In recent years, changes in consumer privacy regulations have created disruption within the media and advertising ecosystem. Publishers have felt some of the biggest impact, needing to change the way they think about ad monetization so they can continue to respect user privacy, reduce reliance on third parties, and build sustainable revenue growth.
Key to helping publishers navigate these challenges is their data management and collaboration technologies, which enable them to utilize private identity data, extract meaningful business insights, and safely scale data activation.
Optable is the maker of an end-to-end data clean room platform for the advertising industry that integrates with BigQuery and enables audience activation and insights through connections with downstream systems.
The methods and systems that support audience-focused ad planning, activation, and measurement have undergone a massive shift. As a result, publishers are needing to reevaluate their data strategies, shifting their investments to cloud computing and big data. Unfortunately, a lack of innovation in data management platforms (DMPs) for publishers has stifled revenue growth and created inefficiencies in operations. This lack of ROI in legacy DMPs comes from the following challenges:
Optable is a next-generation data management and collaboration platform that is privacy-focused by design and built to harness the power of today's big data and cloud computing ecosystem. To achieve this, Optable focuses on three key areas of innovation.
1. Composable identity
The Optable platform simplifies the complexities of processing and analyzing audience identity data in the age of privacy. By creating a flexible identity system, publishers can shape their audience graph for maximum accuracy and addressability. Optable also makes it easy to connect alternative identifiers such as UID 2.0 or ID5 to your audience data so that you can understand the full spectrum of advertiser demand and maximize revenue. It’s also straightforward to enrich audience data through connecting to second-party data sources, such as True Data.
2. Interoperability focused on monetization
Optable makes monetization easy. It’s built the tools and integrations needed to keep up with programmatic ad-tech ecosystem changes. Audience data is fully interoperable through the Google Cloud ecosystem (and beyond), which means it’s easier to activate through ad servers like Google Ad Manager (GAM) or Google DV 360, or use pre-built clean room applications within BigQuery. This combination means that direct sales and ad operations teams can quickly and easily move from ad partner planning, to audience building and insights, to actual campaign activation.
3. Audience insights across all known users and event traffic
Audience building and analysis with Optable provides a comprehensive 360-degree view without the massive upfront engineering that’s usually required. By allowing audiences to be created, synthesized, and managed using both known user data as well as anonymous events (such as page visits or ad serving events from GAM), operational teams can glean meaningful insights, service unique requests from ad partners, and optimize campaign performance. For example, in the image below, Optable Insights shows customers key information about the size and makeup of their private identity graph as well as the makeup of Traits across their audience.
One of Optable’s early customers, a major North American news publisher, developed a digital-first publication strategy in 2017. As part of this they built an ad-sales strategy focused on privacy-safe first-party data monetization. A key pillar to their strategy is data collaboration through Optable. Through this investment they achieved a 9% annual increase in ad revenue in 2022.
Optable on BigQuery empowers publishers to monetize their data assets, even if they lack engineering resources. Optable provides the right tools and integrations so teams can use their data to create ad products. For example, audience data can be exported directly into Google Ads Data Manager for easy activation.
The data clean room is one of the most important technologies in the media and advertising space. The Optable platform gives publishers pre-built applications that are powered by BigQuery data clean room primitives and APIs. These can also easily be extended to power secure data collaboration across other cloud ecosystems using Optable’s ‘Flash Nodes’ and ‘Flash Connectors.’ Flash Nodes allow companies to invite partners to easily onboard their data into a limited version of Optable simply for the purpose of collaborating with that partner; this reduces the friction of setting up a whole new collaboration platform. Likewise, ‘Flash Connectors’ give companies a set of primitives that can be shared with partners who use AWS, Snowflake, and BigQuery so that Optable users can collaborate directly with partners who house their data in those environments without moving any data.
Rather than just focusing on moving data in and out, Optable’s platform is built for a data-warehouse centric world, so publishers can extend their capabilities. Identity graphs can be shaped and custom modeling easily deployed directly in BigQuery. Additionally, the capabilities of the Google Data Cloud enable custom use cases such as data visualization in Looker. To help navigate data security compliance, Optable has built ‘Bring Your Own Account’ functionality to allow customers to utilize a Google BigQuery instance that’s fully controllable.
