Google rethinks FLoC; ad-tech takes flack from Mozilla on cookie alternatives

Privacy Beat

Your weekly privacy news update.


Permutive’s Steve Francolla (above)

Google rethinks browser cohort “FLoC” idea as ad-tech worries it won’t be universal — or privacy legal 

Don’t count on Google’s “FLoC” browser cohort technology to replace the loss of third-party cookies, ad-tech executives declared during a webinar this week seen by hundreds of industry insiders and observers.  The technology won’t pass regulatory muster, and it won’t work on all browsers, they said. 

“Cookies are half dead,” said Steve Francolla, head of partnerships and ecosystem for Permutive, an ad-tech data-aggregator and matching service. He added: “Regulations are a roadblock for FLoC.” 

“It is not consistent across browsers,” said Wesley Benel, Neustar’s strategic-partnerships director, adding:  “I’d just like to see it be a consistent framework that is applied across browsers that everyone agrees to.” 

The two were among panelists at the Interactive Advertising Bureau’s “State of Data Town Hall: Identity / Addressability,” on Aug. 11.  Francolla said ad-tech has “put efficiency and optimization at the center of everything” adding: “This requires a monumental amount of data on a user.”  If redone, he said, the programmatic bidstream should not include personal identifying information (PII) within it.  

Benel said ad tech players are “adapting to a privacy centric environment.”  But he also said Neustar’s goal “is to support our clients to maintain addressability . . . across all platforms.”  “Addressability” is the ad-tech industry’s buzz word for technologies which targets ads to individuals. 

Angelina Eng, the IAB vice president who moderated the discussion, cited research reports IAB commissioned and released in March from Ipsos and McKinsey. “When viewed together, the insights from these two reports point to one very clear next step,” fellow IAB executive Orchid Richardson says in the reports’ overview. “First-party data is the answer. If you don’t have it, get it, and if you can’t collect it yourself or have enough collected to thrive, then partner up.




Does your organization need customized privacy compliance solutions? ITEGA  can help.

We bring together support you need to approach compliance with CCPA, GDPR if needed, and future privacy legislation as it emerges.

Learn More

SWAN group says Mozilla’s report slamming it and UID2.0 over privacy is “inaccurate”

Two of the ad-tech industry’s efforts to continue targeted advertising after browsers no longer support third-party cookies — SWAN and Unified ID 2.0 — drew criticism from the nonprofit-owned Mozilla Corp. in a blog and report, but one of the efforts’ proponents this week called the report inaccurate.  

SWAN and Unified ID 2.0 want to give each web user an anonymous identifier that ad companies can use for tracking and targeting purposes, AdMonsters writer Amy Corr said in her story.  Mozilla sees this as a regression, not advancement, she wrote. 

“From a purely technical standpoint, these proposals are a regression in privacy in that they allow tracking of users who are presently protected against tracking,” Mozilla CTO Eric Rescorla and engineer Martin Thomson wrote in the report document and accompanying blog post.  “Moreover, the techniques used here – especially redirect tracking but also identifier-based tracking – are already ones which most major browsers attempt to prevent.”





Chart courtesy of IAPP 




Like what you see? Then recommend to a friend.

Subscribe to Privacy Beat

Lawyer and California’s AG say popular, digital ad opt-outs from trade groups don’t comply with CCPA


Key efforts by the advertising industry to give publishers and websites a one-and-done way to offer privacy choice to consumers are not sufficient under the California Consumer Privacy Act (CCPA), according to a report in DigiDay backed by at least one lawyer’s analysis. 

“Companies cannot rely on blanket digital ad opt-out tools from trade groups,” DigiDay’s Kate Kaye wrote in a report posted last week, adding: “In other words, popular opt-out tools from the Network Advertising Initiative (NAI) and Digital Advertising Alliance (DAA) won’t cut it.” 

Kay was writing based on advice from the office of California Attorney General Rob Bona, which published examples of enforcement actions under CCPA. Sites can’t comply with CCPA by merely referring user to a generic tool provided by NNI or DAA, Bona advised. 

“Directing consumers to the Digital Advertising Alliance and Network Advertising Initiative opt out links is not a valid method of opt out of sale,” wrote Fox Rothschild LLP privacy attorney Odia Kagan, in a brief she posted to the OneTrust’s DataGuidance website.





Publishers sharing IDs is their best survival route, says a data-exchange service provider 

  • The following is excerpted from the weekly email newsletter column, “The Sell Sider,” a rotating column by ad-tech industry experts produced by  The author excerpted here is Eric Matlick, CEO of Bombora, a B-to-B data-exchange service.

“The notion of publishers walling themselves off has gained some buzz, and it’s an attractive proposition. 

“Unfortunately, this is not a feasible solution for even the biggest, most powerful publishers. No individual publisher has the scale needed to create a viable walled garden, and you’d be hard pressed to find a publisher that accounts for even 1% of the online ad market. No one can compete with Facebook or Google at that level . . . . 

“Sharing IDs, avoiding commoditization is the best route. The best option that publishers do have is to try to achieve some level of this scale by working together with other publishers. The industry seems to be rallying behind a shared ID that publishers can deploy to achieve some of these goals, but many are weary, and rightfully so . . . .

“The holy grail of the post-cookie internet will be authenticated users, but we’re unlikely to see scale. Instead, publishers need to augment their data, identify more users and enrich the data they have on those users to build more targetable segments. 

“Ideally, publishers should reorient this idea to their own benefit and build a shared ID that is only passed among publishers themselves . . .  Advertisers are already eager to share their data with Facebook and Google, and neither of those platforms necessarily has a portable ID that the advertiser needs to maintain. Working with associations of publishers would look largely the same, and would be miles better than trying to manage individual buys across thousands of publishers in order to achieve scale . . . . “

“If enough large business publications band together and share their data, they can create massive scale that appeals to advertisers. They can also offer specialized audience segments, such as “in-market for cybersecurity solutions,” that simply aren’t offered elsewhere. That will be appealing to advertisers, who will be desperate to target and measure audiences once the cookie crumbles.


Privacy Beat is a weekly email update from the Information Trust Exchange Governing Association in service to its mission. Links and brief reports are compiled, summarized or analyzed by Bill Densmore and Eva Tucker.  Submit links and ideas for coverage to

Share Share

Tweet Tweet

Share Share

Forward Forward




Copyright © 2021 Information Trust Exchange Governing Association, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp