At least 20 efforts to replace TP cookie; Apple and Facebook attack each other; tech lobbies not representative?

Privacy Beat

Your weekly privacy news update.



As Google and Apple constrain options, there may be at least 20 ad-tech efforts to replace the third-party cookie; who will consolidate and control?

A  race to see who can grab marketplace advantage and perhaps control over user identity and data picked up additional steam this week with at least three key announcements by ad-tech companies.

The battle is over who’s technology can do the best job of extending the life of “programmatic advertising” based on tracking and uniquely identifying users. Who will consolidate partners and control the landscape to compete with federated identity services run by Google and Facebook?

  • First, ad-tech pioneer Magnite (f/k/a The Rubicon Project) said it was going to support the identity-sharing scheme of a sometimes-competitor, The Trade Desk, called “Unified ID 2.0.”
  • Then British ad-tech company ID5 said it was pushing partnerships for its “Universal ID” entrant. (related link)
  • Finally, LiveRamp Holdings Inc. (f/k/a Acxiom Corp.) told AdAge about working with brand Molson Coors to run ad-measurement campaigns without relying on third-party cookies.

What’s going on? The ad-tech industry is being pressured by Google’s plans to block use of “third-party cookies” in its Chrome browser starting in about a year.  At the same time, Apple, through its Safari browser and iOS14 operating system, has been tightening the noose around cookie- and phone ID-based methods for sharing user data and targeting ads.  Since ad tech has argued for a decade that putting an ad in front of a unique user has value, its looking for new ways to make that happen.

An easy way to see how competitive it has become is to look at THIS PAGE at, the nonprofit industry consortium that manages browser-based Javascript code for running real-time-bidding ad auctions to targeted users.  It shows about 20 different efforts at exchanging identity information without third-party cookies, including one from Lotame.  Take your pick.

The Molson Coors news illustrates how ad tech is trying to get brands to support particular approaches.  And they’re going after publishers too. But publishers are worried about who will control the data — such as email addresses —  which they are expected to provide about their readers and viewers in the various new approaches. In the third-party cookie world, they lost control and they don’t want that to happen again.

The Trade Desk is saying that it will “open source” its code for Unified ID 2.0 and make sure its system is managed by an independent nonprofit.  But it hasn’t yet said who that will be or how it will be governed.

“Ad tech companies are going to move very fast and I don’ t know if law can move at that pace,” Nathan Patrick, a Denver-based ad-tech engineer told Privacy Beat when contacted about his blog post, The companies who are rebuilding the internet.

Meanwhile, the Information Trust Exchange Governing Association, host of this newsletter, is working with the Local Media Consortium, Inc. on governance and certification ideas.  ITEGA is a 501(c)3 nonprofit California public-benefit corporation with no owners, a mission to support journalism, but no specific industry control.   (See Privacy Beat: Oct. 29: “Trade Desk and LiveRamp move to consolidate identity; what of publishers role; are advertisers complacent?”  ITEGA is proposing that it govern a set of rules and protocols and help certify who is following them.   (earlier story)

 “You almost need a governing body,” said Patrick when talking to Privacy Beat. “A universal identity that’s not profit driven or coming from big tech. I think that is a really good angle because I think publishers will like that and advertising will like that because they don’t want to use Google, they don’t trust them.  You are solving that whole trust issue, which is super big.”

The Interactive Advertising Bureau, the lead trade association for ad-tech and some publishers, is running a series of meetings called Project ReArc to try and initiate and support industry consensus on what to do.  Initially it sought to push its own identifier, but realized it couldn’t compete with its own members’ initiatives.



Does your organization need customized privacy compliance solutions? ITEGA  can help.

We bring together support you need to approach compliance with CCPA, GDPR if needed, and future privacy legislation as it emerges.

Learn More


Apple and Facebook lob intemperate verbal volleys illustrating sensitivity of privacy and antitrust issues

Apple and Facebook traded nasty verbal volleys as each sought to portray the other as either monopolistic or privacy busting. It was what the writer who set off the volley described as “two tech giants that can’t live without each other going for the jugular.”  That’s Alex Heath, a writer for The Information. “Always been lots of  bad blood between Apple and Facebook but this is the worst it’s been in awhile,” Heath Tweeted after his story was posted.

Wendy Davis at MediaPost provides the best backgrounder on the dispute, triggered by an open letter (TEXT) sent by privacy advocates to Apple’s CEO, Tim Cook.  In a reply dated Thursday (Nov. 19) that became public, a key Apple privacy executive made pointed allegations about Facebook’s business practices. It was too much for Facebook, when then fired back.

As Hannah Murphy’s the Irish Times San Francisco correspondent, wrote:

Late on Thursday, Facebook released its own scathing statement that highlighted a number of privacy concerns about Apple’s business and called the iPhone maker’s letter a deliberate “distraction” from those issues. It also claimed Apple was “using their dominant market position to self-preference their own data collection while making it nearly impossible for their competitors to use the same data”.

