The upshot of GDPR: Programmatic ad rates are rising

Other vendors have been even more specific: Ad tech vendor Sovrn has seen a 67 percent uplift in yields on inventory with consent strings versus those without, according to the vendor. That increase is due to the fact there is a smaller pool of inventory with consent-string information attached, as not all publishers have yet adopted a consent management platform, said Andy Evans, CMO of Sovrn.

“Buyers are looking for the consent string to ensure premium inventory,” he said. “The amount of matching inventory is limited, and, therefore, buyers are willing to pay more for it.”

Bid strategies continue to differ from one demand-side platform to another, making it difficult still to fix on a single figure for any increases seen. Meanwhile, not all DSPs are yet reading and decoding the consent strings, and in those cases, CPMs tend to look the same, according to Adrien Thil, head of corporate development, for ad server Smart. Regardless, where DSPs are reading consent strings correctly, inventory with consent information attached is driving up bid density and therefore CPMs.

“Our estimate is that CPMs are five to seven times more expensive when they include consent strings,” said Thil.

Where CPMs have risen, however, it isn’t necessarily driven by all agency buyers proactively spending more on impressions that have consent information attached. Although some agencies only buy inventory that has consent information attached to it, several have said they have not increased the amount they’re willing to bid on inventory deliberately based on whether there is consent information attached or not.

But the same agencies have conceded that wherever inventory supply has been constrained for GDPR-related reasons naturally CPMs would have inflated.

“We have seen examples where third-party data providers have been removed or excluded or seen an overall drop in the addressable population of the major DSP solutions,” said Miles Pritchard, head of data and technology strategy at Annalect. “That would have had knock-on effects on supply and, therefore, aggregate impacts on unit costing.”

Naturally, it’s not the case for all. Essence, for example, only buys inventory that has GDPR user consent for personalized targeting. Yet the agency hasn’t seen any increase in CPMs because many publishers are still working on an assumed consent basis, meaning that their opt-in rates and, therefore, inventory supply, haven’t dropped much, according to Ryan Storrar, head of activation at Essence for Europe, Middle East and Africa.

“It opens the question of how low the bar is in the definition of consent,” said Storrar. “The reason our CPMs haven’t fluctuated is that supply hasn’t been choked. The majority of sites you visit require you to opt out rather than opt in.”

In other cases, CPMs may have stayed the same due to a DSP’s default settings. Due to the way DSPs work, if a bid request comes through without the necessary consent string from the publisher’s CMP, the DSP will typically default to a lower price or to serve contextual advertising or other versions of non-personalized ads — or it simply won’t bid at all. When that happens, there won’t be any obvious bump to CPMs, making it harder to monitor the effect of CPM rises on a more granular level, according to Pritchard.

Although it’s becoming easier to spot shifts in GDPR-related buying patterns, there are still inconsistencies and “oddities” that vendors have flagged, for which they don’t yet have an answer. One vendor has noticed a smaller CPM uplift of between zero and 20 percent on an — albeit far smaller — proportion of inventory without consent information attached. The fact that GDPR consent strings are vulnerable to manipulation has meant that conversations around GDPR fraud continue to bubble under the surface of conversations, according to an executive at the ad tech vendor.