How we tried to fix advertising, ecommerce, and media by putting people in control of their data — from WeRule to PrivacyCloud

(Note: I expect this article to evolve as I find myself with more time to add to it or make it more digestible. Updates will be dated and marked as such.)

Back in 2017 I started putting together a plan for what I believed would be the future of marketing, eCommerce and personal agency. In a way, it was just a natural conclusion to my own 10-year journey attempting to bring some science to marketing efforts and advertising spend; but I was also influenced by the arrival of the GDPR with the many debates that preceded its approval, in 2016, by 28 EU Member States.

Besides plenty of reading, I had been shaping my ideas through my own talks and articles, including this chant against marketing attribution, an analysis on the impact of True Customer Centricity on the Marketing Technology stack, and previous pieces on how privacy would disrupt “customer journeys”, and how “the what” would kill “the why” as analytics professionals struggled with the flood of unstructured data.

A year later, while still closing the sale of our seven-year-old company (a Software as a Service provider in the Marketing Data Analytics space), a core group of long-time colleagues joined me in the new adventure. PrivacyCloud was born as an umbrella “Privacy-First Cloud” that would give shelter to various pieces of software in a new Customer-centric stack. BBVA (one of Europe’s largest banks) became a partner and lead investor a few months later*, with WeRule, our first C2B app, seeing the light right after. Prototypes for what we called a Customer Data Hub, a Zero-Party Data Activation Studio, and a PCloudID (connecting pieces on the advertiser/retailer and publisher sides) eventually followed.

Things couldn’t get more exciting.

Not only was individual empowerment a beautiful goal to pursue. It seemed like the three highly-disconnected chapters in my professional life (as an eCommerce and “Cyberspace” lawyer struggling to break through a still nascent discipline in the early 2000s, a marketing and data analytics entrepreneur a few years later, and a SaaS founder in the mid 2010s) were about to combine into the one business plan that brought them all together. PrivacyCloud was about law, marketing, data, and technology.

But, as our core value proposition, WeRule was much more than that: A proof that everybody would be better off with individuals in full control of their interests, preferences, and needs — as well as of the manner in which their chosen brands would be able to leverage user-controlled data (true Zero-Party Data) for the benefit of both parties.

Nearly five years later, and half way through what we initially defined as a 10-year journey, WeRule, NODO (its successor as a Private Shopping Cloud of sorts) and the B2B building blocks that plugged into them lie on the ground as brave heroes on a battlefield. Along the way came and went various pivots and exploratory features (a cross-brand loyalty card, a subscription bundle, a personal shopper… a web3 wallet!). Here’s a summary of our initial hypothesis and the learnings derived from what I still believe was worth the effort:

1. The hypothesis

I will start by simply quoting four sets of bullet points in my original “Full Vision”. Feel free to jump to the next section if bored or eager to get to the thick of it.

A. THE CHALLENGE: A BRAND NEW MARKETING CHANNEL

We are placing a solid bet against the status quo. Primarily:

• The same accepted fact of customer centricity, and the march towards a demand-led world, have a maximum exponent in individuals being in full control over their personal information
• Social alarm about creepy remarketing and Social Media advertising practices, and the need for enhanced privacy are growing at an unprecedented rate
• Not even under pre-GDPR conditions had the promise of a “single view of the customer” as a precondition to attribution and marketing ROI ever been delivered, despite immense effort and multi-million dollar investments on performance marketing at the expense of brand safety and consumer trust
• The scenario is now even worse. The GDPR has put into question the ability of media businesses and a myriad of data and ad inventory brokers to comply with stricter transparency and consent requirements, resulting in Google and Facebook (able to leverage a direct, consented relationship with end users) commanding an even greater grip on global advertising budgets — a grip that now extends to the metrics originally meant to audit such investments.

In essence, we are facing a once-in-a-decade perfect storm, with stark regulatory changes coinciding in time with widespread banner blindness, 30% of Internet users relying on ad blockers, all major browsers blocking 3rd party cookies or fingerprinting techniques at various levels, and the absence of reliable cross-platform performance metrics. We believe it is time to move beyond digital marketing as we know it.

