Targeting & measurement: the story so far

Posted on Thursday 01 September 2022 | IAB UK

Find out more about what third-party cookies are used for, why they are being deprecated and the alternative targeting and measurement strategies that are being developed


On browsers, third-party cookies have already been deprecated on Mozilla’s Firefox and Apple’s Safari and are due to be phased out on Google’s Chrome in 2024. On mobile, Apple’s changes to its Identifier for Advertisers (IDFA) have already impacted how apps can monetise services within iOS and highlighted the importance of effectively communicating with people about the essential value exchange that sits at the heart of the free web. Android Advertising IDs (AAIDs) are also set to be phased out by Google

So, as our industry develops new ways to target and measure online, how far have we come? And what do we still need to do? Here we lay out what’s happened to date. 

 

What are identifiers?

Cookies are a small piece of code that are stored on a user’s browser when they visit a website. They are used to recognise and remember a user when they visit and then revisit a website. Cookies work exclusively in a web browser environment. Mobile advertising identifiers, or MAIDs, are used in the in-app environment – offering a similar functionality to cookies.

It’s important to understand the difference between first and third-party cookies. A first-party cookie is dropped by the domain owner (i.e. the website being visited) and only functions within that domain, whereas a third-party cookie is dropped by an entity that doesn’t own the domain. They are currently leveraged across the digital ecosystem to target users with advertising and measure the performance of campaigns (among other functions). Similarly, MAIDs are anonymous IDs that give advertisers a way to track individual users across the iOS app ecosystem, regardless of app environment. An IDFA is a MAID within Apple’s iOS. 

 

What’s happened to date? 

In 2017, Apple was the first to implement anti-tracking measures within the Safari browser. Mozilla followed shortly after, and third-party cookies are now obsolete within Safari and Firefox. In January 2020, Google announced that it would also deprecate third-party cookies within Chrome by 2022 (now extended to 2024) and introduced Privacy Sandbox “to create technologies that both protect people's privacy online and give companies and developers tools to build thriving digital businesses”. Given that Chrome is by far the most dominant browser globally, it was this announcement that made wider changes inevitable. There has since been a lot of momentum within the industry to develop alternative strategies for targeting and measuring online that don’t involve third-party identifiers, while maintaining advertisers’ ability to serve relevant advertising.

One of the reasons given for phasing out third-party cookies and identifiers by companies such as Google and Apple is the desire to create more privacy-conscious online environments, and privacy is a much discussed topic in the digital advertising industry. However, it’s important to note that ‘privacy’ is a very subjective term and that, fundamentally, the use of cookies (and any other similar device-based information or identifiers) or personal data must comply with data protection and ePrivacy legislation. 

This focus on privacy within the digital ad industry reflects a greater legislative focus on data protection over recent years. The EU’s revised data protection legislation, the GDPR, became law in 2016 and has been in force in the UK since 2018. Post-Brexit, it was retained in UK law as the UK GDPR and the Privacy and Electronic Communications Regulations (PECR) have governed the use of cookies and other similar technologies in the UK since 2003. As well as greater regulatory scrutiny of how data is collected, used and shared for digital advertising purposes, research suggests that consumers are increasingly aware of how their personal data is used online. 

Changes relating to data-privacy have also been made beyond the browser environment. Most significantly, Apple’s launch of iOS 14.5 gave users the option to block the IDFA identifier at an app level, with significant implications for advertisers and developers. More on this here

On Android, Google launched a mobile-focused Privacy Sandbox in 2022 to develop “new, more private advertising solutions” that “will limit sharing of user data with third parties and operate without cross-app identifiers, including advertising ID”. It states that this will be “a multi-year initiative” and says: “While we design, build and test these new solutions, we plan to support existing ads platform features for at least two years, and we intend to provide substantial notice ahead of any future changes.” 

 

The value of identifiers 

Amongst all of this change, it’s important to understand the valuable role that identifiers play in powering our ad-funded, free-to-access web. At their core, viable targeting and measurement solutions must be implemented in a way that is compliant with data protection and ePrivacy laws. In addition, they also need to balance the prevailing emphasis on how to achieve outcomes using different or reduced data and identifiers, with the reality that ad-funded digital content relies on relevant targeting and accurate measurement. 

Advertisers use identifiers to identify audiences they want to reach online, making their ads more efficient and effective, as well as more relevant for users. It’s significant that, according to IAB Europe, 75% of Europeans say they’ve benefited from relevant, targeted advertising and the same proportion would prefer to maintain an ad-funded internet – complete with targeting – than pay for access to online content.

