compliance Archives - AdMonsters https://admonsters.com/tag/compliance/ Ad operations news, conferences, events, community Thu, 22 Aug 2024 18:15:25 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.1 The Ad Tech Ecosystem was Never Built for Privacy https://www.admonsters.com/the-ad-tech-ecosystem-was-never-built-for-privacy/ Wed, 21 Aug 2024 19:10:26 +0000 https://www.admonsters.com/?p=659787 One thing that Jamie knows to be true is that "the landscape is changing rapidly, and those who fail to adapt will find themselves in precarious positions." By approaching compliance as a partnership between publishers, brands, and consumers, unique publishers can create a more bespoke advertising experience while upholding privacy principles.

The post The Ad Tech Ecosystem was Never Built for Privacy appeared first on AdMonsters.

]]>
As the ad tech industry integrates more advanced technology and automation, many diverse, small, and niche publishers are caught in the crosshairs of tightening regulatory requirements.

Navigating these complex challenges is essential for maintaining trust with consumers and brands.

Unique publishers (diverse, small, and niche) must navigate these complex waters to maintain their competitive edge in an industry where data privacy and transparency are under intense scrutiny. According to Jamie Barnard, CEO of Compliant, “The ad tech ecosystem was never built for privacy,” making it especially challenging to retrofit existing systems.

These smaller players are vulnerable, with privacy concerns mounting and regulations becoming stricter. They may not attract the same advertising spend as larger entities. Still, compliance with privacy laws is critical—not only for legal reasons but also for preserving their relationships with advertisers.

During our conversation with Jamie Barnard aboard a yacht in Cannes—over cheese and pepperoni—we discussed how brands and agencies can support unique publishers in navigating compliance challenges. He stressed the importance of adapting to the rapidly changing landscape. “Those who fail to adapt will find themselves in precarious positions,” Bernard warned. By approaching compliance as a collaborative effort between publishers, brands, and consumers, these publishers can create bespoke advertising experiences while upholding essential privacy principles.

Why Building Strong Compliance Models Matters More Than Ever 

Developing robust compliance models is no longer optional for unique publishers, it’s essential.  These models should go beyond merely responding to current regulations. They should be proactive frameworks anticipating future changes. Flexibility and adaptability are key to ensuring these publishers can withstand the inevitable shifts in the regulatory environment.

Creating a culture of compliance involves more than simply adhering to rules. It requires a deep understanding of privacy and data protection. This is particularly crucial given the widespread use of third-party tracking and data leakage — practices increasingly under scrutiny. As awareness of these issues grows, larger brands and consumers demand higher transparency and accountability from their partners.

“In our industry, where trust is everything, compliance is the foundation,” Bernard said. “When we approach compliance as not just a checklist, but a genuine commitment to our audience’s well-being, we unlock the potential for deeper connections and long-lasting loyalty.”

Publishers must go beyond compliance to educate their teams and stakeholders on this importance. By cultivating a culture of awareness and diligence, they can embed compliance into every facet of their operations. This shift will mitigate risks and bolster the publisher’s reputation in an industry where consumer trust is increasingly paramount.

Ad Tech’s Role in Adapting to Regulatory Changes

The ad tech industry’s transformation is largely driven by the need to comply with evolving privacy laws. While these changes may seem reactive, they present new opportunities for innovation in both technology and operational practices. With Google’s new 3PC consent framework, smaller publishers have a huge role in reshaping the industry standards moving forward. 

Smaller publishers should leverage technology as a compliance tool to take advantage of this shift. For example, artificial intelligence and machine learning can monitor data practices, identify potential compliance issues, and automate consent management processes. These technological advancements not only streamline operations but also enhance the precision and effectiveness of compliance efforts.

 As regulatory demands evolve, ongoing education and experimentation are crucial. Publishers should stay informed about the latest trends and changes, adapting their strategies as necessary. Abrupt changes brought about by decisions like Google’s back-and-forth dance with turning off third-party cookies, serve as a stark reminder of how quickly things can shift. 

Continuous learning should be embedded in the organizational culture, positioning compliance as not just a set of rules but as a dynamic practice driving industry evolution. With the U.S. regulatory environment beginning to catch up with the EU’s more stringent standards, the pressure to adapt has never been greater. As Bernard pointed out, education, transparency, and consumer empowerment must be top priorities for publishers moving forward.

The post The Ad Tech Ecosystem was Never Built for Privacy appeared first on AdMonsters.

