New state privacy laws have brands and agencies adopting privacy-focused solutions for the safe handling of data. Data clean rooms are one product that has received the lion’s share of attention, as they promise to help brands safely collaborate and transfer data.
As with many emerging advertising technology solutions, the promise of clean rooms has been swept up in the hype. They’ve become so popular so quickly that they now carry a reputation as being a “must have” or “the only” solution.
While clean rooms do offer significant value in today’s privacy-first world of data, they are not the be-all and end-all for brands seeking controlled and reliable means of data collaboration. There are other approaches that have been in place for decades and remain viable options for data security, privacy and compliance.
A history of safety
Clean rooms have skyrocketed in popularity because there is a lot more scrutiny in how consumer data is collected, stored and activated across the entire advertising ecosystem.
This level of scrutiny is hardly new to brands that have long relied on the safe storage of sensitive data, like those in the credit (credit card and bureaus), investment and financial services space. These brands have more than two decades of experience in safely encrypting data for storage and activation. In fact, if these brands hadn’t been transferring data safely, they would have been shut down years ago.
Data moved between platforms, brands and data providers can also be encrypted in transit and posted to a secure file transfer protocol or SFTP. This approach isn’t new, and can keep customer identity data separate from the full data set until the two meet on the other side.
This sounds a lot like how clean rooms work. The difference is that clean rooms offer a new working environment with a few more bells and whistles.
But not everyone needs those bells and whistles. In some ways, the horse has now come before the cart, and brands are seeking out a product that has added features without first considering their needs.
Compliance and security remain at the heart of the advertiser’s mission. But the jury is still out on the ROI, value add and ease of execution for clean rooms.
Certified compliance
If brands understand that they need compliance in order to move and use data, then it’s easier to see some differentiation between established tactics and the newer clean room solutions.
Before clean room mania swept the industry, the biggest concern around data sharing was privacy and compliance. Brands eagerly sought out partners who had third-party certifications and accreditations, ensuring that whenever data was shared with these partners, it was done with strict adherence to the law.
Compliance standards like SOC 2, HIPAA, and FCRA demonstrate that companies meet rigorous standards and have undergone an audit to ensure their compliance. These are voluntary standards that have been around for more than a decade – in the case of HIPAA, almost 30 years. Whereas data clean rooms are fairly new tools, there are no universal standards for their implementation yet.
Previously, these accreditations were table stakes for handling sensitive data. It’s odd, then, that so few of the newer clean room products have achieved SOC 2 compliance, yet still garner marketers’ trust. If SOC 2 was critical just two years ago, shouldn’t it remain so going forward?
Other factors to consider
A clean room isn’t always the right tool for the job. Clean rooms are primarily used to share first-party data and personally identifiable information. If a brand is not sharing data that falls under this banner, then an SFTP transfer of encrypted data is most certainly sufficient.
It’s worth noting that clean rooms do not solve brands’ identity needs, either. Many of the new identity solutions popping up to replace third-party cookie functionality are actually adjacent to clean rooms, rather than interoperable components. Finding the right partners to expand a brand’s identity graph and future-proof audience targeting is still the most important first step. Then, perhaps, a clean room can be an option to connect the data.
While clean rooms do provide significant value when used between two partners, brands need to account for a number of important factors when they look to scale their operations. Obtaining rich insights across multiple partners requires heavy coordination. There’s also the issue of cost, with not all brands able to readily pull the trigger on a clean room investment.
Ask why before the investment
Many players in the data space have risen to the occasion and are connected with clean rooms to maintain safe places for brands to work with data. Yet it’s important to remember that these safe spaces have always existed.
Brands need to first consider what they want to accomplish with their data. Then, they should investigate whether a clean room fits into their current strategy, technology stack and budget with a keen eye on if this move will offer significant enough incremental value.
Many brands may find that they can accomplish their goals with existing partners and technologies, grounded in a dedicated approach to data privacy.
“Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.
Follow Alliant and AdExchanger on LinkedIn.
For more articles featuring Donna Hamilton, click here.
