The following is republished with the permission of the Association of National Advertisers. Find this and similar articles on ANA Newsstand.
By John Nardone
As marketers embark on a privacy-first era, two things are becoming quite clear. First, walled gardens are taking advantage of growing demands for consumer privacy to make anticompetitive moves that violate the spirit of emerging privacy laws. Second, data and advertising technology companies are racing toward short-term fixes that reflect a similar flawed approach; they’re adhering to the letter of the law but not the principles behind it.
In other words, the industry is headed in the wrong direction, and it’s incumbent upon advertisers to help get things back on track. But there’s precious little time to act.
Headed Down the Wrong Path
The ongoing regulatory pursuit of enhanced consumer privacy protections has given tech titans like Google and Apple the perfect excuse to close their walls further.
The market sees it with Google’s decision to cease support for third-party cookies in 2022. Ditto for Apple’s recent deprecation of Identification for Advertisers (IDFA). And that’s really just the tip of the iceberg.
These moves would seem to fall in line with today’s broader privacy-first agenda, but, ultimately, they’re just putting more control into the hands of some of the most powerful companies on the planet. They’re walling off consumer insights that enable greater advertising effectiveness on the open web, but the tech titans themselves are retaining deep troves of consumer data to be used at their discretion.
Meanwhile, in response to these moves, a bevy of new solutions have been brought forth by data and ad tech companies eager to provide alternatives to vanishing identifiers (and thereby salvage a place for themselves within the marketplace).
These solutions are designed for the short term, but they’re not being designed with the long-term interests of consumer privacy in mind. They might adhere to privacy regulations as they’re written on the books. But they’re defying the essence of what regulators are trying to accomplish on behalf of the people.
Following the letter of privacy regulations is not enough. For advertisers to thrive outside the walled gardens, the marketing industry must go further. We must honor the higher principle.
What are those principles? The core thrust of a privacy-first advertising landscape includes:
Any operation involving identity, even properly pseudonymized, requires clear notice to the consumer.
At every touchpoint, consumers should be offered clear and transparent access to information on how their data will be used, and the opportunity to opt out.
Marketers should follow the law. As outlined in the California Consumer Privacy Act (CCPA), consumer data should not be shared without the consumer’s opportunity to opt out.
If brands don’t put this core premise at the heart of advertising — if companies cut corners at this vital crossroads in our industry’s history — the marketing industry is going to wind up replacing the cookie with something worse. And when that happens, markets will be abusing consumer trust. They will simply be postponing the next round of regulation that will upend — and eventually decimate — the industry.
Marketers have to get this right.
Do Right By The Customer
Third-party cookies have been laid low at last, and everyone is trying to replace them with a new identity infrastructure. But are the emerging concepts more privacy-compliant or privacy-respectful than the problematic bit of technology being replaced?
Emerging alternatives to the cookie rely on a false principle wherein a single logged-in user can serve as the basis for targeting, measurement, and analytics that cover other digital geographies. This is precisely the type of advertising practice that people hate and that privacy laws are trying to combat.
For instance, a person signs up to receive email deals from their favorite clothing retailer online. That person ticks the box that says he will accept marketing messages from the retailer’s partners. In doing so, that person has unwittingly forfeited his identity to the digital advertising machine, with no knowledge of what’s about to be done with it. The customer has given an inch — to a company he trusts — and that company has taken a mile
The customer’s email can now be shared with any number of third-party identity partners, which will then propagate the person’s ID as a match key for data. All of a sudden, as the customer traverses the online space, it appears that every company on the planet knows he is shopping for a certain style of jacket.
To the customer, that’s not right. That person gave his email to his favorite clothing retailer — no one else. What happened? Can it be undone? If so, how? The retailer has fundamentally violated that customer’s trust. It might have been legal. But it was still very, very uncool.
As an industry, marketers need to aim higher, and acknowledge that when a user provides an email address or any other piece of personally identifying information (PII), the permission to use it is not transferable to third parties without giving the consumer an opportunity to reaffirm that permission at every touch.
Advertisers Bear Responsibility
Ultimately, it is advertisers that are responsible for providing this constant notification and chance to opt out to consumers. It is their relationship — not the relationship of the data or identity provider. If advertisers buy into a solution that shares their customers’ data as the basis for targeting ads, they are accountable for any breached trust or misuse of that data from that point forward.
Furthermore, if a brand pays for an ad, it’s initiating contact with the consumer. That means it has a responsibility to tell the consumer how it found them and give them the opportunity to not be found again.
Of course, data providers don’t receive absolution in this scenario. Quite the opposite. They must be overseers for their clients. It’s their job to go further and require that advertisers deliver on their promise to their customers. Ultimately, privacy without transparency is a fallacy.
Don’t Miss an Opportunity
Simply put, existing identity alternatives do not guarantee compliance with the spirit of privacy. The marketing industry is at a crossroads, and thus far, it’s chosen the incorrect path.
Brands and organizations already know that walled gardens have exploited and distorted privacy for their own ends. On the open web, the choice is up to marketers whether they’ll do the same. Cutting corners and seeking loopholes around privacy principles will only further undermine consumer trust, and lead inevitably to more regulation, more disruption, and more consolidation of power among walled gardens.
CMOs and marketers know the right path. The question is whether they have the courage to follow it.
About Author: John Nardone is the CEO at Flashtalking, a partner in the ANA Thought Leadership Program.