Ad measurement firms have long preached the need for Brand Safety tools as a core pillar of digital ad campaign verification, to go along with viewability and IVT/bot detection. The ongoing evolution of privacy regulations like GDPR and CCPA have caused the entire marketing ecosystem to place a bigger focus on compliance preparation and internal documentation.
But a fast-emerging critical need for marketers that has not yet been highlighted is that of Compliance Safety -- the ability to quickly evaluate inventory and data sources for core compliance metrics at scale.
At first thought, you may think that existing solutions already provide this capability. Brand safety vendors screen for unsafe content for advertising, after all, and compliance platforms can even track the flow of PII and consent management in internal databases. But, it's amazing to note that there is no data readily available to verify whether campaigns have run on "actually compliant" sites, even those that claim to follow the appropriate consent frameworks in their Ts and Cs.
For example, does a marketer know whether the consent flag that is listed with ad inventory on the programmatic bidstream is in fact coming from a site that has compliant policies or consent mechanisms? After all, it's trivial to insert a consent flag in a bid -- it's generally not an audited process, and the publisher will likely receive higher CPMs with the consent flag than without. This is an identical dynamic to location data, where certain publishers could spoof location coordinates tied to a bid even if they had no idea of the user's location -- nobody was auditing the data and the publisher was guaranteed to get a higher price for the inventory with location coordinates attached than without.
Or does anyone even track if the publisher has a consent management platform at all? Can anyone (other than the triopoly of Google, Facebook, and Amazon with their "for internal-eyes only" data) answer the question, "How thoroughly have publishers implemented GDPR consent frameworks and how has this impacted campaign performance from pre-GDPR days?"
Unfortunately, to date, these questions have been answered only with ad-hoc internal efforts. Even by the largest publisher networks and platforms, a compliance check on websites and inventory sources might be done manually once or twice a year. Terms and conditions in a contract may be reviewed annually or when an agreement comes up for renewal. This is of particular concerns to marketers when in some cases regulatory changes will shift liability for non-compliant advertising to the buyer.
When Brand Safety vendors first launched around 2010, marketers were generally aware that there were websites filled with not-safe-for-work content -- but nobody was aware of the full scope of the problem. And the very definition of what it meant to be "brand safe" was nebulous, certainly in comparison to today's very customized world of brand safety where complex taxonomies, contextual targeting, and even sentiment analysis come into play.
The same dynamic is in play now for Compliance Safety. Everyone in MarTech is aware that requirements have changed, and everyone is saying that they play by the rules -- but nobody is actually checking. From experience, we know that means there are huge gaps in compliance waiting to be exploited -- and that any marketers unlucky enough to be associated with non-compliant websites may have their reputations damaged in the process. And while currently a nebulous term to many, Compliance Safety will rapidly evolve to include extremely granular and continuous monitoring of policies, specific language, consent mechanisms, and anything else that may reduce risk in the digital ad ecosystem for marketers.