For some marketers, the loss of third-party cookies can’t come soon enough — especially since there’s a chance that using them now could be potentially violating consumer privacy and data protection rights if findings from a new report are true.
The reason being that the report found that ad trackers continue to collect Europeans’ data without consent under the General Data Protection Regulation. Naturally, marketers are concerned and in some cases are conducting their own investigations in search of answers. In this edition of our Confessions series, in which we exchange anonymity for honesty, the chief media officer at a global advertiser discussed what they’d have to do if the investigation they’re preparing confirms their worst fears.
This interview has been lightly edited and condensed for clarity.
Are you surprised by the findings?
The findings are surprising. I mean we expected there to be some malfeasance on a small number of cookies being used but nowhere near the amount suggested in the report. I thought the GDPR would have cleaned up this sort of thing because it’s exactly what it was designed to stop. It’s a scary situation to be in because we don’t know yet if the company is on the hook for any of this. I want to know who is going to fix this situation if it is as bad as it sounds.
Are you going to pull money from publishers as a result of the report?
As it stands, we don’t know. There’s a lot that needs to unfold. It’s not clear yet whether the regulators in the European Union will act on those findings. All we can do is conduct our own investigation into whether these consent mishaps and potentially legitimate data collection instances are happening as frequently as the report said. For now, we’re in wait and see mode.
Does that mean you will conduct your own investigation into the matter?
Yes, we’re going to have to run our own audit as there’s no one universal way to assess cookies for this sort of issue, which is why we’re partnering with a specialist to do so on our behalf. It may well be that the report’s authors are using the panic around its findings to drum up more interest in their own services. However, it may prove to be a situation that needs immediate attention. Not knowing the outlook either way just adds to the stress.
Are you comfortable putting more money into walled gardens?
Not really. In fact, we’ve been trying to do the opposite. Now, it seems like we’re being forced back into them. As a marketer, you’re damned if you do and damned if you don’t.
The longer you leave things, the greater the risk.
It’s still too early to outline a proper timeline on when we’d enact those changes should our own audits reveal we’re part of the problem. I would say, though, that it’s unlikely we’d make any changes to our media plans before January. It’s more likely to be closer to February. This way, we give media owners the chance to fix the problem and pull those bad cookies back. I don’t think that should be a hard thing to do — pulling cookies off of one page and onto another is copy and paste stuff for media owners. In a few weeks you should be able to have many sites compliant with privacy law. That only happens, though, if we threaten to pull our money.
Isn’t that just a temporary fix?
Yes it is. What we really need is direction from the EU. We need to know if they see this as a concern, especially given concerns around the Transparency and Consent Framework from the Interactive Advertising Bureau’s Tech Lab. So far, the GDPR has been enforced along a very narrow band. There’s a significant amount of grey that’s open to interpretation. What the report uncovered seems deliberate and clear, but that doesn’t mean regulators will act on it and hold publishers and ad tech companies accountable. The problem is that digital platforms only ever seem to be swayed from continuing down certain paths through government legislation.
Won’t that just create a blame game across advertising?
It will become a game of hot potato. Everyone will try and pass off liability for this issue to others