The Evolution of Data Privacy – Marketing Analytics Summit 2021

The Marketing Analytics Summit is an annual summit that brings together digital analysts from all over the world. Due to COVID, this year’s conference was virtual. Many interesting topics were covered in the 3 days of the summit including data privacy, data visualization, customer journeys, and a lot of digital analytics.

 One topic which particularly interested me was data/user privacy. A lot of changes have taken place over the last 18 months including the death of cookies and Apple’s ATT policy changes. Tech companies have been implementing a lot of tactics to tackle these changes. Google introduced GA4, an upgrade to its earlier version of Google Analytics (GA3 or Universal Analytics) and FLoC (Federated learning of cohorts) which classifies users into cohorts, and Facebook launched aggregated event measurements. I’ll share some info on a few of these topics along with the major takeaways of the summit. 

What is data privacy? And why is it important? 

Digital analysts usually just get into how to make your website or business more privacy compliant. But before we get into the how, it is necessary to understand why this is important.

Data and information privacy is the right to have control over how your personal information is collected and used. When we ask users what they know and think about privacy, we hear a lot about data breaches, social networking, and targeted advertising. Privacy and security are the two of the main things we need to consider to understand this topic in depth. While privacy is focused on governance and the use of personal data to ensure that the data collected is used in appropriate ways, security is protecting that data from malicious attacks and stopping the exploitation of stolen data. 

Different tech companies use data differently and some of them also share it with third parties to make money. Facebook and Google are a couple of companies that use user data at a very granular level to target individuals with ads. When Apple rolled out App Tracking Transparency (ATT) in iOS 14.5, they gave users more power to decide if they want to share their data with apps and websites. Just one month after the rollout in April, only 15% of the total users who are on iOS 14.5 allowed apps to track them in Canada.

Let’s talk about the different data types to understand how data sharing occurs. There are 4 basic types of data. 

• 0P or Zero-Party Data is data that is freely offered such as email IDs, talking about yourself in bios, etc.
• 1P or First-Party Data is learned on-site with the use of pixels and code snippets (this can be HTML or javascript, etc). It is fetched from website analytics, social media, etc, and then categorized into different audiences which further breaks it down into demographics, behavior, device breakouts, and so on.
• 2P or Second-Party Data is essentially someone else’s first-party data. You can purchase this data from a company that owns it and this comes from the same sources such as website analytics, social media or mobile app usage, etc. 
• 3P or Third-Party Data is data that is bought from publishers or aggregators who collect data from a variety of sources and categorize it based on audiences, demographics, behavior, sentiments, etc. This type of data is very useful to target a new audience and for new customer acquisition. 

Due to the death of cookies, third party data, used extensively for targeting ads is no longer going to be available so first-party data will become more important. 

Below are some examples of different apps that use PII (personally identifiable information) data which will help us understand how data is collected by apps and websites differently –

Data linked to you on instant messaging apps – 

Data linked to you on internet browsers –

This shows how much information is collected by different apps and browsers and why there have been concerns about the privacy of users. Using statistical predictive models, 15 attributes are sufficient to identify 99.98% of the US population; and the top 150 websites visited over 2 weeks are sufficient to identify 80% of the users; 4 geolocation data points over a year are sufficient to identify someone out of a million, 95% of the time.* These statistics are mind-boggling and answer the question of “why is data privacy important”. 

What does all this mean for marketers, analysts and advertisers?

With all these changes, we need to keep in mind that user-centricity is important. Industry tech giants have launched various techniques to tackle the changes. While Google launched FLoC to categorize users into cohorts for targeting, Apple created privacy labels to help understand how apps handle data, thus making it difficult to tie PII data of users and easier to classify information of/for users. 

Privacy labels are also called nutrition labels and tell you exactly what data of yours the app can access, how they access it, and what it’s used for. There are over 34 standardized labels that are used across the Apple app store to help users understand how data is being used. 

No consent no tracking – Consent before collection is very important and this is the new reality of first-party data collection. This brings importance to consent management platforms and server-side tracking. A consent management platform or CMP is a technology that is used by websites to obtain legal consent from users to track them and collect personally identifiable information. Asking users for consent also means that there will be some amount of data loss since not everyone will be willing to share their data. To minimize the amount of data loss, brands need to be more transparent, ethical, and legally correct so that users understand how their data will be used and what benefit they receive by sharing their information with brands. A key benefit to users could be that by consenting to data collection, users will have a personalized experience. For businesses, this means increased conversion rates, engagement, and retention. Finally, this data also needs to be audited often and stored securely. 

How is your business preparing for the lack of targeting data that is out there? Do you understand all of the places where user data is collected, stored, and used? Have you started your data audit or first-party acquisition strategy? If you’re not sure where to start, feel free to reach out for a conversation. The legislation in many jurisdictions is still being finalized so expect there to be changes by both government and tech companies.