Consumers have been sending a clear message to brands for some time now: brands need to respect their privacy and be good guardians of their data. Brands are starting to pay attention as regulators and larger platforms like Google and Apple are starting to take actions to protect consumers.

The advertising industry at large has been rather lax with consumer data. Data has been a core ingredient in making digital marketing successful and driving more and more advertising dollars to digital media platforms. If you think for a moment about why Google, Facebook and, more recently, Amazon and Walmart are becoming such behemoths as media platforms, it is data–in addition, of course, to scale and reach which are critical to marketers.

Media platforms with almost limitless amounts of data like Facebook and Google have dominated and have completely taken over sizable parts of digital marketing, becoming unstoppable near-monopolies.

Monopolies are not good for advertisers or, for that matter, consumers. They make advertising and, therefore, the advertised products expensive. Monopolies mean higher prices for media as data becomes more controlled in these walled gardens and impossible to get at and use elsewhere. Google’s recent privacy moves while being done in the guise of consumer privacy have also been driven by their desire to make their own walled gardens more valuable. (Google makes a lot more and better margins from Search and Youtube than from their display network where they have to pay other publishers for inventory.) 

Brands have two choices — continue to be held hostage by these platforms who wield ever increasing power over their media spending, or, start to invest in their own data assets and get some of that control and choices of media back.

Most CMOs I have spoken to recently seem to be doing the latter, i.e. investing aggressively in building out their own data capabilities and investing in technology and teams who can help gather, organize and use data for advertising and marketing. Almost all of this is 1st party data collected with consumer consent from their websites, apps, CRM systems and other points of engagement including physical stores. If you’ve been to a retail store lately, and later you are almost always being asked for your email address and phone number. If you keep tapping the “okay” button on the credit card terminal you may have missed the question asking if you consent to the brand, marketing to you. This data is increasingly housed in Customer Data Platforms (CDPs) and used by dynamic content optimization (DCO) platforms form the essence of personalized marketing using consented customer data.

The traditional advertising technologies being used by these brands, however, while mostly capable of using this data, are outsourced and purchased via their agencies (often bundled with media) and not very well integrated into this data. Marketers have, for a while now, relied on their agencies to select and provide them with the technologies like DSPs, DMPs, Ad Servers, and DCO platforms. This means that these platforms are not well integrated into the brands’ own data.  These technologies instead have relied on data collected mostly on publisher sites and tied to 3rd party cookies. With 3rd party cookies going away, this data also is rapidly disappearing. While solutions like contextual advertising are being offered as replacements, they are simply not as effective as consumer data driven advertising, similarly techniques like fingerprinting and probabilistic matching are also leading to inaccuracy in personalization, leading to poor marketing performance.

Marketers, therefore, will do well to inhouse these platforms along with inhousing media and creative teams.

In order for AdTech and Martech platforms to use data that consumers have provided to brands with consent, there are two key requirements:

  1. Marketers have to invest in technologies that can work well with and support 1st party identity and data 
  2. They have to ensure that these technologies can comply with corporate data security standards and regulatory requirements for handling consumer data

Many Adtech platforms have simply not invested in modern data and identity infrastructure – they are still betting on Google “kicking the can down further.” Even those that have invested in some data and identity infrastructure do not have the internal controls in their organizations to pass strict enterprise security requirements that these large brands have.

Many brands are requiring AdTech platforms to show evidence of conducting penetration tests to ensure that external bad actors cannot break in and get access to customer data. They are asking for proof of secure and robust internal processes like encryption of data, handling passwords etc.

Fortunately, for platforms that do have this technology and internal controls in place, there is an easy way to demonstrate this via SOC2 Type II certification. Issued by the American Institute of Certified Public Accountants, AICPA works with several audit firms to conduct thorough examination of a vendor’s internal processes and certify that they are compliant with industry standards.

Brands would also do well to have fewer platforms touching their data, as DSPs, Ad Servers, DCO platforms become more sophisticated there is simply no need to have an ad server each for display, video, native, or a DSP for each channel. Similarly, DCO platforms that handle a lot of data for personalization are likely to be consolidated into single vendors who can handle the demanding data and privacy needs of large corporations. This will also save them a lot of money.

Here at Jivox, we recently completed SOC2 Type II Certification — this means we are ready to take on this challenge for large global companies and have already helped many of them consolidate the many DCO products they have been using onto our platform. The brands can be assured that their consumer’s data is being safeguarded and used to provide engaging personalized content.

Data Security and privacy compliance are necessary for modern marketing. If done correctly, they help brands stay connected with consumers in a personalized and relevant way.



Implementing 1P Identity: What You Need To Know About SOC 2 Compliance

How will brand marketers run personalized digital marketing campaigns, with third-party cookies phasing out and the industry transitioning to first-party identity? How can brands leverage SOC 2 Type 2 certified partners for securing the consumer’s most precious asset: their data?

Register for the on-demand webinar >>