Over recent years, the evolution of privacy and data regulation, combined with tracking prevention technologies, like ITP, has brought many challenges to the digital industry. Regulation and changes to tracking have come about by consumers taking a stance against advertising that is too frequent or intrusive to their online experiences, resulting in new regulations:
General Data Protection Regulation (GDPR)
GDPR was introduced in May 2018 and is the overall regulation on the protection and handling of personal data for the European Union and the UK. GDPR gives consumers more control and visibility into how their personal information is collected and used, requiring both advertisers and publishers to have a legal bases for processing data.
California Consumer Privacy Act (CCPA)
The CCPA was enacted in 2018 and provides enhanced privacy rights to consumers living in California. CCPA laws apply to the protection of personal information for California residents, giving them protection in the form of the right to opt-out from the collection of their personal data. Consumers also have the right to know which data a business has collected, stored and sold, request access to their data, that it be corrected and the right to have their data deleted.
Lei Geral de Proteção de Dados (LGPD)
LGPD aims to unify over 40 different statutes that currently govern personal data collection and processing within Brazil. Like GDPR and CCPA, LGPD legislation ensures that companies have consent to capture details and are clear about their needs to store data and provide a service enabling consumers to inquire about their personal information.
Intelligent Tracking Prevention (ITP)
Apple’s ITP functionality alters how Safari manages cookies and limits the ability to track a consumer from an advertiser to a publisher’s website. The ITP 2.2 iteration further reduced the lifespan of certain first-party cookies from seven days (per ITP 2.1) to 24-hours. As a result, certain first-party cookies introduced (to continue measuring site traffic and attributing ads), will be deleted after 24 hours. However, the current ITP 2.3 update provides advertisers with a way to extend the window from 24-hours to seven days, using the localStorage method.
Along with impacting how businesses advertise to consumers, a new eMarketer study has found that overcoming regulation and ITP challenges take large portions of budgets and team resources.
Challenges caused by ITP and regulation
One of the biggest challenges ITP and privacy/data regulation has created for marketers is identifying digital devices and consumers. Marketers use many touchpoints to identify consumers across platforms and devices, IP address, ad id, offline transaction data and cookies.
Complying with regulation has impacted tracking capabilities, including cross-device recognition, resulting in marketers spending more time and budget trying to identify digital consumers.
According to the study, 34% of marketers said that the decline of cookies and changes in third-party data availability will account for most of their resource in 2021. Similarly, 19% said that government and privacy regulation will take most of their resource this year.
And it isn’t only resource that marketers are using to solve these challenges. 49% of marketers in the US and UK spent more than 20% of their November 2019 marketing budget on identity solutions.
Overcoming ITP and regulation challenges
To overcome the challenges presented, marketers must respond to the deprecation of IDs like cookies, tactically and strategically. Rakuten Advertising’s compliance experts explore tools for marketers that require minimal resource and budget.
- First-party data will continue to play more of a role in advertisers’ activities. The methods currently being blocked are based on client-side browsing, while server-side information has not yet been impacted. As a result, Rakuten Advertising recommends advertisers create a deeper integration by setting Rakuten Advertising cookies server-side (this update will be compatible with EWS and Performance Tag Solutions).
- Consent Management Platforms (CMP) allow websites to obtain consent for collecting consumer data through cookies in compliance with GDPR, CCPA and LGPD. Rakuten Advertiser has several tools to aid with compliance and consent management:
- CMP Wrapper: a data pipeline for clients with a third-party CMP that shares consent data.
- Cookie Banner Integration: a data pipeline for clients with cookie banners to share consent data. This is a simple pop-up on a company’s website asking for users consent to drop cookies.
- Consent in Affiliate Links: Almost any publisher business model can use the consent parameter incorporated in affiliate tracking links. The ‘CNST’ parameter will also collect an opt-out signal from consumers needed for CCPA compliance.
- Publisher Activation Tag: The Publisher Activation Tag is a complementary tool that enables publishers to run a lightweight consent from their users for Rakuten Advertising affiliate links.
- Rakuten Advertising Disclosure & Opt-Out Link: Included in a ‘Your Privacy Rights’ link on each page of a website, this page references Rakuten Advertising data collection and opt-out links.
Regulation is here, and it’s not going anywhere. It will become more stringent, and countries or regions will continue to evolve existing policies and release new ones. Now is the time for advertisers and publishers to adopt solutions that navigate the challenges of ITP and compliance and prepare for any future changes.
For more ITP or regulation information from Rakuten Advertising, speak to your account representative or subscribe to our blog.