Privacy, Data Ownership and the Digital Media Value Chain

Regular readers of this page know that I have written multiple posts on the general topic of privacy concerns with online ad targeting.  More recently, I have highlighted a lower-profile, but equally important facet of the privacy discussion:  data ownership.

2010 was a turning point in the data ownership/privacy discussion.  So as 2011 kicks off, I thought it would be worthwhile spending a moment to tie these threads together in the context of the digital advertising value chain.

The value chain begins with users, who move from publisher to publisher and page to page consuming content that interests them.  In most cases publishers provide this content free of charge in exchange for the opportunity to present ads to users who consume it.  Publishers then sell the ad inventory so created directly to media agencies (who buy on behalf of advertisers) or through some mix intermediaries including SSPs, exchanges, DSPs and Ad Networks.

Increasingly, agencies are choosing to buy (and thus publishers – sometimes reluctantly – are choosing to sell) through intermediaries.  Therefore, the value chain for a typical advertising transaction is as follows: user, publisher, ad network or DSP, agency, advertiser.

Sitting in the middle of this value chain are ad networks and DSPs.  As has been discussed, it’s often difficult to assign a given company cleanly to one bucket or the other, but this link in the chain generally aggregates publisher ad inventory and agency demand, providing agencies with targeting and optimization capabilities and increasing operational efficiency for both publishers and agencies.

Here’s a typical example:

A network or DSP runs a campaign for an eyeliner product from a large CPG advertiser on a group of womens’ content sites.  The network/DSP collects data on which users it encountered on which sites or site sections (e.g., beauty tips, product reviews), who clicked on and/or engaged with the eyeliner ad and on which publisher pages/sites they did so.  Depending on how the campaign is configured and measured, the network/DSP may even collect some activity data from the advertiser’s site.  The network/DSP then turns around and sells media based on that data – say by a) retargeting those users on other sites or b) offering those users or look-alike users to other advertisers or c) some combination of both.

The activities this example illustrates are commonplace, but the appropriate legal permissions for this type of data use are almost never explicitly granted today.  In fact, in many cases some or all of these activities are expressly prohibited.  Like users who are becoming increasingly concerned about the extent to which data about them and their behavior has been bought and sold without their knowledge, many advertisers and publishers would be surprised (shocked) at how their data is being used.

Which brings me back to the value chain.

Of all the entities in this value chain – user, publisher, network or DSP, agency, advertiser – intuitively, which entities have the strongest claims to ownership of the valuable data generated by an online ad campaign?  I would argue that the ends of the value chain – the user and the advertiser – have the strongest claim to ownership of this data, with other parties’ claims weakening dramatically from the ends to the middle.  Who has more rights in a user’s behavioral data than that user?  Who has more rights in an advertiser’s performance data than the advertiser who paid for the campaign?  It’s patently obvious.

Of course, these data owners may choose to license some of their inherent rights to others in exchange for something of value.  For example, a user may be OK with a publisher recording and using his browsing habits to deliver more targeted content or sell ads to subsidize free content.  Or an advertiser might be OK with their agency recording and using ad performance data to improve the return of their campaigns over time.

However, in full knowledge and understanding, would the average user really be OK with an ad network or DSP, with whom the user has no relationship, constructing a comprehensive view of her life (anonymous or not) and selling those details to the highest bidder?

The industry generally defends this practice by extolling the user value of relevant advertising.  This argument has been proven valid in Search advertising, but is a tenuous proposition at best in Display.  Regardless, each user should make the decision on the value of ad relevance vs. privacy, not the industry on behalf of all users.

Similarly, would the average advertiser be OK with an ad network or DSP using data about how its campaigns perform to improve performance of direct competitors’ campaigns?  I’m not sure what the industry’s “pro-data-owner” argument would even be in this case. Yet, again, this type of activity is routine in today’s digital ad market.

So I would argue that the privacy debate that rages today is fundamentally a reflection of the simple property rights issues these activities raise.  Users and advertisers at the ends of the value chain own the data, but that data is being used and monetized primarily by the players in the middle of the value chain.  The vast majority of this data use and monetization is unlicensed, representing a free ride on the gravy train for about half of the companies on LUMA Partners’ ubiquitous landscape chart.

