Digital Intelligence
8 min

Privacy Pirates: Navigating the Rough Waters of Data Privacy

Kenny Bernat Senior Content Strategist

These are turbulent times on the high seas of consumer data. As the wave of Apple’s latest iOS updates continues to crash over the bow of brands long reliant on consumer data provided by platforms like Facebook, our mighty captain of all things privacy, VP of Digital Intelligence Simon Poulton, has put together the closest thing that exists to a map that charts the path forward. 

With marketers caught between two mighty monsters of marketing (Apple and Facebook, stay with me here) duking it out like a pair of pirate legends, it’s more important than ever to set your business on the best possible route. 

So grab the rum (you’re going to need it) and let’s dig for some data treasure. 

The Compass: A simple explanation of how social media platforms use data to track consumers

As any good seafarer knows, you need to start with a sense of direction. So it’s important to understand some basic processes that underpin much of our modern digital marketing strategies. And we should start with social, namely Facebook, the Krakken of consumer data in the eyes of the public. 

Social media platforms like Facebook don’t just track a single device. Instead, they gather data from a myriad of devices like your phone, your desktop, your laptop, and your tablet.

Facebook uses all of that data gold to stitch together user information and create a robust profile of an individual. Key data in that set includes (but is not limited to) age, location, web browsing history, in-app behavior, financial status, political preference, and commerce history. Marketers leverage those profiles to create audiences around demographics, particular behaviors, interests, affinities, and more, which in turn helps them personalize ads and target campaigns more effectively. 

How Facebook uses data to track users

Recently, the public at large and the legislators who represent them have zeroed in on the Personally Identifiable Information (PII) included in these profiles, collected quietly in the background as users go about their business on social media, as a serious potential problem, exacerbated by various scandals around data usage.

Overall, there has been an imperfect awakening to the fact that the users of social media platforms are not actually the customers, but the product on offer. And that’s not necessarily a bad thing (most people would prefer to see relevant ads than random ones), but the misuse of that data has cast a dark shadow over data collection and usage in general.

The Cannon: Why feedback loops are crucial to marketers and how Apple is taking aim

A lot of (mostly digital) ink has been spilled around the risks and rewards of so-called Big Data, but the data in and of itself doesn’t have a lot of value on its own. Like a mythical jewel you can lock up in a chest, data needs refinement through feedback loops that Facebook and other platforms also provide.

To make sure the right ads are served at the right time to the right people, the feedback loop relies on two things: accurate conversion data and algorithmic optimization. 

  • Accurate conversion data is the process of capturing when a user performed an action and attributing it to ad exposure if the user ID matches the ads that were served.
  • Algorithm optimization determines where exposure to an ad influenced a sale and then optimizes a campaign toward users that share similar traits and behaviors.

If one feedback loop fails, so does the other, and the whole feedback loop gets blown to smithereens.

In April 2021, Apple unleashed a massive broadside with the iOS 14.5+ update (and an associated ad campaign trumpeting Apple as the champion of consumer privacy). iOS 14.5+ and, later, iOS 15, featured a plethora of new features and functions from location protection on Safari to Hide My Email that put the squeeze on how various third parties, including Facebook, could gather data from iOS users. 

Marketers were left stranded in a sea of broken campaigns that didn’t have enough data to run efficiently or could no longer stitch together accurate user profiles to optimize against effectively.

To the surprise of literally no one, the iOS 14.5+ changes created volatility in the online advertising space. In Q2, we saw CPMs vastly increase year-over-year across the Wpromote retail and ecommerce vertical, with CPMs up 60-120% throughout the quarter, and a 127% spike YoY during Memorial Day weekend.

Conversion rates on paid social also dipped precipitously and became much more difficult to model accurately.

How iOS 14.5 affected conversion rates

The forecast did not look great for brands heavily invested or even overindexed on social media. And the temptation is strong to look for quick solutions that help you maintain the status quo. But that’s not the answer, and in the long term, it might represent a serious loss of time, money, and, eventually, market share.

So how should marketers respond to this crippling blow?

The Treaty: Why the solution is to invest in data privacy, not data piracy

First of all, let’s take stock. In the grand scheme of things, these updates are a good thing for consumer privacy, even if it makes serving ads that convert more difficult. In the absence of trust, privacy is important, and at the heart of trust is consent. Somewhere along the way, we took one yes to persist in perpetuity, no matter how much the world changed.

But the onus is now on brands to find the balance between privacy and effectiveness. And the way forward is to make privacy a pillar of your brand:

  • Be transparent about why you’re asking for information and how you’re using your customers’ data.
  • Offer a fair trade by providing useful information, promotions, and more in exchange for information.
  • Build a first-party data strategy that’s founded on mutual trust between your business and your customers, not dependent on third-party data from platforms.

The Bearing: Charting a course through tumultuous data privacy seas ahead

Looking ahead, it is inevitable that in-browser storage solutions will continue to decline. This charge is largely being driven by Apple (via Safari), Mozilla (via Firefox), and Brave. More significant tracking mitigations are in development, including Firefox shimming the Google Analytics ID, Safari limiting 1st party cookies to 7-days via Intelligent Tracking Prevention (ITP), and Brave blocking all tracking with “Shields”.​​
While server-side data capture will not completely mitigate these initiatives, it will provide a degree of signal resilience and support our need to diversify data capture methodology to ensure accuracy moving forward. ​Currently, Google Analytics, Facebook, and Snap provide server-side endpoints for tracking.

Additionally, both major tag management solutions (Google Tag Manager and Adobe Launch) have instituted server-side tracking support. ​

Server-Side Data Capture with Google Tag Manager and Google Analytics

google server side data capture

We anticipate all advertising platforms will eventually provide server-side endpoints and recommend that marketers plan to test new strategies and iterate on these solutions as they are released. Eventually, there will be no pixels deployed onsite, and you need to be prepared to capture data via server-side connections.

X Marks The Spot: 3 things to know about data privacy in 2022

We’re still sailing into uncharted territory when it comes to data privacy, but there are three specific areas to focus on as we chart a course toward the 2022 horizon:

Diminished browser storage

While the focus in the media is often on the “death of the cookie” (when will it actually die?), the actual scope of in-browser storage limitations extends far beyond cookies. Despite Google announcing they will delay their movement away from 3P cookies due to challenges with replacement solutions (FLoC, FLEDGE, etc.) the majority of browsers have implemented significant limits on the persistence of cookies, and the accessibility of additional in-browser identifiers such as IP addresses.

State-level legislation

Several states have passed privacy legislation that allows for user opt-outs that is due to take effect in 2023, including:

  • California
  • Colorado
  • Connecticut
  • Illinois
  • Massachusetts
  • New Jersey
  • North Carolina
  • Ohio
  • Pennsylvania
  • Virginia

Platform-Level User ID Policies

Following Apple’s recent moves with the iOS 14.5 release, other platforms (including Android) are moving to provide additional consent functions to users. Beyond consent, Apple is also taking additional steps to actively occlude various additional identifiers such as IP address.

Learn how data privacy will affect your business this year by downloading State of the Data 2023: The Path to Profitability Requires Privacy Compliance.

Data Privacy Digital Intelligence Paid Media


Write a response…

Related Posts

Think Like A Challenger

Subscribe to keep up to date on the latest innovations in digital marketing and strategies our Challenger Brands leverage for success.