Google’s plans to remove third-party cookies, its associated ‘Privacy Sandbox’ initiative, and now its announcement that it will not be introducing new ways to track users have, as you’d expect, received a mixed response and an element of uncertainty from within the industry.

‘’Google is aiming to draw a clear line in the sand with their announcement, providing some key points of clarification to their stance on the extent to which authenticated identity solutions can be used as an alternative to third party cookies,” says Freddie Turner, Director of Strategy, UK at MiQ. “However, it may take some time to determine the full implications of the news for the industry. While their stance is clear on how this relates to user-level identity for audience profiling & targeting across Google Advertising products, further detail is needed to understand the implications this could have, particularly if Google could be taking a fully anonymous approach to measurement and frequency capping as well.”

There is a belief among sections of the industry that Google’s decisions over the past few years can only be seen as a positive, providing the industry with the opportunity to reinvent itself and take a an even tougher stance on consumer privacy.

Matt Barash, SVP of Global Publishing & Platform Partnerships at Zeotap, feels that the latest from Google reinforces the importance of first-party data and privacy, following the damage that has been done to consumer trust “by the legacy of third-party cookies”.

“The sustainability of the open web is in our collective best interest and the future state ecosystem will be dependent on interoperable solutions, rather than proprietary approaches,” explains Barash. “This bodes well for the independent ad tech platforms who have committed to support a variety of addressability initiatives once the third-party cookie has been deprecated.

“Recent announcements such todays have served as a welcome catalyst for industry reinvention. Balancing consumer privacy and trust with a sustainable ecosystem will be defined by how effectively publishers and marketers can partner to leverage first party data. To do that, they need to move quickly on integrating tech solutions that support this objective.”

With the increasing value of first-party data and consumer privacy, it also means the industry can put contextual targeting at the heart of its strategy moving forward. And, as such, Brand Advance’s CEO, Christopher Kenna, thinks that “Google’s announcement is exactly what we need”.

“I hope this means that the industry will realise that context is king. Since Brand Advance was created we’ve not used a single cookie. Re-targeting is a huge invasion of privacy, especially when it may reveal where audiences have been reading that they may want to remain discreet, such as LGBTQ specific titles,” says Kenna. “Context is the solution and it always has been. The industry has lost sight of the fact that people gravitate towards the content they want to read and therefore the things they are interested in. I’m excited to see that we’re moving away from third-party cookies as it will force the industry to think differently and wake up to reaching audiences authentically.”

And that sentiment is shared by Nick Morley, Managing Director EMEA at Integral Ad Science.

“Google’s latest announcement reinforces the revolution in digital advertising from audience-based targeting and towards contextual targeting once again,” he says. “Context has evolved and sophisticated technology can help brands reach the right audiences within contextually relevant environments. As a result, were seeing more marketers adopt contextual targeting as the linchpin of their digital advertising campaigns. Its ability to utilise first-party data is more cost-efficient and scalable than personal identifier strategies. It is also future proof in a world without third-party audience tracking data such as cookies, while meeting consumer privacy concerns.”

Others see Google’s decisions as providing the catalyst for greater collaboration around data and privacy, as all businesses within the industry should share common goals around the protection of data and privacy, and the improvement of user experience.

“This is not the death of alternative industry identifiers. While Google’s support would certainly have been a huge advantage, the industry needs to learn to implement and execute on such important projects without industry heavyweights such as Google or Facebook,” says Jürgen Galler, CEO and Co-founder of 1plusX. “There are many publishers, advertisers, and ad tech companies out there that still command substantial reach. Working together and supporting a privacy-respectful ID setup will continue to remain important for the industry.”

Bill Tucker, Executive Director of the Partnership for Responsible Addressable Media (PRAM) and Group EVP of Data Tech Measurement at the Association of National Advertisers, adds, “On issues this complex and important, we need to work together as an industry to evaluate, adapt, integrate (where appropriate), and implement those different approaches, so we can ensure we reach those goals together. We can also ensure the approaches are as aligned and consistent as possible, as users benefit from consistency in their privacy experiences. PRAM was created for that purpose, and that role is more critical now than ever.”

Away from that general positivity, there is also strong group of opposition to Google’s recent decisions. One notable entity is the Marketers for an Open Web (MOW), a UK-based alliance of leading technology and publishing businesses, which has been very outspoken about Google in the past few months.

In November, the MOW wrote to the Competition and Markets Authority (CMA) to ask it to use its power to halt Google’s plans, based on the belief that the introduction of the ‘Privacy Sandbox’ is a ploy to move advertising away from the open web and out of the reach of regulators.

Now, the alliance has joined forces with the US-based Save Journalism Project to accuse Google of stopping the use of third-party cookies to enhance its own commercial interests, pointing to the vast amount of personal data the tech giant is already in possession of.

“We all agree that privacy is important. Google’s proposed changes and its work arounds are not addressing privacy – and they don’t work,” says James Rosewell, Marketers for an Open Web CEO and CEO & Co-founder of 51Degrees.mobi. “A real focus on privacy would involve splitting individual identifiers used for advertising from end users’ actual identity. This was suggested as a remedy by the CMA last year – but Google isn’t looking at that as it makes all users ‘sign in’ or ‘sign up’ and accept its privacy mining terms. For example, as it requires all users of Android to sign into a Google property and pass personal data to it as the price of use.”

Rosewell’s sentiment is echoed by Ollie Vaughan, Chief Media Officer at Tug, stating that “the more cynical among us” may view Google’s movements as a bid to strengthen the power it already holds over the industry and “positioning itself and Google Sandbox directly against alternative solutions, like finger printing and Unified ID”.

And Romain Job, Chief Strategy Officer at Smart AdServer, goes a step further by suggesting “Google is taking its ball and going home”.

“What’s missing from this announcement is Googles approach to first-party data accountability. Unified ID was intended to be the market standard initiative to tie advertiser and publisher first-party data together,” says Job. “If Google doesn’t participate, how will it deliver this use case if not via its own private user ID within Google’s own Data Garden? First-party data management still requires users’ informed consent. If not via UID2, we would expect the Privacy Sandbox and the World Wide Web Consortium (W3C) to fully address this topic and help define standards for first-party data management accountability. This is an area on which the industry needs to move forward.”

Nonetheless, whatever your feelings about Google and third-party cookies, this presents an opportunity for the industry to really reflect on its use of data and truly work to put the consumer first.

“In reality, we’ve never had perfect data – and it’s likely that we never will. Rather than pushing for more and more data, without a real plan of how to use it, we need to shift our mindset and appreciate the data we do have to play with, and use it to build accurate consumer trends and make balanced marketing decisions. In truth, the value of real-time data has been overblown in recent years; if we can guarantee 80 per cent accuracy in our data set and have it available in good time, then that’s enough to make these decisions,” says James Parker, Chief Solutions Officer at Jellyfish.

“If we’ve learned anything over the last 12 months it’s that it’s ok to let go of some things we didn’t need. Does this mean the value of analytics is diminished? Not at all – in fact it’s quite the opposite.”

The post What will Googles focus on privacy preservation mean for the industry? appeared first on Mobile Marketing Magazine.

The IDFA enables advertisers to track users via unique device ID numbers for better ad targeting. However, NOYB argues that, because tracking codes are placed on devices without consent, they are in breach of EU law.

“EU law protects our devices from external tracking,” said Stefano Rossetti, Privacy Lawyer at NOYB. “Tracking is only allowed if users explicitly consent to it. This very simple rule applies regardless of the tracking technology used. While Apple introduced functions in their browser to block cookies, it places similar codes in its phones, without any consent by the user. This is a clear breach of EU privacy laws.”

NOYB also acknowledges Apple’s plans to restrict the use of IDFA for third parties but says this doesn’t go far enough, as Apple will not impose the same restrictions on itself. Under the plans, a dialogue box will appear when first opening an app to ask for access to the IDFA. At the same time, the initial storage of the IDFA and Apple’s use of it will continue without prior user consent.

“We believe that Apple violated the law before, now and after these changes,” said Rosseti. “With our complaints we want to enforce a simple principle: trackers are illegal, unless a user freely consents. The IDFA should not only be restricted, but permanently deleted. Smartphones are the most intimate device for most people and they must be tracker-free by default.”

