How to Personalize Without Being Creepy

My apps are trying their best to get to know me.

Netflix offers me the film Lethal Weapon because I like 48 Hours, or recommends the TV program Burn Notice because I like Mad Men and Arrested Development. The predictions are sometimes pretty close to the mark, sometimes seriously off-target, but usually entertaining.

The more entertainment I consume, the better Netflix becomes at predicting what I will like.

Rush was excited to meet me

In contrast, MOG thinks, “Since you love Rush, I bet you’d like to hear some Blue Oyster Cult.”

Nope. I wouldn’t. Sometimes apps miss. And that’s okay.

Netflix and MOG are among an emerging class of applications that are working to understand our unique tastes…and uncover the delicate influences that determine why we want what we want. In so doing, they are becoming increasingly aware of the differences that make us unique.

Over time, I am certain that they will become experts at pleasing us.

With apps like these, personalization is a key product component. Apps don’t just have permission to get to know us, they have the express charge to do so. It’s central to their purpose.

Apps are supposed to get to know us; bluntly customizing to our tastes is how apps prove their value. Ironically, data abounds to give advertisements much of the same personalization capabilities, but ads don’t have license to be so blunt.

Ads have to play it cool, or risk being creepy.

As an ad tech innovator, personalization is really exciting to me. I love the prospect of moving beyond targeting, to crafting ads in real-time to each audience of one – delivering relevant offers that consumers want. I think personalization will drive conversions higher and drastically improve advertisers’ ROI, making each ad more valuable and efficient. The whole industry is thinking along these lines.

As a consumer, however, I’m pretty wary when advertisers cross the line. It seems creepy that advertisers might be watching me, comparing notes about me, sharing data and then building offers that I can’t possibly refuse, because they’ve cracked the code to bring me ads with calls-to-action that are too powerful for me to resist.

The shock of personalizing an offer without providing any context for how the magic trick was done is not usually beneficial. People actually hate that. It feels like a violation.

Case in point: most people find it creepy to get a text message offering them a payday loan when they really do need the money. That’s the sort of data most of us would rather not have shared, and it’s a reminder that data leaks are everywhere. Forget about privacy – the data is out there. What is required is sensibility in handling it.

Advertisers have to adapt their personalization programs to a shifting definition of what’s appropriate. In this regard, defining what is or is not “creepy” is a lot like trying to define what is or is not “pornography.”

In Jacobellis vs. Ohio (1964), Supreme Court Justice Potter Stewart refused to define pornography. He said, “I know it when I see it.” We are all in the same way judging for ourselves what is and is not creepy. Standards for creepiness vary along slender audience segments. Age, technological sophistication and region all play a role in determining what any given consumer perceives as “creepy”.

Potter Stewart, not Patrick Stewart. I know a Supreme Court Justice when I see one.

That said, there are a number of things advertisers can do right now to make sure they are making the most of audience data to drive conversions without crossing the line.

Here are a few recommendations.

One key to personalizing without being creepy is to be upfront about where the data is coming from to power the personalization. Don’t hide the ball…put everything in the open. “Since you listened to U2, we thought you’d like to hear something from Duran Duran”.

Advertisers new to personalization are sometimes tempted to make it seem like a magic trick. But this is usually a really bad idea. The payoff just isn’t there. It’s best to be open about why the ad is personalized and where the data came from to power it. If it’s done correctly, it will feel like a valuable service, instead of a privacy breach.

Interestingly, the ads that appear in personalized apps can typically be personalized without making us feel violated. When ads are personalized inside of an environment that is also personalized, it lends valuable context to the ad. This is why Facebook can offer up sponsored stories, and why Groupon can give you personalized deals. Consumers understand and are coming to expect this behavior. The data and the ad appear inside the “circle of trust”.

Another key to non-creepy personalization is to let people opt out of it. It’s not for everyone, not yet. As soon as the benefits of personalization become evident – which is happening on its own at a very rapid pace – more people will become a lot more accepting. Hugo Liu, Chief Scientist for Hunch, says that personalizing without giving people a way to opt-out is like constructing a building without fire escapes. Personalization can seem like a scary ride; so people will need to know how to get off of it. I would support giving audience members the ability to choose whether or not their experiences are personalized, until consumer acceptance is clearly past the tipping point. Again – that depends on the audience in question.

Finally, rejecting the lure of accessing stale data and instead just using the data that’s right there in the open can yield the best results and also avoid creepiness. Perhaps surprisingly, the most valuable data to use for personalization – the dataset that actually matters most – is usually the data that’s right there in the open. While accessing past purchase history and Experian data might seem like an exciting opportunity, it’s usually not all that relevant to improving the experience or conversion of an ad. Data becomes stale pretty quickly. So there’s usually little to gain from using this sort of data.

It turns out that the most valuable data to make ads more relevant are:

1)  Device type, OS and SDK. Optimizing an ad for the device experience is a critical baseline to making the most relevant and actionable ads possible. We sometimes call this targeting, but it’s a form of customization. If  a user is on Android 2.3.6, eliminate transition effects. If on iOS 5.1, offer a click-to-buy via iTunes.

2)  Location. Where is the user right now? What’s happening around the user right now? Is she shopping, or at a concert? Is she in a hospital or a museum? What’s nearby? Location data can make ads extremely actionable. GPS data is available in HTML5 and advertisers should not be afraid to ask users to share it.

3)  Intent. What is the user searching for? Car dealerships or car parts? Coffee or tea? Have they abandoned a shopping cart? Listening for subtle clues here is important, especially for re-targeting. This is where a partnership with a data management platform can really help.

These data types are readily available in mobile ads, which is what makes mobile a terrific realm for pushing the boundaries of ad personalization, without being creepy.

Tracking & targeting for mobile ads without a UDID

Apple no longer provides a UDID (universal device ID) for any iOS device after iOS5. To some, this feels like it a good thing for consumer privacy. Apple can still use the UDID on iAds, though, so don’t think that it’s just Apple looking out for you. Apple is looking out for Apple; building a moat and making it hard for other networks to compete. Essentially, everyone else has to stop and find another proxy for UDID.

Until now, the UDID was the only means for app developers and mobile advertisers to be able to recognize a unique device. With a UDID, advertisers could track unique impression data and unique interactions for mobile ads. App developers could tie application accounts directly to a device.

The UDID identifies a specific iOS device across all carriers, and when it was exposed, it allowed app developers and advertisers to track and target a specific device, essentially opening the door for hyper-targeting. Carriers obviously know the unique ID of all devices in their network, but now only Apple knows the UDID for all of its iOS5+ devices across all networks. Hence the strategic advantage Apple & iAd seems to have in this regard, because today, without a UDID, this is much more problematic for everyone else.

It’s been proposed that the MAC Address of the 802.11 network interface on the iPhone could be used to replace the UDID. Each network interface has its own MAC Address, and despite what you might have assumed – that the MAC Address would only be exposed when a user is accessing the Internet via wifi – the Mac Address is actually exposed even in 3G or 4G connections.

TV Ad Targeting Might Be Jumping the Shark

WSJ Posted an article today on emerging TV ad targeting practices:

http://online.wsj.com/article/SB10001424052748704288304576171251689944350.html

…and not to take anything away from these brave companies who are pioneering TV ad targeting, they might be jumping the shark here.

I want to draw your attention to some alarming data gathering tactics that will undoubtedly alarm many Americans who won’t see it coming.  It is very discomforting to get a personalized or a targeted ad directed at you unless you a) approve it ahead of time or b) can easily see how the advertiser got the information to personalize an ad to you in the first place.  Cable TV providers know a lot of information about households that many viewers do not know that they know:

1) They know what you watch, what you rent on-demand, and what you DVR

2) They know how many TVs you have, and how many of them are on at once (family size) and what’s being watched on them (family members’ tastes, approximate ages, genders, and overall diversity)

3) They know your account history (Have you ever been late with a payment?  Are you routinely late? What’s your preferred method of payment? What’s your SSN? Do you own or rent your home? Plus dozens of other data points collected at the time the account is opened)

4) And…if your cable company is also your ISP, then they also have your clickstream data…meaning the sites you visit could even become part of your marketing profile.  As an aside…a little known fact…there are about a dozen different companies that actively purchase clickstream data from ISPs at the market rate of about $.40/user/month.  ISPs have no obligation to tell you if they are selling your data, and they won’t admit it if you ask them.

In addition to this, advertisers can blend data from other sources, unbeknownst to the viewers.  The article speaks of “prescription-drug records obtained from insurers” being one such source of information.

I’m not pointing fingers angrily here.  Cable companies are probably not “sharing” information about you as much as they are “leveraging” it…meaning that the data is probably never handed over to any advertisers in a way that is individually traceable.  I would definitely point out that there is no actual danger in advertisers “leveraging” this information for the purpose of giving you better commercials.  But I bet your average American TV viewer would be surprised…and perhaps feel a bit violated by these targeting practices.

I’d like to promote a litmus test for the use of personalization in advertising:  Personalization is fine for most people as long as they can clearly see how advertisers got the information used in the personalization.  But when advertisers are surreptitiously gathering and compositing data, it produces a black box that makes viewers jittery…even angry.  And I think that this has the potential to backfire on quite a few advertisers who are careless in their data gathering and targeting practices.

Advertisers have to take great care in making their targeting choices, and think long and hard about the data sources they bring in to select ads.  Is it fair to create targeting profiles by mixing cable viewer data, clickstream analysis, and “prescription drug records obtained through insurers”? 

