The Australian changes are set to vastly strengthen privacy protections for individuals. These changes will have fundamental impacts on data collection for advertising and marketing.
There’s a new sheriff on the digital range
It’s been the lifeblood of the online advertising industry for two decades - but its starring role could soon be over.
In 1994 a little piece of code innocuously dubbed the ‘Cookie’ was invented to store the memory of the internet browser locally for the user’s convenience.
From those humble beginnings evolved an industry built on the precise ability to track, identify, and segment users from their internet browsing patterns.
The Cookie was the forerunner of similar tools which emerged with the development of new browsing devices and mobile apps.
At the same time, the global technology giants led by Google, Facebook and Amazon collected and commercialised vast amounts of user data within login-led “walled gardens”.
This explosive growth in data sparked huge innovation in digital marketing technology, giving advertisers the ability to pitch directly to individuals on the basis of their online behaviours, at precision points in their customer journey.
But all this is now set to change.
After an extensive review following the ACCC’s Digital Platforms Inquiry, the Federal Government is poised to release its draft changes to the Commonwealth Privacy Act 1988 within days.
Australia is not the first, with the European Union leading the globe with the introduction of its General Data Protection Regulation (GDPR) which has had huge impacts on the advertising and ad tech sectors.
The Australian changes are set to vastly strengthen privacy protections for individuals, with bigger penalties for breaches – from $2.1 million up to $10 million.
There will also be a new binding privacy code for social media platforms and other online platforms which collect and sell personal information.
These changes will have fundamental impacts on data collection for advertising and marketing purposes, reshaping how businesses collect, use and disclose personal information.
The death of the cookie?
Technology platforms and browsers are already moving away from the use of a cookie as a method of tracking and identifying users, with both Chrome and Safari stopping the use of third-party cookies by 2022.
Other companies are also assessing their risk and exposure when collecting identifiers online, reducing the volume of businesses who support access to third party data, or are commercialising third party data through reselling to advertisers.
Once a source of huge value, third party data is becoming a potential liability. It’s a hot potato that marketers less and less want a piece of.
Are we prepared?
Chief Operating Officer Philip Pollock has been closely monitoring the various global changes to privacy legislation and considers his team well-prepared for the ramifications of the new Australian legislation.
A recent report in The Australian noted many Australian companies are “woefully unprepared” for the looming changes.
Data security experts predicted the government was unlikely to give companies much time to prepare, and the time was now to act.
Philip says savvy Australian advertisers are looking closely Europe’s GDPR for an indication of how the legislation might impact the industry.
“What’s not in doubt is this legislation spells a big shift in how advertisers reach consumers. When the GDPR was introduced it made a lot of advertising technology businesses redundant overnight.
“There was an industry of data brokers who previously bought massive amounts of user data and sell them on. That business model died a swift death."
"The big question here in the Australian market is what is going to be classed as personal, or personal identifiable information."“In the past internet ecosystem prior to any regulation, a cookie wouldn’t have been classed as personal information. It could be processed by tech companies and passed on to a third party.
Now they are looking at that and asking, can it be traced back to an individual user? If it can be classed as personal identifiable information, just like a phone number or medical record, that has legal ramifications.”
“That will change the landscape of how advertisers use their data.”
So what takes its place?Philip says in some ways the digital marketing industry was returning to relying on broader audience profiles, but there was plenty of innovation happening as well.
As the industry shifts away from one-to-one marketing, the art of modelling and profiling groups of aggregated users is having a renaissance.
“We are moving from that one-to-one addressability, or hyper targeted approach, back to the old days of using models, lookalikes, or inferred signals to target that audience.
“It completely resets the notion of how we target an audience.”
Rather than a return to the dark ages, “you might say we’ve moved away from the Wild West.”
Clean Rooms, Loyalty Programs, and the Privacy SandboxTo be able to continue leveraging first party data, information that is collected must be done so with explicit consent.
One solution is the development of areas where data can come in and be analysed, but no IDs can be extracted. These are dubbed “Clean Rooms”, most notably Google’s Ads Data Hub.
Brands will also be forced to innovate to win customer data through solutions such as enhanced subscriptions, and loyalty programs.
However, the changes may also signal the end of some brands use of their loyalty programs as a data trove which can be on-sold to advertisers.
There is also Google’s new solution on audience profiling, called FloC (Federated Learning of Cohorts). FloC essentially uses an algorithm to turn in-house first party data from user’s Chrome browsing patterns into audience segments without compromising individual privacy.
Who’s winning?While no advertiser is necessarily celebrating the imminent changes, the tech giants such as Google and Facebook with existing “walled gardens” of data are in the pole position.
“It has actually made Google Apple and Facebook even stronger because they are the only ones who hold massive amounts of first party data,” Philip says.
We are adopting a lot of the technologies which Google, Apple and Facebook are introducing, and we’re ensuring that all our teams are upskilled and across what those technologies are, well before the expected legislation is released.”
Because these platforms require a sign-in, they have the legal ability to track a user using the persistent ID generated with the login.
But the changes will still limit the availability and accessibility of user information within the Google and Facebook eco-systems – and they can’t willy nilly sell that information on to other advertisers.
Resolution Digital is planning for the long-term.The marketing agencies which will thrive in this new environment are ensuring their teams are well prepared for change by upskilling their staff in the emerging tools coming online from the major tech platforms - and developing strategies to respond to a range of scenarios.
Resolution Digital, together with the Omnicom Media Group, has been working closely with the major walled gardens and regulators to ensure they are ready for the changes, and the impact on client’s ad spend is minimised.
Resolution are developing attribution within Clean Rooms and working on ways to model and attribute across the walled gardens. This work will allow clients to access a valuable privacy-safe view of individuals at the cohort level.
Wondering how these changes might impact your digital strategy or your next campaign?Contact Resolution Digital so we can help your brand navigate the new privacy laws – without losing your edge.
Press coverage: Smart Company, September 2021