Fraud and PR risk with ‘Zero Party’ Data

21st July 2022

As more “zero party” data providers have come to market in the past 2 years, a clear recent example keeps coming to my mind. When I first became familiar with the Jumpshot dataset it was marketed as a “fully opted-in panel of millions of users.” Jumpshot was based on the distribution of a “free” anti-virus software package from AVG which then collected incredibly granular data on all users unless … the user knew to opt-out.

A year after I first became aware of the company, Jumpshot imploded when Vice magazine rightfully pointed out that many users had no idea they were being tracked since they had never opted-in. The marketing attempt to describe something as “fully opted-in”, when it clearly was not, backfired spectacularly as soon as the company grew big enough for someone to take notice and point out the obvious. Brands named in the Vice article suffered reputational damage, and investors in AVG saw the stock price dive as accusations of marketing fraud and regulatory issues were openly discussed in the press.

I see the same risks and likely outcomes today as more data companies market their products as “zero party data” – taking creative liberty with a term first used by Forrester in 2019.  

In that report, Forrester coined the term and defined it as data which has been “freely and proactively given by users.” This relatively simple and clear definition is easy to illustrate with a few examples and, not by chance and quite cleverly, is used by Forrester itself in its FeedbackNow products. I saw a bathroom survey powered by FeedbackNow at Newark airport a few weeks ago which included a physical stand and buttons (happy face/sad face) to rate restroom cleanliness. This is indeed clearly “freely given” data – hit the button on your way out, and the airport is free to use the data however it wishes. Use it for feedback, sell it, publish it online – nobody cares since it’s just single point of feedback bathroom survey. And, very importantly, the user is not being tracked as a result of hitting the physical bathroom survey button. (Though those of us in marketing tech know  they are likely being tracked via wifi and Bluetooth by other apps as they leave the airport …) So, I clearly agree that this is zero party data.

The bathroom survey also gives a user the option to scan a QR code and go to a website to hit the happy face/sad face buttons online instead of physically. On the site (screenshot below), there is are no instructions and no privacy policy or consent mechanism. Just a simple button to push and that’s it, and the idea is clear that this is all that’s being captured. So long as that vote is all that’s being captured, this is also clearly freely given data and qualifies as zero party.   

But again, those of us in marketing tech know that the user’s browser information, IP address, device ID, location, and many others pieces of information could be captured in that interaction as well — and that information could then be married with any number of other data provider’s profiles on this user to form a more complete picture and track this user virtually everywhere. Stating the obvious, which shouldn’t be required but obviously is in this MarTech world of data scandal after data scandal, none of that data could be called freely-given and shouldn’t be collected or used at all.

Hopefully these examples call out clearly the key parameters of what can be called zero party data  — freely and proactively given, only the data that is specifically asked for is collected, and there is no expectation of payment on the part of the user no matter how the data is used.

Any application gathering user data “passively, in the background” can’t claim to be zero party data  — passive cannot equal proactive. Any captured data that is more than what a consumer has specifically offered can’t be called zero party data. Any data that involves payment to the consumer or promise of a future revenue share can’t be called zero party data since it’s not “freely given” if payment is expected. All of this data could be called first party data and treated with the same care and regulatory process as expected.

So what’s the fraud and PR risk with zero party data? Just as with Jumpshot data, when marketing claims don’t clearly match consumer understanding and expectations, it’s just a matter of time before someone calls foul. Brands would do well to steer clear of, or at least use with extreme caution, any data provider claiming to offer zero party data  unless it’s crystal clear that it meets the “freely and proactively” given criteria.

Share this Post: