• by Cory Treffiletti , Featured Contributor, August 23, 2023

In every conversation I have, I ask the same questions about first-party data and IP addresses.  If third-party cookies go away, and if GDPR is followed to the letter of the regulation, how does the digital media ecosystem either deny or permit access to these two toolsets for marketers?

At first pass, we have to clearly define what first-party data is.  Most brands refer to what they know about their customer as first-party data.  These are B2C businesses, and they have permission to know something about their customers. 

The digital ecosystem gets really interesting when you consider that most of the channels we use to target an audience are also B2C businesses, and they have the same rights.  Google, Facebook, X (Twitter) and other major platforms have loads of first-party data to work with, and when you as a brand decide to work with them, you are simply bringing together two first-party data assets.  That works fine, albeit not as efficiently as the DMP-based world when you could build those audiences and port them into any platform to work for your campaign. 

If you expand your thinking a little further, mobile + streaming video providers like AT&T, Verizon and T-Mobile also have these rights, so very quickly you can still maintain a strong level of identification and targeting without third-party data assets.  That means most large advertisers won’t see that much of a change in their ability to find and locate an audience.

IP addresses are a little murkier.  If you use them in aggregate at the network level, they seem permissible.  An IP address has to be tied back to some other identifier in order to be part of the audience, and those same mobile + video providers mentioned above can do that within the confines of first-party data, because they are likely using devices and services that permit this data matching.

GDPR takes a more conservative approach, but from the people I spoke to, that type of matching seems permissible.  So maybe IP address is considered first-party data by the companies who have those B2C businesses with hardware and service solutions that permit them access to that information.

There’s another question I ask when I talk to these marketers: Do they truly believe third-party data will be going away in 2025, or beyond?  The response is about 50/50, with many people taking the stance that it doesn’t really matter if it goes away.  Eventually, the big tech companies will have a back-up plan for enabling identity and targeting. 

Sometimes the response I get is that this model of less data for targeting simply means advertisers can start being creative again, focusing on the story and how we tell it. If we aren’t so focused on the technology, maybe we can spare up some of that brainpower to have a little fun and be creative!

I hope that’s the case.  I’ve been writing this column for 23 years straight, and I can’t write about third-party data for another 23 years.  None of you will want to keep reading it!