Identity management, based on the processing of customer data is the heart of effective digital advertising. It is all about the delivery of right ads, at the right place at the right time. It is also about the delivery of personalized content and offers, based on the unique interests of individuals. Above all, most importantly, it is about the process of connecting an ad event to consumer actions, like clicks, views, purchases, or pro-active sharing of data for which consumers are rewarded.
Consumers travel multiple touch points. It is their choice, and these choices are increasing day by day. Advertisers and publishers who are looking at data warehousing companies for identity management, should be mindful of this dynamic. The obligations of data controllers towards managing consumer rights across their right to be informed, right to access their personal data, right to portability, right to be deleted, right to opt out (say no to the sale of their data), right to opt in and the right not to be discriminated against – these are all complex permissions across multiple enterprises – that cannot be stored in one single warehouse.
Data privacy regulations have significant implications for identity management, including how advertisers and publishers procure, store, process and transmit customer data. Identity management is not about just storing data. While there are quite a few companies, most importantly data warehousing companies, who are looking at identity management as their natural extension to grow (since they can store and process data very well), the area where they significantly fail is in the first and the last stage – procuring data and transmitting data.
Identity management comprises of three key components. At a fundamental level it is all about persistent understanding of individuals as they traverse multiple touchpoints—transactional and promotional, digital, and traditional – both “authenticated” and “anonymous”. This understanding gets complex when these inputs are from multiple touchpoints and data assets like identity graphs, custom audience profiles, for which, some kind of resolution is required. And to do this, there is a need for an independent infrastructure and technology for the underlying security and governance related to identities.
When IAB TechLab released their first framework towards privacy preserved digital advertising, it called out the need for an independent and neutral entity that can capture and carry consumer preferences (including consent) and attributes across the supply chain as the most important requirement apart from the standard privacy enhancing techniques like homomorphic encryption, secure multiparty computation, and differential privacy. Management of consent, permissions, and transparency, one that is auditable with an ability to detect fraud cannot be managed by the same company that is storing or processing data for one more of the participating companies. This is where federated learning plays a very key and important role, in offering that independent and neutral layer.
The concept of federated learning was proposed by Google around 2016. Their main purpose is to build machine-learning models based on datasets that are distributed across multiple devices while preventing data leakage. Over the past eight years, significant improvements have been made that overcomes statistical challenges, improving security and personalization. While most of these models focus on on-device federated learning in which distributed mobile-user interactions are modelled towards privacy-preserving machine learning, this concept is now slowly extending to cover collaborative-learning scenarios among enterprises for all privacy-preserving decentralized collaborative machine-learning techniques. With the recent advancements in AI, the challenges with data security, intellectual property rights and ownership, federated learning offers the much-needed trust, transparency, and governance for all collaborative solutions.