Then, about four years later, the universe allowed her to bump shoulders with Amber Bracegirdle (Mediavine Co-Founder and Chief Brand Officer), and the two connected over personal and professional philosophies.

When Bracegirdle described Mediavine to Lieberman, the pair realized they had many of the same values, and helping content creators make money online was a core concept for both. Mediavine grew quickly, and it became apparent that it was time to bring the legal function in-house. Lieberman was honored when Mediavine asked her to join full-time as SVP and General Counsel. 

In her current role, Lieberman is responsible for all aspects of the company’s legal operations, including providing legal counsel and coaching on policies and procedures, intellectual property, contract negotiations, and compliance. She is Mediavine’s chief advisor in refining and enhancing corporate standard operating procedures with a focus on compliance to ensure Mediavine continues to provide innovative solutions, offerings, and services.

We talked to Jamie about running an all-women legal team at Mediavine and how she strives to promote diversity daily.  

Yakira Young: A small percentage of women run in-house counsel at tech companies. That percentage is even smaller for ad tech! At Mediavine, you run an all-woman legal team. How did that happen?

Jamie Lieberman: I started my law firm because I saw a problem in the Legal world that needed to be solved. I was a new mom who felt frustrated that I was being told there was no way to work full-time practicing law while being a mother. So, in response, I started a virtual law firm to do both without sacrifice. I think it naturally attracted other female professionals, not by design but because women found they could practice law, find support, and work in a balanced way.

In working as Mediavine’s external counsel, I saw how much the company cares about the health and well-being of its employees. When asked to join as in-house counsel, I knew the women from my firm transitioning with me would be well cared for in culture and benefits. We were really excited to keep the team together at Mediavine.

 YY: Since your start at Mediavine in December 2022, how have you helped implement positive change at the company?

JL: Mediavine really celebrates innovation, as evidenced by their ad tech. When I joined late last year, I wanted the company to experience that same innovation with regard to our legal department. I aimed to integrate our team so that legal was a welcomed partner in all business discussions. As lawyers, our role is equal parts counsel and education, and we set out to begin educating and meeting with employees to help them understand this. My team and I are here to collaborate across all business functions and streamline processes. 

The legal team has also centralized our contract management system and hired a new Director of Privacy and Compliance to create a new compliance program. We have made massive strides in a short period.

 YY: What are the core experiences from your career experience that helped prepare you for where you are in your career today?

JL: I didn’t begin my career practicing law, but I had a great mentor who suggested I go to law school. I worked while going to school full-time, so my work ethic was solid. Once I graduated, I began working at some large law firms. Through problematic encounters in those firms, I quickly realized what was missing in those working environments. I started to understand how vital a strong manager is to the growth of young attorneys. Before I started my law firm, I searched for an inclusive workplace that values its employees and had strong managers, but I could not do so.

This is a male-dominated industry, and unfortunately, in my first few jobs, I experienced all forms of harassment. I almost left the practice of law because of it. Still, instead, I’ve taken the negatives and have been able to use them as a learning experience so I could create a better working environment for my employees and be a better manager. I love practicing law, and when I started my firm and was able to remove some of these pain points, I began to love my job again. Joining Mediavine was a natural next step as the values of my law firm aligned with those here at Mediavine.

 YY: What unique challenges do you face as a general counsel in the ad tech industry?

JL: As general counsel in ad tech, I am often the only woman on an external phone call or meeting. It can be challenging to work in an industry when no one looks like you. To that end, my mission is to mentor others so they can find it in this field.

At Mediavine, the growth of our business has been extraordinary. Coupled with the fact that privacy laws are constantly changing, means my team and I need to be agile. We are lucky to work at a company that values innovation. It’s fun to solve problems and to be a part of this type of working environment that values diversity and collaboration. 

 YY: How do you ensure diversity and inclusion within your team and the company?

JL: I’ve dedicated over a decade to supporting and guiding content creators through my law firm’s work. Early on, I recognized that influencer marketing and content monetization on the web was critical to a free and fair Internet. I have used my legal expertise to help clients, usually women or underserved communities, understand the complicated and ever-changing content and privacy laws online. Mediavine also values helping small business owners create and maintain sustainable businesses; that type of inclusion resonates with me.

YY: What are the most pressing legal issues facing the ad tech industry?

JL: The most pressing legal issue facing ad tech is privacy compliance. The legal and regulatory landscape is constantly changing due to new laws and technologies. Because the internet is global, we must be aware of the constant updates to privacy laws, state-by-state regulations, changes to GDPR, and similar measures from international bodies. The size and speed of the programmatic ad space are immeasurable, so my team and I take Mediavine’s compliance very seriously. We are privacy forward and constantly dedicating more resources towards it.

YY: How does your legal team stay up-to-date on industry changes and developments?

JL: We prioritize involvement in industry events and trade groups like the Interactive Advertising Bureau, International Association of Privacy Professionals, Association of Corporate Counsel, and Tech GC. My team and I actively carve out time to ensure we can attend educational events that align with our interests and department goals. Mediavine prioritizes investing time and energy in training, which is helpful in an ever-changing industry.

