Skip to main content

Key Takeaways

  • Ongoing changes to consumer data privacy regulations in digital advertising, and specifically those led by Apple and Google, have implications for Marketers and Publishers that require short and long-term attention to maintain trust with customers and avoid liabilities associated with a lack of compliance.
  • In a cookie-less world, there is a need for greater emphasis around 1st Party data for audience building, deployment and measurement given the risks that come with 3rd Party data integrity.
  • The importance for consumer consent (consumer’s willingness to share their information) and transparency tied to customer data is paramount.  It ensures there is a common understanding for how this data is captured and used in a trusted manner, and that customer data is managed across all data sources, not just one.

is so high reaching that understanding the real impact to your business is obfuscated. From what we have seen, there are two main camps:

  1. The Marketer/Advertiser perspective. The sky is falling. Marketing and advertising will no longer be effective without some targeting capabilities.  Cease all digital spend!
  2. The Vendor/Publisher perspective. The “trust us — our solution won’t be impacted”, however the important details remain in a murky black-box.

From our perspective, neither of these is completely true. Marketing and Advertising still work. And on the other hand, many advertising vendors/publishers will be significantly impacted.  Many businesses that rely on extremely precise targeting and measurement (via 3rd party cookies) will need to turn to other methods – such as greater reliance on walled gardens of Facebook, Google, and (to their benefit) Apple. However, the good news for brands — especially those with significant media spend — is that everyone is in the same camp. If you have taken customer data management seriously, you are in a good position for the future. And if you haven’t, there is still time to “right the ship”. Providing clear and transparent ways companies are leveraging customers’ data builds trust and is good for the industry long term–however, the challenge in itself in today’s siloed and fragmented corporate environment can be simply understanding where and how customer data is used. 

Ultimately, the best long term strategy to protect against a fluid and changing digital marketing environment is:

  1. A shift from 3rd to 1st party data strategy and improved customer data management. Gone are the days where marketers can work around IT with only vendors and agencies.
  2. Investment in non-individual based measurement like Marketing Mix Modeling or incrementality. Understanding the efficacy of advertising without relying on customer identifiers insulates against further changes in data tracking policy, both governmental and corporate.
  3. An operating model that allows investment to be moved quickly between channels and without long term vendor lock-in (especially vendors that leverage black-box targeting technology and data).
  4. Clear customer consent of the ways in which you use their data.

Broad Impacts of ITP to Marketing

Data and Customer ID Management

For the past 10 years, the Marketing function has witnessed an incredible amount of change. As money has poured into digital advertising, we’ve witnessed the growth of several titans of Wall Street in Facebook and Google. In order to take part in this quickly changing environment, and to move at the speed of business, corporate marketers have often needed to work around their technical counterparts in IT– a function that’s seen it’s own momentous change. 

While there are some examples of organizations where marketers and IT work well together, far more common is a relationship in which both parties don’t speak the same language, and outside vendors are more than happy to fill the gap. Too often, however, this results in a scramble of vendors and data collection that is impossible to detangle. Taking strides to improve the IT and marketer relationship is essential to navigating changes in privacy regulation and policy.  Ultimately, overcoming tracking and privacy challenges in advertising are related to data management. Start to develop ways to break down organizational silos and a shared language for leveraging customer data appropriately and legally. 

Impact on media targeting

The cookie-based third-party data marketplace and programmatic advertising have always had challenges around target quality among other issues (e.g. viewability, non-human traffic, high frequency, brand safety).  We recommend that advertisers reduce reliance on these marketplaces for targeting consumers.  The walled gardens marketplaces (e.g. Google and Facebook) will continue to have rich data with strong capabilities to target consumers within their ecosystems based on their own 1st party data.  We also expect geo-targeting to continue to be a strong tactic moving forward.  Most importantly, all companies will need to strengthen their first-party data strategy to enable personalized and precise targeting.

In the mid-term future, we see Artificial Intelligence (A.I.) and machine learning playing a much larger role in targeting — as the ability to leverage a large amount of 1st party data for modeling becomes more viable as organizations analytic capabilities continue to mature. 

Impact on Measurement

Measurement solutions reliant on individually identified and third-party cookies such as Multi-Touch Attribution are being disrupted and providers are developing alternative solutions.  Web analytics benchmarks will also need to be recalibrated over time as the ways that cookies are set and expire change.  We think there will be a new emphasis on non-id based measurement, such as Market Mix Model or surveys. In addition, conversion data will need to be tracked and maintained as 1st party data sources, rather than leveraging the same broad array of 3rd party data tagging. 

