If programmatic ad tech was a canary in the coal mine for how data privacy would affect the online advertising industry, then some of the canaries have escaped and are creating businesses to help coal mine operators do better.
A flood of startups with flexible business models – and savvy programmatic vets at the helm – see a business opportunity in keeping an eye on how the industry will be impacted by data privacy rules.
The trend is not unlike a decade ago, when programmatic consultancies hit the market to fill a serious knowledge gap between players in the ad tech supply chain and advertisers, agencies and publishers.
The list of newly launched privacy-tech ad startups is long and the names should be familiar.
Kamakshi Sivaramakrishnan, co-founder and former CEO of cross-device graph provider Drawbridge (which was acquired by LinkedIn in 2018), recently launched a privacy and interoperability tech company called Samooha. Graham Mudd, Meta’s former ads product leader, left last year and just reemerged with a privacy-based ad analytics startup, Anonym.
And they’re not alone. Meet Coir, Licorice, lockr and Qonsent.
They take very different angles on privacy. Licorice and lockr have consumer-facing businesses, Qonsent and Coir are B2B services. There are pure subscription software plays and businesses that figure out the right way to make money deal to deal.
But these four startups, like others in this new crop of consent-based data companies, share a keen understanding of how difficult the online privacy evolution will be for all kinds of potential customers.
Julia Shullman and Alex Cone worked together at AppNexus, where she was chief privacy counsel and he was director of product management, before jumping to IAB Tech LAB, where he led privacy and data protection products. In August 2022, the two co-launched an advertising and privacy tech consultancy and services company called Coir.
It’s a scrappy business model to start, according to Cone. The two do a little consulting work, some product development and a bit of educational programming.
Some of Coir’s first business has come from law firms with privacy practices that need real-world expertise to evaluate their own cases. Investors in private equity and venture capital have also reached out for consulting (i.e., “Please tell us if this startup that wants money from us is real or vaporware”).
Shullman and Cone have also led training workshops to help agencies looking to bone up on the inner workings of online ad pipes.
And there’s a lot to bone up on.
It’s not always possible for businesses to keep their finger on the pulse of the goings-on at the W3C, what’s happening at the EU privacy commission and all the discussions within the various IAB Tech Lab working groups. Not to mention new and emerging categories, like data clean rooms and interoperability tech, which agencies and other companies need to understand.
Although they’ve been approached by industry angels, Cone said that Coir isn’t taking investments at the moment, since it’s just the two of them and it wouldn’t be feasible to scale up the necessary sales and account structure.
For now, they have their own “extensive networks in the ecosystem,” Cone said, so they don’t need help scaling business development (yet, at least).
Licorice is a one-year-old startup that’s trying to do something interesting in the not-so-interesting-sounding single sign-on (SSO) space.
A huge network of apps and WiFi networks use Google and Facebook as sign-in hubs. Rather than register new accounts, users breeze through by signing into their Google or Facebook profile.
Licorice is a consumer-facing product that people can use as an SSO alternative (thus “Licorice,” a consumer brand name, not a B2B ad tech name). The company is trying to get publishers and developers to list Licorice as a sign-in option while also growing its consumer base.
The company was founded by two longtime programmatic vets, Adam Klee and Roland Hwang, who overlapped at Spotify – which, no coincidence, is obsessed with its own sign-in experience.
Many developers don’t appreciate how often users give fake emails or don’t even bother to sign up at all. But the SSO function isn’t the Licorice value prop; it’s just the mechanism, Klee said.
The real value is improved monetization for apps and signed-in sites or experiences that don’t want to default their own first-party data opportunities to Google or Meta, particularly for large apps like Reddit, Pinterest and Spotify.
Eventually, if and when Licorice has a critical mass of users and enough of those users link their payment info, Klee said he would like to include other features, including paying for ad-free experiences or processing micropayments for access to articles without a subscription.
Keith Petri was strategy chief at Screen6, a cross-device ID graph, when it was acquired by SambaTV in 2019, where he then worked for a year before founding identity and email management service lockr, which has the consumer-facing product lockrMail.
But LockrMail doesn’t compete with other email services. It’s an email management tool that spans different inboxes and that people can use to sign up for sites and apps without needing to share a real email.
“Well over one billion consumers on a weekly basis are being prompted to give a proxy email address, not their real, persistent email,” Petri said.
Lockr isn’t purely ‘privacy tech,’ though, Petri said. Typically, when people don’t share their actual email info with publishers or brands, he said it’s to avoid receiving unwanted marketing emails. Privacy is one reason, but often it’s whether they want the business to send marketing messages afterwards.
Since lockr isn’t solely a privacy tech company, there are interesting commercial angles to pursue. Earlier this month, it opened on the Snowflake Marketplace, where publishers and businesses can verify their IDs or analyze their own email base for fake or machine-generated emails.
Lockr also has a publisher tech solution for blocking fake emails and prompting users to provide addressable data to access a site or service, similar to ad-blocker detection tech.
The startup has several industry backers: Eric Seufert is an investor, as are Ryan McBride and Kurt Kratchman, who were senior leaders at Grapeshot and then at Oracle after its acquisition. Marty Kratky-Katz, who’s the co-founder and CEO of one of the main ad-blocker solutions providers, Blockthrough (recently acquired by eyeo), is an advisor. Lockr’s long-term challenge will be to balance building a large consumer-facing brand in email and consumer identity management with the demands of a B2B martech business.
“Each one works without the other,” Petri said. “But they also work together even stronger.”
IAB Europe created the consent management platforms category to standardize data collection under GDPR. At their most basic, CMPs manage site popups that request permission for data collection.
Qonsent takes a different approach to consent-based data collection with a consumer-facing platform that gives people controls to manage their personal information.
It raised $7 million, much of it from ad industry entrepreneurs who have “directly seen the impact ATT and privacy legislation has had,” said founder and CEO Jesse Redniss. Created two years ago, Qonsent has been assembling key partner integrations with the likes of Snowflake, AWS and LiveRamp.
Qonsent is also pushing into newer screens and user experiences.
One early Qonsent partner is Loop Media, which operates out-of-home signage, including TVs in office lobbies and screens in stores. Loop can use QR codes or other on-screen prompts – Qonsent refers to these as “visual smart contracts” – to gather data for itself and to feed the retailer’s ad program.
Automobiles are another interesting new surface to explore. Instead of asking for permission when a program first loads, Redniss said in-car consent requests can be tactical. It might make more sense, for example, to target a moment when someone is more likely to see the value in sharing their location data, such as when the app identifies an opportunity to request location data to, say, recommend nearby gas stations.
The same goes for retailers and publishers, which typically force a consent opt-in immediately with their sites and apps. They would have higher opt-in rates if they waited to prompt for consent at times when the value exchange is clear, like for a newsletter signup, discount or free sample offer.
The idea, Redniss said, is “to drive an optimal outcome in regards to gaining consent.”