 YY: Can you walk us through your approach to balancing legal compliance with business goals and objectives? 

JL: I view the legal department as a key partner to internal stakeholders. Our job is to assess risk and to work collaboratively to balance compliance requirements with the needs of our business. Legal should never be a roadblock but instead one part of a larger equation in making larger business decisions.

 Education comes into play here too. Suppose my team is involved with new initiatives from the beginning and can have meaningful conversations with the right people early on. In that case, we can lead from a place of collaboration as we assess risk versus return. 

YY: What advice would you give to women aspiring to become general counsels or lead all-female teams?

 JL: It’s really important to be true to yourself. Know your strengths, and don’t apologize for trusting your instincts. Women have been experiencing Imposter Syndrome for decades, but you rarely hear men talk about it. Advocate for yourself!

 In addition to knowing and understanding yourself, having a group of safe, trusted people around you is crucial. Find a mentor. Surround yourself with people who support you and your strengths. Women connect differently in business, and that should be celebrated. We should lift each other up.

The post Jamie Lieberman Opens New Doors With Her All-Women Legal Team in Ad Tech appeared first on AdMonsters.

Consumer data privacy concerns have already begun to reshape the internet’s future infrastructure. And as the US government leans closer to passing federal privacy legislation, the reshaping will only continue.

These privacy concerns — AI innovation, the impending cookiepocolypse, Big Tech vs. DOJ, revolving ad spend slowdowns — all promise to shake things up further. And along with the new internet will come a new advertising ecosystem. Are publishers equipped to handle what’s coming next?

The short answer is no, but that doesn’t mean they can’t get ready. We spoke with James Avery, CEO and founder of Kevel, a cloud-based ad server development platform, to learn more about what’s ahead and how the industry can prepare.

The New Internet

Yakira Young: Of all of the changes happening in ad tech right now — ad spend slowdown, privacy regulations, big tech implications, third-party cookie deprecation, AI and automation, and the rise of PMPs — what do you think will have the biggest impact on the new Internet and how will that transformation happen? 

James Avery: Ad spend slowdown isn’t anything new to the industry, which always has ups and downs. This is a crucial time for industry players to pay close attention. It’s the best time to learn where advertisers are getting the best ROI on their spend versus where they are spending experimentally.

In terms of privacy and the death of third-party cookies, this realm will have the most dramatic changes on the Internet, with lots of companies trying to put the genie of various ID solutions back in the bottle. However, none of them will recreate the third-party cookie and the massive amount of data syncing and leakage happening for the last decade.

Privacy and the deprecation of third-party cookies will lead to the growth of PMPs. As the value of random internet traffic goes down, the value of buying on specific properties with proprietary first-party data will increase.

AI and automation have always been a part of ad tech, and the rest of the world is just now catching up.

 YY: Some say Web3 and user control will dominate the new Internet. Is that how you see things evolving? 

JA: People always think users care enough to customize their ad experience or share preferences, but at the end of the day, users just want to read a great article, use a great app, and not be annoyed by advertisements. 

YY: With all this talk about a return to first-party data, do you see the industry reaching the same scale they are accustomed to, or should we be talking about new metrics now?

JA: The differences will become more extreme. As advertisers flock to ad platforms with true identity, they can target in ways they are already accustomed to, but with less fraud and at a smaller scale.

They will be able to reach the same scale as before but with less fine-grained targeting. They should be able to match or exceed their current performance between the two.

Preparing for Change

YY: Is the current ad tech infrastructure equipped for the advertising ecosystem of the future and the new Internet? 

JA: Current technology is absolutely not equipped to prepare the advertising ecosystem for the future of the Internet. The majority of publishers are ill-equipped for the massive disruption that is coming to our industry. They continue to assume that someone like Google or TTD will solve this problem for them. These platform giants are investing in building their ad platforms around their first-1st party data, uniquely positioned to sell to brands. The rest of the industry will be left out of the equation.

 YY: What are some things industry leaders should do to get ready and adapt successfully? 

JA: Everyone hopes it will be business as usual and the identity systems will maintain the status quo. However, I think leaders should rethink the entire stack — how to cut out the middleman and better optimize their stacks in terms of performance and sustainability. 

The post Thriving on the New Internet appeared first on AdMonsters.

Recently, President Biden signaled how important privacy legislation is by addressing it at the State of the Union for the first time. We all recognize that state privacy laws are here, with many more to come. At this point, we desperately need universal privacy legislation that supersedes state laws to create a level playing field for credibility, stability, and protection for consumers and businesses. 

At RampUp 2023, “Stay on the Forefront of Privacy Legislation” was a session where Washington D.C.-based ad tech counsel and a VP at the U.S. Chamber of Commerce shared their perspectives on what’s happening right now and what the industry can do to streamline the process. One common denominator among the three session participants was that now was the time for one federal privacy law. 

The Time Is Now

Data is highly regarded because it helps to deliver impactful services to consumers and customers. It unlocks the potential of the information economy to communities and helps ensure that consumers have access to important and useful information for free. It makes the open web a lot like the public library. Also, with the right data, consumers can access personalized apps and services that make life easier.

And, for the ad tech ecosystem, it powers the pipeline, bringing the right message to the right consumer at the right time. However, this all goes out the window if we do not establish a reasonable and well-thought-through national policy for data.

In a study conducted by Privacy for America, we learned that consumers enjoy over $30,000 a year in subsidized content and services online. A law restricting that flow of data availability could increase what we consider an online tax by over $30,000. 

We must ensure we continue to provide consumers with this same access. This isn’t just an ad tech issue. With six state data privacy laws already on the books and many different bills under consideration, delivering the impactful information and services consumers expect grows harder and harder.

“Without a preemptive national standard, we risk that the policy, and how we can engage with consumers and build audiences, will be left to just a handful of companies,” explained Michael Signorella, co-chair of the Technology and Innovation Group at Venable law firm. “They will decide how we can address media to consumers online, think of ATT.”

The Tragedy Associated With State-led Privacy Legislations 

According to a recent U.S. Chamber of Commerce report, 80% of small businesses stated that tech platforms, ads, and payment apps enabled them to compete with larger corporations. So limiting access to data and the ability to use data will constrict their business operations. 

“There are currently about 20 states that have introduced bills being considered now,” said Jordan Crenshaw, VP at the U.S. Chamber of Commerce. “The problem is that we’re seeing multiple models emerge, and even when we have very similar models, they are still somewhat different. If you’re a food truck with about 270 customers daily, complying across state lines would be nearly impossible.”

The California Consumer Privacy Act was the first comprehensive law in the U.S. to go into effect. It gives consumers the right to delete data, opt out of data sales, and know what data companies hold about them. Nonetheless, the private right of action associated with this act could be problematic when it comes to data breaches. 

Virginia’s Consumer Data Protection Act, which went into effect in January, gives consumers the right to opt out of data sales and targeted advertising. Like California, Virginia consumers can also delete data, but they also can correct data and opt-in for sensitive data. There is no private right of action in Virginia, which is good because it leaves enforcement up to the state’s attorney general. It also doesn’t allow for broad rulemaking authority to any agencies in the state, keeping the terms and conditions concrete. 

When it comes to federal privacy, the Chamber of Commerce currently sees states embracing the American Data Privacy and Protection Act (ADPPA) and opt-in frameworks where businesses have to get consent to use data outright, like in Oklahoma. All these differences are a huge red flag for compliance for small businesses. 

Where Are We Seeing Specific Privacy Regulations?

Health Data: Since the Roe v Wade decision, there has been a call to create privacy protections around abortion data or data that might lead to that. The problem is that now that issue has worked into massive health bills creating an even larger issue. In Washington, the state has a bill in review that would require consumers to opt-in for data usage, thus harming data flows for things like health research, clinical trials, for example. That bill also has a private right of action.

Children’s Data: States are proposing updates to the Children’s Online Privacy Protection Act (COPPA). Utah even has a social media bill that would shut off social media usage after 10 pm, substituting the role of a parent with a private right of action and age verification.

Biometric Data: An example of this is facial recognition technology. States like Illinois already passed laws related to biometrics, whereas a company could be subject to private lawsuits if it failed to get consent to use biometric data. 

Convos on Capitol Hill

As Principal at Emergent Strategies, a Democratic government affairs firm in Washington, DC, Michael Claunch spends much time on Capitol Hill. While conversing with Congress, he knows they are working to solve many of these privacy issues, whether conflated purposefully or unintentionally. 

On the Hill, they are working on complex issues like privacy, whether online markets are competitive enough, and Section 230 reform. Members of Congress feel extremely passionate about these issues, but if they try to address each silo, they will affect the other; privacy is a great example. 

“When I interact with Congress, I’m very consistent in my message that a federal privacy law will be the competition law for the next decade,” Claunch explained. “There will be winners and losers as some entities will have better access to more rich data and be able to use it. Market impacts need to be taken into consideration.”

Why Not the ADPPA?

While the ADPPA is an admirable attempt, it’s just not it for many reasons. Experts see many weaknesses regarding its impact on competition and the fact that it has an overly broad definition of sensitive data. It can eliminate the ability for brands and third parties to use data to get a complete look at the consumer and target them across the web. 

The ADPPA presents unequal treatment between first and third-party marketers; as we know, if a company has a first-party relationship with a consumer, it’s way easier for them to get opt-in consent on that sensitive data.

Currently, the way the ADPPA is written, third parties are at a significant competitive disadvantage compared to first parties. Thankfully the three legal professionals on this session — Jordan Crenshaw, Vice President, U.S. Chamber of Commerce; Michael Signorelli, Partner, Venable LLP; and Michael Claunch, Principal, Emergent Strategies — are working to change that. With a new Congress in place, it presents an opportunity to reset and build up the good work regulators have done. It also gives them ideas to ensure that a federal privacy law considers all stakeholders.

The post Privacy Experts Convene on the Need for Federal Legislation at RampUp appeared first on AdMonsters.

But this time, it seems to be a step in the right direction towards unifying compliance across state privacy laws called the Multi-State Privacy Agreement (MSPA).

As of late, IAB and the IAB Tech Lab is committed to encouraging the advertising ecosystem to put consumer privacy first. Along with that goal, they updated their privacy protocols and agreements to support publishers, advertisers, and ad tech companies. For months, we’ve speculated there would be just one contractual framework to ensure privacy compliance across all the current state-led privacy legislations, and this may be it.

“The patchwork of state regulations creates an increasingly complicated compliance landscape for the digital advertising industry,” said Michael Hahn, EVP, General Counsel, IAB, and IAB Tech Lab. “The IAB Legal Affairs Council has been focused on meeting this challenge for the past year. We believe the MSPA – the product of collaboration from stakeholders across the industry – is a crucial tool to solve this challenge.”

The Multi-State Privacy Agreement (MSPA) supplies a refurbished framework to ensure privacy compliance across five new state privacy laws. It works alongside the IAB Tech Lab’s US State Signals initiative, also recently released as an extension of the Global Privacy Platform (GPP). Both are available for public comment until October 27, 2022.

How Will the MSPA Help Streamline Privacy Concerns?

Think of the MSPA as the big brother of the Limited Services Provider Agreement (LSPA), which was initiated to guarantee compliance with the California Consumer Privacy Act (CCPA). 

The great thing about this agreement is it serves as a watchdog over all privacy legislations. The CCPA, the California Privacy Rights Act (CPRA, coming January 2023), and all the others going into effect in 2023; the Colorado Privacy Act (CoPA), Connecticut Data Privacy Act (CDPA), Utah Consumer Privacy Act (UCPA), and Virginia’s Consumer Data Protection Act (VCDPA).

This agreement and its partner in crime, IAB Tech Lab’s GPP, including its state-level signaling, will assist member companies in handling the ever-so-complex global privacy compliance landscape and managing the different consent signals from multiple jurisdictions.

“The MSPA does four things. First, it provides a scaled way of incorporating terms in the service provider contracts and agreements covering third-party “sales” of personal information,” Hahn explains. 

“Second, it covers contractual gaps in the digital advertising distribution chain where parties will need contracts covering “sales” of personal information. However, no such contract type presently exists between industry participants. Third, it provides a legal framework for service providers to measure ads and set a frequency cap. Fourth, it provides an optional “national approach” to find the highest common denominator in the privacy requirements across the five new state laws.”

Will Implementing the MSPA Serve As a Gift or a Curse to Publishers?

Only time will tell if MSPA will serve as a gift or a curse to publishers. As we all know, a few IAB-initiated privacy measures have fumbled, but everything is trial and error in this industry. 

We know this is the first privacy agreement we are seeing that kind of puts all the new state laws under one umbrella to simplify things seemingly. 

The GPP spec provides a mechanism for encompassing all current & future privacy rules through a smart and mechanically effective encoding process I tested myself as well as an API pattern. But better compressing of data on to a string is not really what we need from this spec…

— Aram Zucker-Scharff (@Chronotope) September 6, 2022

Still, there’s reason to pause. None of us can forget how the Belgian Data Protection Authority (BDPA) went after IAB Europe’s Transparency and Consent Framework (TCF) for breaching GDPR rules.

And some ad tech experts have a profound uneasiness about the Tech Lab’s GPP about a month ago, implying that it causes more harm than it will help the ecosystem. In particular, Washington Post Engineering Lead, Aram Zucker-Scharff, is concerned that “GPP fails to provide any real change over TCF, besides this bolt-on of new string encoding methods.”

“GPP does not represent a significant technical change from TCF, and it is hard to see how it could meet the basic objections from EU courts,” he tweeted last month. He also questioned the IAB’s push towards vendor list specification and the potential fingerprinting risk it opens up. And he doesn’t seem to be alone in his worries. 

Crawling before walking might be the mantra here.

The post What is IAB’s Multi-State Privacy Agreement (MSPA)? appeared first on AdMonsters.

The disruption in digital advertising over the past year has certainly felt like a crisis. On top of the iOS privacy rule changes, market volatility, and the emergence of new platforms, marketing budgets are being scaled back, and brands must be much smarter with their dollars.

But within any crisis, there lies opportunity — and the advertising world is no different. Publishers and ad platforms have a chance to offer new, more effective strategies and technologies to help brands reach their desired audience.

When brands are equipped to take calculated risks, seize the power of data in all its forms, and adapt to the changing environment, they can find effective ways to innovate and grow. Here’s how you can help them evolve in today’s changing landscape.

Be Prepared to Explain the Pros and Cons of Broad-based Advertising

In response to the iOS privacy rule changes, platforms like Meta lowered CPMs and encouraged brands to broaden their targeting since more precise targeting is no longer available.

Engagement is now prioritized over conversions, forcing advertisers to refine their approach and continuously iterate their creativity. While broad-based advertising casts a wide net to reach a larger audience, diluted targeting is inefficient. It can degrade brand equity — potentially alienating consumers with the wrong messages and limiting advertiser learnings from interacting with those that see their ads.

Support Advertisers in Making Calculated Risks by Offering New Approaches

Brands can balance out broad targeting efforts by experimenting with new media platforms and marketing tactics. Work with clients to establish how much risk they’re willing to take on and allocate the majority of the budget toward proven channels, even if it means accepting slightly lower returns at scale.

It’s easy to generate a great return at low spend, but the key is determining how much budget to put through a channel before performance erodes.

Encourage the Use of Trusted, Third-party Anonymized Data Sources

In the absence of quality first-party data, a new solution for targeting consumers is to leverage aggregate third-party data with AI-enabled datasets. This creates a wall of compliance between the advertiser and the data, which protects consumer privacy while still providing brands with crucial information to acquire the right customers.

It benefits advertisers by giving them:

•   access to more data, which can help them identify new high-quality customers
•   the ability to refine their paid marketing strategy and allocate budgets intelligently
•   better prospecting performance and ROAS
•   lower acquisition costs

Implementing this approach has the potential to revitalize targeted marketing for brands and is likely the future path for digital marketing.

The dramatic changes to the ecosystem have made this moment a critical inflection point, making it more important than ever to maintain a growth mindset.

As Einstein also said, “A ship is always safe at the shore, but that is not what it is built for.”  Partnering with advertisers to widen their perspective, commit to experimentation, and seize the opportunities that lie within the chaotic waves of the moment will ultimately help them thrive throughout this tumultuous chapter of digital marketing history.

The post Disruption in Targeted Advertising: How to Turn Crisis into Opportunity appeared first on AdMonsters.

Their data will give rise to new opportunities for brands, agencies, and publishers to collaborate earlier on in the campaign planning process. Some publishers even argue that they should be included as a brand develops its go-to-market plan for new products.

Is there a case to be made for including them that early?

Publishers Have Unique Data for Campaign Planning and Assessment

When we think of publisher data, we tend to focus on the information they collect at registration. It’s valuable data, as many inquire about household information that would be actionable for brands. For instance, Monique Watford, VP of Operations at Spiceworks Ziff Davis, says her company can supply information related to specific types of software and hardware a company uses, when their licenses will expire and if their hardware is aging.

But even publishers that don’t require registration bring a lot to the table. One such publisher, Love To Know Media, has a trove of contextual data that can offer very interesting options for advertisers.

“Our visitors come to us for an answer to specific questions, which allows us to understand a lot about them. If they land on an article about dog ailments, we know they’re a dog owner, and they are concerned about their dog,” explained Marc Boswell, Love To Know Media’s CRO. “We can understand our readers from multiple angles based on the content and the contextual flags on each one of the pages.”

There’s another often overlooked pool of data: third-party data on engagement such as hover on ad rate and scroll impressions. This type of data goes way beyond CTR or video completion rates. It can help advertisers, and their agencies better understand how well their creatives perform so they can improve their creative strategy. It also sheds insight into which creatives work better on specific publications and why.

Earning That Seat at the Table

While publisher data is undeniably strategic to companies, publishers need to recognize the advertiser’s concerns, beginning with neutrality.

Advertisers, burnt by years of buying pre-packaged audience segments that woefully missed the mark, want assurances of fraud-free, high-quality inventory that a trusted third-party measurement company verifies. They’re wary of publishers grading their own homework. Impartiality, therefore, is key.

That impartiality will benefit the entire ecosystem, enabling buyers and their media agencies to trust a larger portion of the inventory publishers have to offer. And that, in turn, means publisher-defined audiences will be more actionable and will go a long way in easing general fears that digital advertising will lack sufficient data due to privacy regulations. It will also create a scenario where publishers work directly with agencies more efficiently.

A World in Which Publisher Data Is Scalable

What role can publishers (and their data) play in the post-cookie digital advertising world? As Ziff Davis’ Watford points out, publishers have always had a keen interest in seeing their advertisers succeed, as their success leads to repeat business. “The ideal time to engage a publisher is early on when a product is still in development.”

Boswell agrees. “We would love to be involved as early as possible [and to talk] to the agencies to help them understand how all of our data can help them drive value.”

Publishers also see a role for them in helping brands, and their agencies assess campaign performance. As mentioned above, publishers with access to impartial engagement data would like to see it incorporated into the agency’s wrap decks. Scaling will be an issue, of course. The industry will need standards that enable the agency to report on them unified across all publishers.

But let’s assume for a minute that these standards are developed and adopted. That media agencies have the tools they need to compare a deeper level of audience, quality, and engagement metrics across channels. Will agencies welcome the publisher’s earlier involvement in the planning process?

Agencies want the campaigns they launch for their clients to succeed just as much as the brands and publishers do. They have every incentive to incorporate quality and verified data as possible as the third-party cookie deprecates.

Agencies have leaned on cookies rather than engage in these more fruitful relationships with publishers. Brands will likely see sharper alignment between themselves, their agencies, and publishers as we advance.

The post The Rise of Publisher Data and Its Potential for Tighter Collaboration Between Brands, Agencies, and Publishers appeared first on AdMonsters.

Last week the Connecticut House of Representatives and Connecticut Senate joined forces to pass the Connecticut Data Privacy Act (CTDPA). The legislation, also known as Senate Bill 6 (SB6), awaits Governor Ned Lamont’s signature to make everything 100% official. The bill is expected to take effect on July 1, 2023. 

The CTDPA mirrors recently instilled state privacy laws, allowing consumers to opt-out of data sales, targeted ads, and profiling decisions that “produce legal or similarly significant effects concerning the consumer.” This new provision will also include protection for minors and biometric data.

I know your next question is, what types of pubs would this apply to?

• Pubs that do business in CT or produce products or services targeted at residents
• Pubs that control or process consumer data of at least 100,000 people a year or gain over 25% of gross revenue from the “sale” of personal data and control or process the data of at least 25,000 people a year.

The consumer side of me says, “Way to go!” Yet, the ad tech side is thinking, “Darn.” Each new state privacy law only adds more and more hoops for pubs to jump through.

Get in the Know About CTDPA

If you are wondering what aspect of “consumer data” will be guarded by CTDPA, it is the information connected to an identified person. This does not include any information about someone that is public or considered de-identified data.

This is the second stab at a privacy law by the “Constitution State,” remember, Connecticut tried it last year and failed. This go-round, the bill is coming on strong and will even include the “right to cure” clause giving pubs some time to do some damage control before getting hit with a lawsuit. If you are caught violating the rules? Forget about it. There will be no time at that point to fix the infraction, and you may even get accused of “soliciting user consent.”

Pubs have a 60-day fix-it period to figure out reported violations until December 21, 2024. Starting January 1, 2025, the CTDPA will only grant a cure period if the Connecticut Attorney General sees fit, so be careful.

With the CTDPA opt-in consent for sensitive data is a must. Racial origin, religious beliefs, mental or physical health condition or diagnosis, sexual orientation, sexual history, immigration status, genetic or biometric data, children’s data, and geolocation data are all included.

Speaking of children, pubs will have to get opt-in consent from consumers under the age of 16 before using their data to target ads or monetize. You have to keep the kids first because when it comes to the Children’s Online Privacy Protection Act, you don’t want any problems.

Like privacy laws in Colorado and Virginia, CT consumers will have the authority to appeal a denial of a consumer request.

How Will CTDPA Affect the Advertising Ecosystem?

At the rate things are going, pubs will continue to be stuck in a cycle of scrambling to find new ways to identify consumers. While these state privacy laws are seemingly a step in the right direction for consumers, they sometimes create extra work for pubs and outsourcing vendors.

Many publishers feel they may go bald before Federal privacy legislation sees the light of day, but President Biden has been making baby steps in that direction after discovering a recent “national experiment” by big tech that utilized children’s data.

Potus said, “It’s time to strengthen privacy protections, ban targeted advertising to children, demand tech companies stop collecting personal data on our children.”

Whether it is a child or your great-great-grandma, pubs will continue to have to dip and dive through many loopholes when it comes to targeted ads and addressability because those violation consequences ain’t pretty.

The post What Is CTDPA? appeared first on AdMonsters.

Here are six takeaways from AdMonsters PubForum Vancouver:

1. “RevOps as Fixers”

Hallway conversations focused on careers and work culture within revenue operations. A consistent throughline was that ops is increasingly called upon to troubleshoot or hack together solutions for a fairly broad range of projects. Many view this as a career boon since it allows for greater involvement in top company priorities. Sadly, however, the root of underlying frustration was that many publishers still don’t have unified internal data and reporting, which means that sleuthing can be slow going. On the upside, I got the gist that more media companies now recognize the growing importance of ops and are putting resources into recruiting and compensation.

2. Video Is on the Rise, but Still Operationally Challenging

Most digital publishers are at least experimenting with video. A few, like A+E, have shifted to put video front and center, while others (my own company, Granite, included) are running a combination of instream or outstream videos alongside articles. Advertiser demand is robust, but implementation still tends to be problematic. Complaints ranged from expensive rates for video players and content delivery services to discrepancies and serving errors on video advertisements. In spite of endless daily VAST errors, there was tangible excitement about video’s growth potential. More and more consumers are ditching traditional TV for internet-based solutions ranging from OTT/CTV to short-form clips found throughout the web. As bandwidth increases, so will viewership and revenue.

3. Mobile Web is a ‘Tale of Two Cities’: iOS vs. Android

iOS monetization (or lack-there-of) was top of mind. Cookie-restricting features built into Safari have significantly hampered the ability for advertisers to target ads, and therefore reduced the value of impressions by as much as 40% compared to similar impressions on Android devices. Media companies are trying lots of clever hacks to lessen the hurt. For instance, teams with direct sales are increasingly using iOS impressions for make-goods or to fill non-targeted line items. Others are experimenting with larger-format ads or simply a higher ratio of ads to content.

In sharp contrast, Android has been fueling 2019’s mobile revenue growth. People are on their phones ALL THE TIME. Volume is up big for Android web as well as in-apps. At the same time, increased advertiser demand and improved auction dynamics are lifting Android CPMs.