As well as being able to measure the effectiveness of an ad, brands can also use identifiers to frequency cap their ads. Without this capability, advertisers will have no way of stopping ad bombardment, severely damaging the online experience for people. It will also mean that brands will be wasting money by serving the same ads to the same user repeatedly.

The challenge now is to develop alternative ways of targeting, measuring and frequency capping online ads that don’t undermine the economic viability of the ad-funded web - ensuring that our digital ecosystem remains ad-funded, diverse and open to all. Our CMO, James Chandler, sums this balance up here

While achieving this is not straightforward, and there is much talk of ‘the loss of cookies’, we at the IAB believe that our industry has a huge opportunity. By creating targeting and measurement solutions that are compliant with current data protection laws by design, rather than retrofitting pre-existing strategies to keep pace with changes in this space, we can create a more functional digital ecosystem that works for all parties - consumers, advertisers, and media owners. Rather than focusing on the loss of third-party cookies, we’re urging the industry to focus on what we stand to gain by pioneering new ways to target and measure online. 

 

Targeting & measurement strategies fit for the future 

There are a number of different targeting and measurement strategies - which don’t use third-party cookies - that are already in existence or currently being developed. While these are often billed as alternatives to third-party cookies, it’s important to recognise that it’s highly unlikely that there will be a one-size-fits-all approach to fill the range of functions that third-party cookies currently deliver. Our industry is having to think differently in order to develop new strategies and give advertisers a portfolio of options to target and measure consumers across browsers and in-app. 

Going forward, there will likely be a spectrum of granularity available when it comes to targeting and measurement online. Some environments will be completely anonymous, others will be completely addressable, and some will allow for addressability at an aggregate or group level. It is therefore crucial that marketers understand the different types of solutions that are being developed. 

IAB Tech Lab launched Project Rearc in response to the deprecation (or limitation) of third-party cookies and other identifiers, being disrupted by consumer privacy approaches taken by browsers, operating systems, and new privacy regulations across the globe. At a very broad level, these strategies currently fall into three groups – linked, browser/operating system-linked and unlinked solutions.

 

Linked audiences

Coined by IAB Tech Lab, ‘linked audiences’ relate to targeting strategies where publisher and advertiser audiences can be directly linked using an identifier – such as a tokenised email address that establishes a 1:1 connection with an individual. 

Browser/Operating System-Linked audiences

This describes environments where the browser or operating system is the only possible entity to link the publisher and advertiser data. Options in this space include Privacy Sandbox’s Topics and Apple’s SKAdNetwork. In both cases, the use of Privacy Enhancing Techniques (PETs) allows for the possibility to reproduce some of the core functional targeting and measurement techniques without relying on 1:1 identifiers.

Unlinked audiences

‘Unlinked audiences’ relate to targeting strategies where there is no ability to directly link a publisher's audience to the advertiser’s audience and so advertisers cannot identify users at an individual level when this approach is used in isolation. The capabilities of seller defined audiences (SDAs), contextual, and attention solutions have emerged in the absence of identifiers.

Fingerprint icon

The Future of Targeting & Measurement

With third-party identifiers becoming increasingly obsolete, what options do advertisers have when it comes to targeting and measuring their online audiences? We explore what’s happened to date and guide you through the strategies available.

Written by

IAB UK

Topics

Related content

members talking to eachother

DSIT & ICO publish new tool for privacy enhancing technologies

Learn more
People in the audience at an IAB event

Q2/Q3 2024: Update from CMA & Google on Privacy Sandbox

Learn more
IAB Members talking at an event

IAB UK responds to CMA’s call for views on Privacy Sandbox plans

Learn more
IAB members

IAB UK comment on Google’s removal of third-party cookie deadline

Learn more

Rediscover the joy of digital advertising

Champion connections instead of clicks. Capture audiences' imaginations, not just their attention. Boldly find your own beat instead of letting tech set the pace. It’s time to rediscover the joy of digital.

IAB UK Chatbot

Close Chat

Hi, I'm NORI

As the IAB’s AI-powered chatbot, I’m here to help IAB members understand everything about the world of digital advertising. You must be an IAB member to ask a question. To get started, either log into your account or create one below.

Are you sure you want to clear your chat history?

No
IAB chatbot icon