The Future of Mobile

Watch out data clean rooms – you’re not the only post-cookie solution in town

Mobile Marketing - Member Content

Todd Rose, SVP of Addressibility at InMobi, explores the hidden dangers of jumping unprepared on to the clean room bandwagon

Whenever a vacancy arises, it’s always helpful when a direct substitute immediately presents itself: a perfectly fitting pair of shoes when your old favourites have finally worn through; a blossoming young talent for a sports team that just lost its veteran star.

In programmatic advertising, data clean rooms are often presented as the hero of exactly this kind of seamless switch, dropping into the gap left by the vanishing identity signals digital marketing has used for so long.

As we barely need to explain, those signals – including third-party cookies, Apple's identifier for advertisers (IDFA) and, in due course, Android ID – have been run out of town by privacy legislation and OS-level privacy changes that have called for more advanced and secure ways for parties to exchange and match data, in the name of consumer protection.

The perfect remedy?
At first glance, data clean rooms look like a perfect substitute. They provide a neutral space for two or more parties to match, merge, or segment their first-party data; they create create new audiences, enable attribution and perform analytics, without the need to share personally identifiable information.

On the rebound from cookies and other IDs, retailers, media companies and walled garden platforms have all jumped on the clean room bandwagon, crafting homegrown clean room offerings or partnering with independent third-party clean room players.

But while all that may suggest that the saviour status of data clean rooms is virtually a done deal, the fact remains that DCRs haven’t yet quite taken off where it counts - among marketers themselves.

What’s putting the brakes on data clean rooms?
At least three factors are in play here:

  • Inertia. Marketers don’t actually need to migrate en masse to data clean rooms - yet. Realistically, as long as identifiers still exist - as most of them do at this moment, despite the fact that their demise has been assured for several years now - many marketers will continue to use them as they always have. It’s not a long-term strategy, but it will certainly work for now.
  • Justified caution. Today’s clean rooms still require marketers to trust an intermediary to hold and protect their priceless data. While that might be a relatively safe transaction, it still involves putting the crown jewels in the care of a third party - and who can truly guarantee that there couldn’t ever be a data breach?
  • An incomplete solution. While clean rooms are an invaluable data collaboration tool in many respects, they cannot simply conjure up identity signals. If a marketer doesn’t have sufficient permissioned identifiers to match its data against, a clean room won’t actually help much. So while clean rooms are certainly an important component of a privacy-first world, they do not resolve the identity question single-handed, as much as some people might wish they did.

Not the only solution
And there is one more: the awareness that data clean rooms are not the only possible solution. In fact, the longer the market wavers over DCRs, the more likely it becomes that solutions like multi-party compute (MPC) - a peer-to-peer structure that does not require proprietary data to reside outside a data controller’s systems in an unencrypted form at any point, and therefore eliminates the need for trust entirely - will take the initiative.

Further facilitating adoption is the fact that the code base for MPC algorithms is open-sourced, with contributions from many diverse parties.

Consequently, as MPC develops, existing data operations teams can implement them without significant investments in data science or engineering resources. MPC solutions will eventually have simplified front-end interfaces that will allow even the most modestly technical of users to get aboard.

In such respects, MPC starts to look as if it not only has unique benefits, but avoids many of the barriers that have inhibited DCR adoption. A number of walled gardens, including Google and Facebook, would appear to be alive to this possibility, having made no secret of their investments in MPC.

Do DCRs fade into obsolescence in a world in which MPC? Not at all – they still have plenty of very legitimate applications. But as a one-size-fits-all substitute for identifiers – which the market currently craves above all things – they are clearly lacking. And what’s more, they are far from the only game in town.