4. Storm Clouds Are Ahead with Privacy and Cookies

Companies are preparing for California Consumer Privacy Act compliance in similar ways that they did for Europe’s GDPR. One fear is that eventually there may be many slightly different laws governing specific countries and states—a true nightmare scenario for anyone working in ad operations. Also, based on financial numbers, teams recognize a substantial difference between ‘opt-in’ and ‘opt-out’ consent.

The tenuous fate of cookies also sparked anxiety in Vancouver. Will more browsers follow Safari’s example? Will Google’s own reliance on advertising shield the industry from sweeping changes? Can publishers collect first-party data and make it available (fast enough) to advertisers at scale? Why are there so many ‘unified’ ID projects?

5. Advertisers Are Shunning Controversial Topics

Several publishers observed that certain topics (especially within news and politics) are becoming increasingly difficult to monetize because advertisers are trying to avoid divisive or polarizing articles. Negative keywording isn’t a new feature for the industry, but historically it was used by only a small segment of advertisers to avoid relatively specific topics (most often pornography, drugs, and gun violence). We’re now seeing more widespread use of a much broader set of terms (for instance the phrase ‘climate change’ or the name ‘Donald Trump’). The implications for newsrooms could get a bit scary if weaker financials start to have an implicit silencing effect on which stories get assigned and resourced.

6. Shifting to ‘Fewer, Better’ Partnerships

Programmatic ad sales is now mainsteam and emphasis has shifted from signing as many new deals as possible to culling down and concentrating on ‘fewer, better’ partnerships. Several industry trends align with this more concentrated approach:

• Companies are keeping their most important SSP bidders on-page, but moving smaller SSPs to server-to-server solutions (usually EB or TAM).
• DSPs and savvy advertisers are starting to pursue supply path optimization (SPO) to funnel more of their spending through the most effective channels.
• Advertisers are increasingly seeking verified performance guarantees. In-display, the most common KPI is viewability which has motivated pubs to remove below-the-fold ads in favor of lazy-loaded slots. Fewer impressions then need to be sold, ideally to higher-paying demand sources.

Not much about the future of our industry is certain, with new legislation and ever-advancing technology keeping everyone on their toes. It was clear from the days we spent together in Vancouver, we work in a dynamic, maturing industry that continues to deliver big opportunities and big challenges.

The post 6 Takeaways from AdMonsters PubForum Vancouver 2019 appeared first on AdMonsters.

If you’re a GOT (Game of Thrones) fan like I’m becoming, you know that’s the motto for House of Stark and it’s issued as a warning or a heads up that the House needs to get itself prepared for hard times, as the season is about to change—both literally and figuratively. In essence, it’s a time of unknowing. Sounds a lot like how the Ad Ops industry must feel as folks deal with the E.U.’s General Data Protections Regulation (GDPR) and gear up for the California Consumer Privacy Act (CCPA).

Unfortunately, being GDPR compliant won’t necessarily mean being CCPA compliant. Also, it won’t be enough to just have systems in place to comply with CCPA and not continue to ensure that users’ data remains safe.

CCPA As We Know It Today

With the passage of the California Consumer Privacy Act of 2018, consumers will get a lot more visibility into the information collected about them when they visit online properties, as well as what is done with that data.

Set to go into effect January 1, 2020, with enforcement coming six months later, CCPA will apply to any company with CA-based assets or customers, including Californians who visit a website and whose data you touch. To sum it up, the law will apply if you have 50,000 unique CA visitors annually. For digital media companies, this will mean rewriting privacy policies, tinkering with data management systems, and providing more transparency to consumers.

Overall, the Personal Identifiable Information (PII) defined in CCPA is much broader than what’s been outlined in GDPR—“information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” This includes IP addresses, cookies, beacons, pixel tags, mobile ad identifiers, browsing history, search history, and geolocation data.

Companies will need to ask for consumer opt-in and divulge which categories and specific pieces of personal data are collected, as well as sources about how those categories were built, the purpose for which their data was collected, where the information comes from, how the information is used, and whether the information is being disclosed or sold. Chief here is the last point—publishers must have a homepage link to a page called, “Do Not Sell My Personal Information.”

You must also provide access to the data collected as well as enable portability and the ability to delete personal information (and instruct service providers using the data to delete it as well). You must also honor opt-out requests and cannot attempt to re-authorize until 12 months have passed.

Noncompliance with the law—and failing to secure the data you collect — could be met with some serious costs—$2,500 fine for each violation after a 30-day “cure period”; $7,500 for each intentional violation of the act.

The law is clearly aimed at third-party data brokers, and the people that buy their wares—and many publishers buy third-party data to help with targeting and meeting demographic guarantees. Companies with direct relationships with consumers—such as digital publishers—will likely see less of an enforcement impact, but publishers could probably easily find themselves on the wrong side of this privacy regulation. In addition, the California Attorney General’s prerogatives are not entirely knowable.

The fines wouldn’t be the only loss for companies not in compliance. Under some circumstance, consumers will be allowed to sue companies when their non-encrypted or non-redacted personal data has been accessed without authorization, theft, exfiltration, or disclosure of a security breach. The threat of class-action lawsuits may actually be more perilous to publishers.

