This story is part of Digiday’s Masters of Uncertainty series, a look at people and companies at the center of media’s defining storylines. Find the rest here.
Last April, one of the ad tech industry’s most ambitious undertakings announced it was taking an important attempt to mitigate a potentially cataclysmic moment when Google will phase out third-party cookies next year. It was a move that initially appeared to look like the next chapter in an improbable story of industry collaboration.
But with many things in media, the reality has proved to be more complicated.
Criteo has joined forces with The Trade Desk to begin testing OpenPass, the single sign-on technology that would harvest all the email addresses needed to power its tech to replace third-party cookies, Unified ID 2.0 (UID 2.0).
These leading companies began banding together, thanks in part to the stewardship of Prebid, the advertising standards body that UID 2.0’s creator, The Trade Desk, had handed UID 2.0’s reins to just a few months earlier.
Prebid was put in charge of UID 2.0 partly to convince the industry at large that it would be steered by an impartial set of hands. But with Prebid at the wheel, the story has taken some dramatic turns. Today, the fate of OpenPass is in doubt after tests in Europe stalled, publishers in the U.S. hesitated to hand readers’ email addresses off to a third party, and Criteo, which was supposed to handle OpenPass’s tests in Europe, now also backs Prebid SSO, a separate, non-email-based sign-on technology that doesn’t require email addresses.
In that same period of time, rival solutions and strategies have eaten away at the enormous head start that UID 2.0 built up. Sources have told Digiday its ascendancy to becoming the de facto ad targeting tool for the open internet is far from fait-accompli with rival tech standards.
And with Google’s deadline to deprecate third-party cookies now less than 18 months away, Prebid, which is currently in the midst of a leadership change, now must decide how forcefully to steer, and in what direction.
You have read the maximum number of free articles.
This content is available exclusively to Digiday+ members.
When The Trade Desk unveiled UID 2.0 in July 2020, the ad tech company had to convince the wider industry that its targeting tool wasn’t just a proprietary solution primed for its own commercial advantage for it to scale.
UID 2.0 won the backing of the majority of the industry’s holding groups with Omnicom Media Group, Publicis Groupe and IPG all endorsing the standard, the latter of the trio named as a “closed operator” of the ad targeting standard in July of 2021.
In a bid to win over ad tech peers Prebid has been an “operator” of the targeting standard, with The Trade Desk eager to point out that Unified ID 2.0 would be interoperable with alternative identifiers, such as LiveRamp’s IDL or Prebid.org’s SharedID.
Naming Prebid as an operator of UID 2.0 was the precursor to The Trade Desk’s OpenPass collaborations; a Criteo spokesperson told Digiday a formal launch of the SSO is expected “in the coming months” after testing began in April 2021.
Opinions are not so unified
But enthusiasm for UID 2.0 was considerably more muted among one crucial group of stakeholders: publishers expected to use it. Given their first-party relationships, publisher buy-in is critical to the success of UID 2.0. And while tests are ongoing, a number of household names from the publishing world are still mulling their options.
Household publisher names have backed UID 2.0 with BuzzFeed, Los Angeles Times, Newsweek, and The Washington Post all signing up to the standard. Although others have publicly adopted a wait-and-see approach, including The Guardian and News Corp.
It’s unclear how many publishers are experimenting with UID 2.0.
For some publishers, whether to back UID 2.0 is a philosophical quandary, said Stephanie Layser, Prebid.org board member, and vp of data, identity, and ad tech platforms at News Corp. “It’s a question of what we want the new internet to look like,” she explained. “Do we want it [the advertising experience] to be more contextually relevant than it was prior to that? I think it’s also a question of whether publishers want to take their most valuable asset and do you want to share it to help the open internet?”
A News Corp. spokesperson further clarified the publisher’s stance: “News Corp is evaluating the solution and is most likely going to make decisions differently for each domain depending on their value proposition in market.”
In contrast, The New York Times told Digiday that UID 2.0 was “not a priority for us right now” in April 2021. “We don’t look favorably on solutions that in the end are still about a lot of data transfer about individuals’ online behavior in ways they don’t understand,” explained Allison Murphy, svp of products at The New York Times at the time.
There is also a crucial distinction between stewarding and owning a product like UID 2.0. And nowhere is this clearer than the European Economic Area, where all those involved in the handling of consumer data have to abide by GDPR. This is because the European privacy regulations require companies to define themselves as either data controller or data processor.
For many, individuals’ email addresses, encrypted or not, are classified as personally identifiable information under GDPR. That’s left many parties wondering who should assume liability for any potential legal fallout. It remains unclear as to when these concerns can realistically be resolved; European trials are still in a holding pattern.
Such disagreements stymied earlier efforts from The Trade Desk to find an administrator for UID 2.0, a role that would require a third party to ensure all those with access to the targeting standard’s encryption code act in accordance with laws such as GDPR.
Magnite’s Garrett McGrath, the interim chairman of Prebid.org, told Digiday the administrator role was offered to both PreBid.org and The IAB Tech Lab, but neither body felt the role of “ad tech police” within their charter. Both bodies prefer to see themselves as facilitators of tech standards, not outfits with powers of sanction.
“Once the administrator has been determined, that is the point, one would assume, that UID 2.0 will go fully into production, and get out of the holding pattern that it has been in,” added McGrath.
Divergent single sign-ons
However, just whom should act as “the ad tech police” isn’t the only front where The Trade Desk and Prebid.org’s membership appear at odds.
The Trade Desk maintains it is fully committed to its earlier plans to develop OpenPass, whereby audiences are encouraged to authenticate their identity by consenting to their email addresses being accessed and then later encrypted, with full cooperation from PreBid.org.
But with some Prebid.org constituents feeling The Trade Desk’s proposed SSO gave it too much control over their platforms, Prebid decided to build an alternative.
Phil Bohn, svp of sales and revenue at Mediavine, and member of PreBid.org’s board of directors said OpenPass and Prebid’s SSO have diverged into separate independent projects as many publishers felt asking website visitors for their email addresses may be too disruptive an experience.
“To maximize adoption, Prebid is building both semi-authenticated and fully-authenticated identity solutions,” he added. “Both will be overly transparent to users, but the semi-authenticated ID opens the possibility that users can rely on a more consistent experience, with their preferences better respected across multiple digital properties.”
A spokesperson for the ad tech body declined to comment, but a source with knowledge of the ongoing developments within Prebid explained the breadth of the divide that had to be crossed.
“The SSO moniker has been confusing to people,” said the source who works within Prebid’s ranks, but requested anonymity due to their employer’s PR policies. “We’re not really building an SSO, what we’re talking about is generating interoperable, addressable identifiers that also have an accountability framework associated with them.”
A Criteo spokesperson explained how the ad tech company intends to placate both camps, “Criteo continues to help drive creation of the open-source Prebid SSO solution, which doesn’t require email authentication. Criteo strives to make these, and other solutions like OpenPass, interoperate to achieve our above goal.”
So, while the constituents of the open internet, ad tech companies and publishers alike, have a common cause in their desire to disrupt Big Tech’s dominance over marketers’ ad budgets, philosophies on how to do so in an increasingly privacy-centric world differ starkly. Discussions within Prebid.org will be crucial to preserving a delicate confederacy.
Sign up to get the day’s top stories at 6am eastern.