ADARA's Charles Mi offers some advice for brands looking to realign tracking and customer identity efforts in preparation for a cookie-less ecosystem.

The death knell is sounding on third-party cookies as Mozilla, Apple and, most recently, Google steps up actions for cookie-blocking on PC and mobile browsers. Add to that the tightening of privacy regulations that limit the use of data sharing without consent, increasing in-app browsing by “transient users” who cannot be effectively identified in today’s mobile-dominated world, and growing restrictions on cross-app tracking by Apple – which is likely to see the wider ecosystem follow suit – the size of addressable audiences identified through third-party cookies is set to dwindle.

These market forces mean that brands need to swiftly re-evaluate their consumer identity strategies. First-party data provides optimal consumer identity tracking, which allows brands to establish an accurate understanding of current and potential customers, and ultimately target and deliver more relevant advertising to online customers.

In fact, many companies already use first-party data to gain valuable audience insights. Facebook owns billions of insights within the realm of social identities, Amazon has deep retail identity insights, Mastercard has financial identities based on purchase history, and PayPal allows business account owners to generate an “Identity Token” for each interaction, which helps authenticate a transaction.

While first-party data is vital, there’s no denying the scale and reach of third-party data, which gives companies access to expand and discover new audiences, enabling them to more precisely target the right markets. But with the decline of third-party cookies and significant reduction of scale for the Identity for Advertisers (IDFA) – as seen from the announcements at Apple’s recent Worldwide Developers Conference (WWDC) – we are pivoting toward a future that reinforces the need for first-party and case-driven identity solutions.

However, without a current industry standard, companies and industries have different methodologies for building, storing and trading identities. The challenge is in evaluating and establishing a common set of methodologies that connect online and offline data sets and signals for consumer insights and personalisation while adhering to personal privacy and data compliance requirements.

Despite the lack of standardisation, a robust identity strategy that builds off the first-party model is the key to valuable personalisation and insights and should be treated as such. Brands need a strategy to store, protect and transact identities that can stand the test of time as different data types that feed those identities ebb and flow.

Here are some considerations that brands should keep in mind when doing so:

Secure explicit approval for data collection, storage and sharing

While privacy regulations vary across jurisdictions, brands that err on the side of caution and build a base of consenting consumers will have a competitive advantage over their rivals in the long run. Beyond aligning with increasingly tightening regulations around data protection and privacy, brands that demonstrate transparency and responsible data use also builds consumer trust.

While brands should invest in building a database of first-party consent data through direct interactions with consumers, this will take time. To augment their data, brands can consider tapping on aggregated privacy-compliant identities and insights shared across companies through data alliances.

Avoid data silos with a centralised data repository

Often, consumer data is stored across different tools and business groups – particularly in large organisations with multiple independent teams. However, siloed data prevents marketers from understanding the whole picture of the customer journey and makes for poor analysis and insights. They can also lead to significant data vulnerabilities when brands lose track of where specific customer data is stored.

To avoid such outcomes, brands should build a centralised data repository. Timestamps and transaction records should be saved in a common repository for easy accounting and auditing.

Establish transparent data access and sharing rules

Identity data must be rights managed transparently so brands can determine and control who can and who can’t use their information.

Within an organisation, this means designating primary owners of data rights management processes and workflows, such as the Head of Data Management, Chief Privacy Officer, CIO, CTO, and others who are deemed appropriate. Employees and partners should also be assigned appropriate roles and permissions to securely work with customer data based on their usage needs types.

Standardised meta-data associated with identity data sources, usage approvals, and restrictions will also help brands and other parties adopt identity and share it while minimising risk. At a technical level, brands must default to double encryption, even for hashed and salted identity data.

With Apple implementing further restrictions on cross-app tracking, third-party mobile adtech companies will need to ensure that privacy and identity co-exist. Starting with iOS 14, app developers will need to self-report their privacy practices, clearly stating privacy information in the App Store so users can see and control what data an app is collecting from them.

The future of identity and data right

With third-party cookies being squeezed by both tech giants and privacy laws, building identities presents a viable alternative. On top of this, third-party cookie usage is subjected to rapid obsolescence of data, the difficulty of cross-channel management and targeting inaccuracies.

Although iOS plays a significant role in how consumers access the digital economy, in recent years the industry has seen spend shift away from PCs and web browsers toward a more diverse range of devices, such as mobile devices, connected TVs and smart speakers. Each of these formats traditionally has different identity standards – from cookies and IDFA to uncoordinated identifiers on CTV devices. Marketers who manage to collate identifying data such as audience information, insights and engagement across different screens will be able to shape a more personalised cross-channel customer experience.

The industry is moving toward a model that utilises more commonly used identifiers across device types. More publishers are exploring how to combine first-party identities with collaborative, open-source standards to enable greater monetisation without loss of control. Instead of something that individual companies use for a competitive edge, identity will shift toward becoming a shared community asset.

However, identity data is still subject to data collection, rights management and data privacy laws, so brands must design strategies that meet these thresholds, or risk heavier scrutiny. Existing customer data management processes should be reassessed to ensure that your company’s current customer data profiles are set up to support a single identity-based practice. By adhering to best practices with data collection, storage and usage, brands can reap the benefits of identity while avoiding the risks.