B. THE LOW HANGING FRUIT OF PRIVACY BY DESIGN

• People are taking control over “their” data. This opens entirely new avenues for the enjoyment of content, entertainment, shopping, or social experiences
• Brands are presented with a unique opportunity to build deeper, trusted, permission-based, one-to-one relationships with their audiences and customers. These relationships are built on reliable metrics, as it is individuals who measure or expose themselves out of their own accord
• Retail banking and payment service providers find themselves in an unprecedented position, as trusted intermediaries in a demand-led world, able to assist consumers in their attempt to better shape the value proposition presented by their suppliers
• Media firms are back in the driving seat of information and entertainment experiences, as permission-based environments favor content bundles (a single entry/consent point) over ad inventory pools.

C. THE PROMISE

1. For individuals: Full agency. A personal data broker that becomes an identity, preferences, rewards, self-measurement, and discovery layer.
2. For marketers: A fully compliant demand generation/discovery channel, able to leverage people-driven, permission-based relationships while their existing or future SaaS stack falls in line with a similar level of compliance.
3. For publishers and creators: A new means of monetization, as an alternative to the inefficient and legally-challenged AdTech ecosystem or a saturated market for subscriptions.

D. THE CONSEQUENCES

• Personalized experiences, where appreciated, are fully democratized across the wider spectrum of media, entertainment, financial, or shopping services.
• Brands embrace an existing framework that conforms to Privacy by Design principles, thus doing away with painful adjustments to their current practices. Even more crucial: businesses are able to leverage a true people-driven marketing platform that feeds directly on richer, more trustworthy, consumer-controlled information.
• Media find an unexpected lifeline, as their output ceases to compete for advertising dollars in a pool of commoditized content pieces (or subscription dollars in an ocean of alternatives, once deprived of control over distribution), differentiating themselves instead on the basis of their ability to attract individuals willing to trade “ads+tracking”-driven experiences for a clean one-to-one exchange with clearly exposed, sponsoring brands in a post-advertising world.
• Individuals are able to know who gets to “read”or maintain a copy of specific pieces of their personal profile at any point in time, being able to exercise their newly granted rights. Furthermore, they enter a future in which demand for goods and services can be exposed to brands with which individuals have chosen to communicate, thus opening themselves to bids for their satisfaction.

In other words, WeRule will ultimately become an awareness, discovery, intent, and experience platform. Full adoption will also leave the door open to becoming the entry point to every individual’s social graph.

I tried to illustrate all of the above through some basic storytelling in a 2018 blog post (The Bar).

2. The Flywheel

A. Breaking the status quo

Our value-proposition rested on getting people to take control of “their” data in a way that brands or retailers would be able to leverage a common instance of an individual’s set of preferences and needs (a true single customer view which only happens once, on the customer’s side).

For this to happen, we looked at breaking the incentives, as well as the ethical and legal grounds, that brands currently have to do the opposite (as many “single customer views” as brands or retailers a consumer happens to bump into). If we reached a point, either as a result of consumer expectations, or as a consequence of the new regulatory framework, in which it became plain impossible to have an actionable understanding of each current or potential customer, brands would be more focused on providing a sort of read/write version of their own offering, in a way that customers could plug their own interests and needs in order to obtain personalized content or relevant offers.

But people-based marketing was not driven by the data collected on each brand’s digital properties, but rather by online advertising. This meant two separate things: walled gardens creating their own version of each registered user; and the open ecosystem (digital media, publishers as a whole) sharing bits and pieces about their visitors. The first faced an unfair competition challenge. The latter faced a privacy compliance challenge.

In sort: advertisers were buying media insofar as such media provided relevant data. Publishers were keen on collecting as much data as possible, for the open market granted a premium on cookie-powered inventory. All the while, people wanted free content and services.

Two shortcuts, particularly in legal and ethical terms, had already been explored:

• Replacing the content value proposition altogether (news, information, entertainment, or social media) by offering a direct swap of personal data for money.
• Keeping creators and journalists in the equation by expressly offering quality content at no cost in exchange for personal data and self-declared preferences (via surveys), with the understanding that such data would be passed along to advertisers and other brokers.

