Privacy on the internet is of ongoing concern to consumers, marketers, and publishers alike.
David Nothling-Demmer spoke to Jessica Martin, APAC Head of Privacy, Regulatory, Crisis & Risk at Google, for some insights into a more privacy conscious eco-system.
As Google’s Privacy Lead for apac, what are you doing to ensure the online user experience is a more trusting one?
Mostly, I think about the privacy of consumers. We’re seeing such a huge shift with consumer trust, tech changes, and the rise of regulation. This is going to be the trend that’s shaping the next few years for us. Specifically, when I think about Google, I think about how the digital ads ecosystem is changing.
From a Google point of view, we build with a focus on consumers. They trust us with their information when they use our services, and we use this information to make our services more helpful and relevant. But we understand that this is a big responsibility, and we work hard to protect their information, but also put them in control. Over the past few years, we’ve seen a fundamental shift in the way users feel about their privacy on the web.
For example, 81 percent of users say they have deep concerns about how their personal data is being handled, and about the trade-offs of data for ad relevancy. We see this internally as well, with increased usage of My Account to My Activity – more people searching online for privacy safety. This is being driven by a number of factors, such as negative ad experience with the whole ‘following me around the internet’ concern.
We’ve also seen really high profile, data breaches, and growing attention to privacy issues. That leads to a decrease in user trust, but also a rise in the usage of ad blockers and other similar technology.
With my APAC (Asia-Pacific) hat on, Asian users represent 40 percent of total worldwide ad-blocker usage. And so, we know that current practices need to evolve, to increase user trust, or the entire ad-supported model is at risk.
If we think about user trust, governments around the world are becoming more active in defining what constitutes people’s personal data, and then how it can be collected and used by companies. Irrespective of the scenario in each country, what I’m noting is that there is a higher bar for tracking and usage of personal data, and that will continue to get higher and not lower. Without an overarching privacy regulation, it’s going to be really important for industry bodies and web standards communities to work together, to align effective best practices.
What about the tech side and phasing out of third-party cookies?
Users are platform agnostic when it comes to privacy. So, they feel that privacy should be protected regardless of how or where they’re accessing the web. If we were building the internet from scratch today, we probably wouldn’t make third-party cookies bear all of the weight. They’ve become a point of failure from a privacy point of view.
There’s two ways the tech companies have approached this. Three out of five of them have unilaterally blocked third-party cookies since 2019, and that was quite a sudden shift that impacted businesses’ ability to then reach users. But it did have a positive impact in reducing third-party cookies in the ecosystem. However, that comes at the expense of advertisers and publishers, because without a viable privacy-first alternative, you get other less desirable use cases, like fingerprinting.
The industry needed more time to collectively find and deploy some of the solutions, which is why the decision was made to push the deadline for cookie deprecation to 2023. Based on feedback today, I think Chrome is estimating that the privacy preserving technologies will still be deployed by late 2022 and be ready then for community adoption.
From a Google ads point of view, our fundamental approach stems from the belief that the user and user privacy can coexist with performance for advertisers and publishers. These ecosystem changes are an opportunity to build sustainably and collaboratively, and up-level the entire ecosystem for everyone. That starts with having a user-first approach and then sustaining user trust.
In order to do that, we need to provide protection for users with advanced security and privacy. We need to ensure they have choice about how their data is being used and being respected while giving them control over their privacy. From our side, that means investing in privacy preserving technologies, that will establish the foundation for long-term sustainability and an ad-supported web.
We’re investing in first-party data. That’s the consented relationship with an advertiser, a publisher, and a consumer. We’re also looking at automation and machine-learning. We’re leaning more into aggregation, anonymisation, on-device processing, and other privacy preserving technology that’s being developed in the sandbox. That’s with the aim of protecting user identity and information. So far, these technologies have demonstrated the potential to meet today’s performance standard for marketers and publishers, while being privacy by default. This sounds pretty ideal, but these standards and solutions need to work for everyone.
We need to make sure that these solutions work for everyone, which means we need feedback from all players. So that’s why we’re putting so much time in working with industry bodies, like the The Interactive Advertising Bureau of New Zealand (IAB), the W3C, Partnership for Responsible Addressable Media Tech Labs (PRAM), and many others around the world, to develop standards that work for everyone.
The user experience and trust in digital won’t change if the ad-supported ecosystem is only sometimes protecting user privacy.
Tell us more about those Google partnerships.
From an advertising point of view, as well as working with the likes of the IAB and PRAM, Google are working with regulators to share our plans, and Chrome has also met the The Competition and Markets Authority (CMA) to make certain commitments.
It’s great that they’re thinking about this. We know that people will need to do more with less data and they probably don’t need all the data that they were looking at before. So, ask yourself, “What data am I collecting and why?”
As long as consumers know what you’re doing with their data and why, they’re pretty okay to share it. They like it for the convenience, the help, or good value exchange.
How is this impacting marketers at a top level? How should they be moving forward with these privacy concerns and debates when it’s not necessarily something that they work with every day, but it’s something that impacts their marketing day-to-day?
I think there’s a few elements to that. Firstly, what data they collect, why and how. Whether they’re doing it directly as an advertiser, or they’re doing it through a partner, they need to do an audit to see if it is clear, first-party data consented.
Next, think about their resourcing and talent. So, depending on their size, how are they equipped internally to do that first-party data collection and get the most from it? Ensure they have got all the foundational things in, like their tagging and everything else to get themselves set up to do more with less data.If they’re a smaller player and they don’t necessarily have the resources, then who could they partner with to help them get set up?
