An In-Depth Look At Second-Party Data For Digital Marketers
Second-party data is something you don't hear about often. In part three of his multi-part series on the data landscape, columnist Alistair Dent takes a look at what second-party data is and how you can use it.
As compared to first- or third-party data, second-party data is something you don’t hear about often. Because it’s so rare, you’ll hear conflicting definitions — so, rather than defining it, perhaps the best thing to do is to describe it.
What Is Second-Party Data?
You can think of second-party data as data that users aren’t giving you directly, but that you’re obtaining through a direct relationship with another entity. This data is generally unique to you (not available and/or applicable to other advertisers), but it is not strictly “yours” in the sense that you did not collect it from users directly.
Lots of data types fall into this category, so it’s often easiest to think of second-party data as anything that isn’t first- or third-party.
Take, for instance, keyword data in AdWords. Users gave that information to Google, not to you. You receive it as part of the relationship you have with AdWords, but you’ve received it whether or not a user agrees to your privacy policies. If they land on your site, block cookies and bounce, you’ll still have that record in AdWords of a click on that keyword.
If you’re running a display campaign targeting interest categories, then every user reaching you from target X has given you extra information. That’s not first-party data. They gave that information to the ad network (and can opt out via Ad Choices or similar) and the ad network has given it to you. You’ve received this data indirectly by saying, “If a user reaches me from a campaign targeting skiing enthusiasts, then they’re a skiing enthusiast.” The direct route would be for the ad network to send you that information directly, which is rare.
There is another source of second-party data worth discussing, and that’s data available from direct relationships with other businesses.
Many non-competitive businesses offering complementary products or services to similar customer bases may choose to share data with one another. If I run “Luxury Kitchens PLC,” I have customers purchasing expensive kitchens and installations. My acquaintance runs “Appliances Ltd,” who offers fridges, microwaves, ovens, etc.
People in the market for expensive kitchens are more likely to want new appliances than the population average. Similarly, people buying top-end appliances are more likely to choose a luxury kitchen supplier than those choosing entry-level appliances. So, each business has information to help the other target their ads.
By sharing this information directly with each other rather than selling it to data brokers and buying it in an anonymized and aggregated form, these companies are able to target customers using second-party data.
How Do I Collect This?
There are several mechanisms to collect and use second-party data, each requiring different levels of investment but providing equivalent capabilities.
A Data Management Platform (DMP) is the preferred method. It is the most expensive method of the three I will discuss, but it also has the most capabilities.
Publisher data can be collected either on page or from the ad platforms (like AdWords) and linked to every other data point available. By facilitating these links, a DMP makes this data targetable. It allows me, as an advertiser, to use this data in my demand-side platform (DSP) as if it’s first party, or to use Remarketing Lists for Search Ads (RLSA) to get it into search.
A DMP has a master set of cookies to make this possible, so for each cookie that matches X piece of second party information, I also know which of my other targeting segments they match. So I can do search to display retargeting by leveraging keyword data (which is collected by and owned by the search engine) in my display targeting, by putting the keyword data into those master cookies and buying against display audiences (including lookalike audiences) that match those segments.
The second option is to do it all myself. By using a tag manager and cookies, I can start collecting the data as it comes in from publishers and targeting it via remarketing. By asking my partners to put my own remarketing pixels on their site (which fire when my criteria are matched), I can start targeting their visitors or customers. (I can offer the same to my partners, too.)
The third mechanism again uses master cookies, but without the power and flexibility of a DMP. I can choose a shared-cookie environment to target on that data. In this method, I’m not collecting the data myself, but am asking a third party like Marin to do it for me. They act like a mini-DMP (that I don’t own) to offer me the ability to target second-party data.
This works very well for sharing between partners, because no other companies ever need to deploy my own cookie. Each partner involved simply uses Marin’s system and, in that shared environment, I can pick and choose which audiences to target, and Marin will enable that in my DSP (or into search via RLSA).
This Sounds Great. What’s The Hitch?
Unsurprisingly, there is a lot of extra work to be done to make sure this is all done in a privacy-compliant manner.
You can’t just start sharing data willy-nilly. That’s bad.
Your users need to be informed ahead of time that this is going to happen, and they need to be able to opt out. You can choose whether to use opt-in or opt-out messaging, but you mustn’t hide it. You have to be clear that one of their options lets other company B target them, simply for being a customer of company A.
There are also complications around giving another company access to deploy pixels on your website and post-purchase confirmations. You’re not just allowing users to be targeted, you’re allowing them to be tracked and compared against the other company’s database.
A shared cookie environment helps a lot in this situation. An organization that both companies trust can be used to deploy pixels that both companies can target against.
Second-party data is a bit of a filler, sitting in the gap between the far more obvious first- and third-party data. You use it all the time without realizing it, but leveraging the best of what it has to offer is far more tricky (and a bit of a legal minefield).
If you’re going to start making the most of this kind of data, make sure you have very strong relationships in place.