Privacy and cookies

Eskimi DMP & Data Legality, Validity & Security - Technical

DMP

Eskimi DMP

Eskimi Data Management Platform is an in-house DMP which doesn't use any third party technologies. Eskimi DMP is used by only Eskimi DSP to foster personalized advertising for Eskimi advertisers. Eskimi works with industry leading partners, such as Doubleclick, Magnite, OpenX and others. Eskimi DMP is bounced to the data that is provided by the partners that Eskimi DSP is connected to. 

Eskimi DMP Data

Eskimi DMP collects, agregates the data in real-time. In-house algorithms not only crunches the data in real-time, but follows the necessary privacy regulations such as GDPR, CCPA. Eskimi DMP collects, agregates, stores the below data signals:

Technical name

Explanation

Technical example

dmpId

User identifier.
Mobile advertising ID on apps, cookie ID on web

"dmpId":"4726ce65-ae90-4536-8d8c-6e5b204cca83"

countries

list of countries DmpID was seen in

"countries":{"ng":303396,"--":55}

countrySeenTime

Last seen time DmpID was seen in country

"countrySeenTime":{"ng":18659,"--":18628}

cities

List of cities DmpID was seen in, based on GPS data

"cities":{"ng.ozomu":20596}

citySeenTime

Last seen time DmpID was seen in a city

"citySeenTime":{"ng.ozomu":18656}

tmpCities

list of cities DmpID was seen in, based on all other data (IP, user input, etc)

"tmpCities":{"ng.lagos":148468,"ng.":473,"ng.awka":2258}

tmpCitySeenTime

Last seen time DmpID was seen in TmpCity

tmpCities":{"ng.lagos":148468,"ng.":473}

yobs

Years of birth. Can be multiple depending on user input

"yobs":{"1959":52524,"0":21}

genders

Genders. Can be multiple depending on user input

"genders":{"1":50731,"0":57}

pageViews

Total number of page views

"pageViews":303600

operatorPageViews

Shows how many page views per day each operator ID has

operatorPageViews":{"365":{"18610":335,"18629":44}

operatorIds

Telco operator IDs

operatorIds":{"365":87514,"0":3005

operatorSeenTime

Last seen time for operator

"operatorSeenTime":{"365":18659,"0":18628}

operatorFirstSeenTime

First seen time for operator

"operatorFirstSeenTime":{"365":18659}

modelIds

Device model

"modelIds":{"20101":299968}

modelSeenTime

Last time device model was seen with DmpID

"modelSeenTime":{"20101":18659}

operatorModelIds

what device was used with specific operator

"operatorModelIds":{"365.20101":81961,"357.20101":16819}

operatorModelSeenTime

When was the last time device was seen

"operatorModelSeenTime":{"365.20101":18659"}

keywords

Verticals or interest categories, e.g. https://storage.googleapis.com/adx-rtb-dictionaries/publisher-verticals.txt

"keywords":{"1164":16,"930":12}

keywordSeenTime

last seen time for keyword

"keywordSeenTime":{"1164":18656,"930":18649}

connectionTypes

How users connected to internet. 2G, 3G, 4G, wifi, etc

"connectionTypes":{"2":72903,"3":10358}

connectionTypeSeenTime

last seen time per connection type

"connectionTypeSeenTime":{"2":18659,"3":18659}

deviceId

Legacy. Original Device ID of the user. matches DmpID.

"deviceId":"4726ce65-ae90-4536-8d8c-6e5b204cca83"

siteIds

Internal site ID where user was browsing. Might be converted to exact app bundle or site domain

"siteIds":{"52299180":41,"34189419":2427}

siteSeenTime

When was the last time user visited a specific site.

"siteSeenTime":{"52299180":18659,"34189419":18632

firstSeen

First time DmpID was seen

"firstSeen":18073

lastSeen

last time DmpID was seen

"lastSeen":18659

lastAvg

number of page views per day

"lastAvg":569

The data in the table is used for clear purpose:
Eskimi DMP Collection Schema

Eskimi DMP collect the data in real-time. The following flow is:

1. A user visits a website page that has an implemented SSP JavaScript tag OR visits an app that has an implemented SSP SDK. These JS tags and SDKs has ad slots that collects user information which includes, but it is not limited to User agent, geo location, IP and etc. 

2. JS/SDK sends the information to the SSP. SSP identifies the user by using cookies and/or more data (ex.: Mobile Advertising ID).

3. SSP adds users data (UA, interests and etc.) with the ad slot data (width: 300, height: 250, bidfloor 1.337). This information is transfered to the SSP.