]]>
Social Media CEOs Testify at Contentious Child Safety Hearing https://www.admonsters.com/social-media-ceos-child-safety-hearing/ Tue, 06 Feb 2024 21:00:04 +0000 https://www.admonsters.com/?p=652645 At the Senate Judiciary Committee's most recent child safety hearing, lawmakers assert that social media companies are inadequately protecting young people from sexual predators, addictive features, suicide and eating disorders, unrealistic beauty standards, and bullying. 

The post Social Media CEOs Testify at Contentious Child Safety Hearing appeared first on AdMonsters.

]]>
The Senate Judiciary Committee grilled prominent social media CEOs on Wednesday, pressing them about alleged platform safety issues for minors. 

At the Senate Judiciary Committee’s most recent child safety hearing, senators focused on whether tech leaders backed specific legislation. But what exactly are the complaints? 

Children’s advocates and lawmakers assert that social media companies are inadequately protecting young people from sexual predators, addictive features, suicide and eating disorders, unrealistic beauty standards, and bullying. 

The hearing commenced with recorded testimonies from youth and parents who reported exploitation on social media. Throughout the lengthy event, parents who lost children to suicide silently displayed pictures of their deceased offspring. Senators then questioned social media execs: X CEO Linda Yaccarino, Snap Inc. CEO Evan Spiegel, Discord CEO Jason Citron, Meta CEO Mark Zuckerberg, and TikTok CEO Shou Zi Chew.

“They’re responsible for many of the dangers our children face online,” said Senate Majority Whip Dick Durbin. “Their design choices, their failures to adequately invest in trust and safety, their constant pursuit of engagement and profit over basic safety have all put our kids and grandkids at risk.”

Ad Ops and Rev Ops professionals are always looking for ways to make the internet safe for minors, but they also want to keep monetization in mind. How do you strike the balance? 

KOSA and the Critics Who Oppose

For years, the U.S. government has been trying to pass federal child safety laws, such as the Kids Online Safety Act (KOSA). This law would mandate online services such as social media platforms, video game sites, and messaging apps to implement “reasonable measures” against various harms, including online bullying, harassment, sexual exploitation, anorexia, self-harm, and predatory marketing targeting of minors.

Additionally, these services must activate the highest privacy and safety settings by default for users under 18. It allows young people to control or opt out of features like personalized news feeds, smartphone notifications, and auto-playing videos that could lead to compulsive app usage. 

On the other hand, there are major criticisms of this bill. For some, KOSA’s flaws lie in its broad empowerment of government entities to sue online platforms for failing to mitigate content deemed harmful to minors. This approach and intrusive age verification requirements pose potential threats to privacy and freedom of speech. 

Although legislators have tried to revise similar bills, concerns persist over government overreach and constitutional violations. Despite opposition, the fight against such legislation continues, recognizing the necessity to defend online rights against censorship and surveillance.

From Apologies to KOSA Support, Big Tech Weighs In 

Social media execs were in the hot seat at the senate hearing as they faced their alleged culpability in ensuring children’s safety online. After apologies and intense inquiries, these are the major takeaways from the hearing

Mark Zuckerberg’s Apology: Under pressure from Senator Josh Hawley, Republican of Missouri, Zuckerberg rose from his chair, turned to face families of victims in the audience who had endured abuse on Meta’s apps, and apologized. He expressed regret for their suffering and vowed that his company was striving to prevent such experiences for others but did not directly acknowledge Meta’s involvement.

Snap and X CEOs Endorse KOSA: Evan Spiegel of Snap and Linda Yaccarino of X have endorsed KOSA. However, Mark Zuckerberg, Shou Zi  Chew, and Discord’s CEO, Jason Citron, have not committed their support, citing concerns about overly broad restrictions that could potentially clash with free speech principles.

The Balance of Safety, Compliance and Monetization

Federal legislators and outspoken critics struggle to balance child safety, privacy compliance, and monetization. While I’m sure both sides of the aisle want to protect minors, they are working on the minute details. 

As publishers work to reach younger audiences, they must be mindful of the potential risks associated with it. Unfortunately, as Dennis Colón, former SuperAwesome VP of Global Operations, warned us, many brands block revenue from younger audiences because they believe monetizing them without compliance issues is impossible. 

