Safeguarding valuable, first-party data isn’t as easy as you think
If your job is even remotely connected to the digital advertising ecosystem, you are probably aware that data leakage has plagued publishers for many years. But you are most likely still in the dark about the scope and gravity of this issue. Simply put, data leakage is the unauthorized transfer of information from one entity to another. In the digital ad ecosystem, this data loss traditionally occurred when a brand or marketing agency collected publishers’ audience data and reused it without authorization. Today, this scenario is much more complicated due to the sheer number of players across the digital advertising landscape, which causes data loss to steadily permeate the entire digital ad industry, and leading to a “whodunit” pandemonium.
Surveying the Scene
On average, at The Media Trust we detect at least 10 parties contributing to the execution or delivery of a single digital ad, and this is a conservative figure considering that frequently this number is as high as 30, and in some cases more than 100, depending on the size of the campaign, type of ad, and so forth. The other contributing parties are typically DSPs, SSPs, Ad Exchanges, Trading Desks, CDNs and other middlemen that actively participate in the delivery of the ad as it moves from advertiser to publisher. Just imagine the cacophony of “not me!” that breaks out when unauthorized data collection is detected. To make matters worse: few understand how data leakage impacts their business and ultimately, the consumer. As a result, an unwieldy game of whodunit is afoot.
Sniffing out the culprit(s)
To unravel this data leakage mystery, let’s get down to brass tacks and build a basic story around just four actors: Bill the Luxury Traveler (Consumer), Brooke the Brand Marketer (Brand), Blair the Audience Researcher (Agency), and Ben the Ad Operations Director (Publisher).
Bill the Luxury Traveler
Case File: As a typical consumer, Bill researched vacation package for his favorite Aspen resort on a popular travel website. He found a great bargain but wasn’t ready to make the final booking. As he spent the next few days thinking about his decision, he noticed ads for completely different resorts on almost every website he visited. How did “they” know he wants to travel?
Prime Suspects: Bill blames his favorite resort and the leading travel website for not protecting or, even worse, selling his personal data.
Brooke the Brand Marketer
Case File: Brooke is the marketer for a popular Aspen luxury resort. She invested a sizeable percentage of her marketing budget on an agency that specialized in audience research and paid a premium to advertise on a website frequented by consumers like Bill. To her dismay, she realized that this exact target audience is being served ads for competitive resorts on several other websites. How did her competitors know to target the same audience?
Prime Suspects: Brooke questions her ad agency leaking her valuable audience information to the ad ecosystem and also fears the leading travel website does not adequately safeguard audience data. What Brooke does not suspect is her own brand website, which could by itself be a sieve that filters audience data into the hands of competitors and bad actors alike.
Blair the Audience Researcher
Case File: With a decade of experience serving hospitality clients, Blair’s agency specializes in market research to understand the target audience and recommend digital placements for advertising campaigns. However, one of Blair’s prestigious clients questioned her about the potential use of the brand’s proprietary audience data by competitors. How does she prove the client-specific value of her research and justify the premium spend?
Prime Suspects: Blair is concerned about the backlash from her clients and the impact on the agency’s reputation. She now has to discuss the issue with her trading desk partner to understand what happened, but she is unaware that she is about to go down a rabbit hole that could lead right back to her client or the client’s brand website as the main culprit.
Ben the Director of Ad Operations:
Case File: Ben is the Director of Ad Operations for a premium travel website. As a digital publisher, the sanctity of his visitor/audience data directly translates to revenue. In this scenario, he suffered when his valuable audience data floated around the digital ecosystem without proper compensation Almost every upstream partner had access to his audience data and could collect it without permission. When his data leaked it devalued ad pricing, reduced market share and customer trust, and also raised data privacy concerns. How does he detect data leakage and catch the offending party?
Prime Suspects: Everyone. Publishers like Ben are tired of this whodunit scenario and the resulting finger-pointing. While ad exchanges and networks receive a bulk of the blame for data collection, he is aware that many agencies, brand marketers and their brand websites play a role in this caper, too.
And at the end of the day, consumers, people like Bill whose personal data is stolen, are ultimate the victims of this mysterious game.
Guilty until proven innocent
While the whole data leakage mystery is complex, it can be cracked. The first step is accepting that the entire display industry is riddled with mistrust and every participant is guilty until proven innocent. Several publishers, responsible DSPs, trading desks, exchanges, marketing agencies and brands have already taken it upon themselves to solve this endless whodunit. To bolster their innocence, these participants need to carefully review:
- Data Collection: Get smart about the tools used for assuring clean ads and content. Your solution provider should check for ad security, quality, performance and help with data protection. Reducing excessive data collection is the first step in addressing data leakage.
- Data Access: With the General Data Protection Regulation (GDPR), EU-US Privacy Shield, and many more such timely regulations, the onus is on every player in the digital ad ecosystem to understand what data their upstream and downstream partners can access and collect via ads. Instead of today’s blame game, the industry should slowly see accountability for non-compliant behavior.
- Governance: Every entity across the ad ecosystem should adopt and enforce stricter terms and conditions around data collection and data use. This is especially crucial for publishers and brands – the two endpoints of the digital ad landscape.
Ultimately, every participant in the digital advertising ecosystem first needs to monitor and govern their own website in an attempt to close loopholes that facilitate data leakage before pointing fingers at others.