Impact on Marketing Technology Vendors

Many vendor technologies rely on cookies that are considered third party by web browsers.  These vendor solutions are in the process of adapting to these browser changes now and this should be a major consideration when evaluating new partners.  Data Management Platforms (DMPs) using third-party cookies will become less attractive components in a technology stack while Customer Data Platforms (CDPs) with an emphasis on first party data are seeing rapid adoption. 

Need for Clear Customer Consent 

Gaining consumer consent to be identified, tracked, targeted, and measured is now a clear consumer expectation that is well supported by the regulatory and industry changes mentioned above.  Fundamentally, organizations need to meet consumer expectations around privacy whether or not these are currently enforced via regulation, browser parameters, or app store conditions.  In addition to consent, consumers are looking for transparency and control around how their data is being used.  What comes with this consumer choice is where organizations must provide something in return to the consumer for their consent to share data.  This exchange of value between consumers and organizations can take the form of improved experiences (e.g. frictionless payment), special offers, or rewards.  Brands need to plan to meet these real consumer expectations to get ahead of any new regulatory or industry changes.

We use a framework to better understand and address three different drivers of consent and preference management: Browser, App (phone operating system), and Privacy Legislation (CCPA, GDPR, etc.). Each of these areas overlaps in the customer data they leverage depending on the situation, but all must be addressed. 

Considerations of customer consent should include Browser Restrictions (e.g. cookies), Phone Operating Systems (e.g. App policy), and broad Privacy Legislation (e.g. CCPA). Each of these three areas must be addressed by any given Brand for full privacy coverage and compliance. 

DriverExamplesCurrent State
Phone Operating System (APP)
  • Push
  • Location
  • Advertising id
The vendors of phone operating systems (Apple and Android) are putting more privacy measures in place , sometimes ahead of legislation, that require brands to ask permission or to state their intent of data usage (e.g. Location, push & advertising id permissions
Browser ( Apple, Google, Firefox etc)
  • ITP 2.0
  • Samesite
  • Tracker prevention
The vendors of Browser ( Apple, Firefox, Google etc ) are putting more privacy measures in place , sometimes ahead of legislation. Apple is leading the way with easy to enable privacy functions like “prevent cross site tracking”
Privacy Legislation (CCPA, GRPR etc)These are being handle via the website and not the app

  • do not sell
  • requests for data access
  • requests for data to be deleted
Evolving privacy legislation is causing brands to take action such as cookie contents, do not sell, requests for data access or requests for data to be deleted. 

What It Means for Marketers

Today, many Marketers should be working to identify and resolve the very detailed and prescriptive impact to a variety of vendors in many areas. They must assess changes to policies and implications in the following areas

Impact and implications are outlined for:

  • Paid Marketing Efficiency
  • Paid Marketing Audience Impact
  • SDK Updates for Apps across Brands
  • Propensity Models
  • User Profiling
  • Owned Marketing Contingency Plans
  • Syndicated Measurement Sources (ComScore, Nielsen)
  • Single Sign on
  • Radar & Geofencing
  • Mobile Measurement (Paid)

Getting To a More Specific Understanding of Impact

First and foremost, in order to make the best immediate strategic decisions, there needs to be a much more precise estimate on impact — one that includes partners, spend, and change in efficacy of media with and without targeting tactics. One specific, prevalent problem which makes this exercise difficult is the lack of understanding where specific customer data is used in various marketing channels. Understanding data lineage is important for customer data, and should not be the responsibility of marketers but rather the data producers. In addition, if Marketers don’t understand how customer data is being used, it’s impossible to provide more transparency to customers that demand it

Marketing leaders immediately find answers to the following questions:

  • What is the dollar amount of media running that is reliant on cross-platform targeting? On which platforms and channels is this occurring?
  • What is the dollar amount of media that is potentially using targeting signals from your iOS App?
  • What is the difference in performance between media that’s reliant on cross-platform targeting as compared to other tactics?
  • What is the dollar amount of media that’s potentially impacted by measurement attribution vendors?

Without answering these questions, it’s not possible to make decisions with the understanding of magnitude– which is essential to determine the true impact of iOS privacy changes. 

Data Management and Customer Consent

There must be a clear connection between customer data generation and customer consent. When data invariably makes many “hops”, the compliance of using different customer datasets is often unclear. Too often  marketers rely on ”duct-taped” data pipelines, created from data engineering resources that were beg/borrowed/stolen from, and are left without the capability to truly understand how they may be impacted by privacy changes.

