Criteo Revenue And Shares Are Up, But GDPR And ITP Still Loom Large

Criteo stock shot up Wednesday morning after the French advertising technology company reported revenues of $674 million in the final quarter of 2017, a 19% gain from the same period the year before, and a 27% jump in gross profits for the year.

The Q4 revenue numbers came in at the top end of Criteo’s revised guidance from November, when the company told investors it had underestimated the potential losses due to Safari’s Intelligent Tracking Prevention (ITP), a policy restricting ad targeting and data collection for Apple browser users.

Criteo is in a delicate position. The company’s financials are sound and its cash on hand grew from $270 million to $414 million last year, but uncertainty around the impacts of ITP and GDPR, the European regulations on data and privacy that take effect in May, have shaken the company’s supporters on Wall Street.

The company “is more cautious now” about addressing Safari ITP, CEO Eric Eichmann told AdExchanger.

Criteo will no longer discuss efforts to address ITP, unlike last year, when it discussed strategies to secure its data foothold in Safari, such as by using HTTP Strict Transport Security protocol, a way to identify browser users without cookies. Criteo is also bundling ITP revenue impacts into its overall forecast for the year instead of issuing specific guidance.

Revenue losses from ITP haven’t undercut growth, Eichmann said, but associating Criteo with the poorly understood Safari policy spooked investors and made it the most visible target for ad tech industry critics.

GDPR exposes the company to critical speculation as well, since Criteo’s antagonists say its consumer opt-in and tracking policies won’t pass muster under the new regulatory regime.

But Criteo is vocally pushing its position on GDPR.

The data and privacy regulatory watchdogs in France and Spain recently issued guidance supporting Criteo’s privacy practices, Eichmann said.

Criteo doesn’t believe its web browsing data falls under the EU’s definition of “sensitive data,” like age, gender and political beliefs, he said, and thus won’t need the more burdensome explicit consent requirements placed on other data collectors, like retailers or companies that process transactions or store personally identifiable info like a home address.

Tagged in: