This article is the fourth in our “Everything you need to know about the post-cookie apocalypse” series. In this article, we discuss the issues of data privacy and the growing import of first-party data to both advertisers and publishers.
When your online ad inventory participates in complex internet auction ecosystems, cookies and sometimes personal information can leak into what’s known as the “bidstream,” and it can be collected by parties with whom the user had never provided consent.
The potential security flaw of the bidstream was highlighted in a report in 2020 about how the dating app Grindr exposed the personal information of its 3 million users through the ad tech ecosystem. The report called out ad platforms such as OpenX, AT&T’s Xandr, and Twitter’s MoPub for allegedly lax enforcement when it comes to ensuring any data transmitted was only done so with the clear consent of users of apps like Grindr.
“Twitter’s MoPub managed data transmissions that included personal data of a Grindr user,” researchers from Mnemonic, a Norwegian security firm, said in its report calling for fines against ad tech companies. “Simultaneously, several other third parties were observed receiving personal data directly through their SDK integrations in the Grindr app.”
U.S. regulators have been following their European counterparts scrutinizing the practices that have been exposed in the real-time bidding ecosystem. The Senate has held hearings on the subject, most recently on Sept. 29 in a session called “Protecting Consumer Privacy.” And lawmakers recently approved a whopping $1 billion to enhance the Federal Trade Commission’s privacy enforcement powers.
How Are The Privacy Concerns Being Addressed?
The digital advertising industry is only now working, at a pace that best suits the major players, to replace the function of cookies and device IDs.
Google has undertaken what it calls Privacy Sandbox, a program that will attempt to infuse anonymity into the advertising supply chain by relying on “cohorts,” groups of individuals to target and measure ads rather than personal identity. Facebook has been developing what it calls Privacy-Enhanced Technology to do the same.
Other players in the supply chain are banking on new kinds of online identifiers to do the connecting between ad networks and consumers. Those identifiers are rolling out with rapid speed from stakeholders like the ad platform The Trade Desk, developing Unified ID 2.0., now operated by Prebid and endorsed by Magnite, SpotX, Index Exchange and others.
Agencies like OMD and IPG have expressed willingness to work with Unified ID 2.0. That ID relies on email addresses, anonymizing them through encryption, to create profiles on web users, who could theoretically be targeted with ads without the need for matching them with now non-existent cookies on websites they visit.
“We are seeing collaboration with the open internet,” Sara Stevens, VP of digital capabilities at Epsilon, said about the industry efforts. “We have consortiums like [Partnership for Addressable Media] looking to collaborate with the non-walled gardens and allow our IDs to communicate with alternate IDs.”
What Are The Post-Cookie First-Party Data Marketing Challenges?
The loss of cookies and other trackers has created a rush for brands to harvest first-party data, which has become the gold standard for marketing campaigns online. What’s so appealing about first-party data is that it theoretically comes with the direct consent of the consumer, who can be confronted with a consent option at the point of contact online or in a store. Sometimes merely filling out a form online allows capturing their permission.
Unilever’s Executive VP for Global Media Luis Di Como told Ad Age in a statement that the company is investing in first-party data tech to address the post-cookie marketing challenges. Procter & Gamble Co. Chief Brand Officer Marc Pritchard said the same: “Over the past couple years, the mindset we have simply taken is that we will have a more privacy-focused internet with more opt-in, that’s consent-based, with consumers having a say in what data they provide,” Pritchard told Ad Age. “As our good friend and CEO of Gillette Gary Coombe says, ‘If it’s inevitable, get enthusiastic.’”
We May Be Better Off Without Cookies
Google’s decision earlier this year not to replace third-party cookies in Chrome with any of a variety of new proposed personal identifiers rocked the ad tech world. Coming on top of Apple’s moves to require that people opt into any tracking tech, it signals the end of personal identifiers across platforms and publishers.
But despite all the hand-wringing, the “cookieless future” is far from the end of the world for marketers. Indeed, for many marketers and marketing generally, it could make things better.
The reality is that digital targeting has often been woefully bad—serving people ads for things they just bought, in sizes and varieties they didn’t want, or solving problems they never had. That’s when the ads reached real people at all. Third-party cookies have been a key tech enabler of digital fraud. And many marketers already have been building their consumer databases anyway, in part because of the poor quality of third-party data that fueled cookie-driven ad buys.
To be sure, the effects are uneven. Marketers most positively affected are those who are essentially media players too—the retailers whose first-party transaction data and direct consumer relationships will become more valuable to other brand marketers. Brand marketers who’ve invested in their consumer databases—such as Procter & Gamble Co., Unilever and L’Oreal, each numbering more than a billion consumers globally—will see the value of that data grow as it’s used to target and model ad buys. But some smaller direct-to-consumer players who rely more on targeting using third-party cookies may be at a disadvantage.
Varying Impact Across The Market
“Advertisers that are going to feel the most amount of pain are the small and medium-sized businesses because those companies have been heavily reliant on third-party cookies,” says Rachel Tipograph, CEO of MikMak, provider of e-commerce enablement and analytics software, including shoppable ad formats that let brands direct purchases to shopping carts at a variety of retailers. “The behemoth CPG brands that didn’t build their customer acquisition strategies around third-party cookies, I don’t think this affects them much at all.”
Indeed, the outcry from big brands has been relatively muted. For example, Unilever Executive VP for Global Media Luis Di Como in a statement says his company will lean on its first-party data and relationships with retailers to reach people and “as a responsible marketer, we will continue to support partners that are committed to better data privacy.”
“For the past couple years, the mindset we have simply taken is that we will have a more privacy-focused internet with more opt-in, that’s consent-based, with consumers having a say in what data they provide,” says Procter & Gamble Co. Chief Brand Officer Marc Pritchard. “As our good friend and CEO of Gillette Gary Coombe says, ‘If it’s inevitable, get enthusiastic.’”
P&G is part of a group of 30 advertisers in China that have explored working around Apple’s opt-in requirements for sharing identity information across apps. But less than 5% of P&G’s consent-based data comes from app-to-app sharing anyway, Pritchard says. And P&G took issue with a recent Wall Street Journal story characterizing the effort as a furtive attempt at sidestepping Apple’s privacy controls, saying that consumers would have the ability to turn data-sharing on and off under the plan and that P&G is working on it directly with Apple “or anyone else who shares our values of giving consumers control and transparency.”
Meanwhile, P&G has its global database of more than 1.5 billion consumers, a combination of third-party data and first-party data gathered everywhere from direct e-commerce sales to expectant moms sharing information on the Pampers app to quick quizzes people fill out online facilitated by ad tech player Jebbit. The approach was never to fuel individual ad targeting, though, but rather to help create “smart audiences” that can be reached in digital and other media based on the context of the media or what P&G learns about the group’s media habits, Pritchard says.
“Those smart audiences, which are cohorts, we can reach through programmatic means, and frankly in an anonymous way,” Pritchard says. “With Google, we’re going to be able to match our smart audiences with their FLoCs [Federated Learning of Cohorts] to reach people. That’s really how it’s going to work. I gotta tell you, I think it’s going to be fine.”
P&G will reach its smart audiences in some cases via contextual targeting. like cooking content for Dawn Power Spray, and in places where people provide opt-in access to their data “because they’re trusting you.”
And yet for one of P&G’s much smaller, mainly direct-to-consumer competitors, household products marketer Dropps, the crumbling of cookies looks crummier.
“In our case, not having the cookie impacts re-targeting and display prospecting. It will be more complex to build customer personas,” says Dropps CEO Jonathan Propper. Ultimately, he thinks the loss of personal digital identifiers will force Dropps to “create better experiences for consumers online, which may ultimately have an extra effect of customers becoming evangelical for the brand.”
Google Ads is about half Dropps’ ad budget, with Facebook and Instagram advertising—which should be less affected by the loss of identifiers—composing most of the rest.
Dropps also benefits from a first-party database of past buyers, many of whom are subscribers essentially, Propper says. But even though business for his e-commerce laundry and dishwasher detergent pods has boomed during the pandemic, that doesn’t mean he can give up on prospecting. Amazon, which was always part of his business beyond direct sales, may become more important and certainly won’t be less so.
Tina Pozzi, the chief brand officer of beauty brand Bliss, a direct-to-consumer player with considerable retail distribution at Ulta and elsewhere, says the brand has relied heavily on cookies for re-targeting in the past, but increasingly has been building its first-party relationships through programs like a skincare quiz via Jebbit, distributed through online influencers. Bliss also has been building its community through TikTok with agency Movers & Shakers, generating some 6 billion views.
“In some ways, I think this is a really big challenge for brands to ensure that they’re developing that relationship with their consumer,” Pozzi says. “Ultimately this will be about understanding the consumer first and building that first-party data to augment our targeting strategy.”
But having a direct-to-consumer business doesn’t mean heavy reliance on cookies. An executive who has started a handful of successful direct-to-consumer brands who asked to speak not for attribution said the long-ago rejected programmatic buys using cookies on the open web because it simply didn’t work as well as Facebook and Instagram advertising.
His most successful media strategy is one that somewhat resembled old-fashioned consumer products marketing applied to social media—putting as much money as he can into reaching as many women ages 18-to-49 as he can on Facebook, Instagram and, increasingly, TikTok. That’s augmented by rapid-fire testing of ad creative to see which ads generate the most sales and then put more money against them. He doesn’t expect Google or Apple’s privacy moves to affect that strategy.