Consumers have a love/hate relationship with targeted advertising. While nearly half (49 percent) of U.S. consumers in a 2021 Forrester report take active measures to bar apps and websites from collecting personal information, many (71 percent, per a 2021 report by McKinsey & Co.) have grown to expect a level of personalization. For instance, a cat owner would, presumably, prefer to see ads for cat food than dog treats.
Research reported on in the Harvard Business Review in 2018 shows that consumer reactions to personalized advertising hinge on trust and transparency. Faced with consumer perceptions and government regulations, online marketing has become a balancing act to deliver relevant ads without encroaching on a consumer's privacy or betraying their trust.
Thankfully, there are new and emerging technologies that can help marketers find their equilibrium and continue targeting digital ads while maintaining privacy protections.
Two forces that affect digital advertising are on a collision course: walled gardens and new privacy regulations.
Walled gardens such as Facebook, Amazon, and Google monetize consumer data by providing self-contained media ecosystems that prevent brands from exporting information. This silos consumer data, which makes it hard for brands to for example, determine if the John Smith who bought their product online is the same person who purchased the product at a big box store or clicked on an online ad.
Concern for user privacy has led to a patchwork of privacy laws in the U.S. And new privacy regulations from California, whose California Privacy Rights Act goes into effect in January 2023, along with the state's existing CCPA and the EU's sweeping GDPR, may soon make it much harder to share consumer data. That could mean brands will lose access to the personally identifiable information (PII) that allows them to determine how many different John Smiths buy their products. The laws are intended to protect consumer privacy (see "The GDPR, CCPA, and CPRA Raise the Bar on Consumer Privacy," below), but they may inadvertently result in the end of third-party cookies, which are essential to target marketing.
Additionally, Google is expected to enact its delayed plan to discontinue third-party cookies in 2023. Since Google is a leading force in internet advertising, the "cookiepocalypse" will make the wall around its garden even higher. The new privacy regulations will likely drive other walled gardens to make similar moves.
Ad space still exists outside these walled gardens on broadcast TV and radio, in print magazines and newspapers, and in other traditional media outlets. Yet companies shouldn't put all their ad spend into mass media. A 2020 Pew Research Center survey found that 86 percent of people consume news online at least some of the time. And the number of people in the U.S. who receive broadcast television via satellite or cable has also declined from 76 percent of the population in 2015 to 56 percent in 2021, according to a separate Pew survey from 2021.
As consumer attention splinters across a growing number of media options, the quest to reach consumers with meaningful messages increases in difficulty. Without third-party cookies, companies need a new model for privacy-compliant targeted advertising. Fortunately, that model is beginning to take shape.
There's no privacy-compliant way for companies to concatenate their first-party data with second-party data collected by retailers. If the consumer didn't give the retailer permission to share their data with the manufacturer, there's no way to legally pass that information on to the manufacturer under the new privacy regulations.
A physical clean room is an environment free of even the smallest extraneous particles. They are used to reduce the risk of contamination when manufacturing sensitive products, such as pharmaceuticals or electronics. Data clean rooms provide a comparable space in the digital realm by creating a secure environment to facilitate information sharing between two parties while respecting consumer privacy.
PII from two different datasets can be compared to match profiles inside the data clean room. For example, the John Smith who bought a product from a manufacturer might have the pseudo anonymous identifier "User 123" in the first-party dataset. An identity graph in the data clean room can match that person with the John Smith who bought the same product at a big box store, identified as "User 456" in the store's data. An identity graph is a database that compares data from multiple sources to create a unified profile for each customer.
The PII used to make the match never leaves the clean room, but the company can now recognize that anonymized Users 123 and 456 are the same person. Marketers receive a consumer profile with actionable data on purchasing patterns, media consumption, and more while complying with privacy regulations.
Data clean rooms are available within the walled gardens of tech companies like Facebook, Amazon, and Google, which provide identity graphs to match their data with a company's first-party data. In addition, some third-party providers have created proprietary identity graphs by buying consumer data. And there are open-source clean rooms where companies can bring their own identity graphs to unify the data in an environment that they control.
While data clean rooms are a step toward privacy-compliant marketing, they have a significant limitation because they allow only one-to-one data sharing. Most marketers need to understand consumer profiles across more than a dozen walled gardens, and setting up a clean room to build profiles for each garden creates more data silos.
To un-silo the data and create well-rounded consumer profiles, marketers may benefit from a "garden of gardens." The concept involves one master clean room controlled by the brand that brings data from multiple walled gardens together in one place. The garden of gardens creates a one-to-many relationship that adheres to the same privacy controls as any data clean room and removes PII from the data before releasing it.
The garden of gardens could allow a company to create holistic customer profiles so they can better understand them. For example, this approach could reveal that the same customer bought the product through various third-party online stores and directly from the manufacturer — all while remaining privacy compliant.
At the moment, the biggest hurdle for the garden of gardens model may be the participation of the companies that operate the walled gardens. However, targeted marketing is expected to rely on the garden of gardens approach in the future; eventually, publishers will have to consent or risk being left behind.
Derek Baker is the principal, marketing transformation at PwC, a partner in the ANA Thought Leadership Program. You can connect with Derek on LinkedIn.
While marketers deal with a swath of privacy legislation throughout the U.S., three landmark pieces of legislation have far-reaching implications for brands.
In response to these laws, players like Google have reaffirmed that they are not backing down on their pledge to sunset the third-party cookie in 2023. — D.B.