The government appears to be leaning towards addressing this set of issues on behalf of users with a “do not track” list, but even without do not track – as many are skeptical of the speed of government to act – the private sector is rapidly innovating.  New versions of browsers from Microsoft and Mozilla will ship with privacy protections built-in.  For those who don’t want to upgrade, browser extensions are also providing private, user-controlled do not track capability.  Another new technology, from Bynamite, is taking a different approach by providing the user a way to control – and profit from – distribution of their data.

In defense of corporate data owners, companies like Krux Digital are providing tools to help publishers keep from getting their virtual pockets picked.  I am not aware of any company providing similar data security audit solutions for advertisers, but this is an essential technology representing a huge opportunity.  I am sure a solution is on the way.

The landscape is evolving quickly and it’s still unclear as to how it all will end up, but one thing is certain.  The long term solutions to the “privacy” issue will give data owners at each end of the value chain dramatically increased visibility of, control over and stake in how their data is used by players in the middle.

And as these capabilities allow the data gravy train to begin charging for tickets, you’re going to see fewer riders.

Data property rights moving to front burner?

Another example this past week of the co-equal, but less prominent facet of the privacy issue – data property rights  – coming to the fore.

Wired reported that Specific Media was sued in Federal court for violating users’ privacy by a) using flash cookies to reconstruct http cookies that had been deliberately deleted by users and b) having a deliberately misleading privacy policy.  If these claims prove to be true, they are a great example of the serious issues the industry faces with privacy.

Particularly interesting, though, was the perspective in a comment on Mediapost’s coverage here from an employee of FAN – Fox Audience Network.  The commenter made the point that while this was a privacy issue, it was also a data ownership issue.  He went on to state that there is a legitimate reason for a publisher to use flash cookies, (e.g., the Pandora  buffering example cited by Wired) and that publishers have legitimate claim to user data as part of the implicit deal struck by users in consuming free content.  A network like Specific Media seems to have no such legitimate reason or claim.  Flash cookies used by a network are there for one reason only:  not as many users know how to delete them.

I recently congratulated Krux digital on their plan to help address the lack of reporting and enforcement capabilities for property rights in data.  Based on this announcement last week it looks like Krux already has a new competitor.

I have written before that this second facet of the privacy debate is widely underestimated, but it looks like that’s changing and that’s a great thing for the industry.

What is a DSP?

Just a quick post to go “on the record” in the context of the recent AdExchanger threads (1 and 2) defining/discussing “Demand Side Platforms” (DSPs).

I agree with those who indicated it is way too early to lock down a narrow definition of DSP.  Arguably anything that’s really a “platform” should never need a description that’s as detailed as the list offered in the first post, but regardless its definitely too soon in this particular market.

At this stage I think all are better served by a more general definition.  Fundamentally, I think any entity that meets the following criteria with sufficient breadth of capabilities is a DSP:

  • Technology that interfaces directly with demand-side entities
    • “Interface” does not necessarily mean GUI.  An API could be even more useful if it meets the customer requirements
    • Demand-side entities may include agencies and/or advertisers
  • Technology that adds significant value in the process of buying and/or management of media
    • Value could originate from data integration, forecasting, buy automation or other operational efficiency gains, supply source integration, delivery and/or pricing risk management, increased ad effectiveness through optimization, impression filtering/categorization
    • Etc., etc., etc…
  • Technology that operates as directed by the demand side entity (i.e., the customer)
    • The technology can be used flexibly and transparently by the customer in a way that benefits its business, with limited incentive conflicts

Obviously, technology is the common thread; DSPs will compete on the strength of their technology and networks with weak technology (essentially bucket shops, substituting people and excel for real technology) will find themselves increasingly squeezed between DSPs and exchanges.

One final point:  “platform” implies broad capabilities.  Many companies exist with valuable capabilities that meet the above criteria, but that couldn’t properly be called platforms.  I would suggest that Demand Side “Tools” (DSTs?) is probably more appropriate for more narrow capabilities.  These tools may be used directly by demand side entities and/or be packaged by DSPs.

Rethinking Retargeting

Just a quick post to make sure folks saw Richard Frankel’s article today on AdExchanger.

A couple solid, related tidbits in there.

The first point is about attribution.  Richard cautions that retargeting often “steals” attribution from other tactics unless careful steps are taken to prevent it from happening.  DR tactics stealing attribution from upper-funnel tactics is an important topic on which we have written before.  As we mention in that article, it’s also the subject of an entire body of work by Microsoft’s Atlas Institute.

