Welcome to the privacy-focused future

The industry was still digesting the implications from the announcement that IAB Europe’s Transparency and Consent Framework (TCF) was deemed non compliant with GDPR, when Google announced that Android was following Apple’s steps with the removal of its Advertising ID tracking feature.

The future is likely to be devoid of many of the identifiers that advertisers have become accustomed to and they need to be both aware of what solutions are available and what their businesses can do to prepare.

Browsers such as Safari (2017) and Mozilla Firefox (2019) have already gone ‘cookieless’ and Google Chrome will follow suit by the end of 2023. Arguably this change is overdue, with an analysis of 20 advertisers finding that rejection rates of cookies on mobile devices were extremely high, at 75%. Clearly, we’ve needed a new solution for a while.

In order to help advertisers adapt, the WFA has been hosting a series of spotlights with industry leaders (Episode 1 – OMG, Episode 2 – Teads, Episode 3 – InfoSum). Through this work we have identified several key alternative options which need to be considered, tested and potentially combined in order to achieve success.

The two main categories of approach available to advertisers are contextual targeting and cookieless audience targeting.

Contextual Targeting

This is by nature a cookieless solution that involves analysing the content of the page and finding moments of receptivity to amplify the marketing message.

Although basic contextual targeting has been around for quite some time, advertisers are still learning the best and most advanced ways to get the most out of this technique.

This is one of the most ethical ways of targeting users and, when used correctly, can be a very powerful tool when it comes to implementing a digital targeting strategy.

Audience Targeting Alternatives

WFA has identified five key audience targeting initiatives (with some being more privacy-preserving than others) that need to be understood by advertisers in order to successfully navigate a post-cookie world.

1. Predictive or Probabilistic Audiences

This uses machine learning to associate an anonymous user with an audience segment using live, probabilistic, context-based, cookieless data signals (e.g. the website visited, article content and time of day, etc.) to detect patterns and match them with audience profiles.

In terms of an ethical cookieless alternative, this method appears to have potential. It offers all the privacy protection of classic contextual targeting but is supercharged through machine learning which provides improved scale, data granularity and accuracy.

There are currently no standard approaches for Predictive Audiences (just proprietary technology), and it’s not clear to what extent the industry will support this.

2. Leveraging First Party Cookies

While (cross-domain) third-party cookies have had their day, first-party cookies live on with advertisers still able to track users within a single domain independently.

This offers advertisers a tried and tested targeting method but scale may once again be an issue. The accuracy of this method is also only viable if users are highly loyal to a certain website, visiting it often enough for advertisers to learn their behaviour in order to deliver targeted ads to them.

Although this method alone may not be the direct fix to the removal of third-party cookies, it can potentially play a key role when integrated with other targeting solutions.

3. Chrome Privacy Sandbox

The Chrome Privacy Sandbox is a protected environment using a set of privacy-preserving APIs (other browsers may be adopting something similar). It is proposed that Chrome will gather and keep raw data and user online activities at browser level (on device), so that ad selection and conversion measurement can still take place, but the browser can act on the user’s behalf and protect them from being identified while browsing the web.

As part of its new interest-based Google has just announced Topics API, where it’s proposed that users will be assigned to up to three of 350 topics, based on their browsing behaviour. And as reported in the trade press, the taxonomy of topics may be more "human-friendly” than the “opaque and arbitrary” groupings it was originally proposing under FLoC.

While some have welcomed the move, the general tenor of industry response has been one of cynicism towards Topics. Where’s the frequency capping functionality? Where’s the real-time performance feedback? Why should Google have the right to govern the topic assignment algorithm? How does Topics solve for in-app social and/or gaming environments?

There are Lots of questions which we will endeavour to challenge Google on in our webinar with the Chrome team on 2^nd March. Beyond this session, members interested in working with WFA on this issue should get in touch.

4. Unique ID Targeting (‘Addressable Media Identifiers’)

The principle with unique IDs is to establish a common identifier that can be shared across publisher domains to track users. This approach is the closest thing possible to a one-to-one cookie replacement.

Unique ID targeting relies on having user email addresses which in turn, requires users to be logged-into a publisher’s site. These e-mail addresses are then hashed into encrypted unique IDs, which are made accessible to ad-tech players. Depending on the ID solution used, users can then be tracked across a variety of sites they log into, based on their encrypted log-in IDs.

IDs offer advertisers a granular and accurate cross-device targeting alternative to third-party cookies, however, it’s not without its challenges. Firstly, the scale of users available via this method is low since there are only a limited number of users who log-in to multiple sites while browsing the internet.

Secondly, there is growing sentiment that unique/universal ID schemes, based on hashed emails/logins may be more privacy-invasive than cookies. It may be a non-starter, particularly in Europe.

5. IP Address Utilisation (Fingerprinting)  

This is when a user’s IP address is combined with device and browser characteristics to probabilistically track a user online. ‘Fingerprinting’ as this approach is also known, offers a high level of accuracy and is widely considered a strong technical workaround to replace cookies.

Fingerprinting however, may not be very privacy friendly either. IP addresses are considered Personally Identifiable Information (PII) in the European Union and many browsers and mobile Operating Systems (including iOS) are turning their backs on IP address collection.

Although it is good to acknowledge that fingerprinting exists, the WFA does not recommend it as a way forward.

What’s next

2022 will be a crucial year as industry proposals evolve and vie for market adoption. It is likely the future of audience targeting will consist of a patchwork of interoperable solutions. We are already seeing that some vendors offer more than one of the above techniques in an attempt to hedge their bets.

We recommend advertisers begin testing different methods as soon as possible in order to find the perfect mix for their business.

This major shift may seem daunting at first. But looking through an an ethical lens, these developments are likely to be positive outcomes for people and businesses.