Without a more specific understanding of impact, marketing cannot make proper strategic decisions. Leveraging customer data for marketing relies on the real “cost” of its management– from customer consent, data engineering, and governance. The implication here is that if there is not a clear sense of positive impact on spend, organizationally marketing becomes purely a cost center. 

Customer data should be tied to consent and able to be managed across all data sources, not just one. Decisions that Apple is making now are the tip of the iceberg, and we predict will be more far reaching when federal legislation eventually passes. Ultimately, improved management of 1st party data is the best way to counteract changes in privacy regulation and compliance. 

Maximize Relevance of Owned Channels

An area of continued opportunity is within owned channels such as outbound email, on-site upsell, and human touches. The challenges within owned channels are different from other paid media channels. Owned channels are not “free”, and require investment in people, process, and technology. 

In Summary

We believe in taking pragmatic steps to determine the real impact of your various partners and vendors within and outside of iOS App. Make sure you develop a clear link of impacted areas to existing marketing spend to better understand the true scale of potential risk. Without a sense of scale, marketing leaders do not have data points needed to make the correct decisions. 

Continue the investments in non-identity based measurement like the MMM modeling. Providing evidence of marketing performance is an imperative in organizations that \ only “trust” direct measurement — an approach that may be less tenable with privacy rules and regulation. Privacy changes that Apple is making is exposing the need for improvement in the first party data management that marketing is reliant upon, but the costs associated with improved management are non-negligible. Customer privacy and compliance needs for marketing are greater than other parts of the organization by nature of leveraging data across multiple platforms and 3rd parties for advertising.  Improvements are an imperative in the near and mid-term as it sets the foundation for improved transparency and customer consent. Operators need to know what data can and can’t be used without a technical development project each time. 

To hedge against potential decrease in off-site advertising performance, we believe there are additional opportunities that exist in owned channels, and solving challenges in working with internal teams could lead to longer term benefits. Continue to explore and work with CDP-like platforms that put data into marketers hands, and allow for more complex customer consent rules to be managed in a centralized place. 

  1.  Ironically, we think that some of the “old-school” methods of measurement and targeting will become more important as performance marketing techniques become less viable. 
  2. If you’re already investing in this area, look at ways to increase granularity of results and or accuracy with spend and delivery variability. Work with measurement partners to help plan for variability in channel flighting, not simply modeling the results after campaigns have run.
  3. Someone at your organization needs to know, with ITP and Customer Privacy For MarketersThere are significant changes that are happening in the world of digital advertising, customer data, and privacy#. Outside of government regulation, the largest driver of these is Apple, who for the past 2 years has been making a variety of improvements to their products to enhance customer privacy and to make customer data usage more transparent. Many in the industry think these changes are bludgeoning, however we see them (regardless of it’s self-serving nature) as positive steps in an industry that has not been able to self-regulate# as much as it needs to. Apple has been ramping up rhetoric recently. In a recent interview, Tim Cook mentioned starting to fight the “data-industrial complex”. And in a different recent speech on data privacy, the Apple CEO stated — in a thinly veiled reference to Facebook — “If a business is built on misleading users, on data exploitation, on choices that are no choices at all, it does not deserve our praise. It deserves reform.” Two of the most impactful immediate changes for marketers related to Apple products are 1) restricted cookies in the Safari browser# and 2) opt-in tracking prompts along with new privacy labels in apps installed from the iOS app store.
    We should acknowledge that it’s difficult for Marketing leaders to wrap their heads around customer privacy impacts from online articles and from POVs. The space is fast-moving and oftentimes vague. Most perspectives quickly turn complicated and technical, or the impact a technical understanding, what customer data is available, and what can be used (or not used) for marketing and advertising. Reliance on a third party — agency, tech vendor, or otherwise — will invariably lead to issues.
  4. Individual based, cross-platform, media targeting
  5. Which has rightfully come under fire for being invasive. We too have been served an extremely relevant ad just after a conversation with our loved-ones.
  6. One of the key principles of our Customer Consent model
  7. One reason we believe the current Biden administration will pass some sort of privacy legislation is to help drive standardization. While California’s CCPA was a good start, organizing digital privacy compliance around 50 different sets of state laws and regulations puts an enormous strain on businesses.

Oliver Amidei, Sr. Director, Data & Analytics