The new CNIL (France's privacy watchdog) guidelines released in the summer of 2019 have turned the advertising industry upside down and are prompting us to rethink how we monetize information and innovate in programmatic. On June 28th, the CNIL (which means National Commission for Information Technology and Civil Liberties) published its action plan on advertising targeting, one year after GDPR came into force and before the adoption of a new European directive on the subject, called ePrivacy.
- The changes imposed by the new CNIL directives provide necessary clarifications for all stakeholders
- Programmatic and personalized advertising have not said their last word
- The threat comes from Google: the end of third party cookies?
- A new advertising ID as an alternative to cookies
⚠ Updated October 2020 : Didomi recently published an article on the new recommendations of the CNIL. Discover our article on the subject here. Or, contact us to organise a free demo and ensure compliance.
Here is the full video, sub-titled in English:
The changes imposed by the new CNIL directives provide necessary clarifications for all stakeholders
We all agreed that these new directives are beneficial and necessary, as they provide the clarification that all players in the advertising industry were waiting for. It was essential to provide a balanced solution, taking into account the needs of internet users, of course, but also those of publishers and professionals in the sector. We can now better understand and anticipate the world that is opening up to us from September onwards.
Of course, the industry will have to adapt. There will be fewer cookies used for advertising purposes and the consent rate will be lower than the 95% that we see on some sites today (as I said in a webinar recently). But this is an opportunity to innovate and explore new forms of monetization. No need to panic, this is not the end of all cookies, it’s simply the end of the reign of cookies as the prevailing state of affairs.
📺 WEBINAR REPLAY ▶️— Didomi (@Didomi_io) April 8, 2020
Why would #cookie #consent rates drop ?
Why does our CEO @Didomi_privacy say that high user opt-in rates may be a thing of the past ?
The answer is in the full video 👇 https://t.co/fhneQCiYkV#adtech #monetization #adexchange pic.twitter.com/RUOeKkeLur
On the other hand, it is certain that these imposed changes will have a big impact on companies, and in particular, in a very practical way, on their design. They will have to offer a perfect symmetry of choice to Internet users, between accepting or refusing cookies, without influencing them by a design based on dark patterns. Given the number of visitors that some websites receive every day, the need to effectively manage the consent collection process is paramount. A Consent Management Platform (CMP) greatly facilitates this collection and ensures compliance with GDPR, CNIL, and e-Privacy from the outset.
Programmatic and personalised advertising have not said their last word
Some people fear the end of programmatic and personalised advertising. The CNIL is said to be responding to a political objective of attacking targeted advertising in order to return to contextual advertising, which is considered to be more acceptable on a societal level because it collects less data. They believe it is a purely political move, based on no business or technological grounds.
The reality is that our industry is very adaptable. It already had to make adjustments at the end of 2018 following a formal notice regarding geolocation data that forced players to revise the way in which consent was collected. It will be the same this time. The CNIL's directives do not imply the end of consent, but rather opportunities to reflect on the fundamental questions surrounding this notion (when, how, where to ask for consent...).
Contextual targeting is an interesting alternative among others to cookie collection, but the results are variable and it is not to everyone's taste. The important thing is to open the field of possibilities, to innovate, and that's very interesting and stimulating for us publishers! Indeed, giving users more choices and keys to understanding while engaging publishers and their partners in a deep reflection on how to get the best possible results is a good thing.
So even if the cookie is currently the means of communication used by all industry players to decide whether or not to buy or sell advertising impressions, the intrinsic functioning of the programmatic via the RTB is intelligent and can be adapted to other forms of data.
One thing seems clear to me: using fewer cookies will not change the fact that RTB (Real Time Bidding) is essential. It will certainly change the way auctions are purchased, with on the one hand, a series of auctions that will be personalised (with strong consent for all actors in the chain), and on the other hand, non-personalised auctions (based on contextual targeting where a series of innovations can occur). But in all cases, the real-time arbitrage capacity offered by the programmatic infrastructure is essential and will not disappear.
The threat comes from Google: the end of third party cookies?
Even if the new CNIL directives lead to a number of changes, it’s no revolution. In practice, it has already been possible to measure the impact of consent on all programmatic auction systems: studies show that a non-personalised printout yields on average 52% less than a personalised printout. We have some figures to build on.
On the other hand, when Google announced the end of cookies in its Chrome browser by 2022, it set off a bombshell in the global advertising industry. Because while we already have the tools to project ourselves into a world where there will be less user consent, we do not yet have the ability to project ourselves into a world where there are no more third-party cookies. This means not only losing our ability to target, but also to measure (capping, performance, attribution), which are at the heart of the programmatic model. These are inseparable from the idea of personalised programming, and on that, we are still in the dark.
Google's Privacy Sandbox aims to offer both ad targeting and privacy, but the problem is that we don't know exactly how it will work, so we can't start developing applications to accommodate it. There's a lack of information to start working on concrete specifications for new browsers, which generates legitimate concern.
A new advertising ID as an alternative to cookies
I do not think that there are realistic alternatives to cookies to date, as there is not yet an alternative commonly accepted by all stakeholders, which is properly specified so that everyone can make good use of it.
Several solutions are possible: contextual targeting, content of interest to the user that requires a login or the acceptance of conditions to access this content, new identifiers that are more relevant and less intrusive than the cookie... The most credible solution in my opinion is a new advertising identifier, which would no longer be a cookie but would be attached to the email or phone number of Internet users.
In any case, the solution must be thought out with the user in mind, who must always be able to make informed choices and understand the use that is made of his or her personal information. We are moving away from the principle of personalisation for everyone, all the time. With the implementation of a CMP, any website has the ability to inform visitors about the types of data it will collect, to ask for their consent, and to meet French and EU regulatory requirements regarding the collection of consent.
At Didomi, we think ahead in terms of respecting people's choices: there is no reason why we shouldn't make it as simple and effective as possible to manage personal data, whether you are a brand or a publisher. To deny this is to deny the future: so let's innovate, let's be ambitious, and let's step into the future!
Want to ensure compliance with CNIL and GDPR regulation?