As part of our commitment to helping AdTech companies become GDPR compliant and run efficient media campaigns without relying on personal data, we’ve partnered with PageFair and have become an approved Perimeter Trusted Partner.
This partnership will allows us to work closely with PageFair’s team, provide them feedback, and offer our input to ensure that GDPR compliance is enforced and that the technologies Clearcode builds for their clients are compatible with Perimeter.
Dr Johnny Ryan of PageFair said “We at PageFair agree with our colleagues at Clearcode that adtech must transition to ethical data use. That means scrupulous avoidance of personal data in adtech, unless adequate consent is present. Continuing with business as usual as data controllers and processors is too risky under the GDPR.”
He added “if Clearcode, which builds adtech for players across the industry, can do this, then all adtech can do this”.
“The team at Clearcode views PageFair’s Perimeter as a positive and much-needed solution for publishers wanting to comply with the GDPR and bring an end to the out-of-control data collection processes that run riot in the current AdTech ecosystem”, said Maciej Zawadziński, CEO of Clearcode.
“As a Perimeter Trusted Partner, Clearcode is committed to helping AdTech vendors and publishers become whitelisted by PageFair’s Perimeter and comply with other areas of the GDPR through our custom AdTech development services”, Maciej added.
About PageFair Perimeter
PageFair Perimeter is designed to help publishers comply with the European Union’s General Data Protection Regulation (GDPR).
Perimeter allows publishers and AdTech companies to collect and use personal data when user consent has been obtained, and use non-personal data when it hasn’t.
More importantly, Perimeter stops data from leaking to unauthorized third parties, which is rife within the programmatic advertising ecosystem and causes real issues for companies that want to comply with the GDPR.
“PageFair Perimeter acts as a regulatory firewall for websites and apps, blocking potential tracking by default”, says Dr Johnny Ryan of PageFair.
The Problem That Perimeter Solves
During programmatic media-buying transactions, user data is leaked to numerous third-parties, often without the publisher’s knowledge.
Here’s a 33-second video that illustrates how data is leaked each time an ad request is sent from a publisher’s site, courtesy of PageFair:
As it stands currently, this practice of collecting user data, although unethical, is completely legal.
However, when the GDPR comes into force on May 25, 2018, this practice will cause huge problems for both companies carrying out these practices and publishers that want to ensure they are GDPR compliant.
1. Personal Data Is Broad
AdTech typically thinks of personally identifiable information (PII), such as name and email address, whereas the GDPR refers to personal data, which includes all information that could potentially identify a user.
This means that if a user visits your website or sees one of your ads, they are considered identifiable if you can later recognize them (by identifying and recognizing them via their cookie ID, device ID, or other identifier) if they return to your website or see another one of your ads. This alone will directly impact common advertising activities such as online behavioral advertising, retargeting, and frequency capping.
2. Tough Rules for Obtaining User Consent
The GDPR will require all companies wanting to collect data to obtain explicit consent from users. Not only that, but they’ll have to get consent for each data-collection activity, explain the purpose of it, and list the beneficiaries of it (e.g. AdTech companies and advertisers).
If we use the video above as an example, publishers would need to obtain user consent for each of the parties involved in the media buy, which would be several dozen. Results from a PageFair survey conducted last year highlight the challenges publishers, AdTech companies, and brands face with regard to obtaining user consent.
However, even if user consent was obtained for all the companies listed in the video, there is still a high possibility that data could be leaked to unauthorized parties. This situation would leave the publisher and AdTech vendors on the hook and expose them to some hefty fines — €20 million or 4% of the previous year’s turnover, whichever is greater.
And it’s this situation that PageFair’s Perimeter plans to tackle.
How PageFair Perimeter Works
Perimeter aims to help publishers be fully compliant with the GDPR by preventing data leakage during programmatic advertising transactions.
It is able to achieve this by:
- Automatically removing all data-leaking scripts from ads before they are shown to a user.
- Preventing unauthorized third-parties from accessing personal data.
- Enforcing data protection in RTB bid requests, ad units, third parties on sites, and SDK behaviors.
Further Reading about the GDPR from the Clearcode and PageFair Blogs:
Don’t Fret – the GDPR Is a Good Thing for AdTech – Clearcode
Research result: what percentage will consent to tracking for advertising? – PageFair
Not Complying with GDPR Will Cost AdTech Companies More than 4% of Revenue – Clearcode
The regulatory firewall for online media and adtech – PageFair
The GDPR Will Drain the AdTech Cookie Pool – Clearcode
GDPR consent design: how granular must adtech opt-ins be? – PageFair