Multiple versions of the former saw the light in 2018. It suddenly became fashionable to tell consumers that their data was worth millions, and that Google or Facebook had been ripping them off for years. The proponents of so-called Personal Data Marketplaces would give people their data’s worth (in money or crypto) by selling it over themselves. Never mind that data, like the air we breath, cannot really be owned (even though a mere collection of non-personal records may enjoy copyright protection). Or that not only is data non-rival, but it could even prove anti-rival (gaining in value as more people make the most of it — just as it often affects many individuals outside the sphere of control of a particular person). Or that putting a price tag on a fundamental right would defeat its purpose. Or that no contract could incorporate a waiver of rights of withdrawal (of consent) or erasure and expect to survive legal scrutiny. Or that individual data points (other than common personal traits or contact information) are hardly ever predefined or carried around by the individuals they pertain to, but rather created through every new digital interaction and mostly shaped by the artefacts or digital products that businesses choose to deploy in the marketplace.

The latter formula was not too different from the logic of digital advertising, particularly in the face of cookie walls (“consent or pay”) quickly spreading across France and Germany. Definitely not what we had in mind.

(I did my best to articulate the different incentives, grounds, and implications of all of these “MyData Business Models” at some point in 2019.)

We chose instead to provide a means for people to “connect” with brands while exposing preferences or interests to such brands via their individual agent/assistant. These connections were initially direct, and eventually brokered and anonymized/aggregated by our own platform, forcing brands and retailers to rely on a very limited range of activation channels (thus sacrificing convenience and adoption on the B2B side to prevent privacy violations once data found its way into the internal systems of each independent controller).

To incentivize these connections, we granted free access to online content or subscriptions, eventually paid for by brands able to leverage the resulting data sets in order to fine-tune their specific offerings or services on the fly, in a privacy-preserving manner. Additionally, we integrated tools for each individual to better understand her “digital self” by learning from the currently available properties/traits in third-party apps installed on the same device, keeping certain items aside for quick access and convenience.

In other words, advertisers would save money by avoiding the many inefficiencies in the Digital Marketing ecosystem and divert such savings towards direct addressability of relevant potential customers enticed to accept relevant proposals in exchange for free access to a range of enjoyable ad-free, tracker-free, and cookie-banner-free quality media offerings.

The illustration below shows the initial user journey of the WeRule app:

B. The Apple App Store roadblock

It did not take long for us to hit the most impenetrable wall when it comes to launching a consumer product in our day and age: Apple’s capricious dictatorship over the iOS App Store. The company’s reviewers determined that:

• WeRule was basically an advertising app with no intrinsic value. Never mind the system that allowed people to select brands of their choosing and “connect” with them. Or the manner in which it scanned for permissions and requests placed by social media or gaming apps, alongside other individual privacy control tools.
• Most strikingly, WeRule was “not respecting” people’s privacy by allowing users to connect their accounts in third-party services or answer certain questions which were not related to the service being provided -these would unlock specific brand connections on the basis of available variables or levers within each brand profile. (All the while, Apple would collect unique identifiers for every one its users across multiple apps, without notice or consent, in order to sell its own targeted ads, eventually receiving a fine at the hands of France’s CNIL.)

In other words, the status quo (Facebook, Google, the programmatic advertising ecosystem, and the wildest data brokers) had in Apple their most fervent protector — or so they did until iOS 14.6 came along. And there was nothing we could do about it, other than speculate over the years it would take for competition authorities to intervene (they eventually did, and followed it up with specific rules in the EU Digital Markets Act).

After a few attempts at obtaining approval, we were back on the drawing board, eventually releasing a highly decaffeinated version that, despite gaining significant traction in our local Spanish market, resulted in widespread disappointment.

C. NODO

With Decaf WeRule’s expectations going sideways at all levels (not least on the part of individuals, as the wrong message kept spreading around, in the wake of Cambridge Analytica, that people’s data was up for sale and worth serious money), we decided to replace it with a new solution that would integrate bundled subscriptions or sponsored media. NODO would also pack so many valuable features that, despite an absence of in-app purchases or other means for Apple to get its required 30% cut, app reviewers could not reject it. To cap it all, offers (“ads”) would happen outside of the app.

Second time unlucky.

Alas, the product was again rejected. We did suspect by then, anyhow, that only through open standards and protocols (including, potentially, crypto) would we be able to cut through the system. While end users and advertisers, in search of volume and convenience respectively, were definitely biased towards walled gardens (Instagram, WhatsApp, YouTube, iOS…), we were forced to resort to the four standing guardians of today’s internet: web apps, email, RSS, and browser extensions.

We certainly explored all four in the course of the months and years that followed (including the release of supporting building blocks as browser extensions and two separate podcasting channels), but NODO would have to sit on top of good-old email protocols, primarily, and web apps, secondarily, if we assumed that there simply was too much friction in a “pull” environment far detached from its most tangible benefits.

D. Ok, Email

Along with the new changes, we had decided to test a new hypothesis for the attraction of early adopters, or true believers that would eventually pull from the rest of the market. Unlike WeRule, NODO would primarily rely on quality media to attract its members. Only those able to appreciate an ad-free, tracker-free news or entertainment experience would be allowed to connect with a limited range of advertisers or rely on our own curation for the selection of truly unique Direct To Consumer brands.

Furthermore, onboarding would happen directly on the publishers’ end, guaranteeing “sponsored” subscriptions in exchanged for an individual’s postponed attention in the form of a weekly email containing a single value proposition. Furthermore, such email would be conversational, incorporating feedback options that allowed Activation Studio (our Zero-Party Data activation platform) to ascertain the most relevant offer for each individual as time went by.

In parallel, the NODO web app allowed individuals to review their history of learnings, declared interests and previously received offers.

Conversational emails, user-controlled interests and “learnings”.

Said onboarding required a Single Sign-On system, and that is how PCloudID came to be.

E. PCloudID and the Trusted Media Program

In a way, publishers were the low-hanging fruit of the digital marketing ecosystem. While platforms thrived on the back of first-party data, great precision, and massive volumes, the open ad market relied on a messy web of interconnected players to emulate similar levels of precision in terms of audience targeting or performance measurement. Worst of all, ad inventory was expensive to produce for providers of quality journalism or creative value, and yet they were forced to compete against unlimited free (user-generated) inventory on walled gardens by the rules that only favored the latter (with better profiling commanding higher margins), eventually eroding the differential value of the former (brand safety, quality audiences, common brand experiences, etc.).

In other words, short-term revenue (eventually proven to be artificially inflated by Google in order to dominate the seller-side market) was killing traditional publishers. Finding a viable formula for sponsored subscriptions could provide a much needed lifeline, perhaps even taking them off the hook of RTB (Real-Time Bidding) addiction.

Alternative onboarding options, as initially conceived.

After much preaching and various failed pilots, eight of Spain’s top media titles had fully or partially deployed Login with NODO by the end of 2021. This resulted in a very different audience sample of early adopters, which would also condition the evolution of our relationship with a rapidly changing user base, as we steadily replaced large publishers with independent creators.

The NODO Trusted Media Program in action.

F. Zero-Party Data, Activation Studio, demand generation vs. demand discovery

Conversational emails had paved the ground for the core concept of a Private Shopping Cloud (coined by Celine Takatsuno). They would allow the platform to learn from the very specific input that members provided in their reactions to offers shared by either our Trusted Brands (large advertisers expecting a minimum reach, as well as the reputational benefits of their association to a non-intrusive, privacy-preserving channel that paid for quality media) or NODO Merchants (niche Direct To Consumer players offering ad hoc discounts with short-term performance targets).

Most importantly, NODO members were in full control of their learnings and self-declared interests. Their personal information was never shared with advertisers, who only received aggregated campaign results and conversational feedback.

By ensuring that such data never became First-Party Data, we were delivering on the promise of what we considered true Zero-Party Data (essentially, not its general association to Declared Data).

Still, many more changes and tests would follow.

G. Going for a spin

At long last, we had fully-functioning flywheel, together with three different levers to push it forward. As our logic for it went:

1. Larger brands start behaving as “Advertisers” insofar as they are looking for alternative channels to diversify their customer acquisition, customer loyalty, or branding investments. Early adopters are enticed by the many challenges piling up in existing advertising channels (cookieless browsers, legal compliance risks, brand risk, ad fraud, ad tech taxes, social rejection, etc.), often coming at such challenges from the edges, within the context of the larger corporation: Chief Data Officer, Data Protection Officer, Communications, etc.
2. Publishers are caught in the midst of their own business transformation, adapting their systems and processes to subscription-based models. Such transition leaves an opening between older, ad-supported structures and the new paywall-monetized ventures. While the former lose value by the minute in a world of infinite ad inventory (facilitated by platforms), the latter face an uphill battle for subscribers. A hybrid approach in which it is brands who sponsor premium content (or subscriptions) is particularly well-suited to their new goals and constraints.
3. Individuals have been slowly driven away from traditional media. A majority of those still relying on publishers for news or entertainment are unwilling or unable to add another subscription to their wallet, and most hate intrusive advertising, annoying consent requests, and prompts for payment. Also, finding stuff on the Internet has become harder by the day, as every potential channel for research or exploration is now ad-funded, affiliate-driven, and biased (Google, Amazon, influencers, comparison sites, etc.). Early adopters arrive from both sides: either they want quality content with no ads, trackers, or costs attached; or they want to explore a brand new way of buying the things they need or may like.
4. Merchants (or smaller Retailers sitting on a long tail of ever more niche offerings) are stuck in the current customer acquisition bottleneck. They want to make their inventory discoverable, not being held ransom by walled gardens or e-commerce giants. Also, some of them are willing to invest on performance-based campaigns that allow them to: a) stay in control of their own direct relationships with their customers; and (perhaps, even) b) circumvent the massive individual profiling and black-box bidding system that power existing customer acquisition channels at very high cost. Early adopters are driven by a natural tendency to explore alternative channels in a highly competitive direct-to-consumer arena, well aware that first-movers enjoy cheaper customer acquisition costs.

Thus:

Advertisers drive Publishers. Publishers drive NODO Audiences (able to access premium content through a Single Sign-On that is paid for by their chosen brands). NODO Audiences may become NODO Shoppers (as they start relying on NODO to declare their preferences and receive relevant offers), who in turn wake Merchants up, willing to make their inventory discoverable and, at some point, even turn into Advertisers. The more NODO Shoppers rely on the system to satisfy their needs, the less incentive businesses will have to pour money into individual profiling and intrusive advertising. The more this happens, the bigger the budget available to offer clean, tracker-free publishing experiences, which results in more NODO Shoppers enticing even more Retailers…

There surely was more daydreaming on our part (an internal currency for cross-brand loyalty, an email masking service to protect people from the avalanche of First-Party Data harvesters…), but it is probably time for me to wrap up with the key obstacles on our way.

3. Forces of resistance

By the end of 2021 we had onboarded four large advertisers and over forty Direct To Consumer retailers in our pilot market (Spain). A year later, having stretched the patience of NODO members in order to meet our commitments (through repetitive, poorly filtered offers), and unable to persuade a new wave of users to turn their backs on banner ads and cookies in exchange for a single weekly email, we decided it was time for NODO to concede defeat.

Along the way we had once again been forced to subsidize all parties involved: advertisers, publishers, and end users. There was no alignment of incentives between them and our primary hypothesis had proven incorrect.

What failed exactly? A much larger flywheel was at play, running in the exact opposite direction. It represents the status quo and contains everything that we believe is wrong with advertising, retail, media, and the internet as a whole.

A few pieces stand out in what I will refer to as the Monster Flywheel (Death Star? take your pick).

Media agencies

Large media agencies have enough incentives in place to resist all efforts not leading to more data, higher commissions, or a greater grip on the customer. On the bright side, we found brave, open-minded teams at smaller, independent groups.

Advertisers

Advertisers are still chasing an illusion (multi-channel attribution!, a 360-degree view of the customer!). Demand-generation teams were frustrating in their inconsistency: a complete disregard for individual choices, transparency, or data protection laws — together with public advocacy for Customer Centricity. Even more surprising, we found very few teams ready to explore alternatives to the many expenditures that, as of today, have been proven to be money-losing. Habits are hard to break, especially when they are shared across departments, industries, or markets.

Individuals

Control runs counter to convenience. We will answer in a survey that we value privacy, but we will trip over ourselves to install the most intrusive of apps if we find it entertaining or useful (remember Clubhouse?). Only through trust and consistency can brands gain a competitive advantage, but cut-throat competition results in a race to the bottom, and it may take a few tangible, real-world consequences for individuals to make the distinction. We are talking Cambridge Analytica x 20 (after all, a single instance of it did not stop anyone from using Instagram or WhatsApp).

I am ready to bet that, were we to forbid TikTok, we would allow our children to use VPNs to pretend they are Chinese citizens in order to enjoy the app (ok, I would not).

Publishers

Few publishers have a capacity for strategic planning. They live for the now. Their editorial teams are isolated from the underlying economics of the titles that feed them. Advertising and subscription teams work in isolation, unable to make the most of their most valuable assets and insights across both worlds.

Retailers

Retailers want to sell. They survive on tight margins and need better targeting. Insofar as they face the abyss, privacy is an afterthought.

(I expect to be able to elaborate further on these, with time.)

4. Here comes PrivacyCloud

With every single software development project now ground to a halt, we chose to keep the one thing that was unique about our expertise, not commoditized, and useful to others.

Be it Data Clean Rooms (a certain type…). Or Zero-Party Data modules. Or personal data pods. Or identity solutions. We can still help others build the pieces that fit in our dream flywheel. We can also help DPOs navigate the stormy waters of privacy compliance in the AdTech and MarTech spaces.

There is room for plenty of experimentation. And there is time, especially given a services offering that does not need to scale, or aim for world domination, or please short-sighted VCs. We have found a tremendous opportunity in the gap between the policies, documentation and internal beliefs at a compliance or DPOs office, and the technical reality of a company’s data collection practices.

We are reaching the era of the Privacy Engineer. Privacy Tech will simplify our lives, but, as software development has become a commodity and a VC-powered run towards scalability and quick returns becomes the path of least resistance (with thousands of companies competing to automate Data Subject Requests, Data Flow Maps or other pieces), it is the people orchestrating this new stack that will really make a difference. We plan to nurture such people. And with them we see an exciting new beginning.

With love…

As always, projects come and go, and it is the magic of people working together towards a common goals that remains. I have lost track of a few highly esteemed team members, but I really hope this was an enriching experience and a solid stepping stone towards a fruitful, joyful career. I will spare us all a long list, but the names and faces are in my heart.

In the thick of it…

I must also, yet again, show my admiration and appreciation for the people that had the patience to listen to my early musings, providing valuable feedback and support throughout the years, starting with Iñigo Garel-Jones and Luis Hernández (highly-esteemed Of Counsels).

Needless to say, our latest turns would have fallen very far from Planet Earth if not for the valuable input of Celine Takatsuno.

Lastly, enriching exchanges with Gam Dias, Ricardo Martín Manjón, Gabriel González Gil, Juanjo Divassón, Sylvia Díaz-Montenegro, Bernardo Crespo, Javier Recuenco, Joan Sardà and Alessandro De Zanche will remain in my memory for years to come (and yet I hope that upcoming collaborations will cast an even greater shadow!)

TO BE CONTINUED.

********************

FAQs:

1. Investment: We did not take any VC money. Instead: Self-funded + BBVA Data & Analytics and La Sexta Opcion (syndicated family offices), with amounts kept confidential under common agreement. Still, far below the average threshold of a US-based Seed round.
2. Dev stack: Admin (backend & B2B): Typescript — NodeJS — Hapi.dev — AppEngine (Google Cloud) — Auth0; WeRule, NODO App (frontend & C2B): Typescript — ReactNative — Expo (WeRule, NODO I); Typescript — React — NextJS (NODO II).
3. GDPR compliance strategy: Contractual legal basis on the C2B side (Privacy Shopping Cloud akin to a personal shopper that cannot find things on your behalf unless you share interests and preferences). No personal data being transferred to advertisers or accessed in Activation Studio (B2B side).