“The Sell Sider” is a column written by the sell side of the digital media community.
Today’s column is written by Premesh Purayil, chief technology officer at Ranker.
At the IAB’s recent annual leadership meeting, it seemed that advertisers and publishers were fond of saying, “first-party data is the new currency,” while all the vendors wanted to talk about is how to replace third-party cookies.
In my opinion, that’s just a workaround to do business as usual. The problem is that now all of the vendors that relied on third-party cookies are scrambling for a way around it with CNAMEs, universal IDs, hashed email addresses or phone numbers. All efforts are focused on continuing to identify a user across sites so that data can be collected and attributed to that user.
How is this any different than the framework that got us here, smack in the middle of data privacy concerns? Sharing data across the sites I visit to build a data graph around me so that advertisers can “accurately” target me is exactly what these policies and privacy regulations are trying to protect against. Just because I visited a site to shop for Hawaiian hotels for an upcoming vacation does not mean that I'm OK with that information being shared with another site or vendor.
Ending third-party cookies is the most effective way to stop data from being exploited without user consent. Rather than regulate the bad actors, a wholesale halt to third-party cookies was easier. All of these attempts to identify users are no different than what we were already doing, albeit with a slightly higher level of user permission.
I get it, without being able to identify the users, it reduces the ability to accurately retarget a user when they go from site to site, but maybe that’s OK? Maybe personalized ads are too creepy.
I propose an alternative solution that is based only on first-party data, plus some data science to solve the scale issue. In a first-party world, we exchange scale and volume for accuracy. Contextual data is easy to expose, but what about user segments, locked behind the closed doors of DMPs for too long? What if a publisher could use the data they know about their content and users to create segments?
If I visit a link about the NFL, I’m a “football fan,” for example, but if I visit multiple pages on that site about other sports perhaps I’m a “sports enthusiast.” This should be possible without a large effort, so then the next issue is scale. If I define a user segment based on the content a user consumes, I can push that up through the programmatic pipes to be transacted on, but this custom segment would not have scale.
Here’s where it gets interesting. If all publishers defined the same set of predefined segments based on a certain standard, then we start to have scale – more importantly, scale based on first-party data. One can question the validity of this data from one publisher to the next (what’s stopping a publisher from saying that all of their traffic is users about to buy a car?), but I would immediately point to the poor quality that some third-party providers have sold for years.
We would need to have someone, perhaps the IAB, define the set of possible first-party segments that can be standardized, such as "sports enthusiasts” or “movie goers," similar to what the IAB has already done with content taxonomy.
Having said that, I think we can do better. If a third-party validator classified content and users in an explainable and defensible way using only first-party data, then we could have scale with accuracy. Layer on look-alike audiences or rules based on what we know about the user and we can go further to expose inferred and derived user segments that can certainly scale more when needed.
Alternatively, the W3C has been working on a proposal dubbed TURTLEDOVE that is worth a read. The gist is that the browser becomes the holder of personal data, which sites can push into and ultimately access for advertising. I think the idea here has legs, as the data is kept in the browser and only submitted when requested (and presumably approved to do so). In theory, it allows the user to easily see what data is being stored, if they want to edit or clear it, and potentially where and when it's being sent. I don't think it addresses all of the problems on the advertiser side yet, but it's certainly a start.
We have a long way to go, but it seems like there are far better solutions that actually solve the data privacy problem. Sending consented user data without an identifier means no one downstream can create a profile around the user. The cost of this approach is perhaps the loss of the ability to retarget ads and frequency cap across domains, but if the choice were up to the user I would imagine they certainly would not mind.
If the choice is left up to ad tech vendors, we already know where we are going to end up.