Over the past couple of decades, we have wholeheartedly welcomed an ever-growing range of internet services into our lives. We’ve done so with very little scrutiny of these services. Terms and conditions were ticked away without a second’s thought – the details of service business models eclipsed by their manifold benefits.
Today, however, many of us find that we can no longer consume internet services without examining their foundations. Our news feeds are swamped daily with stories of fake news, cyber fraud, online bullying, inappropriate content, data misuse and much else besides. Such stories are beginning to erode trust in many of the major online players.
When it comes to the digital advertising industry, the issue of trust is particularly prickly. This is because the industry relies so heavily on personal data to find audiences for targeted advertising. The trouble is that as consumers worry more about online privacy, the more their trust in brands, advertisers and publishers to protect their private data plummets. One recent study found that while 96% of people care about online privacy, 95% distrust social media platforms and 87% aren’t confident about information classified as personally identifiable information (PII) online.
This lack of trust undermines the foundations of much of the internet: free or subsidised services traded in exchange for personal data. If consumers stop trusting publishers with their data, the oxygen for data-driven, targeted digital advertising is cut off. This would lead to an exodus of ad spend and starve the internet’s primary revenue model.
The regulatory situation exacerbates this challenge. Regulators are starting to put in place stringent rules around the use of personal data in digital business models. The GDPR is the most infamous of these, but there are others such as the California Consumer Privacy Act and the European ePrivacy Directive.
These rules aim to give more power to individuals over how companies process their personal data. At their core is the idea of consent – that companies can only use personal data where consent has been provided. This is challenging for the advertising industry which has traditionally required the free dissemination of personal data around a large and complex value chain.
Fortunately, there’s light at the end of the tunnel. A new approach to identifying people online without compromising their private data has been established. This privacy-first approach to identifying people online is a win/win as it provides advertisers the granular audiences they need for targeted campaigns, without exposing any PII.
It may sound too good to be true, but the approach works because it’s based on a simple premise: locking down personal data where it resides, and only disseminating audiences, in the form of tokens, around the advertising industry.
Novatiq’s approach to privacy-first identifiers uses telco networks as the data foundation. Telcos are among the most secure there are, owing to the large amount of sensitive personal and financial data they collect on customers through their billing relationships.
In our approach, this rich CRM data remains firmly behind the telco network firewall. When an advertiser needs an audience, we funnel the request to the telco’s network. The telco can then analyse the data of all subscribers that have consented, in real-time, to find the perfect audience match. We then tokenise this audience match as a ‘snowflake’, which is shared across the ad ecosystem only for the specific campaign purpose (once complete, the token cannot be reused).
The benefits of this privacy-first approach for consumers, advertisers and data controllers are clear. Not only does personal data remain protected on the telco’s network, even the token is short-lived, meaning there are no data breadcrumbs scattered across the ad ecosystem that could cause compliance headaches.
Perhaps more importantly, the approach gives consumers complete control over their personal data. If they do not wish their data to be used for advertising, they need only tell their telco / mobile network – a company they already hold a trusted billing relationship with. As the telco controls all access to their data, that one request holds good for the entire ad supply chain. A privacy-first approach is one where data consent management is made easy and in which unwanted data propagation simply cannot occur.
Consumers want more control over their data, and regulators are mandating that this control be given. Many of the traditional techniques for identifying people online and advertising to them are therefore no longer legally possible, while consumers are demanding new levels of privacy without losing many of the services they’ve grown to love. Privacy-first identifiers are the only viable way of squaring this circle. They provide the foundation for an online advertising industry that’s compliant, trustworthy and profitable.