The AdTech industry is facing its biggest overhaul since its inception, which inevitably will have an impact of the wider web ecosystem as so many services and content is funded via Ad revenue.
AdTech is currently heavily premised on the concept of delivering personalised ads to users. This is achieved through the use of technologies such as cookies and mobile advertising identifiers.
The impact of the GDPR and similarly inspired regulations, the tightening grip of regulators and, in some ways even more significantly, the recent action by two of the industry’s biggest players, Apple and Google, have left the industry in a state of flux.
We discuss recent developments below and look at what’s next for more privacy friendly AdTech.
New regulations and regulatory action
Following GDPR, new privacy laws are being developed in jurisdictions across the globe and many of these specifically regulate online advertising. Notably, in the US, California has introduced the CCPA and CRPA and similar privacy laws are expected in various other US states in the near future. Further changes to the ePrivacy landscape are also coming to the EU soon.
In the UK, regulatory action is on the cards, with the ICO currently investigating the AdTech industry. It is expected that industry participants will need to make significant changes to their practices following the conclusion of the ICO’s investigation and expected enforcement action.
Apple’s new operating system
In April, Apple rolled out a new operating system, iOS 14.5, which prevents mobile applications from using IDFAs (unique advertising IDs attributed to iPhones) and other device identifiers to track users’ app and internet browsing activities for marketing purposes, unless the user has provided consent to such tracking.
This change affects iPhone users worldwide and early statistics suggests a large proportion of users are taking advantage of the option to opt-out of being tracked.
Google Chrome and the Removal of the Third-Party Cookie
At the browser level, Google has announced that it will block all third party cookies in early 2022 (all other major browser providers have already phased out these cookies).
Third-party cookies have traditionally been relied on to track users’ internet browsing activities across websites to build up a profile of that user. This information is then shared within the AdTech ecosystem to ensure that businesses are able to deliver targeted ads to users.
However, there are almost insurmountable challenges with using third party cookies lawfully for tracking and advertising given the challenges to meet the high standards of transparency and consent required from privacy regulations like the GDPR.
This is the context in which Google has decided to phase third party cookies.
What next for AdTech?
Although it is too soon to say for sure what these changes will mean for companies in the AdTech space, we have set out some likely consequences below:
- Cookie-less advertising – businesses are developing advertising strategies that do not rely on cookies. For example, Google has begun trialling its proposed alternative, “Federated Learning of Cohorts”, where ads are delivered to categories of users (rather than specific individuals).
- First party data advertising – based on information collected directly from the user or via interactions with your site or App.
- Resurgence of contextual advertising? – this type of advertising, which fell out of favour following the rise of behavioural advertising, displays ads to users relating to the content of the page being viewed, rather than being targeted at specific users.
- Incentives to sharing data? – it is possible that some businesses may offer incentives to customers who agree to their data being used for advertising purposes.
What does this mean?
If your business model is based on Ad revenue, you need to review whether your Ad partners are using third party cookies. There will likely be legal risk with using third party cookies. In addition, now is the time to consider using more privacy friendly AdTech models.