The CCPA was already amended with technical fixes in the fall of 2018. Many in the digital advertising industry expect further revisions as questions linger around enforceability, but this makes it difficult to prepare for compliance and the clock ticks down.

Federal Data Privacy Laws Coming Soon?

That CCPA is completely complex is an understatement. AdMonster Editorial Director Gavin Dunaway’s recent musings, “CCPA Is Confusing AF,” clearly outlined just how unclear the regs are.

Since Dunaway’s writing, California’s Attorney General, supported by Senator Hannah-Beth Jackson, introduced legislation to both clarify and strengthen CCPA—greatly expanding consumers’ rights to bring private lawsuits for violations.. There’s also been a flurry of other legislative activity aimed at expanding the regs. As well, there’s been a stream of hearings including a recent one held by the Judiciary Committee of the California Senate that revealed difficulties faced by companies in implementation, such as challenges with the timeline and determining whether a person is actually a California resident.

We can expect the furor around CCPA’s confusion to continue at this pace until it goes into effect in 2020 and probably even afterward. Since GDPR, other states have either beefed up older privacy laws or enacted new ones, most notably Vermont’s Security Breach Notice Act that went into effect Jan.1 and aims to protect consumers from data brokers.

It goes without saying that a federal data privacy law is likely imminent. 16 Senators recently backed The Data Care Act that would be implemented by the FTC and require that companies safeguard personal data collected from users and not use the data in ways that could be harmful. And there are other proposals too—such as the Consumer Data Protection Act would put CEOs in jail for lying about consumer privacy and another, the Information Transparency and Personal Data Control Act, aims to regulate online privacy by requiring companies to present privacy policies in ‘plain English’ and get opt-in permission for the collection and sharing of users’ info.

This is hardly the first time we’ve seen such a strong push toward federal data privacy legislation, but given GDPR it’s clear that politics are shifting and major investments are as well. It’s certainly the kind of thing that tech giants like Google, Facebook, Apple and Microsoft want to happen. But many question whether their interests are actually in protecting consumers, or if they’re just looking for a simpler, easier federal regulation that will supersede all of the state ones. While many argue that CCPA is confusing, it’s also quite stringent. For now, CCPA is the fiercest in the land.

Looks like it’s time to start buttoning up. Brr.

Related: AdMonsters Playbook: Aligning Regulatory Compliance & User Experience

The post What Is CCPA? appeared first on AdMonsters.

Digital media is looking forward to another year of impending doom as a fresh piece of confounding privacy regulation hangs over the space. The CCPA, which will affect any company that touches the data of at least 50,000 Californians a year, is in the middle of a statewide hearing tour at the moment, and the cracks are increasingly showing in the reportedly hastily assembled piece of regulation (typos are reportedly rampant and legislative patches continue to be written).

You could be experiencing déjà vu of when the European Commission took its own sweet time releasing regulatory guidance for GDPR and made any and everyone who touches consumer data from the European Union sweat heartily beforehand. While the law goes into effect on Jan. 1, 2020, the California Attorney General actually has until July 1, 2020 to implement regulations regarding some aspects of the law. Still, that seems far too close for comfort considering digital media companies’ basic concerns with the law.

Adding to a chorus of anxious business voices was a joint letter from the IAB, 4A’s, AAF, ANA, and NAI (aka, the Fearful Five or the Questioning Quintet) requesting clarification on issues such as whether a selective opt-out system from specific data collection was OK or if blanket opt-out was the only way.

At a public forum in Sacramento on Feb. 5, other business groups bemoaned the lack of clarity about what personal data falls under the law, whether de-identified data must be “re-identified” when a consumer requests it, and even whether the de-identification threshold was actually possible to meet. There are real worries that the law’s prohibition of discrimination against opting-out consumers threatens loyalty programs big and small, which by nature reward those who opt in.

Surely some out there are praying for clemency in the form of a lawsuit striking the law unconstitutional or that slight chance of superseding federal regulation that simply codifies industry current self-regulation. But let’s not kid ourselves—CCPA becomes a bit more real every day, and waiting for guidance is not an option.

Frankly, we’re still figuring out GDPR six months after it came alive, desperately deciphering meaning from every reported violation—and the latest was a big fish that offered some insight. The joke long-whispered around the industry was that GDPR was specifically written to nail Facebook and/or Google—the latter was hooked, but the €50 million fine seemed quite a pittance considering the billions Google brings in every quarter thanks to data-driven advertising.

Thing is, GDPR did hand-deliver us a blueprint for managing an opt-in consent program. As we suggested in our recent playbook “Aligning Regulatory Compliance and User Experience,” offering opt-in consent for data tracking is not only likely to become the law of the land, it’s a UX best practice.

Complying with GDPR offers a foundation that can be built on as the privacy laws mount—as well as evolve, which certainly seems to be the case with GDPR and CCPA. Even Google appears to be modifying its data services (for better or worse) to prepare for more GDPR-like privacy regulation around the world.

It’s time to stop lamenting GDPR, and instead use it to prepare for future compliance—and as a way to respect your users.

The post CCPA Is Confusing AF appeared first on AdMonsters.