“One of the biggest misconceptions is that it’s impossible to reach younger audiences compliantly,” said Colón. “In previous roles, I’ve worked to block monetization efforts from crossing into kids’ content. But this approach is bad for both content owners and brands. It’s fundamentally why the kid tech sector was started: to enable safe engagement with the under-16 audience in a way that works for the entire ecosystem.” 

The post Social Media CEOs Testify at Contentious Child Safety Hearing appeared first on AdMonsters.

]]>
IAB Public Policy and Legal Summit: The State of Privacy https://www.admonsters.com/iab-public-policy-legal-summit/ Thu, 13 Apr 2023 12:17:40 +0000 https://www.admonsters.com/?p=643563 At IAB's Public Policy and Legal Summit, publishers, privacy regulations, and compliance lawyers came together to discuss the state of privacy. From privacy compliance in CTV to how publishers can navigate the compliance landscape, here are some of the top takeaways from the conference. 

The post IAB Public Policy and Legal Summit: The State of Privacy appeared first on AdMonsters.

]]>
The state of privacy in the U.S. is tumultuous. 

The lack of federal privacy laws leaves publishers and consumers needing guidance on how to abide by and protect themselves under regulations. While state privacy laws are in effect and on the way, the ad tech ecosystem in America is eager for federal compliance laws that balance the need for effective advertising and data ethics. 

During his State of the Union Address, President Biden reiterated his stance on implementing federal privacy regulations. The ad tech community supported the sentiment overall but criticized the federal government’s attempt to implement rules that broadly restrict advertising. 

 “Through good-faith collaboration, we can codify important data protections for consumers while protecting valuable ad-supported content and services,” said Bob Liodice, CEO of the Association of National Advertisers. “Our common goal should be to stop unreasonable and unexpected data practices while allowing beneficial practices that drive innovation, growth, and consumer benefit.”

At IAB’s Public Policy and Legal Summit, publishers, privacy regulations, and compliance lawyers came together to discuss the state of privacy. From privacy compliance in CTV to how publishers can navigate the compliance landscape, here are some of the top takeaways from the conference. 

IAB’s Public Policy and Legal Summit Takeaways

CTV: A Compliance Realm of its Own 

CTV is becoming an increasingly important format in ad-supported media. It has become one of the bright spots in media ad spend despite the “ad recession.” Research predicts that CTV ad spend will increase this year while mediums such as linear tv will decrease. Although, CTV compliance regulations come with their own set of challenges.

While privacy regulations for mobile and desktop have difficulties, CTV compliance sits in a realm of its own. For example, it is challenging for consumers to find privacy policies in CTV. The remote control is the primary interface consumers use to interact with CTV, and their function is limited compared to mobile and desktop. Often CTV providers will have a link or QR code to switch to mobile or desktop so consumers can find opt-out options and signals. 

There are also challenges with identity. The CTV space already sits in a cookieless environment. Cookies help desktop and mobile publishers identify and target consumers, and connected tv platforms have often found it challenging to make this process seamless. CTV is also usually connected to a household of people instead of one single consumer.  

CTV platforms will have to learn to improve the user experience regarding privacy, find more seamless ways to identify consumers, and lean on partners that can help them achieve this. 

The Future of the FTC

As one of the U.S.’s primary privacy regulators, the FTC has been cracking down on privacy for the last few years. For instance, in February, the FTC filed a complaint against the drug company GoodRx for allegedly violating consumers’ privacy by sharing their health information with advertisers and other third parties. 

While they aim to protect consumer data, some wonder if the FTC is anti-advertising. Michelle Rosenthal, Senior Attorney at the Federal Trade Commission, understood the sentiment but asserted that the FTC is well aware that advertising is a constitutionally protected right and that protecting consumers’ data is their goal. 

“The current commissioners are concerned about how advertisers use and aggregate data,” said Rosenthal. “They want to establish requirements for publishers and advertisers to balance advertising and privacy ethics.” 

The FTC just asked for a big budget to help them do that. They asked Congress for $140 million. According to Rosenthal, they want to beef up their expertise, such as technologists, multilingual staff, and in-house data experts. Of course, as the FTC works in realms outside of privacy, some of the budgets will go to other areas, but they hope to boost their knowledge and expertise on the subject. 

How Can Publishers Navigate the State Privacy Landscape

We know the U.S. has no robust federal privacy legislation, but where does that leave publishers struggling to navigate the state laws? 

