Understanding the risks of data leakage

Personal data are leaked across the online advertising system. This exposes all parties to legal risk under the GDPR and the ePrivacy Regulation from 25 May 2018.

PageFair is inviting industry to collaborate on this problem.

Learn more

Many companies interact to transact the online bidding that selects what ad will be shown to what person on a website. They coordinate with each other using third party cookies and a process known as cookie syncing, which cross-references their tracking cookies. This means that PII held by one party is shared with many other parties.

Ad exchanges coordinate the auctioning process that determines whose ad will be shown to a user on a website. The exchange shares what it knows about a website user (its own identifier on the user, the URL the user is on, the IP address and “user agent” details of the user’s browser and system) with several hundred prospective advertisers so that they can decide whether to place a bid for that user’s attention.

When possible the exchange also sends prospective bidders their own identifier on the user, matched in a recent cookie sync, so that bidder can check what it knows about the visitor.

Data leakage is one of the problems that exposes brands, agencies, publishers, and adtech companies to legal hazard under the GDPR and the ePrivacy Regulation.

We can neutralize this risk.