Login is restricted to DCN Publisher Members. If you are a DCN Member and don't have an account, register here.

Digital Content Next


InContext / An inside look at the business of digital content

4 proposals for navigating post-cookie identity

April 5, 2021 | By Pierre Diennet, Vice President of Product Management – Lotame @Lotame

In early March, Google announced that it was committing to its FLoC method of targeting and would not support alternative identifiers in any of its adtech products. The industry had a small, and understandable, panic attack.

Don’t worry. This is good news. There are still a lot of alternatives available for each use case. Alternatives include cohorts, contextual, authenticated identity, and probabilistic identity.


FLoC (Federated Learning of Cohorts) is technically the addition of a semantic classifier to the Chrome browser. It will scrape page content and URL data and qualify users into small segment groups based on their navigation history. Everyone’s still being tracked, but now only by Google.

It’s a pretty blatant data land grab. Google is using the specious legal argument that if a consumer browses the Internet with Google Chrome, all of the data collected while they browse is the first-party data of Google. Publishers, marketers, and most importantly users of the internet should take a careful look at what Google is doing.

Critical questions:
  1. Is the algorithm that builds these cohorts going to be open to publishers and partners for investigation?
  2. How exactly will Google decide what cohorts to qualify users in? And how can we be sure they won’t be the cohorts that make Google the most money?
  3. How will Google differentiate between valuable and less valuable scraped content?
  4. If one company controls the advertising of, the discovery of, the navigation of, and the monetization of the internet, how is this not an antitrust issue?
  5. Are cohorts privacy safe and are there controls for the consumer? Why, for example, has the Hague flagged FLoC as potentially non-GDPR compliant? 

If it’s neither privacy-compliant, nor competitive, nor pro-publisher, then what’s FLoC’s value to the industry? 

Contextual targeting

Contextual has gained a lot of traction in recent months. There are some that think contextual targeting is a privacy carte blanche. The truth is a little more complicated. Contextual does not require user consent as long it’s scoped to a single page of content.

However, as soon the context of more than one page is combined, even in session, even on a single publisher’s site, it becomes tracking. Thus, it carries the same legal burden of consent as any other tracking method. Further, without cookies, device IDs or other third-party identifiers, contextual has obvious struggles. These include precision, scale, frequency capping and, most importantly, measurement, which is critical to attract spend from advertisers.  

Our recent survey of publishers and advertisers found more than 69% of U.S. publishers are bullish on contextual targeting as a replacement for audience targeting. However, 66% of advertisers disagree. That’s a big enough divide to question placing all bets on context.

Authenticated identity (deterministic)

Authenticated, or deterministic, identity requires the user to provide a known piece of personally identifiable information, such as an email address. To obtain that email address, publishers, data providers, and brands ask consumers to log-in or register to a site/app to access free content, deals, or other services.

There are a lot of worthwhile pros here. Because it can be tied to a person, it’s a highly accurate solution and great for targeting and measurement. Additionally, user consent is easy to track, which allays privacy concerns.

However, how much of the web requires logging in? Early estimates expect the authenticated web to capture 10-20% of users. Scale is a real issue. Some publishers have a clear advantage in the authenticated lane. The vast majority of publishers will struggle to drive authentication, while others have built their value around free and open content. Without deep technical and monetary resources to draw on, authentication could be a game-over for many.

Non-authenticated identity (probabilistic)

To capture the rest of the 80% of the open web, publishers can use non-authenticated identity. This is better known as probabilistic ID. The tech behind the probabilistic method assigns a cluster of devices and browser signals to an ID that can be moved via established pipes into activation channels. Publicly available, IAB-approved signals can include IP address, time stamp, or browser user agent.

Probabilistic identity is the perfect complement to deterministic identity. Probabilistic is data minimized with no email, home address, or phone number required. It scores points for consumer privacy and ensuring that no brute force attack on an encrypted ID can reveal an email or a phone number.

Unfortunately, probabilistic identity is also widely misunderstood in the industry. While it does rely on IP address, some misconstrue it as fingerprinting. In fact, probabilistic identity has no more or less privacy burden then multi-page contextual targeting that leverages a first-party cookie. IAB Europe Transparency and Consent Framework 2.0 stipulates that “with consent, vendors can create an identifier using data collected automatically from a device for specific characteristics, e.g., IP address.”

Certainly, it’s up to you to pick the best solution for your business. That said, it always makes sense to diversify your toolset to capture the most revenue possible. It’s too early to tell which tools will perform best for which marketers. So, having all of them at your disposal allows you to work with more brands.

Liked this article?

Subscribe to the InContext newsletter to get insights like this delivered to your inbox every week.