IAB Tech Lab this morning released a set of standards for running privacy compliant targeted ad campaigns, which include specifications for using alternate identifiers tied to a user’s email address or phone number. The standards have been developed under ‘Project Rearc’, IAB Tech Lab’s effort to help the industry prepare for the sunsetting of third-party cookies on Chrome in less than a year’s time.
The standards, which will be released for comment at the IAB Annual Leadership Meeting tomorrow, are composed of several parts. Two of these relate specifically to cookie alternatives, outlining privacy-preserving ways for advertisers to target and measure campaigns without using third-party cookies.
The first of these, titled ‘Best Practices for User-Enabled Identity Tokens’ is a set of guidelines to ensure security and consumer privacy whenever marketers or publishers use alternate identifiers tied to a user-provided email or phone number.
This release is particularly interesting, since just last week Google announced it won’t support any alternate identifiers once it ends support for third-party cookies, arguing that alternate identifiers violate user privacy.
But Dennis Buchheim, CEO of Tech Lab, told VideoWeek that Tech Lab’s approach isn’t necessarily so different from Google’s. Despite its stance on alternate identifiers, Google will continue effectively using email-based identifiers within its own properties.
“We believe that with transparency and control for consumers, built-in security protection, and accountability to acceptable practices, identifiers based on emails or other “tokens” can be acceptable to support critical use cases that help advertisers reach audiences and help publishers earn revenue for their content and services,” said Buchheim. “Google also appears to believe this in the context of their own logins and the data that can be connected to those IDs by advertisers and across their owned-and-operated properties.”
“We likewise recognize and support that the industry will need to adapt to a different range of addressability solutions, and, to that end, are readying releases for a portfolio of solutions, some of which don’t rely on identifiers at all,” he added.
Tech Lab’s second addressability-focused release, “Taxonomy and Data Transparency Standards to Support Seller-defined Audience and Context Signaling” provides specifications for these identifier-free solutions, which instead rely on standardised seller-defined audience and contextual attributes being passed within OpenRTB.
Buchheim says he expects that in the post-cookie world, buyers and sellers will be best served by using a combination of alternate identifiers, and identifier-free solutions.
“There is no one solution for all business use cases or scenarios,” he said. “With the deprecation of third-party IDs, there will be varying levels of audience connections available to publishers and advertisers. Direct 1:1 connections will be tied to consumer transparency and control. Where direct connections are not available going forward, standards help ensure scale in buying and selling – seller-defined audiences and context, for example.”
Building Accountability into the Supply Chain
Tech Lab has also released two specifications to ensure that all players in the digital advertising supply chain are held accountable for privacy protection – an ‘Accountability Platform’ and a ‘Global Privacy Platform’.
The Accountability Platform “provides specifications for open, auditable data structures, and standard practices intended to reliably demonstrate digital advertising supply chain conformity to preferences and restrictions set by users and the digital properties they visit,” according to Tech Lab. The idea is that using these standards, the various players in the digital advertising ecosystem will be able to prove that they’re adhering to user preferences around privacy and tracking.
The Global Privacy Platform meanwhile outlines standards for ensuring that user data is passed between different companies in a safe and transparent way. It addresses capturing and encoding regional user data rights and preferences into a standardised format that can be propagated through the supply chain, according to Tech Lab.
All of these proposed standards, available on the Rearc site, will now be released for industry feedback. The Global Privacy Platform has a 30 day window for industry comment, while the other standards have a 60 day window.