The second point is about the importance of finding new prospects and customers, not just retargeting old ones.  This difference between “demand creation” and “demand fulfillment” (as Forbes.com’s Jim Spanfeller has somewhat famously put it) is something that needs to be understood and carefully considered when developing a comprehensive marketing and media strategy.

As online media marches past a 30% share of total media consumption, new technologies are eroding offline media like TV and print.  Both demand fulfillment and demand creation budgets alike must follow consumers online.

Why is DoubleVerify burying its big news with a December 23rd press release?

PR experts use a trick when they need to release news they really don’t want covered broadly, peer reviewed or scrutinized.  The trick: drop the announcement when everyone is focused on other things.  The Friday afternoon before a long weekend and the last business day before a major national holiday are prime dump days.  The Bush White House used this tactic to announce Koran abuse at Gitmo and the indictment of Scooter Libby.  Celebrities routinely use it to announce divorces or rehab stints.

And on December 23rd, just as the media world shut down for Christmas, Double Verify (DV) used it to announce its new “BrandShield” solution.  Of particular note in DV’s release is that it seems to imply (the wording is quite cagey) that DV can perform page-level quality filtering on “nearly 100% of impressions”, even when ads are served within iframes, by effectively “seeing through” the iframes to determine “which…page the ad is actually delivered on”.
Taken at face value, this sounds like a huge advance in page-level quality filtering technology, which obviously requires page-level visibility to work.  However, regular readers of this page will remember our recent post on the problems posed by iframes for 3rd party page-level filtering.  Specifically, that “seeing through” iframes is impossible for an ad buy – like the vast majority of ad network buys – the composition of which is not known in advance.

So why would a (to date) publicity-hungry startup like DV announce seemingly ground-breaking technology in a way that recalls the indictment of a senior White House staffer?  The only reason I can think of is that this announcement amounts to either a) an admission that DV is using the methods of hackers to exploit holes in browser security and enable collection of data that all commercial browsers prevent for important privacy reasons or b) a clumsy and misleading attempt to confuse the market about what is technically possible.

The former would raise extremely troubling privacy concerns, particularly against the backdrop of increased scrutiny on collection of user data for BT.  The latter is obviously not particularly comforting either, but at least it doesn’t open unsuspecting agencies and brands up to PR backlash, consumer lawsuits and/or government sanctions.  Either way, prospective DV clients considering this solution should ask tough, direct questions about how this apparent iframe miracle is performed before touching it with the proverbial ten foot pole.  Specifically, buyers’ technical staffs should seek to understand clearly and precisely how each page in an ad buy would be conclusively identified and filtered, including each page where the ad is displayed within an iframe.  As I mentioned above, be sure to consider the case where the composition of the buy is not known in advance, like most ad network buys.

Rest assured that we will be working with our agency partners to fully explore these claims and will share whatever facts we uncover on this page.  Please feel free also to share with me anything you know or find out.  As we set about that work (or at least until DV is good enough to clarify their release), I would renew my call for a New Year’s resolution:  let’s elevate the dialog from misleading marketing claims to honest discussion and execution of the cutting edge solutions that sophisticated clients demand and deserve.

For Brand.net, Quality is more than an Undertone.

Catching up on my inbox, I noticed an interesting article from Undertone’s Alan Schanzer last week on AdExchanger.  Credit to Mr. Schanzer for trying to help media buyers differentiate between networks; it’s a crowded market with lots of overlapping claims and capabilities.  Unintentionally, however, his article does more to clarify how little first generation ad networks can do to maintain media quality and protect clients’ brands than it does to provide useful advice for the media buying community.

Mr. Schanzer claims that, “when selecting a network, business practice transparency is far more important than site transparency” and focuses the reader on two bad business practices that site transparency does not prevent:  URL padding and daisy chaining.   He’s correct of course that site transparency doesn’t address either issue.  But it’s not exactly news that lying about site breadth or buying in a completely uncontrolled manner are bad business practices.  If avoiding them is even enough to be table stakes then it’s a low limit game.  Sophisticated buyers demand (and get) a lot more from their most important partners, and have for years.

