Identity resolution: mapping the post-cookie landscape

While the digital advertising industry is used to handling complexity, increasing identity resolution issues have proved an especially strong test of its mettle. Since the GDPR first raised online privacy standards, a wave of new regulations and restrictions has meant constant adaptation of how personal data is used — particularly when it comes to third-party cookies.

Now, developments such as Google’s decision not to support cross-site tracking and Apple’s upcoming in-app consent rules are setting the stage for even further transformation. As noted by Vincent Flood in a recent VideoWeek webinar, current changes to user identification will be just as momentous as the initial dawn of programmatic.

Clearly, the new privacy-centric ecosystem will call for a careful balance between continued delivery of the highly tailored ad experiences consumers expect and robust data protection.

Fortunately, several leading players have risen to the challenge and started work on creating smart solutions for a more sustainable post-cookie identity landscape.

So, what are the best current options and where is the industry headed?

Masters of identity: the leading players

Given the industry’s huge capacity for innovation, it’s no surprise an array of alternatives has emerged to help tackle identity problems. Most, however, fall into two camps: declared and inferred. On the declared side are options such as The Trade Desk’s Unified ID and LiveRamp’s Identity Graph. Although driven by personally identifiable information (PII), systems harness first-party data from consenting users — including email address or phone number. Applying hashing or encryption also protects privacy during matching with vendor data sets and IDs, paving the way for ad targeting.

Similarly, inferred offerings from the likes of ID5 leverage PII details such as IP addresses and device IDs. Key differences lie with tapping algorithmic recognition to build pseudonymous identifiers; where vital information about interests, needs and habits remains accessible but individuals aren’t uniquely identifiable. The idea being that this enables use of universal IDs across the supply chain, without infringing on user rights or needing to synchronise cookies.

Both avenues have positive potential to drive accurate and compliant personalisation, but there will be obstacles to overcome. For example, dependence on consent could present challenges if users decide to opt out and limit data availability; meaning publishers and other data owners might still need a means of safely pooling their resources to retain scale.

Bunkering up: embracing clean rooms

The concept of forming alliances to bolster audience data scope isn’t new: see, for instance, the Ozone Project, Germany’s netID and, more recently, NewsPassID. Fundamentally, clean rooms are a variation on this theme, providing secure spaces for data sharing.

Keeping data flowing is going to rely on strengthening the ‘trust triangle’ between brands, consumers, and publishers. An essential element of that is peace of mind for all parties about data use; and this is what clean rooms aim to deliver. Epsilon, for example, defines clean rooms as secure, isolated platforms that link aggregated marketing and advertising data from multiple parties, with privacy-safe restrictions on outputting user-specific results. Often that includes creating private environments that don’t contain PII but enable user-level targeting and measurement at an enterprise level — a principle that industry players will be familiar with from Google’s Ads Data Hub. For the likes of InfoSum, such solutions have potential for even wider data collaboration: including transferring information into exclusive ‘bunkers’ that allow for identification and measurement using anonymised data.

This approach has sparked a mix of enthusiasm about the possibilities it creates for data collaboration and apprehension around whether opening up assets means handing over control. But the development of solutions that bring the ability to determine who can access and analyse data may go a long way towards enhancing trust and broader adoption.

Flying in cohorts: joining Google’s FLoC

Earlier this month, another proposal from Google’s Privacy Sandbox entered public testing: its federated learning of cohorts (FLoC). Coming as part of the tech giant’s ambition to move away from user-focused advertising, FLoC is intended to enable interest-based targeting for larger cohorts with common interests, and thereby eradicate the need for individual identifiers. According to Google, recent tests have shown FLoC can drive 95% of the conversions per dollar currently achieved with conventional cookie-powered ads.

The basic mechanics of FLoC involve a combination of machine learning and on-device processing. Algorithms collect data and anonymise data about browsing behaviour, then use it to place users in wider segments so that they are purposefully lost “in the crowd”. As such, FLoC feeds into a number of Google’s bird-inspired initiatives, including the TURTLEDOVE framework — which suggests in-browser auctions and serving ads using FLoC — and an experimental prototype that will trial putting both efforts into action, FLEDGE.

For now, the digital community at large is waiting to learn whether the solution will take flight. Opinion is also divided on what the impact on advertisers and publishers will be, with some enticed by the promise of privacy-first precision and others uncertain about its efficiency and practicality. That’s not to mention the continuing question mark around GDPR compliance, with concerns about who counts as controller or processor while building cohorts meaning FLoC isn’t available for testing in Europe, yet.

A distinctly murky crystal ball

Ultimately, the true value of many identity resolution tools won’t be fully understood until the curtain finally falls on cookies in 2022. Despite the intense buzz around Google’s latest announcement, prominent forces have pointed out that confirmation of its stance on cross-site tracking and plans to sit out of the identity race hasn’t necessarily changed anything, leaving plenty of room for alternatives based on individual-level identification to thrive.

The main focus for the industry must therefore centre on the importance of navigating identity difficulties, together. All too frequently, buyer and seller priorities are viewed as separate entities. Advertisers want simplicity and ease of operations, as well as guarantees the data they are utilising is privacy friendly. Publishers are keen to implement solutions that will safeguard their long-term audience relationships and bottom line.

The identity shift affects every corner of the digital scape and managing this challenge is going to require unified determination and ingenuity. But alongside seismic changes to what has gone before is an unprecedented opportunity to evolve and find a better way forward.