A group of B2B publishers and ad tech firms are banding together to curtail the harvesting of publisher-specific data from online ad auctions by third-parties, a practice they argue is an unauthorized breach which places their relationships with their audiences at risk.
Referred to as data leakage, some bad faith media buyers are taking advantage of poorly regulated ad exchanges to extract detailed datasets on publishers’ audiences, intended to inform the real-time bidding process, and using that audience data to create competitive offerings that can target the same users elsewhere on the web, the publishers say.
“Bidstream data is needed within the programmatic ecosystem as part of the decision making process,” Matthew Yorke, chief digital officer at Northstar Travel Group, explains to Folio:. “The problem is when it is then used beyond that bid or impression. Publishers have spent years and decades building direct relationships with their audiences on trust. This is not what the publishers or audience agreed to and is damaging to both parties. Nefarious actors are in effect taking the data beyond its use on the impression bid.”
Northstar was one of 18 companies that signed an “Open Letter to the Digital Advertising Industry” issued by media auditor BPA Worldwide on Tuesday, calling for an industry-wide conversation around data leakage, which the letter said constitutes “a significant data breach by companies gaining access to the real-time bidding infrastructure for the sole purpose of harvesting both publisher-specific and audience-specific data.”
Additional companies signing the letter included B2B publishers 1105 Media, Adweek, Breaking Media, IDG, Informa, PMMI Media Group, Questex, TechTarget, and Wells Media Group, as well as the intent data firm Bombora and data management platform Lotame, which operates its own private data exchange.
“To be perfectly clear, without publisher permission, third parties have no contractual right to use this data to create derivative works from the very assets that publishers have spent decades and billions of dollars to create,” the letter reads. “They are being enabled by loose restrictions within some RTB platforms, which may ignore their responsibility and obligation to the media marketplace.”
On a BPA webinar Wednesday intended to raise awareness of the issue, BPA vice president Scott Roulet likened data leakage on ad exchanges to borrowing a friend’s car to run an errand and then renting the vehicle out to others to turn a profit. He also cautioned that such misuse of data negatively affects the publishing industry as a whole, not just those who participate in programmatic exchanges.
“The reality is that the misuse of bidstream data affects all publishers,” he said. “There’s a big portion of the ad spend that is going to these data marketplaces, and it’s at the expense of publishers who generate that data. They’re not getting that piece of the pie.”
While BPA says its publisher members have considered data leakage an issue for some time now, it’s taken on increased urgency after the emergence of data privacy laws such as GDPR and CCPA and a growing awareness among publishers of the importance of protecting valuable first-party data on their audiences.
“The way to get the most value out of bidstream data is, unfortunately, to misuse it,” wrote AdExchanger‘s James Hercher in a March 2019 explainer. “An unscrupulous [demand-side platform] could monitor the bidstream for sites with valuable audiences, pull cookies or IP addresses, which can be retargeted, and then find the same users on cheaper sites.”
Cheryl Ng, VP of programmatic and media technology at WebMD, said Wednesday that the health and wellness site, which draws more than 100 million unique visitors each month, goes as far as to conceal the full URL’s of article pages in real-time ad auctions out of an awareness of such activity, despite the knowledge that withholding certain data points can often lead to lower bids and ultimately less ad revenue.
“We draw a line in terms of what we consider to be our data and what we’re willing to expose in the bidstream,” Ng said. “We know the fallout in terms of the revenue loss that comes from that, but we continue to push and have those hard conversations with our partners on why we’re doing that and why we continue to hold that stance.”
Ng advises publishers to work with their legal teams and pay close attention to the language used in agreements with demand-side platforms (one of the stated goals of the open letter issued Tuesday is to “create model contract language designed to protect publisher data across digital technology vendor agreements”). Ng also says publishers should ensure they have strong relationships with the platforms they work with, the types of relationships that would ensure publishers are alerted by their industry partners when their data shows up in a demand-side platform without their knowledge.
“Don’t think that it’s just small partners who are doing it,” she said. “There are large partners doing these things who should be held accountable. Programmatic done right isn’t scary, but like most other things, there are some bad actors out there.”
No one asked me to sign this but I would have.
Data leakage is a nice way to talk about what is going on in ad markets. It’s theft.
(And is also why we stay away from it. No one says you have to give away your best asset.)https://t.co/h9jcevvpbs
— Sean Griffey (@seangriffey) June 18, 2020