4. The ad signal is sent to different DSPs that compete for the ad signal in an openRTB auction that happens in miliseconds everytime the browser is loaded/refreshed. The goal of any DSP is to win the auction and serve their advertiser ad. 

5. Eskimi DSP sends data from the ad signal to Eskimi DMP. Where DMP profiles are created, if the user is seen for the first time. If the user was seen in the past the data will be added to the historical data that Eskimi DMP has collected. 

Screenshot 2022-09-16 at 17.05.12.png

 

 

Legal, Valid & Secure Data

Aktyvus sektorius UAB, doing business as Eskimi, as a global provider of digital advertising media and data management technology. In our activities, Eskimi is committed to protecting the privacy of individuals and their personal information. While, ensuring any personal information is safe and used strictly in accordance with the applicable laws, such as GDPR, CCPA, and other applicable guidelines.

1. How you can justify that your data is legal?

Eskimi strictly adhere to the relevant EU users' consent regulations and policies (GDPR) and is a member of TCF (Transparency & Consent Framework). TCF membership ensures that Eskimi comply with the EU’s GDPR and ePrivacy Directive when processing personal data or accessing and/or storing information on a user’s device, such as cookies, advertising identifiers, device identifiers, and other tracking technologies.

Full TCF vendor list: https://iabeurope.eu/vendor-list-tcf-v2-0/ Search for UAB Aktyvus Sektorius.

More about TCF: https://iabeurope.eu/transparency-consent-framework/

More about Eskimi Privacy Policy: https://www.eskimi.com/privacy-policy

2. How can you justify that your data is valid?

The types of pseudonymous personal information used via the Platform are cookie IDs, Mobile Advertising Identifiers, and IPs.

Mobile Advertising Identifier (MAID, commonly known as Device ID) is a pseudonymous, user-resettable identifier for online advertising purposes. The identifier is created by the operating system (iOS or Android) and can be retrieved by installed apps.

IP address is a very approximate location of the technical device, used to communicate where internet requests and responses are coming from and where should they go to next.

Eskimi receives the above described personal data from clients (advertisers and publishers), partners (publisher ad exchanges, such as google, or agencies/advertiser groups). All involved party partnerships are covered contractually. Every partner Eskimi works with ensures the legality of the data that is sent to Eskimi - including ways in which data is gathered and
processed. Examples of processes are:
* Transaction validation. Every impression that comes between Eskimi and publisher platforms or publisher partners is technically validated with a follow-up call to the partner
* Regular audits. Data structures and legality of the data is regularly audited by the biggest Eskimi partners
* Internal TOMs (please see below) 

3. What is the purpose of data collection? 

The data is collected and used for clear purpose for which the user agrees upon. 

We use the data only when the user consented to the below sections:
1: identification
3: create personalised ads profile
4: Select personalised ads

While when the user gives legitimate interest the purpose of data usage becomes more flexible. With it Eskimi can:
2: Select basic ads
7: measure ad performance
10: develop and improve products


4. How can you justify that your data is secure?

Here are the TOMs in place to make sure the data is secure:

0001.jpg

0002.jpg

3rd party cookie deprecation

3rd party cookie deprecation

Everything you need to know about third-party cookies

What are third-party cookies?

Websites use cookies to remember a user’s action so they aren’t asked to perform a task again and again. As a result, they help provide a better, more personalized user experience.

Third-party cookies are cookies that are stored under a different domain than you are currently visiting. So you might be browsing on example.com, but third-party cookies are set by cookieweb.com. They are mostly used a) to track users between websites b) display more relevant ads between websites. The most common third-party entities are advertisers, marketers, and social media platforms. 

It is essential to remember that third-party cookies are not the same as first-party cookiesFirst-party cookies, on the other hand, are stored under the same domain you are currently visiting. So, if you are on example.com, all cookies stored under this domain are considered first-party cookies. Those cookies are usually used to: a) identify a user between pages, b) remember selected preferences, c) store your shopping cart. You can hardly find a website nowadays that does not use first-party cookies.

Why are third-party cookies used?

Cross-site tracking: the practice of collecting browsing data from numerous sources (websites) that details your activity.

Retargeting: using search activity to retarget visitors with visual or text ads based on the products and services for which they’ve shown interest

Ad-serving: making decisions regarding the ads that appear on a website, deciding when to serve these ads, and collecting data (and reporting said data including impressions and clicks) in an effort to educate advertisers on consumer insights and ad performance.

How do third-party cookies work?

Third-party cookies work by embedding JavaScript from one website into another. Third-party cookies store data remembered between browsing sessions. They remember information this way because HTTP, the web browsing protocol, is a stateless protocol. A “stateless protocol” means that data is not saved between browsing sessions. In the HTTP response header, cookie attributes determine whether a cookie is a first- or third-party cookie.

Third-party cookies… one common example. Let’s say earlier in the week you looked up some vacation rentals in South Africa. You browsed a few websites, admired the photos of the sunsets and sandy beaches, but ultimately decided to wait another year before planning your vacation. A few days go by and suddenly it seems like you are seeing ads for South Africa vacations on many of the websites you visit. Is it a mere coincidence? Not really. The reason you are now seeing these ads on vacationing in South Africa is that your web browser stored a third-party cookie and is using this information to send you targeted advertisements.

You’re unintentionally creating a “trail of crumbs.” Most web users don’t realize that a browser window with multiple tabs open constitutes a single “session.” As you move from tab to tab, you are unwittingly relaying information about your web visit history to other websites and parties. And, closing the web browser doesn’t always eliminate the cookies your computer stores following the session. Depending on the browser you use, you may have to activate this manually.

You may be on a website with 3rd party cookies and not even know it. One of the failings of cookie notices is that they don’t often specify what types of cookies are being used on the site. They could be first-party, third-party, or both. But, if the website has advertisements (which many do), then you can reasonably expect the website to be generating both first- and third-party cookies.

Are third-party cookies actually useful?

Since the late 1990s, online marketers have built their businesses on the ability to track online users and then target them with advertisements, and much of this has been through the use of third-party cookies. Let’s play “devil’s advocate” for a moment. Could third-party cookies actually be useful for users? In a way, yes. The two largest online advertising firms, Google Ads and AdSense, make a valid point that 3rd party cookies are useful to consumers as they create advertisements that are in line with individual interests. After all, if you are forced to see the ads, it's better if they are related to your interests. 

3rd party cookie deprecation

The end of Third-Party cookies

Pressure from regulators and consumers has led many within the tech industry to declare third-party cookies will soon come to an end. In this section we will discuss the changes that major players are doing and how it will impact digital advertising market. 

Why third-party cookies are going away?

3rd Party Cookies power all the ways we track, target, and measure performance in digital advertising. However, they track users silently. As an industry, we didn’t do a great job of educating users how and why we use cookies. And we didn’t give people a way to opt-out.

As a consumer, you have little control over who is collecting this information or where it is going—you are able to clear cookies from your own browser, but you’ll never be able to manage or delete servers holding third-party data that has already been gathered.

In response to the perceived lack of transparency and control for individuals, data breaches, and “creepiness” in advertising, privacy legislation from the EU and California now give users control over their data. Effectively, these policies give users the ability to block various tracking technologies or request the deletion of their data. Tech companies such as Apple and Mozilla have also responded by giving users control of how their data is used both within browsers and devices. 

Implementing and increasing security features to protect the privacy of users is nothing new and has been going on for years now, and for the most part website users will actually benefit from it. One of the first companies to do so is Apple and Mozilla, while others are yet to follow. 

Full third-party cookie blocking by Safari

Apple first launched Safari Intelligent Tracking Prevention (ITP) within Safari on 2017, where it immediately set a new bar for web privacy standards on both desktop and mobile by blocking some, but not all, cookies by default.

With the beginning of spring of 2020 Apple launched a major update to its ITP, the privacy feature that allows the company’s web browser to block cookies and prevent advertisers from snooping on your web habits. In simple sense - Safari by default blocked all third-party cookies. That means that no advertiser or website is able to follow you around the internet using the commonplace tracking technology. 

To blocking third-party cookies across the board and by default, ITP now has safeguards against trackers using the very nature of tracking prevention as a way to keep tabs on users. The new feature set also ensures that websites and trackers can’t use login IDs to digitally fingerprint users who might otherwise be using tracking prevention or other privacy tools.

Firefox blocks third-party cookies

On 2019 Firefox announced that their Enhanced Tracking Protection will automatically be turned on by default for all users worldwide as part of the ‘Standard’ setting in the Firefox browser and will block known "third-party tracking cookies". 

Enhanced Tracking Protection works behind-the-scenes to keep a company from forming a profile of you based on their tracking of your browsing behavior across websites — often without your knowledge or consent. Those profiles and the information they contain may then be sold and used for purposes you never knew or intended. Enhanced Tracking Protection helps to mitigate this threat and puts you back in control of your online experience.

Mozilla follows a different approach when blocking trackers and cookies than Apple does. Instead of blocking or limiting all third-party and client side cookies by default, Firefox uses the Disconnect list to determine whether a cookie should be blocked or not. This curated list contains thousands of known tracking companies and is updated on a regular basis. The reasoning behind this decision is to keep the web experience as seamless and functional as possible, since some cookies are crucial for web building.

Chrome will block third-party cookies

It is not a surprise that with the changes that Apple and Mozilla launched Google would follow. The company revealed its “Privacy Sandbox” in August 2019, an initiative to personalize (or target) web ads while still preserving user privacy. In January 2020, Google announced that it hoped to block third-party cookies from its Chrome browser by 2022 — a move that other browsers, like Safari and Firefox, made years ago. Google has planned to replace third-party cookies with technology developed through Privacy Sandbox.

That’s where Google’s Federated Learning of Cohorts (FLoC) comes in, which Google says is a “privacy-first” and “interest-based” advertising technology. With FLoC, Chrome will keep track of a user’s browsing habits across the web, and then place the user in various audiences, or “cohorts,” based on those habits. Advertisers will then target their ads to cohorts, rather than an individual user. So if you’re looking for a browser that doesn’t collect your data for ads — as an individual or as part of an anonymous audience — you might want to try a different one. (By the way, you can turn off ad personalization, activity tracking, and delete the data Google has collected about you here.)

In many cases this development is a direct reaction to new security holes, workarounds, aggressive tracking and shady business techniques and will most likely continue in the future.

Finally, while Google says it is committed to developing and using ad tech that doesn’t rely on tracking and advertising to users, other companies are developing their own non-cookie tracking methods that do, and you could still be tracked by them when you use Chrome (or another browser). The core companies will be presented in another chapter. 

 

 

iOS 14.5 Changes

iOS 14.5 Changes

Apple decides to change the rules

On 2021 Apple released iOS 14.5, its big new software update for iPhones. It adds a lot of new features, but the one that’s been grabbing headlines is its new privacy change, which gives users more transparency and control over apps that want to track them for advertising.

Apple's long-debated, long-awaited App Tracking Transparency feature and policy will now be fully enforced starting with the release of iOS 14.5.

A large portion of the apps in the App Store for these devices utilizes a tracking technique called ID for Advertisers (IDFA) to track users' activity between multiple apps published by multiple companies, to inform ad targeting and other monetization and data collection techniques.

On 2020, Apple announced that it would begin requiring all apps to ask for users' permission in advance to do this on an app-by-app basis. Anticipating that many users would opt out and that the change would therefore significantly impact revenue, various app developers and ad networks have criticized the move, saying it will hurt big and small businesses alike.

Those critics are not making that up: the move is likely to have a significant impact on the bottomline for many types of apps that rely on advertising for revenue. But Apple maintains that users' control over how they are tracked and how their data is used and accessed is the most important concern at hand.

Current Situation

These Apple changes will impact us as well. However, the primary thing what we can do is to give a better view what is happening in the market. The below table gives insights on how many identified bid requests Eskimi has received in 7 day period. Identifier is important when it comes to targeting and capping. 

Identified Requests - bid requests that had IDFA and received in 7 day period.

Total Requests - all bid requests received in 7 day period.

Identity Rate - indicates percentage of identified traffic from all received traffic. Calculated: IDENTIFIED REQUESTS / TOTAL REQUESTS * 100%

COUNTRY IDENTIFIED REQUESTS TOTAL REQUESTS
IDENTITY RATE (%)
Argentina 44,610,612 80,865,006 55.17
Armenia 97,994,608 143,848,684 68.12
Australia 575,038,935 1,162,533,109 49.46
Azerbaijan 24,909,631 38,157,544 65.28
Bahrain 41,786,451 70,406,424 59.35
Bangladesh 47,613,371 74,610,133 63.82
Belarus 33,679,367 59,103,149 56.98
Brazil 57,215,499 93,430,096 61.24
Bulgaria 3,317,651 5,271,467 62.94
Burkina Faso 210,423 273,501 76.94
Cambodia 85,384,004 119,311,183 71.56
Cameroon 26,399,547 37,336,257 70.71
Chad 1,057,992 1,550,040 68.26
Chile 31,786,699 48,146,759 66.02
Colombia 23,817,273 39,794,663 59.85
Czechia 7,628,307 17,717,246 43.06
Democratic Republic of the Congo