“They claim it’s about privacy, but it’s about profit,” Facebook said. “We are not fooled. This is all part of a transformation of Apple’s business away from innovative hardware products to data-driven software and media.”

Whew! But The specific language, while juicy and fun to read, is probably not as important as the fact that each company is now so sensitive about privacy and antitrust.





Tech lobby groups don’t fully represent privacy views of small tech, ex-Facebook / Uber privacy exec says

Most internet technology companies, especially smaller ones, are as concerned about privacy as the public — but we shouldn’t expect to see that point of view championed by trade associations, says a former security or privacy executive for Facebook, Uber and AT&T.

Melanie Ensign spoke as part of a webinar, “Deciphering Data  Privacy,” organized by the Donald W. Reynolds Journalism Institute this week, in collaboration with the Electronic Frontier Foundation. (WATCH ARCHIVE VIDEO)

“There are a lot of tech companies that are supporting and advocating stronger consumer protections,” she said. “The challenge is that the industry associations and groups that we are all part of tend to take the position of their largest donors, and the loudest voices, which tend to be the Googles and the Facebooks and it overshadows all the other tech companies that actually are aligned with EFF and other advocates in trying to establish more protections for consumers.”

Ensign’s Q-and-A with RJI’s James Gordon followed an introduction of the privacy topic by Lindsay Oliver, activism project manager for the non–profit EFF.  Ensign now has her own consultancy, Discernible.

Oliver described the general privacy landscape, including challenges to worker privacy, health privacy and “stalkware.”  She cited concerns, including the possibility a federal law might pre-empt stronger state laws, prohibitions on the public suing to protect their privacy, and “pay for privacy” efforts.  At the state level, she said, lawmakers are asking questions about student, work, health and consumer data privacy.

Asked to talk about the role journalists can play in covering the tech privacy beat, Ensign urged a higher level of precision in terminology. For example, she said: “We let a lot of organizations get away with saying transparency is privacy. Telling me what you are doing with my data is not the same as giving me choice and control over it.”

One other bit of advice from Ensign: The public should exercise privacy rights because if companies see a lot of support expense going to privacy issues, they’ll work to save money by fixing the privacy problems. (Also see: QUOTE OF THE WEEK, below)





Like what you see? Then recommend to a friend.

Subscribe to Privacy Beat

Google touts $189 million in spending to support journalism projects; says it will continue in three areas; it had $37 billion in QT3 ad revenue

Google has issued its first annual report on its Google News Initiative, which funds journalism experiments.  The company has been criticized for years because its success at garnering advertising appears to have been in part at the expense of traditional publishers.

“We remain committed to focusing on three key areas,” Richard Gingras, the company’s vice president of news, wrote in a preamble to the report. “Elevating quality journalism, evolving sustainable business models [and] empowering newsrooms through innovation.”

Over the last two years, he writes, Google has supported more than 6,250 news partners in 118 countries through $189 million in global funding, programs, tools and resources.  Google took in $37.1 billion in advertising revenue for the three months ended Sept. 30. The entire U.S. newspaper industry had $14 billion in revenues for the full year 2018.







Payment vs. privacy is a false dichotomy, says consultant Melanie Ensign; depends on operator’s business model

Q: Is there a natural tension between a service being free and much of the Internet being advertising supported? How does this relate to pay for privacy? 

“I think that tension exists at certain organizations. I would not suggest as others have, that it is a universal truth. I think that is a convenient argument for people who want us to think that this is harder than it really is.  There are a lot of things that we don’t pay for that don’t have to violate our privacy.  A lot of it has to do with the business model of who is operating those parts of the internet. Do I think there is a natural tension between those? If you want there to be. 

“But there are lots of perspectives of how to look at this. I just think we have to be more creative about regulating the data itself.  Certain companies have to do certain things. One of the things that is recognized as the benefit of GDPR is the protection follows the data, no matter whose hands it is in.  And so it is very clear if you are getting the data directly from the consumer or if you are getting it from some third party or some other business relationship, you have the same responsibility for that data . . . 

“When we think about legislation particularly in the United States .  . . we have not yet recognized that privacy is underpinning a lot of these other civil human rights and liberties. If we truly want to protect those we have to address the issue of data and the power imbalance it causes.” 


Privacy Beat is a weekly email update from the Information Trust Exchange Governing Association in service to its mission. Links and brief reports are compiled, summarized or analyzed by Bill Densmore and Eva Tucker.  Submit links and ideas for coverage to

Share Share

Tweet Tweet

Share Share

Forward Forward




Copyright © 2020 Information Trust Exchange Governing Association, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp