2020, A Year of Data Privacy Challenges
By Sairah Chaudry, Analytics Technology Manager
2020 has been a year of many Data Privacy challenges, affecting websites and mobile apps. There were:
- Browser changes — Stricter web browser safeguards against 3rd party cookies, which causes remarketing challenges for advertisers
- IDFA Consent — Apple introduced user consent for advertising (via IDFA opt-in) for iOS 14 iPhone users, to ensure consent-based App Remarketing
- Walled Gardens gained more control — Larger ad tech vendors have extensive data which is collected in a privacy-compliant manner. However as much of the data held is aggregated, there is lack of transparency at a user level on how a campaign performs.
- More cookie consent legislation, such as CCPA, LGPD and China 2020, which brands have complied with.
In line with these, brands are seeking to understand how best to safeguard their marketing data via compliant and future proof means, so they continue to understand the impact of their media spend. This article will explain possible actions.
What are cookies?
Before we focus on possible steps to mitigate data privacy challenges, let’s outline a few definitions. First of all a cookie is a small piece of data stored on the user’s computer by the web browser while browsing a website. Cookies track things you’ve looked at on a website, stores session preferences and other aspects related to personalisation.
There are 2 types of cookies:
- 1st party cookie: are directly stored by the website (or domain) you visit. These cookies allow website owners to collect analytics data, remember language settings, and perform other useful functions that provide a good user experience.
- 3rd party cookie: these are set by a different domain from the website that the user is visiting at the time and have traditionally been used by advertisers for remarketing.
Over the past year Safari, Chrome and Firefox web browsers have incorporated more safeguards to combat against 3rd party cookies. Safari’s Intelligent Tracking Prevention (ITP), Firefox’s Enhanced Tracking Prevention (ETP) and Chrome have clamped down on the presence of 3rd party cookies with each successive update, to the point where 3rd party cookie demise is imminent.
ITP has gone a step further by also limiting trackability of the Google Analytics/Adobe Analytics 1st party client (browser) side cookie amongst many Safari users, to up to 24 hours. Resulting impact is visitor counts have elevated and Marketing Attribution for Safari users is flawed. Also as of mid-September 2020 when iOS 14/iPad 14 launched, ITP exists for all web browsers on mobile devices, not just Safari.
Many Brands are mitigating this issue by moving the Google Analytics/Adobe Analytics cookie server-side, so it becomes a true 1st party cookie, with no browser side controls. Also further 1st party server side mechanisms, which are not impacted by ITP, are being leveraged.
IDFA Consent on the horizon
IDFA is Apple’s Device ID used by Advertisers to provide customised advertising and in turn to understand how users interact with app campaigns, in order to connect ad clicks to app installs. In its iOS 14 update for the iPhone, Apple has made IDFA consent permission mandatory, however compliance is required in early 2021.
Brands are working with technology and media partners, to prepare for the release. Apple’s SKAdNetwork solution models aggregated app installs data for partner marketing platforms and technology providers have also been assessing their own identification and probabilistic capabilities to further this data. Optimal IDFA consent popup design, which encourages users to opt-in must also be considered.
Whilst there are no exact workaround solutions for how IOS App Remarketing continues in a world where IDFA consent rate may be lower, dialogue with vendors must continue on this topic. Contextual advertising will become more prevalent and Brands may increase advertising focus for Android, which is not currently impacted in the same way.
Walled Gardens gaining more control
With the demise of 3rd party cookies Walled Gardens are gaining more control. Facebook, Google and Apple operate Walled Gardens, which are closed ecosystems that users are given access to, where every interaction is controlled by the ecosystem owner. Through having control of your browser and access to deterministic data via your logged in behaviour, Walled Gardens offer the easiest and most secure way of managing an individual’s data and in turn targeting their known users.
Facebook and Apple sign in methods exist on many websites/mobile apps. These enable ease of user sign in and these tech providers to collect more user data. Apple sign in goes a step further, in line with its data privacy objective, allowing user’s email addresses to be obfuscated, thereby preventing brands from knowing the user’s email address until a purchase occurs. This presents challenges in terms of customer deduplication for user history/devices.
Brands should keep abreast of latest Walled Garden developments, as the larger ad tech vendors have extensive data which has been collected in a privacy compliant manner. However in line with this, much of the data held is aggregated, giving brands lack of transparency at a user level on how a campaign performs.
More Cookie Consent Legislation
In 2020 there were Cookie Consent compliance deadlines for CCPA, LGPD and China 2020. As we embark on 2021, further international legislation is expected. The purpose of Cookie Consent legislation is to allow users visiting websites/mobile apps the opportunity to consent to the use of advertising/analytics/functional cookies to track, serve up functional content and/or for remarketing. Brands have implemented cookie management systems, to remember users consent and where user conversion measurement for say Google Analytics/Google Ads is missing, then Google has a ‘Consent Mode’ solution, for probabilistically modelling of missed conversions for opted out Google Analytics/Google Ads users.
With Customer Identification, Marketing Attribution and Advertising challenges continuing, brands must actively work with vendors/internal teams to explore privacy compliant future proof solutions. In the absence of one complete solution to overcome all challenges, relevant solutions should be considered as they emerge.
It is important for brands to focus on:
- Improving collection and activation of internal 1st party data
- Moving Google Analytics/Adobe Analytics cookie server side, to mitigate ITP issues
- Considering available methods to model missing conversions amongst opted out users, e.g. there is Google Consent Mode and Apple’s SKAdNetwork
- Compliant user identification vendor offerings, to understand available data enrichment methods, which allow brands to know and advertise to users in a privacy safe manner
- Exploring Advanced Attribution (Media Mix Modelling/Multi Touch Attribution) vendor offerings, to understand effectiveness in closing/modelling for data gaps
- Monitoring of data collection to ensure compliance
Originally published at https://www.farfetchtechblog.com on January 26, 2021.