Keeping your data close to your chest – the re-emergence of First Party Data


Changes in data protection laws and an evolving market environment have led some big companies to take an apparent step backwards and rely more and more on first party data.

Elliot Fry, senior associate at Cripps Pemberton Greenish, explains why.

The rise of third party data

In the beginning, there was first party data. Businesses obtained it directly from customers. Things like purchase history, age, location, and other data actively provided by a customer. With the rise of e-commerce businesses could collect even more first party data, like what a customer looked at on their website and what type of device they were using.

Second party data involved another link in the chain. A consumer provides data to a business, which then provides it to you. Cross-promotions, brand partnerships, and supply chains often involve receiving second party data to both measure the success of that relationship and enhance future advertising.

Third party data added at least one more link, a middleman or aggregator. A consumer provides data to a business, which gives it to an aggregator (or several) which collates that information with lots of other data and provides it to you. So you can obtain lots of third party data, but you’re much further removed from the source.

Second and third party data were around before the internet (businesses still buy postal marketing lists and market research data), but the rise of online shopping saw an explosion in the second and third party data markets. Now businesses can target potential customers, ensuring that their adverts are seen by only a few thousand people in the relevant demographic (“show my advert to 18-30 year old women in Scotland with children and an interest in football”), rather than hundreds of thousands of viewers whom they know nothing about.

Commercial Drawbacks

Targeted advertising obviously has its benefits, and as well as changing the web-browsing experience, it definitely helped many brands reach their desired audience. However, there are some drawbacks:

  • The data can’t really be verified and might pass through dozens of platforms and intermediaries, so quality is not assured, and profiles may be inaccurate and out of date. Audiences may also be segmented in a way which doesn’t fit with your strategy.
  • The data (and the cost of using it to display targeted adverts) can be expensive, without solid guarantees of revenue.
  • The data is often available for anyone to buy, including your competitors, and part of the arrangement may involve you providing information about your own consumers.

Legal issues

As well as those points, we have to mention the “G” word. The GDPR had a massive impact on web-advertising when it came in last year, and is the main reason for those enormous cookie banners encountered on most websites since then.

The GDPR implemented many changes in data protection law (just ask British Airways), but a key one was raising the bar when it comes to consent. Consent is the basis on which most direct or targeted advertising is conducted and, in a GDPR context, must be freely given, specific, withdrawable, and unambiguous. In other words, it can’t be implied by a person continuing to use a website after they have been told about the information that will be collected about them. So rather than a subtle banner hiding at the bottom of the screen, many websites are relying on complex consent platforms which allow visitors (if they can be bothered) to click through a pop up to change what cookies they accept, and see lists upon lists of who their data is shared with.

Even with all of the changes technology and advertising businesses have employed, there is still concern that the consent being obtained isn’t good enough, and individuals aren’t being given enough control over how their data is used. Most users don’t anticipate that clicking on “I accept” on a cookie banner might result in their data being shared with thousands of different businesses.

The nature of third party data also means that a consent which is intended to apply to all of the data brokers and advertisers that receive that data is collected by one party – the business which collected the data in the first place. Everyone in that chain must rely on the original collecting party having obtained the right consents.

First party data rides again

And so the return of first party data. Many brands are realising the value of prioritising data collected directly from their customers, on the basis that:

  • It’s free – no data brokers or partners need to be involved.
  • It’s bespoke and accurate – you can choose what you collect and how, and if data is linked to a customer account (rather than a tracking cookie which can expire or be wiped) it can carry on being developed and improved.
  • You focus on increasing business from existing visitors. While this isn’t for everyone for businesses that rely on brand loyalty and repeat custom, or need to convert initial interest into a sale, this has real value, rather than focusing only on bringing in new customers.
  • It’s yours – those insights and segments you build don’t need to be shared with others and potentially used by competitors.

Finally, it’s much easier to ensure that you have the appropriate consent (if required) for your use of that data, since you were in charge of that process.

As part of that prioritisation, some businesses are finding new ways to collect useful first party data. Virtual tools that offer useful functionality are being used to build more detailed profiles and wider datasets.

The balance

First party data isn’t the only answer. You can only use it to target individuals you’ve had contact with. But as data protection authorities get more aggressive in their attitudes to online advertising, and markets get more competitive, many businesses are focusing more on the value of existing connections, rather than casting a wider net.

Photo by Adeolu Eletu on Unsplash