Mr. Schanzer is 100% correct that, “a site list alone will not protect your brand”.  But he doesn’t get down to the real threat to your brand:  objectionable content.  Nor does he discuss the fact that objectionable content is not just a site-level (publisher) problem, it is a page-level problem (i.e., there are pages on the very best publisher sites that have objectionable content, which can arise in an instant by way of user generated comments) and because it is a page-level problem it takes serious technology to solve.  That’s why Brand.net has invested millions of dollars over the last 18 months in our pioneering page-level filtering platform, SafeScreen, which launched in Q109.  That’s also why I wrote a detailed article for iMedia in September on the criticality of ensuring quality at the page-level and posted a more recent follow-up that discusses some major problems with emerging 3rd party technologies that claim to address this issue.

Having said all of that, I am surprised that late in 2009 Mr. Schanzer would want to draw attention to the weakness of a site-based approach to managing quality.  Particularly when Undertone’s quality “guarantee” is framed 100% in terms of site selection.  Read it carefully.  Undertone does not guarantee that it will keep clients’ ads away from objectionable content.  It merely guarantees that clients’ ads won’t run on a site that is not certified as an Undertone Quality Publisher (UQP).  This commitment is almost meaningless because (at least on this page) UQP is undefined outside of a few vague criteria.  As written, Undertone could call a “professionally produced and aesthetically desirable” porn site an UQP and not payout under the “guarantee”.

Of course Undertone would not act in such bad faith, but by framing its quality “guarantee” in terms of site selection and saying nothing about page-level quality, it reveals either a fundamental misunderstanding of the key quality issue that sophisticated media buyers are focusing on today, or the lack of technology required to deliver a best in class solution. It’s pretty clear it’s the latter, because at the bottom of the same page the fine print specifically and explicitly carves out a safe harbor for ads that end up next to objectionable content on pages of UQPs.  In other words, Undertone is saying that if they place your high end beauty, food product or premium diaper ad next to the F-word (or worse) in a user comment that appears on a top women’s site, they’ve successfully completed their job as your media partner.  At Brand.net we certainly wouldn’t want to try to explain that to one of our customers and SafeScreen means we won’t have to.

I propose a New Year’s Resolution for the industry:  let’s elevate the dialog from trading marketing claims of little or no practical utility to active discussion and execution of the cutting edge solutions that sophisticated clients demand and deserve.

CBS’ Decision

Some quick comments on this morning’s Ad Age article on CBS stepping away from networks. The “publishers vs. networks” issue has ebbed and flowed pretty consistently since I started in this business at Yahoo! in 2002.  It seems to ebb when revenue is scarce and flow when demand picks back up, with clear evidence of both trend and seasonality.  There is obviously some rationality to this pattern, but I have always thought that the “turn ‘em on, turn ‘em off” approach is a blunt instrument that doesn’t serve publishers, particularly in the long term.

For example, in this article, CBS draws a distinction between the third party networks they are turning off and agency-owned networks (e.g., Vivaki) with whom they will continue to do business. As Michael Zimbalist of NY Times points out in another recent article, from a publisher perspective these agency-owned entities have a lot in common with third party networks.  So it’s unclear how leaving them “on” makes sense if the best solution for third party networks is “off”.

Apart from this inconsistency, two other big issues with the on/off approach are lack of resolution and poor responsiveness to dynamic market conditions.  While networks overall may monetize at a lower rate than direct sales efforts, certain networks will be more or less competitive for certain inventory (resolution) and at different times (dynamics).  RTB was designed to address these two “hard coding” issues (amongst others), but neither AdX 2.0 nor Right Media are close to ready to be relied upon as sole indirect demand channels.  Internal agency network efforts are still nascent as well.  The bottom line is that vastly more demand still flows through third party networks than through of any of these channels.

So rather than bowing out of a significant majority of the quickly evolving ad ecosystem, I think the right publisher solution is a framework that coordinates direct and indirect sales efforts to create the competition for inventory that drives maximum revenue for the publisher. Based on my long experience at Yahoo!, I laid out the broad strokes of such a framework in an article for MediaPost earlier this year. Publishers that learn fastest and best how to apply such a framework in their particular circumstances will achieve levels of monetization that increasingly distinguish them from their more isolationist peers.

None of us is as smart as all of us; the key to staying on the cutting edge of monetization is coordinating the best efforts of both direct and indirect channels on a dynamic basis.  Today and for the foreseeable future, third party ad networks are an important part of that picture.

%d bloggers like this: