We spoke with a company that is currently designing their DNT support. This company works with DSPs, ad networks, and others as clients for targeted advertising, as well as providing fraud detection services. The technology provider uniquely identifies users through a variety of means, including browser fingerprinting, which is not cookie-based.
The company told us they are interested in DNT because it is a persistent way for users to express preferences and to opt-out permanently. Cookie-based solutions become difficult to explain, with users trying to clear cookies for privacy yet keep opt-out cookies at the same time. The company is particularly interested in being able to communicate with users, to give notice of business practices, and then provide a choice mechanism. They have already built a platform to allow users to opt-out of some data collection and use, and they are currently implementing all DAA requirements so they can join the DAA opt-out page as well.
One of the advantages to their pre-existing solution is that it is flexible: Users can opt out of some clients but not all. In contrast, DNT is currently a single signal that users do not want to be tracked, and does not allow users to make individual exceptions on a per-company or per-advertiser basis. The company concluded that DNT’s advantages make it worthwhile to implement now, while being engaged in DNT innovation and standards in the future.
When they detect a DNT header from a user, they expect to perform the following steps:
- Stop collecting and using data for third-party OBA.
- Continue to collect and use data for fraud prevention.
This company’s approach to ignoring DNT for fraud prevention is likely to be less controversial than the final point on first-party use. The idea that users must have both opt-out cookies and DNT on to be fully protected may cause consumer backlash, depending on whether users think DNT applies to first parties or not, and whether they think first-party status extends to business partners.
In addition to responding to the DNT header, the company is adding more feedback for DNT users on its own preferences page, where they currently manage user opt-outs. When a DNT-enabled user visits the preferences page, the user will see an acknowledgement that DNT is on, plus an explanation of which data practices are — and are not — affected by the DNT signal (e.g., fraud prevention). The technology company is considering passing information about DNT to clients via API calls, but that is not certain yet. They also hope to be able to help their clients have conversations with users who have TPLs or DNT on to explain to the end user what the data practices are, and see if users are interested in opting back in.
Up: Case studies
Previous: 1 Advertising company
Next: 3 Media company