See all news and resources

Privacy Enhancing Technologies and the challenges of mass adoption

Despite their promise, PETs face multiple challenges - not least the issue of scalability, writes Andrew Bradford
28 February 2024
PET and the challenge of mass adoption
Andrew Bradford
Andrew
Bradford

Global Lead - Cross Media Campaign Measurement

The ad industry is standing at a crossroads. Stringent privacy regulations and evolving user expectations are forcing a move away from traditional personalisation methods, upending long-held practices such as the use of third-party tracking cookies.

 

We see this played out in the rise of ad-blocking and opt-outs; through policies such as GDPR in Europe, CCPA in California and LGPD in Brazil; and through platform solutions such as Apple’s SKAdNetwork and Google’s upcoming cookie deprecation. This has led to an incomplete picture of the consumer journey, impacting ad delivery, conversions and measurement.

 

Now, as the advertising industry shifts away from identifying individual users across sites and apps, Privacy-Enhancing Technologies (PETs) have come to the fore. Solutions like Secure Multiparty Computation and Trusted Execution Environments enable secure data processing and analysis by allowing multiple parties to compute functions over their data without revealing the underlying data itself, thereby preserving confidentiality and privacy. And while various PETs are currently available and more are expected to emerge - see the forerunners, below - the key challenge now is making these technologies work for everyone.

 

Indeed, while there is much promise amongst the range of PETs already on offer, several obstacles lie ahead in their adoption.

 

For example, traditional tracking methods allow precise attribution of conversions to specific ad impressions. PETs, by design, obscure individual user data, making it difficult to definitively attribute conversions to specific ads or campaigns. This can make it harder for advertisers to assess the true effectiveness of their efforts.

 

This is compounded by a lack of standardisation which makes it difficult for advertisers and platforms to seamlessly integrate different PETs and ensure consistent measurement across platforms. PETs can also add complexity and cost to the advertising workflow. 

 

Balancing these burdens with the value gained from privacy-preserving measurement is essential, and is now at the forefront of our collective efforts to make the technologies work.

Roadblocks to mass adoption

 

Yet the real crux of the challenge, I believe, is scalability. Solutions adopted in markets like the US and UK may not be financially or legally viable in smaller markets. Or without adequate sharing of technological expertise, smaller players may not be motivated to invest in these technologies, limiting their global uptake.

 

To address this problem, the advertising industry must begin developing adaptable and financially viable solutions. This might entail crafting tiered PET offerings that cater to varying levels of budget and technical capability, or promoting open source projects for broader accessibility.


Moreover, although it is positive that the industry is exploring so many different PETs, it’s a situation that may result in inefficiency as businesses endeavour to adapt to different protocols across numerous platforms, diluting hopes of a more unified solution.

 

It is therefore imperative for the sector to establish standard best practices and progress towards a smaller number of more efficient data integration methods.

 

Indeed, by acknowledging the challenges and fostering collaboration, the industry can leverage PETs to build a more sustainable advertising landscape that has the scale to succeed. 

Collaboration is key

 

Over the next year, we can all contribute by engaging with the industry on proposals, especially on topics like Interoperable Private Attribution (IPA) methods and Ad Topic Hints, which aim to enhance privacy while maintaining the effectiveness of online advertising.

 

It is also imperative to embrace open source technology solutions like Private Computation and Private Matching, which will become crucial tools. Furthermore, co-developing solutions with industry consortiums such as the World Federation of Advertisers (WFA) Cross-Media Measurement projects, and engaging with groups like the World Wide Web Consortium (W3C) and the Interactive Advertising Bureau (IAB) Tech Lab will bolster our collective efforts.

 

Driving industry education is equally essential. By participating in various industry councils, the PETs Innovation Summit, IAB Tech Lab events, and engaging with members of groups such as Privacy for America (PRAM), all stakeholders can stay informed and meaningfully contribute. 

 

Following these steps will ensure a more cohesive, privacy-conscious, and efficient approach to data integration in advertising, setting the stage for a more responsible and effective industry. However, perhaps most crucial of all, market-wide collaboration offers us the best hope of finding universally applicable solutions, thereby addressing the scalability challenges that currently impede our progress.

 

Privacy-enhancing technologies currently being developed


Secure multi-party computation (MPC): This technique allows multiple parties to compute a function on their data without revealing their individual data to each other. For example, MPC could be used to allow a platform like Facebook to measure the effectiveness of an ad campaign without knowing which users saw the ad.


Trusted execution environments (TEE): Data is processed within a secure piece of hardware that uses encryption to create a confidential environment.


On-device learning: Finds useful patterns in historical data in order to make predictions all while ensuring people's individual data remains on their devices.


Aggregation/ K-anonymity: Ensures that at least a minimum number of data points with identifiers removed, here referred to as 'k,' are included in the result.


Differential privacy: This technique adds noise to data in a way that preserves its overall accuracy but protects the privacy of individual users. For example, differential privacy could be used to allow online platforms to share aggregate statistics about user behaviour without revealing the behaviour of any individual user.


Clean rooms: these are secure environments used for the safe sharing and analysis of data between organisations without compromising user privacy or data security. They allow for collaborative insights while ensuring that sensitive information remains protected, adhering to data privacy regulations. This approach facilitates data-driven partnerships and decision-making without direct double-blind data exchange.


Federated learning: This technique allows training machine learning models on decentralised data, without the need to collect all the data in one place. This can be used to improve the accuracy of a platform's ad targeting system without compromising user privacy.


Homomorphic encryption: This technique allows computations to be performed on encrypted data, without the need to decrypt it first. This could be used to allow a platform to analyse user data without ever seeing the data in its cleartext form.


Interoperable Private Attribution: a framework designed to measure advertising effectiveness while preserving user privacy across different platforms and services.


Ad Topic Hints: indicators used in online advertising to suggest the relevance of an ad based on the content or context, without relying on personal user data, to maintain privacy.


Federated solution architecture: a decentralised approach that processes data locally on users' devices, enhancing privacy by sharing only insights, not raw data, with central servers.

 

Andrew Bradford is Global Lead - Cross Media Campaign Measurement, at Kantar Media