Stage 1 of publishers' GDPR journeys is complete. Now onto the real work...
The buildup to the GDPR starting pistol on 25th May 2018 was amazing.
We’ve just witnessed publishers’ crazy, last minute GDPR compliance scramble to implement the tech needed to obtain consent – a frantic flurry of communications with SSPs, DSPs, and advertisers, sorting out which ads they’d buy–and which they wouldn’t–post May 25th.
Google left us in suspense up until two minutes to midnight, leaving thousands of partners (and millions in spend) sweating, when they finally communicated what they intended to do about consent and personalized advertising from third-parties. The regulatory bodies (including the UK’s Information Commissioner's Office, or ICO) maintained an unhelpful stance, shrugging their shoulders as if to say, “We just don't know the answers yet.”
Let’s not do that again, ever!
Playing The Long Game
Everyone is exhausted. But at least it’s over now, right? CMP in place, new DPAs signed, Google (kind of) playing ball, revenues relatively stable; now we can just forget about GDPR and move on with making money? Sadly not. Friday, May 25th 2018 was just the start of the GDPR publisher journey, not the end. The challenges of maintaining compliance and ensuring we are on top of what's happening on our sites has just begun.
Who's On The Hook, Really?
The AdTech ecosystem lives in a world of cookie piggybacking. On any given site there is likely a minimum of a 2:1 ratio between piggybacked cookies and direct relationship cookies. We all know this; we accept it as a necessary evil to achieve maximum returns for our programmatic inventory. But, in the new GDPR world order for publishers, lawyers tell us that if one partner piggybacks in a cookie that the publisher hasn’t obtained consent for, that publisher is the party at risk, not the partner. It has become critical for publishers to be able to know where piggybacking is happening on their site(s), 24/7, and be able to react with the appropriate questions and responses.
A Light In The Darkness
Fortunately, Industry Index understands such publisher challenges – and others – including the need to know what tech is firing on-site, the names and categories of all piggybacking tech in the ‘stack’, and if the ads.txt file errors potentially blocking revenue. To meet this need, they have developed PubMonitor™ to do just that: accurately and easily monitor what tech is appearing on-site, identify piggybacking tech, and if the ads.txt file is accurate and complete. PubMonitor is designed for publishers to deliver:
With PubMonitor’s data leakage report, publishers can see what is happening on their sites to help them stay on top of GDPR compliance and have knowledge- based conversations with their programmatic partners about why those cookies are there, and whether they are actually needed.
PubMonitor returns control to publishers, empowering them to ask the right questions that lead to commercial decisions regarding cookie piggybacking.
“Do I want my DMP piggybacking in three other DMPs, of which I have no oversight or control?”
“Do I want to protect against data leakage?”
“Am I happy for an SSP to be piggybacked three-or-four times by multiple partners, allowing savvy media buyers to hunt around for the cheapest source of my inventory?”
"Am I comfortable with ad networks gaining unfettered and undefined access to my sites, or would I like to be able to define an in-market strategy for inventory access?”
PubMonitor makes these impetus for these questions clearer, easier to ask, and easier to answer.
Our industry is evolving and, due to GDPR, wrestling control of technology partners has become a critical part of that evolution. Make no mistake: This is a very good thing for this industry. By shining a light on technology stacks, publishers gain more control, more transparency, and reduce potential liabilities. The 25th of May 2018 was just the start of the greatest change our industry has ever seen.