New data shows publisher revenue impact of cutting 3rd party trackers

This note shares new data on publisher revenue impact from switching off 3rd party ad tracking. In January, the Dutch national broadcaster, NPO, switched off 3rd party tracking ad targeting. NPO has an online video audience of 7.1 million per month, and display reach of 5.8 million per month.[1] Revenue impact I have examined Ster’s revenue figures, … Continue reading New data shows publisher revenue impact of cutting 3rd party trackers

PageFair writes to all EU Member States about the ePrivacy Regulation

This week PageFair wrote to the permanent representatives of all Member States of the European Union in support for the proposed ePrivacy Regulation. Our remarks were tightly bounded by our expertise in online advertising technology. We do not have an opinion on how the proposed Regulation will impact other areas. The letter addresses four issues: … Continue reading PageFair writes to all EU Member States about the ePrivacy Regulation

PageFair’s long letter to the Article 29 Working Party

This note discusses a letter that PageFair submitted to the Article 29 Working Party. The answers may shape the future of the adtech industry.  Eventually the data protection authorities of Europe will gain a thorough understanding of the adtech industry, and enforce data protection upon it. This will change how the industry works. Until then, we are in … Continue reading PageFair’s long letter to the Article 29 Working Party

GDPR consent design: how granular must adtech opt-ins be?

This note examines the range of distinct adtech data processing purposes that will require opt-in under the GDPR.[1] In late 2017 the Article 29 Working Party cautioned that “data subjects should be free to choose which purpose they accept, rather than having to consent to a bundle of processing purposes”.[2] Consent requests for multiple purposes … Continue reading GDPR consent design: how granular must adtech opt-ins be?

Adtech consent is meaningless unless one stops data leakage

Websites and advertisers can not prevent personal data from leaking in programmatic advertising. If not fixed, this will render consent to use personal data meaningless.  The GDPR applies the principle of transparency:[1] People must be able to easily learn who has their personal data, and what they are doing with it. Equally importantly, people must have surety … Continue reading Adtech consent is meaningless unless one stops data leakage

The Privacy Case for Non-Tracking Cookies: PageFair writes to the European Parliament

In the last month, we have written to the MEPs leading the Parliament's work on the ePrivacy Regulation (the "rapporteurs") to propose an amendment. Here is a copy of the letter. PageFair supports the proposed ePrivacy Regulation, in so far as it will change online behavioural advertising. This is an unusual position for an ad tech company, … Continue reading The Privacy Case for Non-Tracking Cookies: PageFair writes to the European Parliament

Here is what GDPR consent dialogues could look like. Will people click yes?

THIS NOTE HAS NOW BEEN SUPERSEDED BY A A MORE RECENT PAGEFAIR INSIDER NOTE ON GDPR CONSENT DIALOGUES. PLEASE REFER TO THE NEW NOTE.  This note presents sketches of GDPR consent dialogues, and invites readers to participate in research on whether people will consent.  [x_alert heading="Note" type="info"]It is important to note that the dialogue presented … Continue reading Here is what GDPR consent dialogues could look like. Will people click yes?

The 3 biggest challenges in GDPR for online media & advertising

This note explains the three deepest challenges that the online advertising industry must overcome to survive the new European data rules. It also outlines our approach.  The General Data Protection Regulation (GDPR) and the ePrivacy Regulation (ePR) pose particular challenges for publishers, brands, and adtech companies. These go beyond the normal gap analysis and security overhaul that other businesses … Continue reading The 3 biggest challenges in GDPR for online media & advertising

PageFair statement at European Parliament rapporteur’s ePrivacy Regulation roundtable

Lightly edited transcription of PageFair remarks at rapporteur's sessions at the European Parliament in Brussels on 29 May 2017, concerning the ePrivacy Regulation.  Statement at roundtable on Articles 9, and 10.  Dr Johnny Ryan: Thank you. PageFair is a European adtech company. We are very much in support of the Regulation as proposed, in so far … Continue reading PageFair statement at European Parliament rapporteur’s ePrivacy Regulation roundtable

Why pseudonymization is not the silver bullet for GDPR.

Pseudonymization will not save online advertising companies from having to seek consent to use browsing and other personal data. This note explains why. Personal data will become toxic in May 2018 when the General Data Protection Regulation is applied, unless data subjects have given consent.[1] Some businesses may try to rely on “pseudonymization”, a partial … Continue reading Why pseudonymization is not the silver bullet for GDPR.

PageFair statement at European Parliament ALDE shadow rapporteurs session on the proposed ePrivacy Regulation

Lightly edited transcription of PageFair remarks at European Parliament ALDE session on 4 May 2017.  Dr Johnny Ryan: Thank you. It’s a pleasure to be with you this afternoon. I’ve been on both sides: the adtech side, and the publisher’s side, of the particular part of this story that I want to talk about. Several … Continue reading PageFair statement at European Parliament ALDE shadow rapporteurs session on the proposed ePrivacy Regulation

Supporting new European data regulation

Unusually for an ad-tech company, PageFair supports the proposed ePrivacy Regulation. Here is why. [x_alert type="success"]Additional note (11 May 2017): our position concerns the proposal's impact on online behavioural advertising (OBA). Though there are kinks to work out, as we note in our recent statement to Parliament representatives, we strongly endorse the proposal's broad approach to OBA.[/x_alert]  The … Continue reading Supporting new European data regulation

Why the GDPR ‘legitimate interest’ provision will not save you

The “legitimate interest” provision in the GDPR will not save behavioral advertising and data brokers from the challenge of obtaining consent for personally identifiable data.

As previous PageFair analysis illustrates, personally identifiable data (PII) will become toxic except where it has been obtained and used with consent once the General Data Protection Regulation is applied in May 2018.

Even so, many advertising intermediaries believe that they can continue to use PII data without consent because of an apparent carve-out related to “legitimate interest” contained in the GDPR. This is a false hope.