Commentary originally Published on Street Fight
Every day there’s another article (or another dozen) about the death of cookies and third-party data going the way of the dinosaurs. First-party data is being heralded as the replacement solution to any and every need a privacy-centric marketer may have — the third-party king is dead; long live the first-party king. The problem is that first-party data, while immensely powerful and essential, can’t solve all critical marketer needs on its own. First-party data is great for reaching people you already know and for modeling purposes, but it can’t reach prospective customers where you don’t have an established touchpoint.
To illustrate the marketing challenge, imagine a local gym that wants to drive membership in a new location that they’ve just opened. Their CRM data can help them reach existing members and even some prospective members that have previously shared their contact information. But they’re going to miss out on the huge potential market of prospects that aren’t in their database. This is compounded by the fact that 30% or more of CRM data will be out of date, incomplete, or inaccurate within a year. Taken to the extreme, if the gym is a new business, it won’t have any first-party data at all.
For the majority of businesses, marketing success is a mix of reaching both existing customers and potential customers. Sure, you can use contextual targeting (putting your ad for a new car on a website about cars) or advertise on neighborhood websites to reach a certain geographic audience, but at the end of the day, these are proxies for the audiences you really want, and they’re inefficient proxies.
When it comes to third-party data, the old Mark Twain quote applies: “The report of my death was an exaggeration.” The end of the cookie is not the same as the end of third-party data. There are multiple third-party data options for marketers that are inherently privacy-conscious, regulation-satisfying, and that work with the policies being implemented by big-tech.
Before looking at the path forward, it’s worth pausing to remember how we got here.
How marketing’s privacy reckoning arrived
The path was paved with good intentions — internet users got access to free and valuable content without paying fees in exchange for seeing profit-generating ads and sharing data that powered those ads. More data meant more relevant ads, which were supposed to be useful.
But things got out of balance. More data and more types of data were being collected and, perhaps more importantly, connected with other various data sets without most users actually being aware of it or having a say in what was happening. They supposedly gave their consent, but let’s be real — how many of us actually read the fine print in the website terms of service or when we sign up for a new loyalty rewards program? It began to feel like ads were following people across the internet and across their devices without their consent (because they were). In the end, the value exchange in place (free services in exchange for relevant ads and your data) had become entirely lopsided and opaque to the average user.
Consumers were fed up and wanted (and deserved) a better system. Enter privacy laws and regulations (like GDPR in Europe and the CCPA in California) and policy changes by large tech players like Google, Apple, and Facebook. These changes put third-party cookies and data gathered without true notice and consent in the cross-hairs.
The end of third-party cookies is not a bad thing, they are imperfect tools that have taken on many more roles than originally intended. From the cookie crumbs, a better system can, and must, arise.
What privacy-aware marketing should entail
The new system needs to be architected around accurate identity, which allows consumers to give and manage their consent for data to be used. For some data sources, this is happening today, and has been for years. Other parts of the adtech ecosystem need to be rebuilt from the ground up. Third-party cookies, because they weren’t always mapped back to real identity, made it hard for consumers to make their preferences known. Each time consumers cleared their cookies, or moved to a new device, away went the cookies that indicated their consent and choice about how their data could be used.
Some third-party sources, like offline data and surveys, are already built on known identity based on contact information. The industry calls this Personally Identifiable Information, or PII for short. It can include identifiers like first name, last name, email address, phone number and mailing address.
Compliant sources collect data with clear notification and collect and maintain consent for that data to be used for third-party marketing purposes. While audience sizes may be smaller than third–party cookie audiences built with unauthenticated data, these PII-based audiences are higher quality and higher fidelity while also giving the audience control of their data.
You’re getting quality over quantity, and that should lead to better results. This is backed up by data that shows unauthenticated third-party cookies significantly overstate reach and understate frequency (you think you’re reaching more people fewer times). Add to that research done by LiveRamp that shows privacy-compliant data based on authenticated users performs significantly better in marketing campaigns.
Another trend we’ll see for compliant third-party data comes from publishers. We’ll see more and more publishers create paywalls or require free authenticated accounts to gain access to their content. Consent for data to be used to target ads on the publisher specific site is also required. Because there’s a clearer value exchange — you log in and you get free content on this specific site — users are more likely to sign in and consent to the value exchange.
From a marketer perspective, this is a good solution because the majority of web traffic comes from a small number of sites. You can reach the vast majority of your audience in a privacy-compliant way on 100 sites or fewer. This, however, is not good for the small sites that have limited readership and are less likely to be able to get users to log in. Whereas before they could support their content creation by filling ad inventory supported by third-party cookies through an ad network, now their inventory becomes less targetable and therefore less valuable. Industry changes will concentrate more power in the hands of larger publishers.
Underlying the move to a privacy-supporting Internet is infrastructure like LiveRamp’s Authenticated Traffic Solution and The Trade Desk’s Unified ID 2.0 along with consent management solutions. Accurate identity that gives control to consumers and respects their consent choices across sites will be the underpinnings of a privacy-respecting web that enables advertisers to continue to leverage data to reach relevant audiences.