Data privacy has become a defining issue in the Information Age. Massive data breaches and malpractice have contributed to consumers’ concerns outpacing industry response and standards, opening a gap for regulators and platform (browser and operating system) providers to fill. This has thrust the advertising and media landscape into rapid change…and a degree of panic.

Let’s take a look at how advertisers and media companies have (or haven’t) been evolving and how a principled approach and solutions framework can shift the industry to a sustainable state.

Privacy: Then and Now
The digital age has produced an abundance of data. After multiple misuse scandals and a general lack of transparency around collection and use, a common refrain has been “no more”. Developments since then have been covered at length, including a number of sometimes complicated and conflicting regulations and proposed solutions (GDPR, CCPA, Apple App Tracking Transparency, Google Privacy Sandbox, etc.).

Responsible ecosystem constituents have been exploring alternatives for ethical, law-abiding data practices and technology solutions, such as:

• Increased reliance on first-party data
• A push towards consented/authenticated consumer IDs
• Aggregation and anonymization practices, such as clean rooms – which can benefit from Privacy-Enhancing Technologies (PETs), a group of encryption technologies and mathematical techniques dating back to the 1980s

However, many challenges remain to achieving a successful privacy-motivated evolution, spanning product strategy, organizational design, resource allocation, and industry standards.

Wishful vs. Strategic Thinking
Today’s increased privacy focus, corresponding legal environment, and related technology shifts are all here to stay, but legacy data practices are still tied to major historical revenue streams and business interests. As a result, it’s perhaps no surprise that much of the industry’s response to these shifts has been one of reactive chaos, rather than proactive design.

Ultimately, when it comes to privacy, organizations have a relatively simple choice:

• Prioritize short-term revenue by adopting a reactive approach to regulations and signal loss, only when it’s no longer feasible to ignore (due to the risk of fines, reputational damage, or overall business risk) -or-

• Accept that legacy practices are, as the term implies, not sustainable over the medium- to long-term – and require proactive, deeper strategic shifts that will pay off over time, in exchange for short-term investments and potential organizational costs.

The good news is that for anyone running their business with a responsible and strategic mindset, best practices and technology solutions exist. In fact, leading with these practices and solutions might even create a competitive advantage, ultimately driving revenue opportunities.

A Principled Playbook for Privacy

1. Shift the Privacy Mindset
   When considering a more sustainable approach to data protection and privacy, it all starts with a mindset shift: building for privacy isn’t a zero-sum game, with an automatically implied negative revenue and efficiency tradeoff. Or at least, it does not have to be.
2. Embrace Privacy-by-Design
   Privacy-by-design means taking an active, end-to-end approach to embedding privacy principles in product design. Given evolving consumer sentiment and regulatory shifts, adopting this approach will more likely support brand differentiation (by better meeting consumer expectations) and increase efficiency (by removing data risks or costly systems/data governance changes): actually saving and potentially making money.
3. Think Globally
   Another principle is to consider privacy practices in a global context. By now, it is clear that the strictest approaches to privacy like GDPR eventually paved the way for more countries and states to follow, each with their own nuances that create misinterpretation risk. As such, the most durable approach is to design products and services around the strictest privacy practices, especially considering fast-moving international legislation in emerging domains, such as AI.
4. Provide Transparency & Control
   From a more technical standpoint, recent privacy changes have eroded identity signals that have been core to personalized advertising, affecting both large and small advertisers’ ROAS and publishers’ revenue. A partial solution could be enhancing transparency and control to garner more user consent for ID-based data sharing, while compensating for the ID/deterministic signal loss with PETs plus aggregated data modeling that do not expose individual user information.
5. Foster Practical Ecosystem Standards
   Ultimately, privacy-centric technologies and practices cannot scale if designed and operated in a vacuum, requiring interoperability and standards consensus to reach optimal utility and achieve critical mass. Collective effort is needed to bring additional consistency in methodologies across the 360+ privacy vendors as of 2023, and to avoid creating new silos.

Privacy Evolution: A Solutions Framework
Overall, ThinkMedium believes that with the right standards and a portfolio of privacy-forward solutions, the toolbox is increasingly available for businesses to embrace change and gain competitive advantage by adopting more private and secure data solutions and practices. Ecosystem constituents must consider data types, their use cases, and their look-forward durability in light of the privacy evolution:

It is not only responsible to adopt privacy-oriented solutions and practices (as described above), it is also strategically sound and represents the most defensible path forward – one that can future-proof your business. It is far from an easy migration, which is why ThinkMedium has developed frameworks and offers advisory services to help businesses navigate these evolutions. The best time to execute a principled approach to privacy was yesterday. The next best time is now.