Much has been discussed recently about Google’s FLoC proposal and the initial testing phase it has entered. While FLoC is one method from the Privacy Sandbox which can be used to serve targeted advertising in a world without third-party cookies, another proposal, TURTLEDOVE, provides an alternative approach meant to satisfy the classic “remarketing” use case.
For those unfamiliar with the proposal, TURTLEDOVE stands for Two Uncorrelated Requests, Then Locally-Executed Decision on Victory. While TURTLEDOVE is more of a conceptual proposal, its first iteration, FLEDGE, is the technical first experiment meant to begin satisfying targeting requirements. Let’s dig in further to explore the proposal and what we as marketers need to know.
FLEDGE – First Locally-Executed Decision Over Groups Experiment
Goal
Deliver personalized advertising based upon previous interactions a user has had with an advertiser or ad network in a privacy-safe way.
Core Concepts
- “Interest Group” – a collection of people whom an advertiser or their ad network believes will be interested in seeing some type of ad
- Three type of Interest Group owners
- An advertiser (classic remarketing)
- A publisher (monetization of their users/first-party data outside of their own ecosystem)
- Ad tech (platforms creating audiences based upon activities of users across the web indicating users are in the market for some type of product/service)
- Buyers are interest group owners (i.e. those buying an ad impression)
- Sellers are the party running an ad auction (i.e. the publisher who owns the ad inventory where the impression will happen)
- Ad bidding and selection process happens in the browser as opposed to ad servers
Traditional “Pre-Privacy” Solution
Today, this type of personalized targeting relies on the use of cookies (both first-party and third-party). The first of the use cases is the classic remarketing use case. A user views a particular product on a website and adds that product to their shopping cart but does not purchase. The company then shows ads for that product, and potentially includes a special promotion, in order to influence them to return and complete their purchase.
When a user enters the website, a first-party cookie with a unique identifier is set up that collects behavioral information for users of the site. Based on this information, you can create an audience group of individuals with the defined observed behavior to create a list of users (and their associated cookies) whom you want to target. This list of users is synced with advertising platforms in use and also running on the website. These advertising platforms are maintaining a table matching their third-party cookie IDs with your first-party IDs to be able to then identify the defined group within their system running across many other sites on the web. As users are interacting with other publisher websites containing ad inventory, the advertising networks are able to use their third-party cookie IDs to identify specific users (in our created remarketing audience) and allows you to target those users accordingly with ads for the products they have abandoned.
Other examples of this type of targeting would be when advertising technology companies create audiences which indicate a group of users they believe are in the market for a type of item. Through the use of third-party cookies and their tags being loaded/injected into many sites across the web, they are able to build profiles of users based upon sites they visit and products they are viewing. Thanks to these browsing behaviors, they can then create lists of users (and their associated cookie IDs) whom they believe to be interested in a particular type of product.
As an advertiser, you can then target users, through the ad technology networks, by defining audience activities that you want to show your ads to. For example, maybe you want to show your ad to users who have read an article on a certain subject and also have viewed products in your category within the past two weeks. Ad networks which have this observed behavior can then allow you to target users who have done these specific actions. All of the targeting and audience creation is done through the use of cookies today.
When third-party cookies go away, there is no “key” value which can join first-party audience identifiers with identifiers for those same users across other websites. These traditional targeting methods therefore are not able to be accomplished without a privacy-safe alternative. The TURTLEDOVE / FLEDGE proposals are a proposed first-step in solving for this use case without third-party cookies.
How the “Post-Privacy” Solution Works
Core Components
- Ads are able to be targeted against interest groups instead of individual IDs
- Browsers record interest groups that have been joined
- The placement of a browser in an interest group is done via an operation on the website being visited. Placement in an interest group requires permission of the site being visited and the interest group owner.
- Interest group owners can be
- An advertiser (classic remarketing)
- A publisher (monetization of their users/first-party data outside of their own ecosystem)
- Ad tech (platforms creating audiences based upon activities of users across the web indicating users are in the market for some type of product/service)
- Interest group duration is capped at 30 days unless membership is “refreshed” by re-placing the user in the group – would require the user navigating to a page(s) where placement is occurring
- Interest group owners can be
- Interest group information stored on the browser includes the group, group owner, ads to be shown to that group, and additional metadata to be used in the on-device auction (bidding information/logic)
- Browser provides protection against micro-targeting by only rendering an ad if it is being shown to a sufficiently large number of people (k anonymity threshold). This applies only to the rendered creative.
- Sellers run auctions (process determining which ad to be shown for each impression) on-device in the browser
- Sellers are the party running an auction
- Buyers are interest group owners
- Sellers determine which buyers can participate and which bids from the buyer’s interest groups are eligible to enter the auction
- Sellers responsible for the auction logic – determination of highest “desirability score” (function of bid price and metadata)
- Sellers perform reporting on the auction outcomes
- Buyers provide ads and buying functions
- Buyers are interest group owners
- Buyers choose if they want to participate in an auction
- Buyers pick a specific ad and enter it in the auction along with the bid price and metadata associated
- Buyers perform reporting on the auction outcome
- Browser fetches trusted bidding signals using server end-points defined in the interest groups
- On-device bidding occurs
- Browsers render the winning ad
- Rendered in a “Fenced Frame” – new mechanism allowing for a document to be embedded but unable to communicate with the surrounding page (privacy goal being that sites cannot learn about their visitors’ ad interests). Also will not allow network access in the future.
- Event-level reporting provided (for now)
- Logging and reporting on the auction outcome is sent to both the seller and the buyer
- Temporarily these functions can send event-level reports to their servers. Eventually reporting needs to be done in such a way that reporting cannot be used to learn the advertising interest group of individual visitors.
Current Status of the “Post-Privacy” Solution
There are many different moving parts to this proposal. Some of which are more currently viable than others with some still in the conceptual design phase. Chrome’s stated intent is to allow for early experimentation with a “Bring Your Own Server” model for the process of providing buying data for on-device decisioning. Ultimately, this will need to shift to a “trusted server” approach. This early experimentation is expected to be available in 2021.
Relevant Privacy Regulatory Considerations
While this approach will not rely on cookies and will preserve user anonymity by offering protections to only target/profile against a group as opposed to an individual, it still involves the accessing of the user’s device. The core component here, placing a user in an interest group, requires placing information in the user’s browser. Conceptually, it would follow that this would still fall in the scope of ePrivacy Directives and associated consent requirements for EU users. Since the data shared/processed theoretically with a third party is not individual in nature, it could conceivably fall outside the scope of “personal information” as defined in the California Consumer Privacy Act/California Privacy Rights Act (CCPA/CPRA), as well as “personal data” as defined in General Data Protection Regulation (GDPR). As such, there may not be restrictions under those pieces of legislation. That said, there are special call-outs for profile data which could fall in this scope. It will be interesting to see how regulatory bodies interpret and the guidance provided with respect to consent and opt-out surrounding this proposal.
What an Advertiser Can Do Today to Prepare
As these solutions are still in development, there are not a lot of tactical actions to be taken today to prepare for this solution.
The one major difference between how this type of advertising personalization happens today vs. how it will work once these solutions become available is the pre-planning that will be necessary in order to place a user in an interest group. Today, remarketing audiences can be created based upon past observed actions. You can create these audiences on the fly and place a user within the audience after they have interacted with your website.
With the TURTLEDOVE/FLEDGE approach, users must be placed within the interest group when the interaction happens. This includes sending information to the browser about potential ads to be displayed to the user. This requires significantly more pre-planning of media and creative. You should begin identifying the user activities on your digital properties that you use to re-target users (product views, cart abandons, etc.) and the nature of current ads which are most effective. You will need to deeply understand what is more effective in order to effectively prepare interest groups and user audiences in the future.
