‘That’s a lot of money that would need to be pulled’: Confessions of a marketer on cookie consent snafu

The header image shows a silhouette of a mans head.

This article is part of our Confessions series, in which we trade anonymity for candor to get an unvarnished look at the people, processes and problems inside the industry. More from the series →

For some marketers, the loss of third-party cookies can’t come soon enough — especially since there’s a chance that using them now could be potentially violating consumer privacy and data protection rights if findings from a new report are true.

The reason being that the report found that ad trackers continue to collect Europeans’ data without consent under the General Data Protection Regulation. Naturally, marketers are concerned and in some cases are conducting their own investigations in search of answers. In this edition of our Confessions series, in which we exchange anonymity for honesty, the chief media officer at a global advertiser discussed what they’d have to do if the investigation they’re preparing confirms their worst fears. 

This interview has been lightly edited and condensed for clarity.

Are you surprised by the findings? 

The findings are surprising. I mean we expected there to be some malfeasance on a small number of cookies being used but nowhere near the amount suggested in the report. I thought the GDPR would have cleaned up this sort of thing because it’s exactly what it was designed to stop. It’s a scary situation to be in because we don’t know yet if the company is on the hook for any of this. I want to know who is going to fix this situation if it is as bad as it sounds. 

Are you going to pull money from publishers as a result of the report?

As it stands, we don’t know. There’s a lot that needs to unfold. It’s not clear yet whether the regulators in the European Union will act on those findings. All we can do is conduct our own investigation into whether these consent mishaps and potentially legitimate data collection instances are happening as frequently as the report said. For now, we’re in wait and see mode.

Does that mean you will conduct your own investigation into the matter? 

Yes, we’re going to have to run our own audit as there’s no one universal way to assess cookies for this sort of issue, which is why we’re partnering with a specialist to do so on our behalf. It may well be that the report’s authors are using the panic around its findings to drum up more interest in their own services. However, it may prove to be a situation that needs immediate attention. Not knowing the outlook either way just adds to the stress. 

What happens if the investigation requires immediate action? 

All we can do is instruct our media agency not to place our ads on any site where this is happening. That’s a lot of money that would need to be pulled. It’s happening across 1000 of the biggest sites advertisers buy ads from, of which 50% are full of cookies that people haven’t given their consent to share. Doing so puts us in a tricky spot. It would wipe out the top publisher sites from our media plan. And the only option we have left then is to spend what money we have pulled with the walled gardens. We’ve not made that move yet. We need to complete our own audits before we make a call on whether we have to pull media dollars. That said, this all seems like something that would be eminently fixable. We just need to know how dangerous this use of cookies that people have agreed to share is.

Are you comfortable putting more money into walled gardens?

Not really. In fact, we’ve been trying to do the opposite. Now, it seems like we’re being forced back into them. As a marketer, you’re damned if you do and damned if you don’t.

The longer you leave things, the greater the risk. 

It’s still too early to outline a proper timeline on when we’d enact those changes should our own audits reveal we’re part of the problem.  I would say, though, that it’s unlikely we’d make any changes to our media plans before January. It’s more likely to be closer to February. This way, we give media owners the chance to fix the problem and pull those bad cookies back. I don’t think that should be a hard thing to do — pulling cookies off of one page and onto another is copy and paste stuff for media owners. In a few weeks you should be able to have many sites compliant with privacy law. That only happens, though, if we threaten to pull our money. 

Isn’t that just a temporary fix? 

Yes it is. What we really need is direction from the EU. We need to know if they see this as a concern, especially given concerns around the Transparency and Consent Framework from the Interactive Advertising Bureau’s Tech Lab. So far, the GDPR has been enforced along a very narrow band. There’s a significant amount of grey that’s open to interpretation. What the report uncovered seems deliberate and clear, but that doesn’t mean regulators will act on it and hold publishers and ad tech companies accountable. The problem is that digital platforms only ever seem to be swayed from continuing down certain paths through government legislation. 

Won’t that just create a blame game across advertising? 

It will become a game of hot potato. Everyone will try and pass off liability for this issue to others


More in Marketing

As the line between B2B and B2C marketing blurs, Workday taps humor in consumer-facing media channels

As the crowded digital landscape challenges marketers to stand out, B2B company Workday tests a B2C marketing strategy.

How the NBA’s broadcast rights tussle could affect advertisers

Streaming could change the NBA advertising landscape, say media experts.

Ad tech vendor Colossus faces scrutiny for alleged mismanaging IDs

Concerns stem from a report by ad transparency startup Adalytics, which discovered that Colossus was mislabeling IDs, leading to unintended ad purchases.