The path toward a privacy-first advertising ecosystem

Opinion: Partner content

In a post-GDPR world, a balance between personalisation and intrusion is not only desirable but essential, writes Ozone’s chief technology officer.

Over the past 20 years, the technology framework for programmatic advertising centred around the third-party cookie. This cookie tracked a user’s device across all their browsing activities.

This led to likely the single largest data breach of privacy ever, where an estimated 5 billion people were tracked by a handful of adtech companies without their permission.

The response to this privacy breach has been two-fold, from both the public and the private sector.  In many countries, privacy laws — such as GDPR and CCPA — were put in place to prohibit the widespread use of third-party identifiers without user consent. In the private sector, Apple has led device manufacturers to disable third-party cookies with intelligent tracking prevention (ITP). Apple subsequently made user privacy a core value proposition with their customers — perhaps unsurprising when they are the most valuable company in the world.

As a business operating across the premium web, Ozone has always been incredibly protective of the relationships our publishers have built with their readers — our ‘privacy-by-design’ approach remains a core pillar of our business today.

So, at a time when the digital advertising world is undergoing a fundamental re-architecting in response to user privacy needs, I wanted to use this platform to look at the initiatives that will shape the future landscape in this space.

Cookie replacements

Post-cookie composite ID solutions have been built by ad platforms (such as The Trade Desk or LiveRamp) and third-party companies (ID5 being one). While each solution is different, they generally use publisher first-party data to construct an ID that can be used in the same manner as a third-party cookie. These solutions seem to be beneficial to advertisers, in that they replace the functionality of the cookie with no changes to advertiser workflow.

However, a ‘cookie replacement’ has all of the hallmark problems of the original third-party cookie — including widespread surveillance from the ad tech sector.  In addition, there is a clear leakage of first-party user data from publishers to ad platforms that use these technologies, and an unclear exchange in value.

In tests that Ozone has run with all of the major ID vendors, none of the solutions have led to a meaningful increase in yield for any of our publishers.

Google Protected Audience

Google has released the Protected Audience API, which is a technology that builds audience segments — both interest-based and custom segments — inside of Google Chrome. This protects the user by allowing them to be a part of a segment of 100 or more users, rather than to be targeted individually.

Google appears to be taking a great level of care to ensure that a person cannot be individually targeted using the Protected Audience API in Chrome. It is important to note that this is a technology, just like the cookie, and the end solutions that use Protected Audience API have yet to be evaluated. It also remains to be seen how widely adopted this technology will become — while it’s open source, it would seem unlikely to be incorporated into Apple’s Safari browser.

While we are yet to collect data on Protected Audience API, I’m really keen to see the results of this promising direction of travel.

Sampling

Before the third-party cookie’s widespread use in the digital space, survey companies built ‘panels’ of users, tracked what these users consumed, and then extrapolated this data out to large audiences.  This technique has been used for a long time, and is especially useful for demographic information like gender, age and income.

Sampling is less useful when building niche audience segments, and becomes complex and expensive when measuring larger regions like the US or the EU.

Balancing personalisation and privacy

In the early days of digital marketing, hyper-targeting and exact conversion tracking fueled our industry’s growth. It might have taken 15 years — and quite a few global headlines — but we’re now seeing a much greater push from users for greater privacy protections. In a post-GDPR world, a balance between personalisation and intrusion is not only desirable but essential.

As Ozone develops and scales the premium web ecosystem, our duty regarding personal data is three-fold — to the consumer, ensuring their privacy and trust; to the publisher, maintaining the integrity of their platforms; and to the advertiser, delivering effective results without compromising ethical standards.

Where next?

As the digital landscape reshapes, our commitment remains: to foster a thriving privacy-first, advertising ecosystem. We are actively exploring innovative approaches and technologies that prioritise user privacy while still enabling the highly effective advertising results that brands expect from the editorially-led premium web. We will work with users, our publisher partners, and advertisers to create a solution that works for all. 

As has been a theme for this series all week, collaboration will be critical in navigating this transformative era and paving the path toward a more privacy-conscious digital future.

Scott Switzer is chief technology officer at Ozone