Our Battle Against Big Tech

Ie. The Fight For Control Over User Data

Working in the customer data space, MetaRouter has had to butt heads against some of the largest tech companies in existence.

Why? Because we were determined to run all of our customers’ data truly server-side.

While in most cases, this solution benefits everyone (our customers collect their own first-party data and their vendors receive all the data they need for optimal performance), we often run into roadblocks.

To learn more about why they resisted us, we interviewed our Head of Product, Greg Brunk, about some of the key insights he’s learned from our struggles to work with the biggest names in the tech space.

What is the general reaction to companies that go to the big players and say, “Hey, we want to remove your tag from our customer’s page”?

There is an understandable concern around control. These guys are all ultimately offering a product, and as a product company, you want to be able to quality control all of the mechanisms. As an advertising tool, data collection is a pretty integral part of the downstream decision-making process. It has to do with the way audiences are built, the way conversions are tracked, how bids are managed, and how the whole ecosystem is powered. Offloading control of customer data processing to another party is usually pushed back upon for totally fair reasons, primarily:

1. Lack of trust: You have to spend a lot of time proving yourself and demonstrating subject matter expertise before vendors start trusting you. Building credibility over time has definitely been a challenge, but you build it piece-by-piece by delivering with other vendors and bringing high-caliber clients to the table. Once you bring it all together, you really have to execute.
2. Individual browser tag optimization: Since Google really started getting serious about the implications of page speed on SEO rankings, a lot of the world of advertising went through a significant reckoning on the performance of their tags. These companies started caring more about performance, and making sure their tags were fast, lightweight, and a-synchronous. A lot of companies in this space feel like they have done all they can do, and there is no more cause for performance concerns. So, when we say, “Our customers want to remove your tag for all these performance reasons,” we always get a lot of pushback. They feel like they’re doing a good job, and in a lot of cases they are, but it’s more about the collective impact of a broad series of tags all collecting the same data where you start to see a significant drag on the site. We move them all to the server, and the gain is on the aggregate.
3. Protection over proprietary tech: Sometimes you can tell that they don’t really want you to have insight into what they’re doing on the page. It’s not always for nefarious reasons; I think they often have really proprietary technology bundled up into their libraries that make their business valuable, so they’re not willing to give away their trade secrets by having someone else replicate it… which isn’t really what we do. But occassionally there are the situations where they’re fingerprinting or doing weird stuff like scraping or pre-fetching, and making auxillery context calls for their own purposes. It doesn’t make them look too great, and they don’t want people paying attention to that.

Can you elaborate on why they’re hesitant to help you understand what the tag does?

It’s not that they’re objectively violating the law. It’s just that sometimes these third party libraries attempt to execute a commercial experience that the website user never agreed to. Users don’t know that these tags mine their data and give it away to a bunch of additional 3rd parties, often outside of the knowledge and control of the business they are actually trying to interact with, but for a long time that has been the standard practice.

Again, more often than not there’s nothing nefarious going on. That said, there are definitely some things with certain partners where we’re like, “Holy crap, this really feels not just shady, but maybe illegal?” That’s usually not so much a violation of the user, but rather the business using the vendor’s product. Things like attribution and conversion fraud, where the vendor is taking credit for things they shouldn’t be taking credit for, and fetching and counting pages that users never actually clicked on. This takes advantage of the ad budget of the business more than committing a violation against the human being on the page. That’s where we have seen borderline fraud. Not everyone does it, it’s the people who get called out on these kinds of things in the public all the time, and yet seem big enough to get away with it.

There’s a lot of borderline fraud in negligence, in crappy code, in misinterpreting reality, and misattributing things like conversions and user intent. Somewhere in there, you could argue it transitions from negligence into overt fraud. Again, you see this more in the business-to-business sector.

Do you take issue with ad tech companies that double-dip-that charge a margin on a business’s ad spend and then take that business’s user data to form audiences that can be bought by competitors?

Yeah, that’s why I think especially in the enterprise space, you’re going to see the death of measurement. People will start internalizing measurement, and internalizing audience building, so that all they have to depend on the ad exchanges for is the placement of the creative and the tracking of the conversions. Giving up raw measurement data for exactly that reason will become something that companies will fight. That’s where we’ve gotten the most pushback on implementation. By ripping off the tag, you’re ripping off the raw data feed that big audience providers can use to go monetize that data with your competitors.

