Teavaro consultant Natalie Wood considers the future of programmatic in light of the tighter restrictions and different attitudes in place over a year after GDPR came into force.

“It’s open season on advertising techniques that rely too heavily on personal user data” proclaimed one article I read recently, before going on to specify precisely what practices were endangered by regulatory responses (such as the IAB Framework update) and the impositions of Google and Apple upon the advertising ecosystem. Cross-device tracking, fingerprinting, location data-targeting and real-time bidding all made it onto the endangered species list, a signifier that identity and activation are being targeted by the new privacy doctrine. Such casualties will leave a vacuum, so how will the industry adapt?

The Universal Data Layer is currently seen as the key to holding the revenue reigns in the next chapter of the programmatic exchange. Yet, as browsers are increasingly restricting third party identifiers, this option will not work in the environment of a singular identifier connected by a daisy-chain of ID syncing or hosting a common ID under a separate 3rd-party domain.

The adoption by brands and publishers of first-party identifiers is a great solution, as it enables further scope for usage of data. Still, this has not yet been adopted broadly in a way that includes all identifiers that are used to buy and sell inventory. Publishers have been able to leverage the furthered capability of first-party through private programmatic or direct deals that are hosted within their owned environment. However, for the programmatic buy-side, brands are unable to match or activate data while maintaining their first-party domain to bid on external inventory from their DSP, nor are they able to attribute performance to them.

Bidding standards
So how can the industry advance to suit these new operations? Through current bidding standards, there is the opportunity to update standards such as the Identity Sidecar that is already being leveraged by identity vendors. This allows identifiers to be passed through more securely to enable first-party cookie mapping in header bidding. This technology can be embedded as a standard, so that IDs are shared to approved partners on the supply side, and only partners that have been given consent from the end user.

This week, Google Chrome released its proposed ‘Privacy Pass’ process through a Trust Token API which works on the browser side that allows propagating trust and data across sites. A similar method within an auction environment, rather than browser-specific, can create a bridge of identifiers between trusted members. How would this work? Each partner has an encryption key that can unlock the mapping capability when both statements are true. This would enable the matching of Brand A’s first-party data on Publisher Z’s domain without a sync needing to be collected and maintained through all technology vendors that partake in the exchange process (whether they’re a bidding party or not).

To put it simply, any domain that a client ID is set from brandA.com under should be recognisable as the end user visiting publisherZ.com, without third-party IDs being the anchor. Technology then becomes a processor that enables transactions between media buyers and sellers, without having to sync and log every new web visitor This creates a much cleaner ecosystem, while maintaining scale.

Data leakage
The primary benefit of creating a direct gateway between publisher and marketer is the reduction of data leakage from both parties. Publishers are also able to preserve revenue streams through creating a community of connections, and to manage these easily. Marketers can maintain a highly targetable approach to programmatic that is measurable. Additionally, this method puts the end users back in the driver’s seat when it comes to their data and what connections they are enabling to known brands – rather than the confused myriad of marketing providers currently seen in most GDPR-required notifications – that are trying to engage with them.

In future, a transparent governing trifecta between publisher, brand, and user will be the status quo to maintain operations, based on insight that flows across the identity backbone. Hopes are that data can retain the sharable functionality that drives growth within the 20 percenters and deliver into a more competitive landscape with the walled gardens. This enablement can function in the long-term within the community gardens when standards are in place to protect the end-user and data controllers.