The publishers mentioned the importance of understanding the law and finding ways to explain the regulations simply in your compliance policies for consumers to know how publishers and advertisers use their data. Transparency is the key, but publishers found that with emerging data collection practices, they have needed help to convey these data practices in simple terms. Balancing user experience and compliance is complex but a fine line all publishers must walk. 

“Consumers gravitate towards brands that treat their data properly,” said one publisher. “You need to embed yourself in the industry’s culture to understand the standards for data collection, transparency, and user experience.” 

They also emphasized the importance of having an in-house lawyer and compliance team to inform you about evolving laws and regulations. 

“It’s important for all publishers to have a privacy attorney,” said Marissa Levinson, Associate General Counsel – Privacy, Instacart. “It’s beneficial to help you keep up today on the evolving privacy landscape and to help you create the notices to consumers about their options to consent.” 

In terms of Compliance through the selling process, publishers and attorneys advice that:

  • You must know that the trust conversion happens behind the scenes, on the site, and during the pre-opt-out stage. 
  • Work with advertisers to see how they use consumer data after aggregating on the site.
  • The entire industry should work together to provide a consistent user experience.

The post IAB Public Policy and Legal Summit: The State of Privacy appeared first on AdMonsters.

]]>
Bridging the Privacy Compliance Gap https://www.admonsters.com/privacy-compliance-gap/ Tue, 22 Jun 2021 23:03:38 +0000 https://www.admonsters.com/?p=586645 Between mounting privacy regulations and privacy enforcement measures being taken by big tech, publishers are in need of simple solutions that ensure consent compliance (and that they can trust). And even when publishers are doing the right thing and following the law, they may find themselves liable for a non-compliant partner. Publishers also need insight into their partners' regulatory compliance, especially when it comes to creative. Publishers need a bridge. This is why Confiant has launched Privacy Compliance as a complement to CMPs providing end-to-end privacy compliance coverage in real-time.

The post Bridging the Privacy Compliance Gap appeared first on AdMonsters.

]]>
Privacy is top of mind for all businesses, but especially for publishers who are about to undergo a dramatic shift in how user data is collected and managed — negatively impacting revenue.

Between mounting privacy regulations and privacy enforcement measures being taken by big tech, publishers are in need of simple solutions that ensure consent compliance (and that they can trust). And even when publishers are doing the right thing and following the law, they may find themselves liable for a non-compliant partner.

Publishers also need insight into their partners’ regulatory compliance, especially when it comes to creative. Publishers need a bridge. This is why Confiant has launched Privacy Compliance as a complement to CMPs providing end-to-end privacy compliance coverage in real-time.

WITH THE SUPPORT OF Confiant
Confiant is a cybersecurity company that protects publishers and supply-side platforms from malicious actors and puts the control back in their hands to ensure the ads delivered to a website are safe and secure.

AdMonsters spoke with John Murphy, Chief Strategy Officer, Confiant, about how the company’s new tool helps publishers, as well as why publishers need to monitor each creative to ensure compliance, how privacy regs and platform changes are impacting publishers’ bottom lines, the growing problem with browser fingerprinting and much, much more.

Lynne d Johnson: As privacy regulations like GDPR, CCPA, and CPRA heat up and big tech like Apple and Google make sweeping changes to protect consumers’ privacy, what are some of the biggest challenges that publishers face? Also, how are all of these changes impacting publisher revenue?

John Murphy: Publishers are responsible for ensuring that user tracking that occurs on their properties conforms to privacy regulations and user expectations. However, these regulations are complex and becoming ever more varied as new laws are adopted. GDPR was complex but at least has the benefit of covering a vast region. The situation in the U.S. is becoming much more challenging.

California has CCPA, which is already being superseded by a new regulation, CPRA. Virginia has a new privacy law called VCDPA that’s going into effect at the beginning of 2023. Colorado is poised to announce their own regulations. There is considerable activity at the Federal level as well.

It’s quickly becoming alphabet soup, testing the capabilities and patience of even the most sophisticated publishers. The challenge is further exacerbated by the realities of programmatic advertising—a publisher often has little to no connection to or even knowledge of the tracking entities that could be present when an ad renders. So publishers often feel they have all the responsibility and none of the control. The risks to publishers are profound: if they are found to be non-compliant, publishers may be on the hook for up to 4% of global revenues, a truly enormous sum.

LdJ: The liability for user consent seems to fall solely on publishers even when it’s their partners who might be practicing non-compliance. How can publishers get ahead of this?

JM: Publishers can get ahead of this by evaluating the risks posed by their own tracking activities as well as those of their vendors and partners. Consent Management Platforms (CMPs) can assist in this exercise, but they leave a gap when it comes to digital advertising, which by its very nature is very dynamic. For this sector, a publisher needs to put monitoring in place that evaluates each creative as it renders to ensure compliance with privacy law.

LdJ: You guys have a new tool called Privacy Compliance that complements a publisher’s CMP by identifying privacy issues in real-time at the creative level. Why is it important to identify consent mismatch at the creative level and not just at the page level?

JM: CMPs focus on the collection, transmission, and tracking of user consent information. What CMPs don’t do (and to be fair, weren’t really designed to do) is ensure that each and every creative that comes back from the adtech ecosystem is actually abiding by those signals. A few CMPs do offer rudimentary scanning at the page level, but this technique misses the vast majority of ads because—at any one time—there are literally millions of unique creatives running through programmatic advertising.

A page scanner that looks at a few hundred creatives a day using a couple dozen synthetic user profiles just isn’t going to give a publisher visibility into the full breadth of demand following through programmatic pipes. This leaves publishers exposed. They are likely serving ads that violate GDPR and CCPA even if their CMP is doing everything it’s supposed to.

LdJ: Browser fingerprinting, a method of collecting data about individuals, is a growing concern for publishers as they prepare for the cookiepocalypse. How is this harmful to publishers and users, and what can publishers do about it and better protect their audiences?

JM: Browser fingerprinting involves creating a unique fingerprint of a user’s computing device based on the many characteristics that differ from one computer to another (IP address, user-agent, screen resolution, operating system, fonts installed, etc). Because this form of tracking has no need for cookies, we expect its usage to skyrocket as Chrome moves to block all 3rd party cookies.

A visit to Cover Your Tracks will demonstrate just how sophisticated these techniques have become. Some regulations take a stricter stance on fingerprinting than on cookies, so it’s important for publishers to know when it’s happening and ensure that they want to take the risk. Confiant’s Privacy Compliance solution allows publishers to detect and block client-side browser fingerprinting in real-time, protecting themselves and their audiences from this invasive technique.

LdJ: One would think that better consumer privacy in the advertising ecosystem would mean that publishers and consumers are also better protected from cybercriminals. But this isn’t exactly the case, is it? How are publishers and consumers still at risk? 

JM: Privacy is clearly an important consideration for publishers and users, but it’s not the only risk that they face. Publishers and users are continuously inundated with disruptive, offensive, and dangerous ads. Our research indicates that roughly 1 in every 150 ad impressions delivered to users is either malicious or disruptive. Privacy laws do nothing to protect users from these threats.

Cybercriminals take advantage of the fragmentation within adtech to infiltrate the ecosystem and leverage its immense reach and precision to target users with malware and all manner of scams. While governments have recently focused on the privacy risks to users, little has been done to address these other risks

The post Bridging the Privacy Compliance Gap appeared first on AdMonsters.

]]>
Three Pillars of Ad Quality: Time for Compliance https://www.admonsters.com/three-pillars-ad-quality-time-compliance/ Tue, 10 Jul 2018 16:05:28 +0000 https://www.admonsters.com/?p=61095 You can point to your specs, you can point to LEAN, but getting compliance from the buy side is still a challenge. So what should an overall framework for creative compliance look like? Brian LaRue explores the importance of working proactively to block bad ad creatives before they hit the site.

The post Three Pillars of Ad Quality: Time for Compliance appeared first on AdMonsters.

]]>
This is the second article in our Three Pillars of Ad Quality series, brought to you with the support of Ad Lightning. The first installment considers how publishers might approach ad quality beyond the current redirect crisis and the third lists criteria for selecting ad quality providers.

There’s a wave of redirects crashing over publishers right now, so naturally they’re focusing on how to get out if its way. But there are a lot of other waves in the Sea of Bad Ads—ads that don’t comply with specs, or that have offensive creative. Even if you get out of the way of redirects, you stand to get mired in other ad quality issues.

According to Ad Lightning’s research, 28% of all programmatic ads don’t meet publishers’ quality standards. If we’re going to approach ad quality holistically and categorically, we’ll need to think bigger than just point solutions for each type of ad quality issue.

To get ahead of ad quality as a category of issues, publishers need to consider what an overall framework for creative compliance should look like. Quality issues are frequent enough that approaching them reactively, or on a case-by-case basis, is just too taxing of resources and time.

WITH THE SUPPORT OF Ad Lightning
The industry's most comprehensive ad scanning and blocking solution.

Respect the Specs

Publishers have their specs. With LEAN, the IAB is making an effort to get advertisers and publishers alike on board with standards suitable for today’s understandably high expectations around user experience. But most pubs will tell you that as clear as they or the IAB can be about creative compliance, getting all buy-side partners to abide is an uphill climb.

It’s sometimes easier for agencies to stick with old familiar formats than to adopt new ones. It also can be easier for intermediaries to pass the buck if they know they’re effectively hidden to the end user. As the number one touchpoint with users, publishers find themselves picking up the slack.

Publishers can keep parrying whenever creative issues come up, or they can look toward a solution that’s customizable, keeps up with new malvertising threats as they emerge, and ensures compliance with specs. The solution has to be able to recognize everything you want to keep out—which is why publishers increasingly want and expect a feedback loop to keep up with emerging issues and recognize ad creatives that share similar characteristics with known issues.

We can approach compliance with creative specs in a similar way to proactively deterring malvertising attacks. The right tools can help block bad creatives before they reach the site. Publishers can map out on their own which of their partners are complying with specs and which are not, but tools to recognize and map likelihood of compliance would be more efficient, and would allow ops teams to focus on strategies for generating revenue.

Any holistic ad quality solution needs to establish a feedback loop and enable publishers to deliver reports to their demand partners.

Enter Ad Blocking

Of course, a lot of publishers use tools already to check ads for compliance with LEAN and their own specs. But cleaning up the buy side’s messes shouldn’t be publishers’ responsibility. Giving up the privilege of starting the conversation around an ad sale is an unfortunate consequence of the emergence of the programmatic market: By holding the purse strings, the buy side has long had the upper hand.

We can’t change that aspect of the marketplace today. But publishers can encourage the development of tech to block bad ads proactively, and to understand more about the sources of those ads.

The best ad blocking solutions help publishers deal with ad quality issues more holistically, by incorporating multiple strategies for quality assurance into one unified solution. Scanning creative can identify non-compliant ads; sandboxing iframes can help guard against redirect attacks; and blacklisting known threats while whitelisting trusted partners should all be part of the solution.

It’s key that the solution judge ads on a number of qualifications on a pass/fail basis, then block bad ads before they can render, using all of those available tools. In addition, any holistic ad quality solution needs to be able to process the source and frequency of bad ads. This establishes a feedback loop and enables publishers to deliver reports to their demand partners when necessary.

Think Proactively

Ultimately, when you’re getting bombarded and having difficulty focusing on future strategy, you need to move proactively. That means knowing about the bad ads and the current attacks in the ad ecosystem at that moment, and it means providing insights to exchanges and ad platforms.

Demand partners need to step up as well through pre-flight testing, staying updated on threats, and addressing them before bad ads make it further down the pipes. Publishers can do what they can to move the industry forward by having conversations with all their partners—but quality tech can help that process become more efficient.

Did you miss the first installment of the Three Pillars of Ad Quality series? Read it here and catch up on the concepts for looking beyond redirects. Look for the third installment, coming to these pages shortly.

The post Three Pillars of Ad Quality: Time for Compliance appeared first on AdMonsters.

]]>
EU Privacy Directive: The Cookie Conundrum https://www.admonsters.com/eu-privacy-directive-cookie-conundrum/ Fri, 09 Dec 2011 17:57:29 +0000 http://beta.admonsters.com/eu-privacy-directive-cookie-conundrum/   When the EU Privacy Directive on cookies came into effect in May of this year – the first time the legislation had been updated since 1995 – it left a lot of people in the industry scratching their heads as to what it meant and for whom. As with any law or Directive the […]

The post EU Privacy Directive: The Cookie Conundrum appeared first on AdMonsters.

]]>

 

When the EU Privacy Directive on cookies came into effect in May of this year – the first time the legislation had been updated since 1995 – it left a lot of people in the industry scratching their heads as to what it meant and for whom.


As with any law or Directive the wording was somewhat ambiguous and open for interpretation, but what was clear was that companies found to be mishandling personal user data would face hefty fines.

The Directive came into full effect in May 2011 but the industry has been given a cool year to get its house in order before the hammer comes down and fingers are pointed. This is an unusual occurrence in law but a welcome one, so mark it in your calendar people – May 2012.

The trouble is, however, as it currently stands many publishers don’t have full ownership or even total knowledge when it comes to cookies and data tracking – heck, some of the biggest publishers in the world aren’t aware of exactly who’s dropping what and where on their sites. Networks, advertisers and agencies are just some of the players involved in the sharing of online data.

What this new Directive means though is that going forward those wishing to trade in user data will have to gain full user consent and as such there’s going to have to be a lot more transparency when it comes to cookies – but what is less clear is how best to do it?

Confusion Reigns 
 
In a mission to find out more I took myself over to the Evidon Cookie Compliance Conference in London where there were a raft of speakers and industry types all eager to find out the answer to that very question.

Speaking with those in attendance, it was good to hear that most were equally puzzled – regardless of what side of the industry they were on. I spoke with publishers, solutions providers as well as agencies and I – as did many I spoke with – took solace in the industry’s collective confusion.

Whilst uncertainty over actions reigned, all seemed united in the notion that data sharing, cookies and online privacy needed revamping from its current form. Again, the solutions were less forthcoming.

David Evans of the Information Commissioners Office (IOC) said that whilst there was no ‘silver bullet’ when it comes to complying with the Directive, publishers would need to scour their sites and find out exactly what information was being passed and to whom, and then assess how intrusive this data sharing was and act accordingly.

All great in principle, but from speaking with those in attendance, ‘intrusiveness’ was a contentious topic in itself, with seemingly everyone offering a different opinion as to what the term meant to them.

Evidon’s Scott Meyer addressed the confusion, but suggested a wait-and-see approach was not the answer.
 
“Despite the lack of perfect clarity on how best to comply with the Directive, sitting around and waiting is not the answer,” he said. “There’s plenty that businesses can do right now, starting with the understanding that data collection is happening across their sites and disclosing everything clearly to consumers.”

Those sentiments were echoed by David Evans of the Information Commissioner’s Office (ICO); “Companies need to start showing they are moving in the right direction as the Directive has been around since May. As a regulator, we can point to lots of people doing different things, but do something is the message.”
 
Empowering and Educating Consumers 
 
A seemingly viable solution for publishers was put forward by Louise Thorpe from Vodafone; they are set to implement a ‘Privacy Dashboard’ for users at the telecom giant. Here users would be presented with the information regarding their data situation but, more important, they could control the flow of information – if they so chose. An option that is set to also be undertaken by rival telecoms giant O2.

Panellist Khan Smith from Akamai felt that the cookie itself was being portrayed as the villain of the piece and that users should simply be better informed about them, again touching on the theme of intrusion.
 
“A cookie is an integral part of the Internet – amongst other uses it’s what helps browsers remember login details,” he said. “Predominantly they are there to provide benefits for the user and are not intrusive.”

Robert Reid from consumer group Which? agreed that there was a lack of information around cookies. According to Which?’s research, whilst users preferred behavioural targeted ads and saw them as relevant, as much as 40% felt uncomfortable at the idea of having cookies dropped on their machines.

Seemingly the lack of information presented to users currently regarding cookies is the first thing that will have to change.

The Internet Advertising Bureau’s (IAB) Nick Stringer agreed: “Transparency is the key. It’s important to let people decide and let them make choices; not everyone’s going to want to know, but let’s give them the option.”

Publishers solutions are not enough on their own though – browsers and networks will have to do their parts in aiding transparency. Browsers will have to make it clearer when third-party data collectors are involved and networks will no longer be able to enjoy universal opt-ins when it comes to user data, instead having to earn actual consent.
 
Again, the nuts and bolts of exactly how to implement these changes are left to us – but with the window we’ve been given, we’ve the time to get it wrong a few times before the deadline hits.
 
An Answer Emerges

At the end of the day, the Directive was born out of a need to protect the user and to be more culpable as an industry, Damian Scragg from Evidon summarised: “We all need to work together to educate consumers about making informed choices – as an industry we need to do better.”
 
So unfortunately from the information gathered, there is no one culpable party, no ‘silver bullet’ solution to comply, but rather an ecology of solutions based on transparency, information and governance that will need to be put in place by all concerned.

It may not be the answer many of us hoped for but at least it’s an answer – no more head scratching, doing something is the answer as we’re all in this one together and we’ve been given the time to do it.

 

The post EU Privacy Directive: The Cookie Conundrum appeared first on AdMonsters.

]]>