Ad tech has never been terribly comfortable with the data privacy discussion. Neither have the brands. The reason for this awkwardness is twofold. First, it’s natural that technology runs ahead of public policy, and ad tech is all about running forward with technology. Regulation is the natural response to any perceived threat to the consumer, and whether that threat is real or not, brands are the first to cast a wary eye toward the actions of ad tech to make sure they’re not exposed.
Second, the issue of online data privacy has largely been brokered by a few vendors who control the conversation. Those vendors lobby the public with bipartisan themes of job creation and technological advancement to defend themselves, but in reality it’s their leverage over the industry and the brands that makes them essentially invulnerable. Not surprisingly, call after call to ad tech or Congress fails to yield any meaningful regulatory response. But this may not last much longer.
Now it’s personal
The standard that has supported audience targeting online has involved the onboarding of consumers into cookie pools, each pool functioning as a “blind profile” of that intended audience. Audiences are characterized in incredibly specific detail, but they are still promoted as anonymous. But what happens to that claim in a mobile device-driven world? Some forecasts (eMarketer) have mobile surpassing desktop advertising in 2016, so in an ad tech world where cookies are useless, what happens next?
The reality is that the current forms of anonymity won’t survive. The demand for precise audience definitions is pushing us to the doorstep of personalized marketing, with 90 percent of marketers seeing personalized marketing as the future. With that comes a more robust form of audience identification. Most brands already understand this and are actively looking for options.
Privacy 2.0 has failed (so far)
The skepticism around data privacy 2.0 is understandable. A handful of vocal consumers and the FTC and Congress all rail in public forums about privacy intrusions, while the consumer is being offered little more than subscriptions to free online credit monitoring. Most consumers, however, have come to accept the reality that they are being tracked and don’t actually expect total online anonymity. Studies show consumers are more than willing to sacrifice an occasional breadcrumb to data privacy for better services for free. What they would prefer are viable and enforceable regulatory guidelines.
Brands and ad tech should recognize a clear opportunity. A customer’s identity under the brand’s control could offer the preferred access and the defensible privacy position both want. Ad tech could provide the technology to the brands, and the brand could license to only those that it authorizes. By providing this technology, the ad tech industry—once the target of all that is wrong with privacy — could find itself in the enviable position of defending its paying customers: the brands.
Is there still an effective privacy solution beyond the brand?
Absolutely. In fact, many markets today already have frameworks in place to draw on. Because of The Health Insurance Portability and Accountability Act (HIPAA), marketers working in health care have a very clear understanding of where personalization and privacy are likely to conflict. The hospital, doctors, pharma companies, and insurance providers have a permissible purpose to use the information for the good of the patient. There is also a clear framework in place that allows marketers and supporting entities to access summarized trend data to support marketing other products in a privacy-enhanced manner.
The same is true in financial services, where laws like the Fair Credit Reporting Act delineate what is permissible in terms of access to consumer credit ratings.
So the question isn’t whether we can create a modern framework for data privacy that addresses the inevitability of personalization; it already exists. The key is coordinating regulatory guidelines with the brands and then empowering them with technology and data usage framework to manage what is their asset. We should be proactive and adopt a defensible precedent on the privacy issue before regulators come to our doorstep with a plan that is out of our hands.