Who you work with matters when it comes to privacy compliance.
Advertisers who do not perform privacy-focused due diligence on their media and data partners can easily find themselves at the center of a PR crisis (no bueno) or overlooking the barrel of litigation (real mente no bueno). you might notice.
And with privacy laws enacted in various states, the latter is no longer hypothetical.
On Wednesday, Neutronian, a startup that independently verifies the quality and compliance of data providers, ranked publisher networks, ad tech platforms, retail media platforms, data providers and brands for their kosher approach to data privacy. announced a new score to add. We have acquired over 3,000 domains so far.
According to Neutronian CEO and co-founder Timur Yarnall, the idea is for ad buyers to use Privacy Score as a tool for partner screening and benchmarking.
Yarnall, who founded Neutronian in 2019, said: President of Hitwise (before his parent company, Connexity, closed its operations in early 2020).
Yarnall said: “We need more public discussions about data privacy, and we need a framework within which we can discuss what is working well in the ecosystem and where we need to improve.”
General privacy issues
Most companies either have very confusing privacy policies or no privacy policies at all. Publisher networks often link to overarching corporate privacy policies that make opting out of data collection nearly impossible.
“Even subject matter experts will have trouble deciphering some of these policies,” Yarnall said.
Another common problem is the lack of data minimization. It’s a concept at the heart of European privacy regulation, but it’s making its way to the US as well. The California Privacy Protection Act, which took effect January 1, includes new requirements to limit the amount of data companies collect to that which is necessary and directly related to accomplishing a specific purpose. I’m here.
“Collecting more than necessary puts everyone at risk: consumers, brands and publishers,” Yarnall said.
But the hype around new categories can also fuel privacy failures.
For example, some retailers are excited about monetizing first-party data containing purchase-related information, downplaying privacy considerations.
As part of its scoring system, Neutronian measures how easy or difficult it is for consumers to opt out of a retailer’s loyalty program.
Some retailers really do digging to find opt-outs.
“I think that’s questionable from a compliance standpoint,” Yarnall said.
A Neutronian study found that retail media networks scored an average of 16% lower than “typical” third-party data providers in privacy rankings, which isn’t as surprising as you might think.
“Traditional third-party data providers have been criticized and demeaned. In fact, they have become very privacy-focused,” says Yarnall.
Neutronian defines data privacy as the ability of individuals to control access to their personal information based on consumer expectations and applicable law (whether CPRA or GDPR).
To determine if a company meets this threshold, Neutronian uses a combination of human review and automated crawler tools. This is similar to how brand safety vendors crawl pages for context.
Crawlers collect data directly from domains or apps, such as whether they have a functioning opt-out mechanism, privacy policies and proper data disclosure in place. A human auditor then verifies the data collected by Neutronian’s crawlers. This is useful for training automated models.
Neutronian also considers publicly available information, such as checking the background of company executives to see if the information matches what has been posted on Crunchbase and LinkedIn.
It is even relevant if the business accurately lists its office locations and has a clearly marked “contact us” form on its site.
“All this information has implications for whether an enterprise is a security risk,” Yarnall said.
Neutronian has formal partnerships with research platform Dynata, retail advertising and analytics firm IRI, programmatic platform Causal IQ, and digital performance agency Labelium, but it uses that company’s domain to crawl its domains. A direct relationship with the company is not required.
Privacy = Performance
Labelium intends to use privacy ratings as a litmus test for working with a particular data provider or publisher. Like, you have to be this tall to ride.
Ultimately, though, Labelium’s goal is to evaluate partners based on whether their privacy scores correlate with better campaign performance, said Clayton McLaughlin, the agency’s EVP and head of media. I’m here.
“We believe that improved privacy ultimately translates into better performance,” says McLaughlin.
And there is already early evidence that prioritizing privacy can improve performance. According to a study published last year by Magna and his data governance platform Ketch, companies that implement responsible data practices typically see a 23% increase in purchase intent.
“Brands are starting to think about the impact of privacy. Brands are starting to think, whether it’s about fitting in,” said McLaughlin. “There are different ways of thinking about what privacy entails.”
Neutronian will update the Privacy Score quarterly and eventually scan domains on a monthly basis.