This is the core issue. And the tech giants do this all the time. If you’re on a hardware site and you abandon a cart with a refrigerator in it, they’ll go to another hardware site and say, “Hey, this is a really high-value audience for refrigerators” and that other company may advertise to the same user for the refrigerator and the user will buy the refrigerator from that company’s site. That was just a free advantage that you gave to your competitor. Inside of larger corporations, this is a very frightening prospect. Giving the right to raw measurement data to large exchanges will increasingly become something that enterprises push back on.

This becomes a big threat to companies like Google and Facebook. At the end of the day, they make a lot of their money because they can provide audience look-a-like data. If you start stripping that away and giving them obfuscated data sets rather than the raw data, you make their audience-building much harder. You don’t tell them what connects these people, or what they care about. You say, “I’m just going to tell you the list of IDs, this is an ad, go advertise to these people.” There’s no ability to measure or understand that audience, and therefore there’s no way for Google or Facebook to monetize that audience.

If all the Fortune 500s just all of a sudden started doing that one day, Google would be in a whole pot of trouble. So, people like us represent a bit of a threat because we’re giving businesses control over their measurements.

If companies with large data sets remove Google and Facebook’s ability to monetize their audiences, could that affect smaller businesses that rely on their 2nd party audience sets built with their competitors’ data?

Ad tech companies with large data sets will be able to survive the reckoning the longest, because of the head start they have with their data. Smaller ad tech companies will perish when higher degrees of control are established to measure and build audiences.

The consumers of this data, though-the smaller businesses relying on those data sets, will struggle from not having as much access to high-quality customer data, and they won’t have the luxury that large corporations have where they have a team of 20 data scientists managing a massive data warehouse and benefit from hundreds of millions of users a year.

In general, the natural course correction in the private sector is, “Screw advertising, nobody should be able to have any of this data. I should be 100% anonymous online.” With a lack of commercial understanding, the government will represent this thought even though the internet is currently being funded by advertising. If pushed to its logical end, you could see subscription fees for every single website you go to.

There’s a reason companies are increasingly doing things like fingerprinting. It’s because their whole business model is threatened by greater degrees of control. It’ll become harder for them to monetize their advertising model, and they’ll resort to shadier workarounds in order to keep the model alive. It’s a natural fallout from the increasing focus on privacy. This focus is very important because a lot of companies have taken advantage of users not having any idea that their data was being used to drive this huge advertising ecosystem. The system needs to change.

On the topic of regulations, what’s your take on how ad tech has evolved in light of government regulations?

The biggest problem is that 99% of the people responsible for making the decisions aren’t technical enough to understand what’s happening, so they try to use traditional metrics, rules and regulations to implement sweeping controls like GDPR. They don’t understand the intent or the underlying technology that these businesses were using, so it ends up being a huge burden on the individual businesses, and the laws haven’t affected the advertising sector all that much because the regulations weren’t targeting the actual bad players. They were targeting the businesses that were just trying to go about their daily life and now have been burdened with regulations.

The problem is that governments don’t know enough about this space to pass regulations. These huge ad tech companies have super-smart engineers that will continue to adapt to and work around new regulation. There’s no way the government can effectively regulate against this. Google’s Privacy Sandbox and Apple’s focus on privacy is good, but people are understandably a little nervous handing control over to those guys too. It probably needs to be the private sector that finds the right balance, because public sector regulation won’t be insightful enough to really manage the problem.

At the end of the day, we believe that the entities in the best position to ethically handle an individual’s consumer data is the business that an individual chooses to enter into a relationship with. When you go online and purchase a product from a store, that store is in the best position to handle your data. The more third parties that a company brings on to analyze their user data, the more likely it is that a third party will engage in non-transparent and potentially bad behavior. It’s not that we think corporations are always going to act ethically, but that they are in the best position to operate correctly with their data. If we can empower them, not only with the right infrastructure to maintain the effectiveness of their controls, but also with information, guidance, and rules within our platform that instruct an organization on how to handle their data, we have the best shot at ensuring that the original intent of the user to do business with them is protected.

Photo by Irina Ermakova on Unsplash

Originally published at https://blog.metarouter.io.