There are a few terms swimming around that one is bound to come across immediately upon jumping into the digital advertising pond.
Native, Social, Programmatic – to name a few.
But it’s only upon diving a bit deeper than one comes across Real-Time Bidding and the various other technologies that make programmatic advertising possible.
Real-Time Bidding (or RTB, as it’s more often called) is a technology upon which the digital advertising world has become dependent. It’s a technology that has improved the process for everyone involved. The advertiser gets a much more targeted ad and dramatically reduces the risk of wasted ad spend. The publisher, on the other hand, maximizes the value of every single impression that arrives on his site or app.
Even the end-user benefits – he receives ads for things that might actually interest him.
However, while the first two beneficiaries of the programmatic revolution have been quite happy, the third, the end-user, has not. He’s actually been quite put off that he is so accurately targeted all over the web.
And this malcontent led to political will. This will, in turn, has given rise to such laws as GDPR and, more recently, CCPA.
These new laws require creative solutions that respect both respect the privacy of the end-user and retain the benefits of RTB.
- Real-Time Bidding – A Quick Intro
- How new laws affect RTB
- Who’s affected?
- What is Pseudonymization
- What is Segmentation
- The Future of RTB
Real-Time Bidding – A Quick Intro
Real-Time Bidding is one of the most critical pillars holding up the temple of digital advertising. Without Real-Time Bidding, digital advertising as we know it would not exist. And, consequently, the internet – since it largely runs on advertising revenue – would not exist as it does today.
In its most basic form, RTB involves identifying a user and pertinent demographic information, then using this information to present the impression to advertisers. These advertisers then bid on the impression based on the value they believe it has to them based on the information given on the user + whatever information they might have with cookie matching.
The server determines the winner, and the winner’s ads are then served to the user for that impression (generally a unique page-view).
All of this occurs in under 100 milliseconds.
This is RTB in a nutshell. It’s an effective, proven way of matching advertisers to impressions on the fly.
And it could all be dismantled by increasingly stringent privacy regulation.
Read our in-depth article of Real-Time Bidding here
How legislation affects RTB
Large, sweeping changes to the laws that regulate privacy have led to cascading change in the AdTech world – and one of the most affected domains of this world has been RTB.
Laws like GDPR and, more recently, CCPA brought sweeping change to the industry and, to a large extent, the industry is still adjusting.
The RTB process involves the processing and exchange of a lot, and I mean a lot of data. Much of that data now falls under the aegis of these new laws seeking to protect privacy. These laws require consent; they require that the end-user remain in control of his personal data; they demand that he know where that data is going.
This makes the RTB process rather tricky as the data is given to so many different parties in order that they be able to make a bid.
If there is no identifying information regarding the impression, then it is difficult for the various parties, be they Ad Networks or Demand-Side Platforms, to make an informed bid.
And most platforms will simply return a “no-bid” if they do not have sufficient information regarding the user.
Further, because the RTB process involves the exchange of information between so many different parties – often with a cascading effect – it is incredibly cumbersome even to know who has received the information regarding an impression, much less maintain any significant level of control over it.
Another significant facet of RTB, cookie syncing, presents equally tricky problems.
This isn’t a problem for so-called walled gardens
Tighter privacy regulations aren’t so much of an issue for the most prominent players in the field. Players that already dominate the digital marketing industry.
Google, Facebook, Amazon, etc.; these large corporations don’t share their enormous trove of data with others. Instead, they keep it to themselves. This has always given them a very, very large advantage over other players in the field. After the implementation of these new laws, however, their ‘moat’ is only wider than ever.
Since they don’t share their information with anyone, they only have to get permission and consent once to continue doing exactly what they’ve been doing.
And they know exactly where the data is, how it’s being used, and in what manner. And since it’s never being handed off to anyone, there are no issues regarding compliance. The user agrees once to Google, Facebook, or Amazon using and processing their data, and that’s that.
Further, since the data never leaves the system, it not only makes getting consent to track and process simpler. Consequently, it also makes complying with all other aspects of new privacy laws easier, as well. When the data doesn’t leave the walled garden, there is no ambiguity about who is using personal data and how it’s being used. Revoking permissions and reducing the scope of what can be done with the data is also much more straightforward.
It is a problem for everyone else
If it’s not a problem for the Walled Gardens, it certainly is a problem for most of the players in the digital marketing industry.
The very fact that it isn’t a problem for the Walled Gardens, while it is for the rest, only goes to widen the gulf that exists between the triumvirate of Facebook, Google, and Amazon and the rest of the players.
The rest of the industry, because it doesn’t have an enormous, proprietary trove of information, is heavily dependent on a tightly woven, complicated web of relations and exchanges.
Cookie syncing, Real-Time Bidding, and a host of other fundamental technologies make possible an existence in the shadow of Facebook and Google’s high walled gardens.
New laws, however, are slicing through this intricately woven net.
This web, however, needs to exist of targeted digital marketing is going to continue to exist outside of the walled gardens. Without these exchanges, a few oases might form, but the rest of the industry would likely die data-starved in the information desert.
One of the ways of ensuring that digital marketing as we know it can continue – and comply with new laws – is called Pseudonymization.
It’s not exactly anonymization, because truly anonymous data would be of relatively little use to the digital advertising industry, especially when it comes to advertising.
In general, the trend in digital advertising was, until it ran into the new legal wall, to make people as non-anonymous as possible. This way, they could be served ads relevant to their life situation, lifestyle, location, and interests.
By serving them ads that are aligned with their interests, they’re subsequently more likely to purchase something/convert.
Pseudonymization tries to find a happy medium between what existed before GDPR and, well, GDPR (and CCPA, and a slew of laws under consideration in various countries).
GDPR defines pseudonymized data in a pretty clear way with data, “which could be attributed to a natural person by the use of additional information should be considered to be information on an identifiable natural person.”
Pseudonymization is a process whereby useful targeting data is maintained in a meaningful way – but that can’t be traced back to a specific individual. At least not without the aid of a further, overlying dataset.
This pseudonymized data is still subject to GDPR because it’s not fully anonymized, i.e., you’re still only a step or two from being able to use it to identify the individual.
QUOTE: The GDPR defines anonymized data as data “which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable.”
GDPR requires that consent be obtained before even pseudonymized data is collected.
So how will it be used to target individuals? Well, it won’t really. Instead, it will target segments.
What is Segmentation
Segmentation is a means by which users, based on pseudonymized data, are placed into segments and mini-segments based on attributes, whether inferred or directly inputted). These segments are then used for advertisement segmenting.
Users wouldn’t be stuck in a segment; they would drift from segment to segment as their interests or characteristics change. If you lose interest in a video game, marry, become a parent, move, or reach an age milestone, you’d be put in a different segment without people that have very, very similar characteristics.
The fact that the data itself is pseudonymized and that one can float from segment to segment means that the level of privacy is quite high.
Perhaps more importantly, all this can be done in total compliance with GDPR.
The Future of RTB
Real-Time Bidding is the foundation of programmatic digital advertising. And programmatic has taken on a leading role in the broader digital advertising industry.
Read all about Real-Time Bidding here
The future of Real-Time Bidding is impossible to predict. A totally new, GDPR-compliant technology could be developed in the stead of the current arsenal of tech. Something totally unpredictable could appear.
Indeed, few people predicted the rise of sub-100 millisecond instant adspace auctions occurring on a per-impression basis. Yet here we are. It became so ubiquitous that it contributed substantially to a whole new generation of laws and regulations being passed.
At the moment, the future is unclear. There could always be another revolution. But right now, it looks like evolution is going to win out over revolution.
With properly implemented segmentation and pseudonymization, RTB could very well continue on its merry way in a modified, GDPR-compliant form.
GDPR induced mass panic in the adtech and digital marketing industries when it first passed in E.U. parliament. This is not because these industries are inherently hostile to privacy – far from it! The people that make up adtech firms are just like anyone else; they’re not particularly interested in every aspect of their personal life being used to generate hyper-personal ads.
Indeed, many welcome these changes. However beneficial this new generation of privacy and information security laws might be, it is still a sea change for the industry.
Audience segmentation and pseudonymized data could very well give rise to a new generation of privacy-conscious Real-Time Bidding tools.