“The Emperor has No Clothes!” — FTC blog, November 2024

Okay, that’s not exactly what they said, but it captures the essence of the Federal Trade Commission’s blog post about Data Clean Rooms last week. 

I think the FTC over-simplifies this issue because they, quite justifiably, are focused on 95% of the current DCR use cases, which involve activation (in non-ad tech lingo, “targeting based on data”).

But there’s more nuance to consider.

In lieu of ‘Data Clean Rooms’ I prefer the term ‘Secure Data Collaboration’ as it better describes these technologies’ true purpose and potential. Some legitimate privacy-preserving applications exist when proper de-identification techniques are implemented with technical and procedural safeguards preventing re-identification.

For instance, multi-touch attribution, model building, overlap measurement, and optimization analytics can be conducted while enhancing privacy through encryption, non-deterministic hashing, and differential privacy approaches.

The FTC “shot across the bow” of the industry is, if anything, overdue.  But the response is to clearly communicate the intent and consent mechanisms for the activation use cases while demonstrating how SDC techniques can improve privacy protections while providing economic support for the “open web.”

What’s the pathway forward?  I think it’s three steps:

1. Clear communication about intent and consent mechanisms for activation cases

2. Demonstration of how secure data collaboration can genuinely improve privacy protection

3. Solutions that support the open web’s economic model while respecting user privacy

What do you think about the FTC’s stance on Data Clean Rooms? Join the conversation on LinkedIn and share your thoughts by clicking here.