As an independent ad tech advisor, Ivan provides professional advice to the CEO and C-level management of the company SmartyAds Inc.

2023 was remarkable in terms of how far AI-based advertising technologies marched, just as much as it was notorious for data scandals and cyberattacks stirred by global conflicts. As a consequence of this, tech giants received over $3 billion privacy-related fines, including some of the most renowned companies. Some companies worldwide were fined for data breaches while others failed to create a solid ground for data processing, which led to $2.248 billion in GDPR violation fines in total.

As even large technological giants that heavily invest in security fall prey to data misuse scandals, ad tech companies with their multilayered data infrastructure should pay special attention to build solid solutions in 2024. What things should ad tech businesses take into consideration?

Privacy Regulations In Focus

In 2023, Meta decided to offer users in Europe a monthly subscription to Facebook and Instagram without ads. This way, Meta planned to resolve the issue of getting user consent. However, it has sparked more controversy related to new GDPR-related lawsuits. Likewise, TikTok has been fined $370 million for violating laws on the protection of children’s personal data in the European Union. For ad tech providers, the French regulatory authority fined Criteo $44 million for violations including failures to obtain user consent, incomplete privacy standards and mechanisms for data erasing.

To avoid scenarios like this, ad tech companies should put privacy at the center point of their operation without circumventing EU privacy regulations, including COPPA. It is important to elaborate on clear instructions for data collection and processing. Before leveraging data coming from the EU, it is necessary to conduct a GDPR analysis that includes auditing GDPR documentation, such as privacy policies. The same is required for those businesses that process data falling within COPPA and CCPA regulations.

To avoid fines, it’s crucial for the privacy policy to extensively outline users’ rights to access, correct and delete information, with these rights easily implementable via working implemented mechanisms. Meanwhile, partner agreements should contain clear responsibilities and consequences regarding the collecting and processing of user data.

AI-Driven Solutions Against AI-Driven Cyber Threats

According to a global AI study conducted in 2023, 84% of people associate AI usage with potential risks such as data leakage or system failures.

As we witnessed the real surge of AI and ChatGPT usage last year, the advertising market also stumbled upon completely new threats and problems, starting with automatically generated made-for-advertising (MFA) websites and ending with AI-driven content farms. Today, AI has the capability to gather personal information from social media, analyze patterns in human behavior and even mimic a person’s voice. That’s why developers of AI and ML systems will need to learn how to manage the risks associated with new technologies.

At the same time, smart technologies are used for the protection of ad tech platforms. They can analyze cybersecurity threats and then process vast amounts of data in real time, which is significantly faster than the traditional analysis methods. By utilizing these algorithms, the tech system can continuously adapt to new threats, ensuring that organizations are always one step ahead of fraudsters.

As technological progress advances and cyber threats evolve, it is crucial to strengthen partnerships in this field. Almost every reputable ad tech vendor that protects its reputation today collaborates with experts in this area that possess and develop the best mechanisms for detecting and preventing sophisticated invalid traffic (SIVT) and general invalid traffic (GIVT) ad fraud.

Data Clean Rooms: The Rising Stars In Ad Tech’s Privacy Arsenal

Data clean rooms (DCRs), with their combined datasets that adhere to the privacy rules, have become arguably one of the most popular solutions that aims to resolve major known privacy problems in 2023. In DCRs, personal identifiable information (PII) or data attributing to individual users is not disclosed to any participants, making it impossible to identify users with unique identifiers.

More so, DCR frameworks ensure that one party cannot access the data of another, aligning with the core principle that data at the individual level cannot be transferred between different companies without consent. Amazon, Google and other big ad tech providers have their own DCRs, while other smaller companies are partnering with vendors. There are currently between 250 to 500 DCR implementations available on the market. At this point, the technology is embraced by roughly 80% of advertisers.

Business-Specific Data Protection

A data breach is one of the most frightening events that can happen to an ad tech operator, no matter if the reason was a cyberattack or the carelessness of company employees. The 2023 MOVEit cyberattack is just one of many examples that show the impact a breach can have on both people and organizations.

Make an audit of security and data processing solutions that are used in your company, their functions and whether they are relevant to the business needs. For example, if your ad tech business heavily relies on cloud resources, the protection should include mechanisms to ensure information security in the cloud.

As additional cybersecurity guidelines, you can use the frameworks provided by government organizations in your country (such as NIST resources for small businesses in the U.S.). You can also refer to checklists for small businesses available from open sources.

To Wrap It Up

Defending against emerging fraud tactics, complying with evolving regulations and reevaluation of cybersecurity policies are all top challenges that ad tech business owners faced last year and continue to deal with today.

The good news is the privacy landscape is continually advancing, introducing new global privacy regulations and ongoing enhancements. At this point, it is important to research and explore new-generation data processing tools, AI mechanisms and collaboration with reputable vendors as the new norms for building truly safe, efficient and future-proof ad tech solutions.

The information provided here is not legal advice and does not purport to be a substitute for advice of counsel on any specific matter. For legal advice, you should consult with an attorney concerning your specific situation.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

Source link

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *