Ad tech firms join PageFair’s new Perimeter initiative for GDPR-compliant ad targeting
The new effort will forbid third-party data services and will target ads primarily through content viewed or broad-based user segments.
The Dublin, Ireland-based firm has announced a joint initiative with eight other ad tech companies that provides GDPR-compliant ad targeting without requiring user consent.
The initial group of participating US-based and European companies are ad server Adzerk, banner ad builder Bannerflow, ad automation agency Bydmath, custom ad developer Clearcode, SSP Converge Digital, digital ad agency Digitize, CRM-targeting ad provider SegmentIQ and customer data platform Velocidi. The companies will be working within Perimeter as one option, not as their exclusive environment.
The key objective, PageFair CEO Sean Blanchfield said in the announcement, is to rewire “the advertising supply chain to work without personal data.”
Called Perimeter and planned for rollout later this spring, the effort employs a “firewall” product by the same name, which was announced in December.
It blocks any visitor-specific tracking at a participating website, blocks any third-party data services — of which the average website can have dozens or even hundreds — and only approves within each site’s Perimeter those Trusted Partners who have been authorized and whitelisted.
Ad targeting within a Perimeter’d site will be limited to two primary kinds: by context, meaning that the site publisher could show ads about blue sneakers to a site visitor who just viewed a webpage showing blue sneakers for sale; and by non-personal segment, a broad category of visitors whose determining characteristics couldn’t be used to pinpoint an individual.
For instance, site visitors whose IP address shows they live in the Chicago area, and who came to this website after visiting a site selling Chicago Bulls-branded products, might be part of one such segment. A cookie would be dropped, but it might say, “Chicago Sports Fans,” instead of containing a unique tracking identifier.
Blanchfield noted there could also be some targeting by a brand using first-party data from its customers, but only if use-specific, GDPR-compliant consent had been given.
‘It will be enforced’
For instance, a happy owner of a Fossil watch may have granted consent to that brand to target ads on specific sites, based on that owner’s personal history of purchases, in order to learn about new and relevant Fossil products.
But, Blanchfield noted, consent under GDPR for ad targeting is promising to be such an onerous effort — for the user and for the brand — that this kind of targeting may not be very common in Perimeter.
Although Perimeter will focus on advertising without tracking individuals, utilizing personal data or employing third-party data, PageFair says it will offer alternative methods for such practices as measurement and frequency capping. The latter, PageFair’s head of ecosystem Johnny Ryan previously told me, could involve a cookie dropped on a visitor’s device that tracks and thus caps the number of times ads from a given campaign have been shown but doesn’t track the user.
Prior to its ambitious new plans to reinvent post-GDPR advertising, PageFair was focused on providing server-side ads that could not be blocked by ad blockers. A version of Perimeter for mobile apps is in the works.
“Most of the ad industry is hoping GDPR won’t be enforced,” Blanchfield told me.
“It will be enforced,” he said.
He estimated that many US sites get “10 to 15 percent of their traffic from Europe,” adding that some will simply turn off their ads in Europe as the easiest response to GDPR.
But many very large companies, he said, use programmatic advertising across their properties, and just turning off ads for European users still exposes them to “massive liability” from possible GDPR fines. The regulations, for instance, also cover marketing to EU citizens wherever they are.
Blanchfield said it’s likely that many companies will realize their key value is in the customer/visitor relationships and will prize their first-party data even more.
And, he said, if consent is going to be obtained for ad targeting, it’s more likely to be among brand fans and in the context of a first-party relationship, such as during email signup. By contrast, he pointed out, third-party data services like data management platforms (DMPs) can’t as easily ask for consent.