April 4, 2020

Implementing Google campaigns in compliance with the GDPR – this is how it works

The fundamentals of personalised advertising are being heckled

Currently it’s pelting the advertising giants from all sides. After lawsuits against Google and Facebook by the EU Commission for abusing their dominant positions, data protection regulators and the EU are simultaneously scrutinising Google’s and Facebook’s data-mining practices. And then along comes Apple, which with iOS 14.5 is requiring app developers to disclose data usage to users and demand their opt-in. Facebook is running up a storm against this – because it’s clear that Apple is turning off an important data spigot here.

Aufsichtsbehörden nehmen Tracking unter die Lupe, und nur 4 % der iPhone-Nutzer erlauben Werbetracking

This means that some of the core technologies for displaying personalized advertising are under scrutiny. That in itself is not really surprising. What is clear is that all tracking-based methods now face a strong headwind. And the authorities are cracking down.

Germany’s top data protectionist Kelber doesn’t believe Facebook and Google are complying with the GDPR: “I am of the firm conviction that the behavior of some of the large Internet corporations is in some cases not compatible with European data protection law.” 

It can be assumed that future regulations and court rulings will have a drastic impact on the core business of these companies – advertising. And thus on all advertisers. 

The question arises: how can one still advertise sensibly in this way? 

How? We think: Better.

By the way, at the end of this path – and this article – is an advertising platform with Google Ads – but without tracking and without cookies. Stay tuned!

Problem area 1: Data processing in the USA

Because even if now makeshift standard contractual clauses have been adapted to the requirements of the GDPR, the Max Schrems vs. Facebook rulings before the European Court of Justice overturned first the Safe Harbor agreement, then the Privacy Shield. The bottom line: all major online advertising platforms transfer user data to the U.S. – that is, to a country without an “adequate level of data protection.” 

In short, every advertiser must now think about how they use these platforms and how they can make this use legally secure for the future.

Problem area 2: Consent to data processing

Beispiel für rechtswidrigen Cookiebanner

The more data we collect, the more necessary is consent managementThe fight of advertisers for the last few cookies they still try to collect sometimes comes up with strange blossoms. The screenshot above shows an article that reports on the complaint of the data protection organization around Max Schrems against the “foisting” of cookies with the help of dark patterns and opaque menus. Below is the cookie banner, which is illegal in this form, which only allows consent in the first step and also assumes consent simply by using the page without further clarification about the data collected.

And another new business area is blossoming, stemming from all the privacy demands: consent management systems that manage user data processing consents or refusals and make them available platform-wide.

So everything is getting more elaborate and complex. 

Oh yes, and the use of Google Analytics has also not been a good idea for a while: see Schrems II. Well, you can continue to use it if you explain the risks of intelligence access in the US and obtain consent. This is then only in most cases not granted, and for the conversion on landing pages is also not good.

The solution: let’s deconstruct the entire system

We assume that informed consent will soon need to be obtained at every step of a campaign. This applies to tracking, cookies, and especially data aggregation in retargeting. That this will not work is clear. 

If this well-rehearsed system no longer works, what options do we even have within the existing highly effective ads system?

We’ve rethought the issue from the ground up. We end up using Google only as the basic infrastructure, taking everything else apart and turning it on its head.

Induction instead of deduction

Let’s start with the first step. Normally, we set Google, Bing and others to put our ads in front of suitable candidates. We now have our ads, switched for example as a “broad match” with keyword placeholders, played out in such a way that our ads reflect the user input. Where appropriate, we also set socio-demographic constraints such as age, income and gender. 

Besides the fact that this common tactic attracts lots of inappropriate traffic (broad match), we are already aggregating a lot of particularly sensitive personal data with it, which we pull and further enrich at each subsequent step through our campaign funnel.

User agnosticism is the future of privacy-friendly and surprisingly effective campaigns.Here it is worth looking in the opposite direction: it is not the exploration of user data that is at the beginning of strategic planning, but the user-agnostic exploration of user interests. How is this possible? Whereas the classic way takes a deductive approach (through exploration), we take an inductive approach (through trial and error).

This step was out of the question until now, because we would have to create a myriad of ads and anticipate the possible user interest and all possible user content and text ads to match. Given the large number of possible terms and ads, this is simply impossible. 

Up to now.

In fact, lyftyfy does just that: it creates inductive campaigns with up to 4 million different ads, all of which are individually texted. That wouldn’t be enough on its own if all these ads were targeting a blanket landing page. So lyftyfy has automated this process as well. For each ad, it generates exactly one matching landing page. Google rightly recognizes a particularly high quality factor in such ad and landing page pairs.

We know nothing, and that is good. And then we know more.

To this point, we’re doing something pretty extraordinary, something that seems downright anachronistic in the current surveillance- and AI-driven advertising scene. We’re not aggregating as much personal data as possible to create a supposedly personalized ad line, we’re aggregating as little as possible.

The thinking is exactly the opposite. We generate a true long-tail campaign in advance that can anticipate almost anything a customer might be looking for in a product or service context. And because our potential leads see our highly customized ads as virtually echoing their own search text, they reward this with a high CTR.

What our customers then actually search for, we can see by what ends up being clicked.

Market research like confettiIt’s like a passive market research strategy. We throw all our ads up in the air like confetti and then watch what snippets our customers pick up, i.e., what our customers are interested in. (Some agencies report that Google prefers to play out short-head campaigns. Clever segmentation helps against this, as described in this article).

Subsequently, this can provide an informed basis for which topics are worth supporting organically with content marketing activities, for example.

Up to this point, however, everything is done anonymously. We don’t need to know anything about our potential leads in advance. 

From ads to super fast landing pages without cookie banners

Exactly matching landing pages to each ad have the critical potential to show a high quality factor. That alone is a competitive advantage. But it goes even further. Privacy-friendly landing pages also perform better. Take speed, for example. If we think consistently here as well, such landing pages should load in a flash. 

Whoever is looking for high-performance landing pages – and they are the bottleneck of any ads campaign – has a solution with lyftyfy landing pages, which load with up to 100% page speed (Google). Obviously, this is quite a conversion-chaser. 

Tracking in reality reduces conversionsOf course, cookie banners are absolutely counterproductive for conversions. So our lyftyfy landing pages are banner-free by default. How so? You may have been surprised when you visited this page that you didn’t have to block or click anything away. We work carefully not to call any external scripts and not to set any cookies – not even functional ones.

There is hardly any other place where the benefits for a privacy-friendly campaign become as clear as here. In the jungle of increasingly restrictive rules and regulations, it is enormously sexy to be able to lure customers again without data protection notices. 

And this in the context of a campaign, of all things. Which seems particularly paradoxical because it is primarily activities by the advertising industry that have brought the General Data Protection Regulation with all its excesses onto the scene. 

Privacy-friendly performance analysis

But what about a professional analysis of our campaign performance. How does Google find out what is performing and how? We don’t want to and can’t do without that. We are reporting to our clients, and Google needs the feedback loop if it is to optimize the campaign. And for that, we already have to run some scripts, right?

lyftyfy consistently ensures data privacy here as well. If we didn’t do without Google Analytics, however, we wouldn’t be a step further with this claim, especially since data protection authorities (see above) already have Analytics in their sights.

We believe Google Analytics has no future for this reason. Advertisers will have to look for more sustainable solutions sooner or later anyway if they want to future-proof themselves. Likewise cookie- and consent-free, you can, of course, work with powerful German solutions such as eTracker.

At lyftyfy we use Matomo. Of course, we host that ourselves and work with IP anonymization. We do not set cookies. Therefore, while we don’t know anything about returning visitors, we only know the essentials – namely how our campaign performs, and which ads and landing pages lead to conversions. 

We feed this data back to Google so that it can use anonymized data, to further optimize the campaign on the ad page. Google does not need to know more than this either – we do not use retargeting. 

The decisive performance boost from the UX perspective

From the user’s point of view, the crucial key feature of a privacy-friendly long-tail campaign is certainly the impression of answering exactly the question the searcher has. And this is true for almost any question imaginable.

The effect may well be similar for an ad with a keyword placeholder. However, it fizzles out after the click if the visitor or visitor finds himself or herself on a generic landing page that does not elaborate on the specific query.

lyftyfy extends the amazing effect of apparent personalization to the landing page. User-friendly like almost no other page on the web, it loads lightning fast on desktops and mobile devices. Without having to click away a banner, the joy of a seemingly personalized approach continues seamlessly.

Conclusion

Campaigns implemented in a privacy-friendly way are good news for everyone involved. Because it turns out that the underlying mechanics not only don’t attract trouble from data privacy advocates, they’re also a future-proof technology. 

The best news for advertisers, above all, will be that the idea of just not using mining mechanisms or AI tools for audience segmentation, bidding strategy, or personalisation will, moreover, lead to better results. 

An echo to every search queryThe technique of using genuine long-tail effects to generate a real echo of almost any search activity – and of consistently carrying this echo through from the ad to the landing page, while dispensing with any personal data collection – is being rewarded. Namely, by users who sail from search intent to conversion in record time without being disturbed. 

The result is proof of excellent SEA work – with above-average CTRs and maximised conversion. Who would have thought that shaking off the many data octopus arms would eventually boost the campaign world of all things?

Read more