the missing user data platform
25 August 2018
Today's web advertising relies on 1990s browser behavior—most browsers fail to protect users from being tracked from site to site, and advertisers are used to taking advantage of that old defect. But because browsers do user research and respond to what users want, that's changing. Browsers are making it harder to track users from site to site without their permission. Along with privacy regulations, this change is creating an opportunity for new, "post-creepy" web advertising that:
works with user privacy principles
has fewer of the negative externalities of targeted ads
gives more market power and revenue to sites that users choose to trust
Most of this can be provided by third parties that publishers are already using. For example, Google Tag Manager already has the required functionality in order to comply with the European GDPR. The missing piece is a way for sites to collect and enough user data to show advertisers that the site is trusted by human users, in order to make the ads on that site saleable.
In the new environment, user data alone is insufficient—data must be accompanied by the consent required to use it. The system needs to evolve away from dependence on large quantities of un-permissioned data towards the ability to use less data accompanied by permission. (Post-creepy web ads won't be able to swim in abundant unpermissioned data with the nutria of the Lumascape. Consent is scarcer than data. Instead, publishers will have to collect and conserve every drop of data, like muad'dib, the desert mouse of Arrakis.) Possible sources include:
Subscription and micropayment systems
Comments and surveys
Miscellaneous e-commerce (tote bags, mugs, clothing...)
Transparency and Consent Framework consent bits
Differences in browser behavior between trusted and untrusted sites
Consent management is a tricky problem. IAB Europe is doing some work toward addressing it, with the open-source Transparency and Consent Framework. Although existing implementations are designed to nudge the user into not-transparent data practices, this framework does provide a starting point on which to build consent management that both implements the user's preferences accurately and provides a smooth user experience. (more info: Global Consent Manager. Global Consent Manager is a client-side component already under construction that can interact with server-side data platforms.)
In principle, privacy regulation and browser privacy improvements have the potential to lower the return on investment on creepy tracking, and raise the return on investment on building reputation and getting consent. But publishers, who have the reputation to get the right to use data, don't have the development budgets or time to build the tools for data gathering. User data and opportunities for permission are everywhere, in CMSs, other software, and in third-party services.
The missing piece is a platform that will collect data, with permission, from all the above sources and
run either on the publisher's own infrastructure or as a third-party service so that small publishers don't need to touch the CMS or deploy and manage a new service
comply with current and future data protection regulations
work with and anticipate privacy improvements in browsers
provide reports and APIs in a usable format for advertisers and agencies
Many of today's ad agencies, even sympathetic ones, won't come to the new system by choice, because it won't allow for tracking desirable audiences to cheap sites. We can assume that advertisers and agencies will ignore the new system until they see that it’s a way to reach a significant audience that they can’t reach in other ways, today, and the mainstream tracking-protected web audience in the near future.