Optable partners with Google across many areas, including a new integration with the Google Privacy Sandbox APIs that enable publishers to easily onboard and activate audiences as well as enabling marketers to run campaigns via Privacy Sandbox. An early access program enables these capabilities directly through the Optable platform. You can learn more here.
Later this year, Optable is announcing enhancements to its audience data management and collaboration capabilities, including support for ad serving events through Google Ad Manager and the release of the Google BigQuery Connector to allow for zero-copy partner collaboration.
Optable also recently became a Google Cloud Marketplace vendor, so Google Cloud customers can now purchase and implement Optable’s platform directly. Following the recently announced general availability of BigQuery data clean rooms, the Optable and Google teams are working on an integration to unlock more planning, activation and measurement use cases for the media and advertising ecosystem.
Built with BigQuery helps companies like Optable build innovative applications with Google Data Cloud. Participating companies can:
BigQuery gives ISVs the advantage of a powerful, highly scalable unified AI lakehouse that’s integrated with Google Cloud’s open, secure, sustainable platform. Click here to learn more about Built with BigQuery
The article was originally published on the Google Cloud Blog as part of a series showcasing tech companies and data providers that are Built with BigQuery.
The crisp February air of Toronto welcomed a select group of media & advertising thought leaders to Optable's exclusive summit. The agenda promised deep dives into data strategy, privacy's impact, and navigating the ever-evolving media landscape. And it definitely delivered.
The opening panel, "How Publishers & Advertisers Are Using Data to Build Better Ad Campaigns in the Age of Privacy," kicked things off with a bang. Data collaboration emerged as the undeniable hero, bridging the gap in a fragmented ecosystem. Panelists from La Presse, The Globe & Mail, and Advance powered by Loblaw discussed their shared journey: adapting data strategies, wielding identity solutions, all while dancing around the ever-changing privacy regulations. The panel was moderating by Optable's own Ioana Tirtirau, Head of Customer Success, who helped the crowd to glean actionable insights that could be implemented within their own businesses.
One key takeaway? It's not just about the tech. "The future of advertising lies in finding the sweet spot where data insights combine to create a better experience for the audience and ultimately create business growth. Data is the interface with which were able to create better advertising partnerships." said one publisher exec. The audience couldn't have agreed more, recognizing the need for meaningful campaigns that respect customer privacy and provide real insights into customers’ wants and needs.
Deloitte's fireside chat shifted gears, focusing on the elephant in the room – privacy. Experts dissected the seismic shifts caused by regulations and platform moves, highlighting not just the challenges but also the opportunities. "CCPA, GDPR, Law 25, cookie deprecation – it's all about building trust," emphasized a Deloitte speaker. "And trust generates loyalty & engagement, which is the real gold in this game."
The summit wasn't just about buzzwords and tech. It was about understanding that data and privacy are inherently human-centric. At its core, advertising is about connecting with people, and in the privacy age, that means that collaboration is key.
The cocktail hour wasn't just a networking opportunity; it was a testament to the energy and ideas bubbling up from the room. From Optable's own data experts to seasoned ad veterans, everyone recognized that the future isn't pre-programmed – it's in the hands of innovative minds who can harness data, respect privacy, and ultimately, rethink and rearchitect the media & advertising ecosystem to be more impactful for audiences and more sustainable for businesses.
Key Takeaways:
Optable's 'State of Data Collaboration' in Toronto wasn't just a glimpse into the future; it was a blueprint for navigating it. Armed with actionable insights and a renewed focus on the human element, data & advertising professionals left the venue empowered to redefine success in the privacy-first era.
In this blog, we will outline what audience activation is, why it is important for marketers, and how to activate audiences. We’ll discuss how publishers and advertisers can work together to connect data with technology like Google’s Ad Manager, Prebid.org, leading DSPs such as The Trade Desk and Amazon DSP, and major ad platforms like TikTok and Meta for activation purposes.
Audience activation, in the context of advertising, is the process of identifying and targeting a specific audience with relevant content and offers. It is important for marketers to use audience activation because it allows them to reach their target audience more effectively and efficiently. Audience activation can improve marketing campaigns by increasing brand awareness, driving leads, and generating sales.
Marketers today are faced with complex buyer journeys, exacerbated by the loss of third party data and cookie deprecation. To succeed, marketers must move away from the channel-first approach and create unified customer profiles with data from all available channels. With a centralized profile based on first party data, marketers can target audiences with just the right message, at the right time.