The web is a lot easier…and a lot safer…for gathering data, creating context for viewer profiles, compositing multiple data inputs, and targeting viewers or even optimizing creative for them.  Here’s the deal: the web is intentionally personalized by web users through their escalating use of social networks, mobile devices, applications, and social games.  By and large, web users know that they are giving away datapoints for marketers to use.  They understand that this is the way the world works.  They clearly accept and condone a more targeted and personalized web experience by the very nature of adopting and using these tools.

Web users are building a personalized interface to manage their web experiences.  They are creating a personalization layer to provide context and relevance to their online lives.  This personalization layer…since it is created by and managed by each web user…is also a permission layer.  Consumers, for the first time, are beginning to have some sort of control over how their data is accessed and shared.  They control their profiles, who sees what, how much they share.  They are undoubtedly being heavily encouraged to share more and more.  They are being led into far more transparent lives.  But they are not being coerced.  And they are not, for the most part, being lied to or stolen from.  Consumers are in control on the web…and that’s a good thing.  When given the opportunity to be private…they have increasingly chosen to be public.  When given the opportunity to hide their activities or their whereabouts…they have shown an inclination to do the opposite…by checking into locations and accepting invitations for special deals.  All at the cost of giving up some data…but at least they know where the data came from, and how the advertisers got it.

Increasingly, we will all begin to see our own personalization layer as an important filter for our online lives…filtering in content we want, and filtering out content we don’t.  This is a good thing, and it is giving us control over our web experiences like never before.

Our advice to advertisers: don’t jump the shark by using surreptitious or secretive data gathering practices to better target ads.  Instead, be honest and completely 100% open about where data comes from…and give viewers the chance to opt out of advanced targeting that might make them squeamish.  Consumers are giving you a wide swath of access to present relevant ads to them and target them at will…today it happens to be on social media, but that will soon widen to include the entire web as filtered through this personalization layer.

Proposing an Advertising Personalization Standard

I’d like to propose a personalization standard – below are just a few points that I’d like to bring up for discussion:

1)  Relevance. We exist to make video ads relevant to viewers so that advertisers get what they pay for and viewers get ads that don’t suck.  If it’s not relevant, it doesn’t need to be personalized.

2)  Audience Anonymity. It is possible to personalize advertisements to individuals while protecting their identity. You actually don’t need to know much about a user to personalize content to them. Advertisers should be working to protect audience privacy by using some sort of a token validation system, sharing data without exposing it

3) Control. I believe that consumers should be in control of their own data visibility.  I would love it if every consumer took charge over their public profiles and worked to protect their own data.  Since this data is valuable, not only to you but also to advertisers, it would be very savvy of you to negotiate with them on which data they could and could not have.  Your data is like a currency…you should be able to use it to buy things and save money on things.  This has not ever explicitly been explained to people, but it is important to consider.  What if you had a dial to increase or decrease the level of visibility of your own personal information, so that you could decide who saw what and how much it cost them?  That would be cool.  I would be the first customer on that kind of a platform.  The fact is, if you are on Facebook, you already do have access to this kind of control (at least over the information available about you there).  The problem is that it’s not always explained clearly, or even at all.  Defaults are set to “wide open” and you have to dig to make the selections to reduce the publicity of your own data.  That’s wrong, in my opinion.

4) Standards. Up to now, marketers have operated their personalization practices based upon an “honor code”.  Well, you’ve heard that there’s no honor among thieves.  What’s technologically possible isn’t always what’s ethical or appropriate.  Still, you have to believe and trust that it’s usually in a company’s best interest to make personalization safe and to respect consumer privacy on the web.  Companies that use consumer data to construct more relevant advertisements know the stakes are high, that’s why they should put practices and policies in place to be very careful and protect consumers.

Federal regulations are way behind in this regard.  The FTC is beginning to look at a “do not track” list that works a lot like the “do not call” list.  But this isn’t law today, and even when it is, it will probably be impossible to really enforce.  Besides, a list is far from a standard.  Personalization companies have to come together and adopt a set of rules that we all live by.

We’ll probably not soon forget NebuAd, whose stance on data collection and consumer privacy was so egregious that congress called it patently illegal and unethical.  It was shut down worldwide for violating federal wiretapping laws.  I can hardly believe that anyone would think that doing a deep packet inspection on ISP traffic, tapping into emails, web history, and other restricted details would ever seem appropriate.  The fact that 30 ISPs would sign up for it and attempt to monetize their customers behind their backs is just disgusting.  I bring it up for one simple reason:  It illustrates what is technologically possible and the depths to which some companies will go to make a buck.

Consumers have to think about the devices they use, the social networks they join, the places they shop, the websites they visit, the applications they download, the games they play and decide for themselves what they want advertisers to know about them.  But honestly, we’re living in a time when things are changing so fast that consumers can’t be fully blamed for not taking charge of their own online profiles.  They need to be educated, and we need standards to live by in this industry.

To marketers, I say let’s adopt a set of personalization standards to protect consumers…because it is the right thing to do.

What do you think?