Publishers step up the fight against cookies gone rogue

More publishers want to crack down on rogue cookies on their sites.

For publishers, monitoring which cookies are dropped on their sites in the name of programmatic advertising takes effort. The General Data Protection Regulation has added another layer of pressure — making publishers liable for fines should any third parties that drop cookies then reuse that data for other purposes.

Although many publishers have fewer ad tech vendor partners than a few years ago, there remain countless vendors that operate via other vendors (like supply-side platforms) which have direct relationships with publishers. The Association of Online Publishers and The Media Trust have come up with a way to give publishers free access to a cookie repository. The idea is for this cookie pool, which publishers will be given access to once ready in the coming weeks, to act like a giant encyclopedia for cookies. Publishers will be able to see every single cookie type that is dropped on their sites, and by which vendors. They can access this information via a log-in.

Publishers including News UK and The Guardian plan to use the repository. In general, national news publishers are the most likely to onboard the soonest, according to Richard Reeves, managing director of the AOP. The Media Trust will scan the publisher sites to determine which vendors are dropping cookies and for what purposes. Once it has a comprehensive list of cookies and vendors used by AOP members, the company will send those vendors a formal letter instructing them to classify and define what cookies they drop and for what purposes.

“This is a very useful [tool] and a great step forward,” said Dan, Powell-Rees, head of technology optimization for the Guardian. “Lots of publishers are having to scrape their data to maintain this information themselves. It could enable publishers to identify cookie issues much more quickly.”

“There has been no way to show how agencies or even technology vendors have used publisher data to build profiling strategies and businesses,” said an executive at a national publisher. “By categorizing cookies with an independent party we will now be able to call out the purposes and value of the cookies on-page. And it shines a light on premium content also being valued for rich-data sources, and enables us to verify bad actors across the ecosystem.”

The AOP protocol is also aimed at helping publishers monitor whenever pixels are dropped on their sites to scrape profiles to resell, without declaring it to the publisher. Thanks to GDPR, these now have to be declared to the publisher, along with the purposes they’re used for. That means by using the cookie pool, publishers can begin discussions on how they may commercially charge for the use of those pixels if they’re permitted by the publisher, said publishing execs who wish to remain anonymous.

Having a verified cookie database also wouldn’t hurt publishers to be prepared for the ePrivacy Regulation that’s still being lobbied but which is designed to be far more focused on the media and advertising industry than the far broader GDPR ever was.

“E-privacy is much more specific to our industry than GDPR ever was or intended to be,” said Matt O’Neill, gm of The Media Trust in Europe, the Middle East and Africa. “GDPR has been a dress rehearsal for our industry for e-privacy.”

More in Media

Inside The New York Times’ plans to correlate attention levels to other metrics

There’s a lot of buzz around attention advertising right now, but The New York Times is trying to stay grounded even as it develops its own plans.

Why publishers are preparing to federate their sites

The Verge and 404 Media are exploring the fediverse as a way to take more control over their referral traffic and onsite audience engagement.

Why publishers fear traffic, ad declines from Google’s AI-generated search results

Some publishers and partners hope for more transparency from Google and other AI companies related to AI-generated search.