August 16, 2022
Boltive partnered with a Fortune 500 consumer brand to design a pilot to detect two key types of data leakage and compliance problems suspected to be occurring among their marketing partners:
• Ensure retargeting partners are only serving media to audiences that have consented to interest based advertising.
• Determine whether retargeting partners are sharing the brand’s data with unknown third parties — potentially unlawful sales or exfiltrations under some privacy regulations.
This Fortune 500 brand received a large GDPR fine for failing to keep their consumers’ personal data secure. In response, the brand overhauled their vendor relationships, including their programmatic advertising partners and their media agency. Like others managing a supply chain with this level of complexity, they needed to gain visibility into how their first party data — a marketer’s most valuable asset — was being used after being shared with partners during campaigns.
This is a problem both for competitiveness (“Is my data being shared with my competitors?”), as well as for regulatory compliance (“Is my data being handled in compliance with the law?”). While developing a data governance framework designed for the modern digital advertising supply chain, this brand realized they needed a neutral, independent partner to create visibility and auditing capabilities for their vendor ecosystem.
Privacy Guard helps marketers navigate complexity by creating transparency and arming them with the data they need to hold their partners accountable. Boltive’s proprietary and patented technology replicates what a marketer’s consumers are experiencing as they browse the open web, recording thousands of data points that reveal authorized and unauthorized data syncs, as well as whether consumer consent choices are being respected throughout the ad supply chain. Boltive worked closely with the brand’s marketing team to understand their ecosystem of partners, and design test and control groups with browse and buy signals that replicated their target audiences. These personas browsed the open web for three months, sending tens of thousands of data points back to Boltive’s team for analysis.
Boltive’s technology saw all downstream data syncs on the brand’s ads as well as competitors’ ads, revealing data leakage by the brand’s partner.
First, Boltive analyzed the ads in the test and control groups, and confirmed the media buy pixels functioned properly. This meant the ads were targeted as expected. Boltive also confirmed the pixels aged out as intended.
But Boltive also identified critical problems for the brand. The retargeting partner was found to be sharing the brand’s data with unknown third parties. Boltive found five unapproved data collectors in the pilot, including one known to be fraudulent. This was not only a breach of contract, but potentially also a regulatory liability for the brand.
When presented with Boltive’s findings, the brand’s retargeting partner was surprised to see that a vendor that they had stopped working with was still collecting data. Boltive’s technology revealed that one of the connections with the vendor was still live, potentially constituting an unlawful data exfiltration that could subject the brand to private lawsuits under the California Consumer Protection Act. Using Boltive’s data, the retargeting partner was able to quickly shut down the vendor.
"This pilot was a successful audit of our marketing partners, and helped eliminate data leakage and misuse." -Fortune 500 Consumer Brand Marketing Director
Boltive’s technology positively detected data leakage and compliance issues, and provided clear, actionable data that helped the brand and their partners remediate these issues quickly. This averted possible future fines of tens of millions of dollars.