‘Don’t let the fox in the chicken coop’: Confessions of a publishing exec on post-GDPR data leakage
Over the years, publishers have learned the hard way that there is no such thing as a free ad tech product.
For the latest installment of our Confessions series, in which we offer anonymity in exchange for candor, we spoke to a publishing executive who fears that data leakage has become a major problem again since the arrival of the General Data Protection Regulation.
Answers have been lightly edited for clarity and flow.
Data leakage has long been an issue. Why is it a worry again now?
It has ramped up significantly since the advent of GDPR and the rise of the consent management platform. For a long time, middlemen of different flavors — whether they’re ad tech companies or social media giants — have offered free technologies to publishers on the premise they will make them more money. Usually, it’s for services and utilities that are difficult for publishers to create. So it could be tools that help publishers segment audiences and then understand more about them so they can sell them better to advertisers, for instance. Now it’s free CMPs.
So what’s the problem?
If someone is offering you something free of charge and selling it aggressively, and we’re not expected to give them any money in return, it makes us wonder, what are we giving them in return? GDPR and ads.txt have served as a wake-up call for publishers accepting free technologies. Once the data leaves their pages, publishers really have no control over what happens to it. So ads.txt and GDPR have had a positive effect on that. This [accepting free CMPs] is now undoing some of that work by allowing the data out by a different source.
So what should publishers steer clear from?
These [CMP] technologies are often developed and sold by companies with media businesses. So anyone accepting these technologies for free from companies that aggregate media and data to then package and sell to advertisers, and take an undisclosed margin for bundling the media and data.
GDPR reopened the opportunity for publishers to take back control of their own data and publishers have realized over time that one of the most valuable assets is their relationship to the consumer and what they know about them. By giving that access away to a company that could have a commercial incentive to misuse it — it’s a case of don’t let the fox inside the chicken coop.
Isn’t the onus on the publisher to have guaranteed this won’t happen?
A lot of publishers are concerned about it, but often they opt for a free CMP because they admit it’s just easier to. And the sales pitches are often very compelling or aggressive. Every publisher has a vast road map of things they’d love to do if they had time to do it. But taking what is a possible Trojan horse from an ad tech company to solve the problem seems like a box-ticking exercise rather than an opportunity to protect something that is of such fundamental value to the publisher.
Give an example of aggressive selling.
They point to legislative risks often with an undertone of threat where they tell a publisher that they might be exposing themselves to legislative risk under GDPR law, or exposing themselves by working with that publisher. It’s a scaremongering approach that’s come about since GDPR. And now that high-profile cases are emerging over fines, they’ll likely tap into more, and try and provide a service that is free.
Don’t some CMPs just want to provide a value add for trusted partners?
I know it’s good to have a relationship with publishers and be seen as a valuable partner that offers services beyond the core service, but to divert so much R&D resource into creating something that doesn’t offer an immediate commercial return in these highly pressured times for ad tech companies seems like an extraordinary act of generosity.
What are the ramifications if publishers aren’t cautious enough?
The worst case scenario is that publishers will never realize the true value of their data or their media. It will be faceless inventory for someone else to target using their own data and thereby extracting value from the supply chain, which is rightly that of the publisher and advertiser. If they don’t seize that opportunity, they will cede that value to middlemen, and the cycle will continue.
That famous example of 70 pence (92 cents) going to unknown sources will never get any better. We will just open up new leaks. We’ll have fixed one leak and opened up another.
Member ExclusiveMedia Buying Briefing: WTF are barter agencies?
Barter agencies have always operated on the fringes of the media agency scene. What's changed for them since the pandemic?
Member ExclusiveDigiday Research: In the race to comply with digital privacy laws, few sites are making it easy for visitors to opt out of data collection
Just a tiny fraction of websites are giving visitors a choice in how the data collected on them is used.
Cheat Sheet: Google unveils timeline for a more ‘responsible’ cookie death clock
Google elaborated on its timeline for killing off third-party cookies as part of its promises to the UK's antitrust authority.
SponsoredHow the ad industry can use its borrowed time to future-proof first-party data solutions
Trent Lloyd, co-founder and head of brand solutions, Eyeota Google’s updated timeline for its Privacy Sandbox rollout, including its two-year delay of third-party cookie deprecation on Chrome, didn’t come as a surprise to many industry observers, given the limited utility of Google’s FLoC and the slow momentum of the Privacy Sandbox in the World Wide […]
How news publishers are using the Olympics and AR to flex their emerging tech storytelling
Big publishers like The Washington Post and USA Today are developing and expanding AR storytelling around the Olympic Games.
‘Weak Sauce’: New industry tool for opt-out from email-based tracking misses ID tech and key players like Facebook and Liveramp
The Network Advertising Initiative's new privacy control is intended to stop email-based audience matching — often referred to as onboarding.