What Do We Actually Mean by “Cookieless”?

There’s a perception that first-party data is just login demographic data, but it’s so much more than that.

First-party data is all sorts of things, such as contextual and behavioral data. It also includes site navigation patterns and single session page views, time spent on the page, frequency and recency, not to mention multi-session interest topics, and ad placement analytics.

It’s rich data publishers can use because it’s more privacy-forward than third-party cookies. It’s more than contextual, as mentioned before, but it can also scale across all channels (i.e., tablet, CTV, mobile app, desktop) and browsers.

Lastly, first-party data can offer much more accuracy in terms of targeting than third-party cookies. And with them deprecating, now is the time to shift the focus to first-party data. 

Some issues with third-party cookies regarding targeting tactics include:

• Fragmented media buying based on various solutions available across browsers and platforms.
• Campaign reach may be impacted given the likelihood of overlap in targeting strategy due to competition solutions.

The solution would be to consider first-party data, including the publisher’s proprietary IDs, analytical data, and audience segmentation, to run a more successful campaign. Tools powering first-party data matching will become valuable assets to campaign buyers. And lastly, publishers can define audiences based on first-party data to help shape first-party execution.

How Will Third-Party Cookie Deprecation Impact the Market?

Google Chrome has a ⅔ market share, so the impact will be monumental once they deprecate third-party cookies in 2024. The four most significant effects it’ll have are:

– Identity and Ad Targeting: One of the main reasons privacy regulations have come to the forefront is the way third-party cookies collect user data and transfer it to third parties. A proposed alternative is the Privacy Sandbox based on cohort analysis rather than individual user data. There are also universal IDs that can significantly expand the reach of advertising campaigns. This multi-channel and cross-platform offers more advanced and secure identifying and targeting features than third-party cookies. By using first-party data solutions, consumers can have better control over their privacy preferences. Not to mention contextual targeting, which emphasizes content and keywords over-relying on personal information.

– Ad Fraud: Many believe doing away with third-party cookies will increase ad fraud, which is simply not the case. Ad fraud is already rampant and underreported. For instance, bots can dump and get new cookies like users can when they clear cookies from their browsers. Bots can also pretend to be any audience segment an advertiser wants, hurting advertisers by paying for higher CPMs. They can also trick search and cart abandonment retargeting algorithms and way more. So with these practices and more being lost with third-party cookies, less money will be lost to fraud.

– Cost Savings and Better Outcomes: Advertisers can personalize their customer experience better, use CRM retargeting, make the most of first-party data, and use contextual advertising. 

3 Must-Haves in Your Cookieless Arsenal:

Among other considerations, exploring and using tools from companies that have established a presence for the target audience is a great way to fill in the gaps while considering first-party data. It’s also worth taking the time to consider building partnerships to match data and stay privacy-forward. 

As a result, consider these three must-haves for when third-party cookies finally deprecate: 

Data collection optimization — Publishers define a data strategy and decide what data is valuable for targeting purposes.

Industry or first-party identity solutions — Publishers with a significant amount of login information and the right to use it should focus on adopting an industry identity solution or developing a first-party identity solution, enhancing user privacy controls. 

Platform participation preparation — All publishers should prepare to participate in platform solutions, like Google’s Privacy Sandbox. They should work with their partners to understand and prepare for the changes. 

If you want to learn more about addressability and how to unleash your first-party data, check out our Privacy and Identity Prepper Playbook for Publishers.

The post Armed and Cookieless: 3 Must-Haves for Publishers in a First-Party Data World appeared first on TripleLift.

What is “Do Not Track”?

Let’s start with the definition of “Do Not Track” (or DNT). DNT allows users to opt-out of their online behavior being tracked on websites. 

Unlike other industry or proprietary opt-outs from online “tracking” stored in cookies that can be cleared or are imperfect because they’re stored server-side, in local storage, or elsewhere, the idea behind DNT was to create a simple, universal, and persistent opt-out.

It was supposed to work like this:

Every time your computer sends or receives information over the internet, the request begins with short pieces of information called headers that include information like what browser you’re using and other technical details.

The DNT signal would be included as a machine-readable header indicating a user didn’t want to be tracked. 

Because this signal is a header and not a cookie, users could clear their cookies without disrupting the functionality of the Do Not Track flag.

Where Did DNT Come From?

The idea of sending “DNT” requests in HTTP headers was first suggested around 2009 because of concerns over existing cookie-based and server-side user choice options that were confusing, difficult to use, and “fragile” (e.g., easily cleared or deleted). 

The proposal was an alternative to regulation and was endorsed by the U.S. Federal Trade Commission. In 2011, Safari and Firefox made it possible for users to select this option in their browsers, but websites and their AdTech vendors disagreed on what the signal meant. They, therefore, didn’t alter their behavior in response to it. Around the same time, Internet Explorer turned it on by default for its users.

The inconsistency led to the creation of a working group at the World Wide Web Consortium (W3C) tasked with standardizing the technical interaction and setting an agreement on what websites should do on receipt of the signal (the “Policy”).

The working group included publishers, AdTech companies, browser and software companies, and user advocates. There was hope for a compromise, but given competing commercial interests, the working group stalled in 2012.

How Did it End?

The umbrella online advertising trade organization, the Digital Advertising Alliance (DA,A), pulled support.

In 2014, Yahoo! dropped support from all of its websites, saying the standards were too murky to be helpful with their privacy team stating, “Right now, when a consumer puts Do Not Track in the header, we don’t know what they mean… Privacy is not a one size fits all thing.”

In 2015, Microsoft reversed its position clarifying that Internet Explorer would no longer send DNT signals to websites by default. By then, however, it was too late.

Why Did the “Do Not Track” Fail?

Because the parties at the table couldn’t agree on the policy underlying the signal. By all accounts for four main reasons:

• Opt-in or opt-out: Microsoft argued the browser should set it by default, and users could turn it off (opt-in). Others argued it should be actively set by the users (opt-out).
• Messaging: Who controls explaining this choice (and the value exchange) to consumers? Browsers? Publishers?
• Applicability: Should the signal apply uniformly to all parties, or should its application be different for different parties (e.g., could first parties like Google, Microsoft, and Yahoo ignore it for both their explicit content and third-party ad businesses) while third-party AdTech had to honor the choice?
• Proper response: What should parties stop doing on receipt of the signal? No data collection or use? No building or enhancing third-party profiles? Could they still run a contextual auction? Ad delivery using publisher audience data? Ad delivery using advertiser data? Frequency and recency capping? Fraud? Security detection? Something else?

Privacy Issues and Concerns

If this all sounds familiar, it’s because it’s the same issues we hear day-in and day out in the news, from regulators, from our clients and partners, in contract negotiations, and in industry working groups interpreting and solving for GDPR, CCPA/CPRA, Privacy Sandbox, etc. including the ads working group at W3C, the Global Privacy Control, IAB Transparency, and Consent Framework, IAB CCPA Framework, NAI Code, DAA Principles, AdChoices, etc.

Should users have to opt-in or out to ad tracking? What does “ad tracking” even mean? Should parties treat their direct consumer relationships differently? Is it up to gatekeepers such as Apple, Android, and ePrivacy to control consumer communications at the device level? Should gatekeepers control access to that data and not share it (Privacy Sandbox, Ads Data Hub)? Is there an overall better way to serve and measure ads?

How Can Identity and Data Protection Coexist?

This isn’t going away anytime soon. Look at history for those who think these conversations are new and can be easily solved with another opt-out or opt-in. Learn from the mistakes that have been made. Listen to those who’ve been down this path before. Acknowledge not all interests are aligned. Ideally, simplify as much as possible. Maybe even fundamentally change how things work.
Online advertising is going through drastic changes, and we can dive deeper into how privacy is changing digital advertising.

The post Do Not Track: A look at the DNT’s What, Whys and WTFs appeared first on TripleLift.