“Translation from original content published by Viuz in Decembre 2018”

Sirdata has data at heart. In other words, the company felt GDPR impact.

How did she adapt?
How have advertisers and publishers reacted?
What are the next steps?

We interviewed its President, Benoît Oberlé, also IAB France board member and IAB task force co-leader.

What is your activity about ? How did GDPR impact you?

Historically, Sirdata works with Publishers and other partners to aggregate socio-demographic data, infer Consumption Intents issued from web user surfing analysis (semantic) and model with Panel Data as the Kantar TGI study the audience segments it provides to its clients for media activation (SSP, DSP, ad-networks) or audience enrichment (DMP, CDP, CRM) with anti-churn or customer conquest logics.
Our constant efforts to bring more understanding and control to Internet users have led us to radically and sustainably change the whole of our organization, our flows and our procedures.
These upheavals have fortunately not penalized our customers in terms of data quality, on the contrary: Data Governance and control are synonymous of efficiency … On the other hand the impact on our volumes has been considerable: at first we had to stop working with 35% of our sources that did not bring enough level of commitment! Then, taking into account the consent signals transmitted as part of the IAB Europe Transparency & Consent Framework led us to reject half of the data received. Time, a correct consent rate, and new partners have allowed us to return to past volumes.

How did brand side react?

Often the first reaction in programmatic has been to reduce third-party data targeting in favor of first party data (retargeting). Then came the awareness time: these first-party data transfers are often without valid lawful bases for processing while with a consent signal attached to each third data Sirdata thus brings much more security to brands.

And … Publisher side?

Some publishers have invested to target compliance, others make lots of efforts to display compliance tools without fulfilling full process, and finally some feel, wrongly, not at all concerned: we see so many things! Globally, and fortunately, the user can rejoice since everything is moving in the right direction, his.

We joined very early Transparency & Consent Framework (T&CF), which we believe represents the first and only self-regulation global initiative, able to bring security to all actors in the digital advertising chain. We are registered as Vendor, but also as CMP.
We license our CMP technology to Key accounts Publishers who do not wish to share their data, but we provide it free of charge to our suppliers to assist them in their efforts to inform, collect and modify consent.
Our partners are however not forced to use our CMP, they can use the one of their choice among the many compatible solutions on the market. In this case, we simply require that the implementation of certain settings, without any possible derogation. For example, that purposes are quoted from the banner, that the advanced parameter settings are unchecked by default, that the consent signal has 30 days lifespan as long as the T&CF is a Work In Progress… And very important, that tags and pixels are conditioned: all CMPs allow it! I remind that these are only tools and that compliance depends on the parameters used…
Some of our required settings go further than the TCF Policies, recommendations from existing regulators or local tolerances, but we consider it necessary in our ongoing quest for a balance between Private Life / Economic Life and a universally stable framework: without condemning for example, we do not accept the scroll as a collecting consent method. The Browsewrap (second visit out of Privacy policy page) is the limit according to us.

Everything is moving in the right direction, but we do not think it is already the case. It is for this reason that we attach a lot of importance to all the small settings that will allow them to evolve, to refine their understanding and to modify their choices over time (easy UI re-display, clear UX, short consent lifetime …).

What are your relations with french DPA?

To make the choice of the TCF, it is to make an efficient choice in the interactions between regulator and industry : it is unbelievable that CNIL answers each actor individually, we must imperatively entrust this role to the representative bodies (On a french side, for example IAB, GESTE, SRI, UDA now UDM, UDECAM …).
I personally interact with the CNIL as IAB Board Member and Task Force Privacy co-leader, not as a Sirdata representative.

There is still a long way to go, but in addition to being a compliance tool to GDPR, this spontaneous self-regulation initiative is the only credible alternative to a future ePrivacy directive, on tracer management and toll risk associated with some US navigators.
It must be defended at all costs, and its detractors must understand that their short-term interests threaten the future of all actors.

How do you see / anticipate ePrivacy?

We defend the idea that the TCF and its evolutions will bring a valid and sovereign solution tracer management issue…

What are the next steps for the next 6 to 12 months?

Our duty is to support publishers in the fundamental compliance step concerning tag management and the loss of revenue associated with non-consent … For example, since September we have been able to maximize the value of their media via a contextual approach in the case user refuses a personal data processing.
Sirdata has decided to offer everyone the opportunity to leverage its Natural Language Processing and scoring technologies, which it has been developing and improving for 6 years, in order to sell targeting based on the semantic analysis of the page and not on personal data.