By maximizing partnerships with media partners, marketers can look across consumer touchpoints to increase the effectiveness of activation. Technology can help organizations gain value from advertising partnerships while navigating challenges with data privacy.
Data is usually kept in a cloud environment like Snowflake, GCP, AWS or Databricks, and activation technology must be able to work with the data environment safely and with privacy in mind.
Optable Collaborate is a Data Clean Room solution, fully interoperable across cloud environments. It utilizes leading privacy-enhancing technologies (PETs), and is purpose-built with advertising-specific frameworks and utilizes a simple pricing & activation model.
Collaboration is enabled by tools like Optable’s DMP, which creates, segments and analyzes audience data before and after it is utilized within a clean room. Optable DMP provides an easy-to-use interface for commercial teams and plugs into a wide array of data sources, including real-time & event-level data, allowing you to scale & manage the importing, building, activation and measurement of audiences throughout all phases of advertising.
Once audiences are activated effectively, with data-informed decisioning, marketing campaigns will become imminently more effective. To find out more, contact us for a demo.
Differential Privacy has emerged as a powerful technique to protect individual privacy while still reaping the benefits of data-driven insights. In this blog, we’ll explore differential privacy, how it works, and how media companies can use it to safeguard sensitive data about consumers.
Differential privacy is a privacy-enhancing technology (PET) that allows organizations to analyze data while preserving the privacy of individual people. The core principle is to ensure that no specific piece of information about an individual can be inferred from the results of a query or analysis. This means that the results of the analysis will look nearly the same regardless of whether any single individual's information was included in the analysis or not.
Differential privacy is achieved by adding carefully curated random noise to the dataset at a high enough rate that it protects privacy, but not so high that it diminishes utility. This can be achieved in two ways:
Any statistical analysis, whether using differential privacy or not, still leaks some information about the end users whose data are analyzed. As more and more analyses are performed on the same individuals or end users, this privacy loss can quickly accumulate. Fortunately, differential privacy provides formal methods for tracking and limiting this cumulative privacy loss.
Differential privacy facilitates secure data sharing among media organizations and marketers, promoting collaboration without compromising any individual’s privacy. This technology is particularly helpful when companies are trying to gather consumer insights from:
When brands and media companies use differential privacy as one of their PETs, it helps them comply with data privacy regulations as well as build trust with consumers by assuring them that their data is handled with care.
As data continues to play an essential role in finding and retaining user interest, media companies must implement differential privacy to harness data-driven insights while respecting individual privacy rights. It is poised to be an integral part of data analytics and sharing in a privacy-conscious world.
The need to safeguard sensitive data and ensure the confidentiality of transactions has never been more critical. The Trusted Execution Environment (TEE) emerges as a pivotal technology in the demand for increased data privacy. In this blog, we will delve into the world of TEE, understand what it is, and explore its applications as a privacy-enhancing technology.
TEE is a secure and isolated area within a computer or mobile device's central processing unit (CPU). It’s designed to execute code and processes in a highly protected environment, ensuring that sensitive data remains secure and isolated from all other software in the system. It achieves this level of security via special hardware that keeps data encrypted while in use in main memory. This ensures that any software or user even with full privilege only sees encrypted data at any point in time.
Using special hardware, TEEs encrypt all data that exits to the main memory. And decrypt back any data returning before processing, allowing the code and analytics to operate on plaintext data. This means that TEE can scale very well compared to other pure cryptographic secure computation approaches.
TEEs also offer a useful feature called remote attestation. This means remote clients can establish trust on the TEE by verifying the integrity of the code and data loaded in the TEE and establish a secure connection with it.
TEEs are an attractive option for media companies who want to safely scale their data operations in a secure environment. TEEs offer the following benefits:
Now, let’s look at a real-world example of data collaboration using a TEE. In our last blog post, we saw that one way to perform the secure matching in the IAB’s Open Private Join & Activation proposal is using an MPC protocol. Another way to perform this secure matching is using a TEE. With TEE, only one helper server is involved. First, the advertiser and the publisher establish the trust of the TEE via remote attestation. Then, they -each forward their encrypted PII data to the TEE server which decrypts them and performs the match on plaintext data.
TEEs come with their own privacy risks. They are vulnerable to side-channel attacks, such as memory access pattern attacks, which can be exploited to reveal information about the underlying data. Adding side-channel protections can help counter these attacks, but significantly increases the computational overhead. Fortunately, despite this TEEs scale very well.
In an industry facing ongoing scrutiny over data privacy concerns, TEEs are becoming a standard. This PET technology will continue to evolve and we expect to see it playing an increasingly vital role in data collaboration.
In an era where data is the new gold, ensuring its privacy and security has never been more critical. Secure computation, is a powerful branch of cryptography, allowing companies to perform computations on sensitive data without revealing the actual information being processed. In this blog, we’ll explore what secure computation is and how it’s used to protect consumer data.
Secure computation is a cryptographic technique that enables multiple parties to jointly compute a function over their individual inputs while keeping those inputs private. This is known as "encryption in use" because the underlying data remains encrypted while it is being processed on remote servers or in the cloud.
The primary goal of secure computation is to ensure the confidentiality, integrity, and privacy of data throughout the computation process. It accomplishes this without relying on a trusted third party, making it particularly valuable in scenarios where data sharing and privacy are paramount. This means that two or more parties can collaborate on data analysis or computations without exposing their sensitive data to one another.
Secure computation is applied in a range of scenarios where privacy and data security are paramount. Naturally, secure computation is a great fit for data sharing and collaboration among publishers and advertisers.
Both publishers and advertisers can benefit from a type of secure computation called Private Set Intersection (PSI) protocol. It allows two or more parties to compute the intersection of their private datasets without revealing any information about the records not in the intersection. Optable, for instance, provides an open-source matching utility that allows partners of Optable customers to securely match their first-party data sets with them using a PSI protocol.
Secure computation can be implemented in two main ways: 1) via pure cryptography (using Fully Homomorphic Encryption (FHE) and Secure Multi-Party Computation (MPC)) or 2) through secure hardware (using Trusted Execution Environments (TEEs).
FHE is an incredibly powerful tool for protecting data privacy in the digital age. It enables analytics to be performed on encrypted data without ever having to decrypt it. The ad tech industry can certainly benefit from full-scale analytics without the risk of exposing personally identifiable information (PII).
While FHE has the potential to revolutionize the advertising ecosystem, it is unfortunately quite computationally intensive and limited in its current capabilities. Therefore it is not yet ready for widespread adoption. There is ongoing research to make FHE more efficient and functional in the future.
MPC is a form of secure computation that uses a cryptographic protocol to enable two or more businesses with private data to perform a joint computation while keeping their individual inputs private. Each entity only learns what can be inferred from the computation result.
Often, the secure computation part is outsourced to two helper servers. Before data leaves a user's device, it is encrypted to both helper servers, which decrypt it partially and perform computation on the partially encrypted data. Neither server is ever able to see the original user data.
MPC protocols provide a high level of security but come with a tradeoff. They require sophisticated cryptographic operations which incur higher computation and communication costs. This makes this technology tailored for specific tasks, which can get very expensive.
In the past year, Optable has been a leading contributor to the IAB Tech Lab’s Open Private Join and Activation (OPJA) that enables interoperable privacy safe ad activation based on PII data. At the heart of OPJA is a secure match using a PSI protocol that allows advertisers and publishers to match their PII data. One of the ways to perform this match is using MPC — the respective clean room vendors act as the MPC helper servers, which jointly compute the overlap without ever learning the identifiers not in the overlap.
In an age where data privacy is a growing concern, secure computation emerges as a vital technology that plays an important role helping companies comply with data protection regulations while still fostering innovation and cooperation among business partners.
The digital world has brought unprecedented convenience and connectivity but also raised significant concerns about data privacy. As we share more of our lives online, the need for robust privacy-enhancing technologies has become paramount. On-device learning has emerged as a powerful tool to protect personal data while enabling advanced capabilities. In this blog, we will explore on-device learning, its role in enhancing privacy, and how it’s used.
On-device learning, sometimes referred to as federated learning, is a machine learning approach that allows training models directly on a user’s device with data available on their device. Only updated model parameters are sent to a remote server or cloud. This means that a user’s smartphone, tablet, or other device can learn and adapt to their preferences without constantly sending their data to remote servers. This gives users more control over their data, protects their privacy, and reduces the need to send raw individual user data to external servers.
On-device learning operates with the following four principles:
With on-device learning, online retailers can gain insights on consumers’ preferences and behaviors without tracking their individual preferences. The way this works is, each consumer’s device downloads the current model, improves it by learning from the data on their phone. The model updates from each of these devices are then collected, compiled, and are fed back into and improved on the central model. Thus, the marketers just learn the overall purchase pattern or behavior without ever learning individual consumer preferences or behaviors.
Let’s look at a real-world example of a data collection sequence that uses on-device learning:
On-device learning is not perfect from a privacy perspective. When model parameters leave users’ devices they still leak information about the underlying local training data. So, the risk of sensitive information being shared is only reduced and not completely eliminated.To prevent this, on-device learning is often combined with other PETs such as differential privacy and secure computation, which we will cover in different posts on our blog.
In today's data-driven world, concerns about privacy and data security have never been more critical. k-Anonymity is a privacy concept and technique that plays a pivotal role in safeguarding sensitive data. Let’s explore what k-anonymity is and how it‘s used to protect personal information.
k-Anonymity is a privacy model designed to protect the identities of individuals when their data is being shared, published, or analyzed. It ensures that data cannot be linked to a specific person by making it indistinguishable from the data of at least 'k-1' other individuals. In simpler terms, k-anonymity obscures personal information within a crowd, making it impossible to identify a particular individual.
The 'k' in k-anonymity represents the minimum number of similar individuals (or the “anonymity set”) within the dataset that an individual's data must blend with to guarantee their privacy. For example, if k is set to 5, the data must be indistinguishable from at least four other people's data.
To implement k-anonymity, data must be generalized to make it less identifiable, while ensuring that each data point is identical to a minimum of ‘k-1’ other entries. This is commonly done through two methods:
Online retailers use k-anonymity to protect customer data while analyzing purchase histories and preferences to enhance their services and recommendations.
For example, individual users can be associated with data cohorts based on their interests on their mobile device. An advertiser can then target individuals in specific cohorts. This way, the advertiser does not learn any personally identifiable information (PII) and only learns that a specific individual belongs to certain cohorts. And as long as the cohorts are k-anonymous, they protect users from re-identification, especially for large values of k.
A drawback to using k-anonymity is that sometimes revealing just the cohort a user belongs to can leak sensitive information about a user. This is true, especially when the cohorts are based on sensitive topics such as race, religion, sexual orientation, etc. A simple solution to this problem is to use predefined and publicly visible cohort categories, such as in Google Topics.
In any case, cohorts can still be combined or correlated and used to re-identify users across multiple sites. That said, k-anonymity is often combined with other privacy protections to further reduce the probability of re-identification.
As people spend more and more time online, consumers have demanded more control over their digital privacy. They’ve become particularly uncomfortable with digital tracking technology like third-party cookies that enable marketers to gather information about their browsing behavior. But eliminating third-party cookies puts marketers in a tough spot. Their businesses have relied on cookies to find new customers for over two decades.
Government agencies in the US and Europe have responded to consumer demands by enacting regulations that offer more protection and control to users over how their data is collected and processed. And many of the web browsers have already phased out cookies. Google has been the last hold out and they’re expected to fully phase out cookies by the end of 2024.
But simply eliminating cookies won’t solve the privacy protection problem for consumers. Digital footprints are always expanding and companies need to be more vigilant than ever about protecting their customers’ data. There’s an enormous opportunity to build an ad ecosystem that respects users' privacy more than ever.
Privacy Enhancing Technologies (PETs) have emerged as a crucial ally for safeguarding consumer data. This emerging technology uses advanced cryptographic and statistical techniques to protect consumer information while still allowing marketers to glean valuable insights.
PETs are a set of tools and methods designed to help organizations maintain digital privacy. They provide a layer of defense against unwanted surveillance, data breaches, and unwarranted data collection by enhancing user control and safeguarding data during its lifecycle. PETs are instrumental in upholding privacy, security, and freedom in the digital realm.
There are several types of PETs being used throughout the digital advertising ecosystem:
PETs will play a vital role in creating an advertising ecosystem that is primarily privacy focused. Optable is exploring the use of multiple types of PETs as we build a privacy-safe environment where clients can safely collaborate with their data partners. The following blog series will demystify the complex world of PETs and take a closer look at how advertisers are using them.