Gergana Kirovska – LiveRamp

Gergana Kirovska is the Head of Growth for Privacy and Consumer Experiences at LiveRamp. Coming from a trade marketing function, Gergana was eager to get involved in digital advertising. After joining Bannerconnect in 2014, she quickly picked up on the industry’s most interesting challenges and dipped her hands into the world of innovation. In 2017 she joined GroupM as an Innovation Manager, allowing her to focus on opportunities that could potentially become the next ‘big thing’ in the Dutch advertising market. R&D is close to her heart, not just because of the challenges it provides and solves, but also because it drives innovation across a wide range of people and products. When faced with the possibility to create and lead the commercial team for Privacy Manager, an enterprise Privacy Preference and Consent Management platform, Gergana could not pass on the opportunity. She is determined to drive a real impact on creating better online experiences for everyone.

How do you see data regulations nowadays with similar frameworks like gdpr being adopted globally?

Diving right in, there are a number of countries and states that are following the EU and California in adopting Privacy regulations. Think about Japan, Australia, Brazil, Canada just to name a few.  Some ask for consent permission before data collection happens (like GDPR), while others ask consumers for an active OptOut (like CCPA). There are similarities between them and they all have the same goal: give consumers choice and control over their personal data. In practice, having fragmented regulations on a state or country level inevitably leads to complexities in terms of the ability and effort global businesses need to make in order to apply to all of them. Organizing for privacy is a real technical challenge.  This is where Privacy Technology tools like Consent Management Platforms come into play and attempt to take away these complexities and make privacy work in reality.

For those who are not familiar, could you introduce/say a bit more about consent management platforms (cmp) and how that’s different from adding privacy popups and tools?

Consent Management Platforms are fundamentally different than just having a privacy popup or a banner on a web page. And the difference lays with what happens beyond the banner.  While a privacy popup might allow consumers to make a choice on their data sharing preferences, a CMP (if adopted correctly) ensures that that choice is auditable, as well as communicated in a technical language that can be read by hundreds of third parties in an online advertising environment and last but not least respected by third parties.  It’s a technology, which helps consumers make informed decisions, while it also enables businesses to operate in a technologically complex environment where every millisecond counts. A millisecond in a world of programmatic, RTB, PreBid is the difference between a captured and lost opportunity.  Once GDPR went into effect, a number of businesses decided to build in-house solutions for privacy and some of them succeeded. One of the biggest challenges that they faced later is that building a CMP isn’t a project with a start and end date, it is an ongoing effort and it requires dedicated focus, integrations with other software and resources in order to keep it working and relevant. Due to that, the majority of inhouse solutions were depreciated and businesses moved to commercial CMPs.

Are there new technologies to consider, since we last spoke, for the proper installment of the cmp and what are the benefits?

Absolutely, in the last year there have been a number of developments not only in Privacy, but also in the online ecosystem.  On the Privacy side, we see the large impact by changes like the launch of IAB TCF v2.0 (the updated Transparency and Consent Framework), CCPA going into effect as well as having a number of privacy regulations going into effect globally (like in Brazil, Japan, Australia, Canada and more). Specific interpretations of GDPR and guidance from European country-specific authorities has made it more complex for global companies to provide the necessary level of controls to consumers at scale.  On the technological side, PreBid and AMP (Accelerated Mobile Pages) are all important technologies for the online advertising industry that are now adopting ways to support IAB’s TCF. But one of the biggest changes on the horizon is the depreciation of third party cookies and how to make privacy tools work in a cookieless world.  Several things to consider if you haven’t done so yet: 

• Ensure you are aware of the regulations that apply to your business. Just because you are based in a country outside of the EU, doesn’t mean that GDPR doesn’t apply to your consumers. If you provide services to consumers in Europe, you need to comply to GDPR. 
• IAB TCF v2.0 provides substantial changes compared to version 1. What is more, this is the moment that Google officially started supporting the framework. Ensure you are speaking the common industry language and comply not just with GDPR, but with TCF, because that is what will have an impact on your business goals like monetization and ROI. 
• Talk to your technology provider and start thinking about how you will address privacy in a cookieless world. With the depreciation cookies, we see new technologies and notions emerging – would you focus on authenticated users (the users you know based on deterministic data) or would your users be largely unauthenticated. Start educating yourself on the notion of privacy sandboxes and how those would work.

What’s exciting you about cmp’s and what is the state of adoption looking like?

Look, CMPs exist today as there is a problem to solve and a need to fill – making privacy work in practice. The reality is a good CMP can help businesses inform consumers about the choices they make in terms of their privacy, but also about the value that they get in return for sharing their data. For businesses however in most cases CMPs enable them to sustain their business, and on rare occasions – to grow them.  In order to make this right, we as an industry need to shift our thinking from “Privacy is a checkbox – I don’t want to get a fine” to “Privacy is an opportunity, it’s a chance to fix a problem and re-build consumer trust”. Nowadays, especially in Europe, it’s more common to see a CMP when visiting the digital environment of brands or publishers than not. We see consumers care more about their privacy and data choices than before. However, we also see that over 80% of websites don’t have a complaint mechanism in place that respects GDPR and the policies of  IAB TCF.  Integrating privacy into the overall consumer experience will make the difference between forcing/tricking consumers to consent and actually earning your consumers’ trust and increasing consent rates based on clear value exchange.

What is your advice in leveraging cmp’s as a path to building first-party products/solutions?

First party product solutions are powered by consumer data. To ensure that you are able to collect and act upon consumer data, you need a proper mechanism to ask permission from your consumers and communicate that permission to your partners. This is where a CMP comes into play. But a CMP is not a magic tool that solves everything with one click and you will have to put effort into making it work for you. That is key –  you need to make a CMP work for your business needs and the experience of your consumers, not the other way around. When you find a CMP that enables your goals and you take the time to build a strategy on integrating your privacy efforts into your overall consumer experience you will be able to enjoy the benefits of making privacy your friend.