Consumer Retargeting: What’s the Problem?
“I admit that I don’t understand.” says Alyce General Counsel Andy Dale. “I don’t understand the [consumer’s] frustration and maybe it’s because in law school you get pounded with this concept of damages. How is the person damaged?”
What is frustrating about visiting Amazon and looking at something and then seeing it later? Is that frustrating or does it feel unfair? Does it feel somebody is using their data in a way that they weren’t aware of? Does it go to UX? Should [publishers and advertisers] be explaining this better to consumers? I honestly don’t know.
―Andy Dale, Alyce General Counsel
The answers to Dale’s questions are, from the evolving consumer point of view, increasingly yes across the board. The sense of “frustration,” the lack of “fairness,” and the lack of transparency on behalf of publishers and brands regarding how and why they use consumer data, is coming across louder and clearer.
And the concept of damages? Perhaps this is more contract dispute than tort (though the two are not mutually exclusive).
Consumers Don’t Like What They See
Consumers now generally understand that services like browsers and apps aren’t free and are “paid for” with information about themselves and their interactions with brands and publishers as currency. But the “cost” escalated quickly and pervasively (even surreptitiously) in ways that are beyond the vast majority of consumers’ understanding or comfort. Furthermore, the use of dark patterns and other obfuscations deployed to prevent transparency and understanding is not helping to assuage concerns.
Consumers are looking for a new deal. A novation if you will. And existing and emerging data privacy regulations are writing what many consumers agree are the necessary clauses to address data privacy and control.
Marketers themselves should consider the value of this reset to their customer relationships. In “Who’s Data is it Anyway?” the UK’s Chartered Institute of Marketing (CIM) writes:
The trust dynamic between consumers and organisations is on a knife’s edge, with consumers reporting that the values of honesty and integrity have been eroded when it comes to personal data – leaving them feeling cynical and increasingly unwilling to share their data at all.”
Perhaps most damningly the CIM found that “authentic customer engagement is something that many marketers talk about but don’t deliver when it comes to data. So much so that many marketers are dubious about releasing their own data as consumers. This begs the question: are marketers and the organizations they work for really getting the balance right, and placing customers at the centre of their thinking and practices?” (Emphasis added.)
AdTech Doesn’t Like What It Sees
AdTech company Inūvo defines retargeting (also known as “remarketing”) as “a form of online advertising that can help you keep your brand in front of bounced traffic after they leave your website.”
But this deceptively simple definition refers to a highly complex technical ecosystem (AdTech) that enables marketing practices like retargeting: Practices that are dependent upon collecting, concatenating, and “sharing” copious amounts of consumer data: data that is compiled from consumer activities online, across devices, and even offline.
It is this ecosystem, that while highly effective from a sales perspective – retargeted ads have a 70% higher conversion impact  – is at the heart of the tension between sales and marketing and data privacy. It is here that consumers began to realize just how much of their data was being collected and led, in part, to a raft of legislation. As the CIM, and many others like Consumer Reports, KPMG, and Llewellyn Consulting have more recently have pointed out, the perceived erosion of highly prized values like honesty and integrity may in fact keep consumers away.
The consequent challenges to the retargeting marketing strategy, and the AdTech ecosystem, posed by regulations such as GDPR, CCPA and the CPRA  were discussed during the WireWheel SPOKES Conference on December 2, 2020.
The panelist gathered to discuss “The Impact of Privacy Regulations on Social Media & Retargeting” was moderated by Consumer Reports policy analyst Maureen Mahoney, Ph.D., and included: Andy Dale, General Counsel, Head of Strategic Partnerships, Alyce; Ayaz Minhas, Manager, Data Privacy and Digital Programs, BBB National Programs; and founder of D.C. law firm Zwillgen, Marc Zwillinger.
Does the CPRA Kill Retargeting?
I think people behind CPRA would take the position that it stops all behavioral advertising, and it stops retargeting. The reason they take that position is because instead of “sell,” we have “sell” and “share.”  And we have a definition of cross contextual behavioral advertising  that really does look like it’s designed to stop OBA [online behavioral advertising] and third-party advertising.”
However, “the CCPA doesn’t prevent anyone from retargeting at this point” notes Mark…That said, “I think we are going to get into a much more interesting question when we talk about whether the CPRA prevents retargeting. We may have some different views on that and certainly Alistair McTaggart will probably have a different view.”
McTaggart, the entrepreneur and data privacy advocate who inspired and led California’s privacy initiative, certainly does have a different view:
“The business of being able to track me across a whole bunch of websites and have Facebook know what I’m doing on all those different websites, when I don’t want them to know…, I think that that goes away. Clearly one of the goals here is to give you [the consumer] power to know who you’re doing business with because you’re intentionally interacting with that website. But what you don’t expect is that interaction will be shared, used, and monetized by other businesses that you’ve never heard of. 
So perhaps the answer (and intent), is “yes” first-party retargeting is okay as there is a direct and intentional relationship between the consumer and the publisher or brand. But “no” to third-party retargeting without the consumers’ explicit consent.
As Ayaz Minhas proffers, “ultimately, I do think [that] clarification surrounding these issues with the definitions in the statute and with the characterizations is going to depend on what the enforcement actions look like…or if the new privacy agency…issues its own enforcement actions clarifying some of these practices.”
In any case, is asking permission really so damning? And if so, why? These may be the more pertinent issues for marketers to clarify.
 GDPR is the General Data Protection Regulation (2016). CCPA is the California Consumer Privacy Act (2018); The recently passed Proposition 24 resulted in the CPRA (California Privacy Rights Act) which goes into effect in January 2023 with some provisions having a 12-month lookback. Note: The CPPA is currently undergoing another round of modifications.
 The definition of “sell” in both the amended CCPA and the CPRA reads as follows: “Sell,” “selling,” “sale,” or “sold,” means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, In writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration.
 The CPRA defines cross-context behavioral advertising as “the targeting of advertising to a consumer based on the consumer’s personal information obtained from the consumer’s activity across businesses, distinctly-branded websites, applications, or services, other than the business, distinctly-branded website, application, or service with which the consumer intentionally interacts.
 Alistair joined former Obama administration Acting Under Secretary, U.S. Department of Commerce and WireWheel CEO Justin Antonipillai at the Spokes Conference to discuss the CCPA and CPRA. Their conversation can be heard here.