Plugging Data Leaks


leak_smallADOTAS – Finally, there’s good news for online publishers facing revenue pressures: you can make money. Not just with your content — with your data. But if you’re not willing to sell it, there’s a good chance someone else will.

Data “leakage” is costing online properties a huge amount of money through the sale of user data without compensation to publishers. Through our experience in building powerful contextual relationships that benefit publishers, advertisers, and consumers, we know that there are robust revenue opportunities that help sites make money without exposing them to data theft.

With all of the recent debate over online privacy issues, there’s certainly a new level of awareness around how marketers are using behavioral targeting data. But, of course, in the online ecosystem, information plays a pivotal role in keeping free the vast majority of the sites where users work, play and interact.

While this longstanding trust/benefit relationship may be modified, a thriving gray market for user data has sprung up, posing huge problems for consumers and publishers alike.

And the income being lost by publishers from data leakage is by no accounts pocket change. In fact, one estimate pegs publishers’ losses at $850 million to $1.2 billion. That figure — enormous as it may seem — is based on a report that found 31% of user data garnered from the top 50 ad-supported publisher sites was being collected without the publisher’s knowledge.

For publishers, the monetization of data without their consent is akin to thievery. These are companies I work with every day, helping them develop ad solutions to support their businesses. Despite consistently healthy audiences and increasing ad revenue, many of them are being exploited by data swindlers.

So how can publishers find out whether the companies they’re partnering with — the ad networks and exchanges providing important revenue streams — are scrupulous and reputable, and aren’t abusing the advertiser-publisher-user relationship?

Here’s a quick checklist:

1) Verify Membership in Industry Organizations. Check for membership in the Interactive Advertising Bureau or the National Advertising Initiative . My company’s a member of both, so I know that they promote responsible advertising, and require members to adhere to strict self-imposed regulations around online privacy.

2) Employ Technology Best Practices. Avoid vendors who use persistent cookies, Flash beacons, locally shared objects (LSOs) — even if they do earn you a few extra bucks, these technologies compromise security, and are tough for users to turn off or opt out of.

3) Keep Contracts Explicit. Make sure vendor agreements contain explicit language about what data’s being collected from your site, and how that data will or will not be reused. Don’t assume that just because it’s not in the contract, data’s not being collected. And keep in mind that with technology evolving daily, it’s quite likely that your existing contracts do not even address recent technical capabilities. One of my clients has recently taken on the tiresome but necessary task of auditing all of his active contracts, and he’s found more than a few bad seeds among them.

4) Explore Contextual Advertising Options. Work with partners who respect the integrity of your customers and their trust in your site. For instance, my company, Vibrant Media, finds safe ways for publishers to serve relevant ads that are relevant to content and context, without needing to target the user. You should be considering behavioral-advertising options, but should expand your mix to maximize your opportunities and ensure you have partner relationships that are considerate of the rights of users and your rights as a publisher.

Whatever comes in the debate over privacy, there is a vibrant future for all forms of online advertising: behavioral and contextual, etc. But the right mix of transparency and disclosure will be required for our ecosystem to evolve in a way that benefits all participants — users, publishers and advertisers. And if we’re lucky, a few of them might even make a little money.


  1. All great points Tim. I would add to #’s 2 and 3 the thought of working with a company like Krux Digital, which has developed specific technology to address/prevent this data leakage. While contracts are certainly enforceable between two partners, what about the other data collectors as part of the chain that aren’t party to the contract? Once a publisher has actionable data protection in place, then publishers can more effectively manage and monetize their data in a privacy safe manner (another service Krux provides)…


Please enter your comment!
Please enter your name here