NOYB’s complaints have been filed in both Spain and Germany under Article 5(3) of the e-Privacy Directive rather than under GDPR, meaning the authorities in both nations do not need to cooperate with the EU.

NOYB is currently also reviewing a similar tracking system being used by Google.

The post Apple targeted with two EU data privacy complaints over tracking tool appeared first on Mobile Marketing Magazine.

A year on from the revelation that the Information Commissioner’s Office (ICO) was owed 42 per cent of the fines it handed out since 2015, it’s been revealed that the non-departmental public body’s collection struggles have continued in the past year.

Since last year’s report, the ICO has only managed to collect one of the 47 unpaid fines levied between 2015 and the end of July 2019, according to data once again obtained by The SMS Works via a freedom information request.

Of the 21 fines handed out more recently, namely between January 2019 and the end of August 2020, the ICO has only managed to collect £1.03m of the £3.2m it is owed – just 32 per cent of all fines issued. It has collected just nine of the 21 fines issued – and that’s despite new regulations making company directors individually responsible for paying the fines.

The SMS Works has found that directors have found loopholes to avoid paying fines such as claiming voluntary insolvency or shutting down their business and opening up under a new name.

Of course, the data obtained doesn’t include the recent fines handed out to Marriott International and British Airways of £18.4m and £20m respectively. Those two major international companies will struggle to find loopholes to get out their fines, both for data breaches under GDPR.

The post More than two-thirds of ICO fines issued since January 2019 havent been paid appeared first on Mobile Marketing Magazine.

The hospitality giant may feel unfairly punished by the fine – because the company itself was not responsible for the breach – but has said it does not intend to appeal the decision.

A cyber-attack on Starwood Hotels and Resorts Worldwide in 2014 is estimated by Marriott to have left the records of 339m worldwide guests vulnerable. Marriott acquired Starwood two years after the breach. The attack remained undetected until September 2018 and was reported in November 2018.

The true number of guests affected is unclear because some guests may have had multiple records. 7m of the records related to people in the UK.

“Personal data is precious and businesses have to look after it. Millions of people’s data was affected by Marriott’s failure; thousands contacted a helpline and others may have had to take action to protect their personal data because the company they trusted it with had not,” said Elizabeth Denham, Information Commissioner.

“When a business fails to look after customers’ data, the impact is not just a possible fine, what matters most is the public whose data they had a duty to protect.”

Marriott said it regrets the incident but makes no admission of liability. It also stated that it continues to be committed to the privacy and security of its guests’ information and has reassured guests that Starwood’s network is no longer in use.

The ICO has acknowledged the work that Marriott has done to mitigate the risk of damage suffered by its customers and the measures it has put in place to improve security.

The fine comes just two weeks after the ICO hit British Airways with a £20m fine for a failure to protect the personal and financial details of more than 400,000 customers.

“Within just two weeks, the ICO has now issued a fine of £20m to British Airways and £18.4m to Marriott. These are the two highest confirmed fines in the history of the ICO in response to significant data security failures by both organisations,” said Chris Combemale, CEO of the Data & Marketing Association. “Given the dramatic fall in revenue that the travel and leisure sector has experienced during the coronavirus pandemic, these fines send a very powerful message to organisations that they must invest in keeping their customers’ data secure. Otherwise they will face penalties that could prove far more costly to the business.”

The post Marriott slapped with £18.4m ICO fine for data breach appeared first on Mobile Marketing Magazine.

The Partnership for Responsible Addressable Media, led by the Association of National Advertisers’ (ANA) Bill Tucker as Executive Director, will convene four working groups of industry stakeholders focusing on business practices; technical standards; privacy, policy, and legal considerations; and communications & education.

“In the ancient story of the Tower of Babel, the city collapsed because its inhabitants lost the ability to speak a common language,” said Tucker. “The digital advertising industry faces a comparable challenge around addressability today, as recent changes announced by operating systems, browsers, and other technologies, if implemented, will significantly impact the traditional marketplace language of cookies and mobile IDs. The Partnership was created to serve as a collaborative forum for our industry to ensure addressability standards that preserve privacy, provide a consistent and effective framework for advertisers, and enrich the consumer experience.”

The Partnership will boast trade association members including the ANA, American Association of Advertising Agencies (4A’s), Interactive Advertising Bureau (IAB), IAB Tech Lab, Network Advertising Initiative (NAI), and World Federation of Advertisers (WFA).

Brands represented include Ford, General Motors, IBM, Procter & Gamble, Unilever, and NBC Universal, while agencies come in the form of Publicis Media and IPG Mediabrands’ UM. Representing the ad tech and martech spaces are Adobe, MediaMath, and The Trade Desk.

The Partnership’s initial principles

1. Consumer privacy should remain a foundational pillar of the solution by providing consumers with meaningful transparency and controls, giving the marketplace the tools to understand consumer preferences and the ability to abide by those preferences.
2. Consumers should have access to diverse and competitive content offerings, supported by their choices to engage with digital advertising in exchange for content and services.
3. Business operations, including ad targeting, ad delivery, frequency capping, campaign management, analytics, cross-channel deployment, optimisation, and attribution should be sufficiently supported and improved upon through better technological and policy standards for all critical use cases.
4. Solutions should be standardised and interoperable for consumers and businesses across browsers, devices, and platforms, subject to applicable privacy laws and guidelines and to the extent it is reasonably technically feasible, efficient, effective, and improved over existing technology.
5. All browsers, devices, and platforms should allow equal access, free from unreasonable interference, to the new solutions.
6. Companies that utilise the resulting solutions should follow industry and legal privacy standards, with strong accountability and enforcement for those that violate the standards.

The post Ad industry comes together for responsible addressable media appeared first on Mobile Marketing Magazine.

The concession was made by the deadline given to Google by EU regulators yesterday (13 July). Now, those regulators have until 20 July to decide if Google’s offer is enough to green light the acquisition, if they want more concessions, or if they want to launch a full four-month investigation into the purchase.

“This deal is about devices, not data. We appreciate the opportunity to work with the European Commission on an approach that safeguards consumers’ expectations that Fitbit device data won’t be used for advertising,” Google told Reuters, who first reported the story.

Privacy advocates and regulators in Europe and the US have been concerned about the acquisition since it was announced, even with Google always insisting it wouldn’t use Fitbit’s data for ads.

It’s believed that the European Commission will reach out for feedback from rival wearable-makers – such as Apple, Samsung, Xiaomi, and Huawei – users to help it make a decision.

The post Google says it wont use Fitbit data, as it seeks EU acquisition approval appeared first on Mobile Marketing Magazine.

Consumer Trust in Digital Marketing, a new survey conducted by GroupM, has found that six in 10 consumers are less likely to use a product if their data is needed for any purpose. For the study, GroupM, WPP’s media investment group, surveyed 14,000 consumers in 23 countries, asking questions related to their concerns with digital marketing techniques.

The study revealed that over half (56 per cent) of consumers want more control over their data, and 64 per cent of customers would have a negative perception of a brand if it advertised near inappropriate content. Additionally, on average, twice as many consumers agreed TV ads come off as more “positive” content, versus other forms of digital marketing formats. One-third (37 per cent) of consumers went on to say that digital ads come off as too intrusive.

“With pervasive reports of data security and privacy missteps, consumers are increasingly wary of information gathering about them as they move online,” said Christian Juhl, Global CEO of GroupM. “Media has evolved dramatically and it’s crucial the industry work collaboratively to make advertising work better for people around the world. As marketers, it’s our responsibility to ensure that we are using consumer information responsibly and transparently.”

“To make digital advertising work better for everyone, we must listen to what consumers are saying and refine our strategies accordingly,” said Chris Myers, report author and regional director, GroupM APAC. “Marketers should not pull back on digital advertising; on the contrary, they should push forward in ways that respect consumers’ evolving relationship with digital media.”

The post Report: Majority of consumers dont want to use products that require personal data appeared first on Mobile Marketing Magazine.

The new law applies to any business doing business in California that collects consumers personal data, and which either, turns over more than $25m per annum; or buys or sells the personal information of 50,000 or more consumers or households; or earns more than half of its annual revenue from selling consumers personal information.

While that all sounds pretty straightforward, as with GDPR in Europe when that launched in 2018, there is much confusion among businesses about how the new law will apply to them, and how it will be interpreted and applied, with state Attorney General Xavier Becerra suggesting to the San Francisco Chronicle in December that it will be around six months before widespread enforcement of the law starts to happen.

Much depends on how rigid the state is in enforcing the law. Facebook said in a blog post in December: “We’re committed to clearly explaining how our products work, including the fact that we do not sell people’s data”, a statement that many people may find surprising.

Speaking to The Verge on Tuesday, James Steyer, CEO of children’s privacy advocacy organization Common Sense, took issue with Facebook’s stance, arguing that the company’s business model is based on collecting and monetizing its users’ data.
“As has unfortunately become the custom, Facebook is the single biggest outlier,” he said. “Becerra is going to have to focus on holding companies like Facebook to account.”

The post California Consumer Privacy Act tightens privacy laws in the state appeared first on Mobile Marketing Magazine.

The Information Commissioner’s Office (ICO) is still owed 42 per cent of the total fine amount it’s handed out for data breaches, spam, and nuisance calling since 2015, showing the difficulty the governmental office has had in enforcing the punishments levelled at companies.

152 fines have been issued since 2015, with 47 – or 30 per cent – remaining unpaid, according to data obtained by The SMS Works via a freedom of information request. The total amount fined in that period was £16.6m, of which £7.05m remains uncollected – that’s 42 per cent.

All the fines levelled at charities and public organisations have been paid, as you’d expect. However, private firms haven’t been anywhere near as accepting of fines.

The claims management industry – the worst of the bunch – has received a total of £3.2m in fines with a staggering 84 per cent remaining unpaid, only £490,000 having been collected. The home improvements sector payments are under 30 per cent, while both marketing and telecoms sit under 40 per cent. The financial services industry is the best within the private sector, paying over 70 per cent of fines.

Looking at payments based on reason behind the fine, just 23 per cent of nuisance call fines are successfully collected by the ICO. Email and SMS spam have payment rates of 64 per cent and 74 per cent respectively, while fines for data breaches are paid 85 per cent of the time.

The three largest unpaid fines are two of £350,000 and one of £400,00 from companies that are all no longer trading. This is a problem the ICO has faced in collecting fines, but a law change could pave the way for it securing all the money it’s owed.

“Some nuisance call directors liquidate their firms to avoid paying fines from the ICO,” an ICO spokesperson said in a statement. “In December 2018, the law changed to make directors themselves responsible for nuisance marketing. This should have a real deterrent effect on those who deliberately set out to disrupt people with troublesome calls, texts and emails.”

The three unpaid fines, of course, do not include the big fines currently facing British Airways and Marriott Hotels. The paid have been charged with paying £183m and £99m respectively for failing to protect customer data, although both are currently appealing their fines and thus don’t yet officially owe the money to the ICO.

Unlike most, if not all, of the £7.05m owed to the ICO, the fines levelled at British Airways and Marriott were handed out under the General Data Protection Regulation (GDPR). As is now well-documented, the regulation enables to the ICO – and other data regulators across the European Union – to fine organisations up to €20m or four per cent of their global turnover.

The post More than 40 per cent of ICO fines havent been paid appeared first on Mobile Marketing Magazine.

The survey of 1,500 US web users also showed that much of the user concern was linked to a perceived lack of control over the data that giants like Google and Facebook store, with 88 per cent wishing they had more control over the personal data captured by the large companies. Moreover, 52 per cent of people say they do not trust the likes of Google and Facebook, and 41 per cent don’t think these companies have done a good enough job in protecting people’s privacy.

The research found that, overall, just 32 per cent of users feel in control of their data online, while 56 per cent think it’s inevitable their personal data will be compromised at some point. As a result, 61 per cent think it’s time for the government to get seriously involved.

“Users are growing increasingly aware of how they are being violated by large technology companies, and are displeased by the tracking and targeting that comes with digital ads,” said Brendan Eich, CEO and co-founder of Brave Software. “Our data suggests that users are fed up with the surveillance capitalism that currently funds the web. While they want to continue to experience the web for free, they want more control over how their data is used, and they object to the pervasive lack of privacy that currently exists online. This increasing desire for change represents a tipping point for the industry that will push tech giants and regulators to shift toward a privacy-first approach.”

The post Most web users want the web to be more privacy-oriented appeared first on Mobile Marketing Magazine.