technology changes, NAI will need to move beyond HTTP cookies but cannot abandon the organization’s high standards around transparency and choice or compromise the NAI’s hallmark compliance and enforcement program. So the question is – how do we do this? This panel will be a provocative and thought-provoking discussion about new tracking technologies, privacy, and the NAI Code.

  4. Hi Marc,

    I have a lot of respect for the efforts of the NAI (and the DAA for that matter) to address privacy in a responsible manner. While we can’t sign on with either because we don’t track and don’t place cookies I applaud the transparency and the choice standards as they are simply the metrics of a healthy business model for the industry. When the industry moves off the cookie – I think Paul has it right – 5 years max – maybe less than that – the question will be whether the replacement tech actually will need compliance and enforcement at all. Application of multi-dimensional public data – call it Mailbox to Modem – where the data is public and the targeting is defined by modeled propensities means that marketers can now deal with 100% of the targeted audience with intelligent outreach rather than tracking each person around the net – one at a time. Pledges and self-regulation is unfortunately viewed as a dodge to the various legislative definitions for DNT and 3rd Party Cookies .

    Rather than continuing with the public whinning from the IAB and others it would be nice if our industry would actually get ahead of these market forces. I’d really like to be able to engage with the NAI, DAA and others to help determine what transparency and choice actually means – a gold standard for the nextgen who replace the cookies – and maybe – just for once – establish the high ground with regulators by applying FCRA and other standards that are established precident in the application of data.