Google is throwing its hat in the ring with Safari and Mozilla Firefox by offering users of Chrome the chance to disable or remove third-party tracking cookies. Last week, the company announced three protections that will soon be coming to the world’s most widely used web browser:
In today’s environment it shouldn’t come as a surprise that one of the biggest players in online advertising and data-tracking is coming down hard on third parties. Let’s take a critical look at this new direction, starting with the positives.
In the past, measures to crack down on data privacy abuse have swung between ruthless and milquetoast. Safari’s Intelligent Tracking Protection (ITP) has been called “nuclear” by pundits for crippling trackers right out of the box, a measure that users rarely bother to disarm.
As a cornerstone of the digital ecosystem, Google understands the importance of data tracking for online publishers, acknowledging on its blog that cookies “play an important part of the web experience today”. It went on to add:
“Blunt solutions that block all cookies can significantly degrade the simple web experience that you know today, while heuristic-based approaches—where the browser guesses at a cookie's purpose—make the web unpredictable for developers.”
Chrome’s new privacy features differentiate themselves by providing, in outline, a standard for transparency that eliminates guesswork and ostensibly leaves users in charge of their web experience.
This approach is both more balanced and precise than the wide bat swung by some competitors, challenging publishers to take inventory of the cookies they drop, and to use them in a more responsible way.
But not everyone is convinced that Google should wield its power over the web this way.
We have heard time and time again that “data is currency,” and that’s true. Organizations depend on it for every step of the business cycle, from lead acquisition to customer service. But with customer bases collectively exceeding half the global population, tech giants like Google and Facebook have as much data as they could possibly want.
Even assuming the best of intentions on their behalf, we still must ask: should privacy standards be determined and enforced by the very organizations who stand to benefit the most from them?
The drive for more and more data has given rise to the advertising crisis as we know it today. In the face of invasive third-party trackers, malvertising, performance, data breaches and other privacy infringements, consumer trust is at an all-time low.
One thing is increasingly clear: the industry needs oversight, and many contenders have stepped up to fill the vacuum. From emerging legislation like GDPR and CCPA, to Google, Mozilla and other browsers, publishers have no shortage of authorities trying to dictate their relationship with clients—both consumers and brands/advertisers.
Awash in downgraded content, poor segmentation, and privacy agreements galore, end users are the casualties of this struggle, and the battle for privacy governance has quickly become a case of too many chefs spoiling the pot.
So, here’s a thought: what if organizations were equipped to set their own rules? And instead of concentrating power in the hands of Silicon Valley giants, what if the relationship between businesses and advertisers could be self-governed?
Publishers and media organizations are on the cusp of winning the future of digital. With historical direct relationships with brands and ownership of coveted first-party data, there’s never been a better time to take control of the digital revenue channel. The first step to winning is knowing the parties that contribute to your supply chain and verifying compliance with publisher policies covering data, security, quality and performance.
In most cases, more than 90 percent of their code is third-party generated and the veil of mystery surrounding a third-party’s identity has been a significant obstacle to content moderation. If Google did one thing right with the new Chrome updates, it was forcing developers to identify the purpose and scope of their cookies to the end user.
As long as businesses can vet the partners executing on their platforms, vulnerable and abusive code can easily be censured, creating a better digital supply chain for users, ad exchanges and publishers alike.
In this future, Digital Vendor Risk Management (DVRM) can arm organizations with the information they need to govern their digital assets. With built-in regulatory compliance, DVRM not only identifies risks, but ensures that the proper response is taken in any jurisdiction.
The best solution for customers and the best solution for business always go hand in hand. Rather than bringing them under an iron fist, DVRM creates a sustainable digital ecosystem by empowering businesses to protect their customers while driving revenue.
by MATT O'NEILL
Digital3PC.com is an independent platform that brings together the best minds from tech, government, research, and academia to shape the future of cybersecurity policy and offer best practice solutions when responding to cyber threats. The most common access point for malware spread, data breaches, IP theft, election meddling, disinformation campaigns, and cyberwarfare is malicious third-party code (3PC) that makes its way into our websites, apps, and IoT devices. The compromise of the digital ecosystem erodes user trust and the credibility of media organizations, and undermines the integrity of our democracy, economy, and public safety.