Thanks to growing data privacy concerns and the General Data Protection Regulation (GDPR) implementation in 2018, personal data projection and government enforcement have become two of this year’s hot topics in just about every digital media discussion. To shed more light on the topic and answer a few burning questions, I sat down with Eric Shiffman, senior product marketing manager at SpotX, to get his thoughts around all things data privacy.
Last year was all about GDPR. Can you explain in layman’s terms how that impacted the digital video advertising industry in the U.S.?
GDPR significantly impacted our industry in the U.S. in two major ways. First, any company around the globe with existing business in the EU that wished to stay in business had to make significant changes to comply with the law, just like an EU-based company would. The types of changes include cataloguing and improving data collection, transfer, and security practices; understanding and supporting data subject rights; and establishing a legal basis for processing personal data.
Second, many publishers decided it was too risky to participate in the EU market and they pulled out entirely, blocking content for millions of EU-based consumers. Some of them waited for the dust to settle before re-opening their content, while others remain blocked.
Do you foresee the rest of the country following California’s lead with regards to laws like the California Consumer Privacy Act?
I certainly hope so. The confusion that state-by-state regulation causes is distracting and increasingly difficult to support as it relates to anything, including consumer privacy and data protection. This is an area where the federal government should step in and regulate in a sensible way, using learnings from GDPR and other privacy experiments across the globe.
Apple CEO Tim Cook has been pushing for federal regulation publicly for a while and Facebook’s Mark Zuckerberg recently penned a post along similar lines. As with any federal regulation, we need to ensure that we learn from the past, take multiple perspectives into account, and do more good than harm.
How does SpotX ensure that data is protected?
SpotX ensures data is protected in a number of ways:
- Minimizing the data we collect
- Deeply understanding the way data flows through our systems so that we can put appropriate controls in place, depending on the location and use of the data and
- Rigorously testing our systems to ensure the data remains safe
I’ve been reading about something called a “data clean room.” What is that exactly, and are they considered to be a necessity?
A data clean room is an interesting concept that is gaining in popularity. As Digiday so nicely put it, “Data clean rooms are places where walled gardens like Google, Facebook and Amazon share aggregated rather than customer-level data with advertisers, while still exerting strict controls. First-party data from the advertiser is then poured into the same space to see how it matches up with the aggregated data from the platforms.”
Advertisers are often frustrated because each walled garden and channel they utilize has its own measurement process, which means they often can’t determine important details like duplicated reach on a campaign. Data clean rooms are a solution that enables the walled gardens to maintain their walls but allow certain big buyers to take a peek inside and get the information that they want.
It will be interesting to monitor this trend to see whether it can be scaled to allow smaller buyers to participate and get the same benefits.
Apple recently launched a big TV ad campaign touting how they protect consumer privacy. Do you think their strategy is reactive to industry data privacy concerns, or forward-thinking because consumers are beginning to wonder what companies know about them? Or do you think most consumers have a healthy understanding of what happens when they do basic activities like browse the web?
This campaign is quite brilliant coming from Apple’s perspective. Apple predominantly makes its money on hardware sales rather than through advertising as its competitors do. This means that it can “afford” to keep a very closed ecosystem and to restrict the data that leaves its systems more so than competitors. Apple’s customers are 100% the end consumer buying the hardware, whereas its competitors have to please both consumers and the advertisers marketing to them.
To answer your question, I do think this strategy is in reaction to recent industry and consumer data privacy concerns, but it is mostly a positioning play. Apple is incentivized to highlight the privacy failures of competitors as well as their long-time, stricter policy. They face little downside with this move and potentially significant upside.
MoviePass recently announced a value exchange program which gives consumers free movie tickets if they watch ads. Do programs like this have the potential of infringing on personal data if viewing habits are shared back with the advertisers participating in the program?
Every new method of tracking, measurement, and data sharing has the potential to infringe on personal data if handled poorly. In this case, the value exchange — watch 20 minutes of ads and get a movie ticket — is quite clear to the consumer and there is an opportunity during the sign-up process to properly inform the user what is happening with the information they are providing.
This is similar to how Nielsen panelists operate. They are compensated for their time, and in exchange, they agree to install software that helps track what they are watching. In fact, panelists must regularly indicate who is watching the program. Facial recognition is similar to this process, it just happens automatically.
The data is then aggregated to protect the personal data of the participants, and all is well. As long as the consumer is properly informed of what data is collected and how it will be used prior to agreeing to participate — and that data is then protected appropriately — this sounds like a very interesting idea.
This Q&A was conducted by Tammy Blythe Goodman, director of communications at SpotX.