Apple’s Safari browser, which has long positioned itself on the side of user privacy, is limiting another kind of data collection. And in the process, it’s stoking the anger of some in the ad-tech industry, especially due to Apple’s lack of communication about the move, which will affect the architecture of many websites.

Apple is closing a loophole where sites could pass off third-party partners as first-party cookies. Websites use first-party cookies to know who audiences are when they return to their sites. First-party cookies, for instance, mean that people don’t have to log in every time they visit a publisher’s site.

“I think the lack of transparency about this [move] by Apple is part of what everyone is upset about,” said ad-tech vet Jonathan Mendez, who first tweeted about the change earlier this month and told Adweek that developers spotted the change in the new version of Safari 16.4.1, which was released April 7.

“It just shows that they will do whatever they want and don’t care what people think,” he added. “Which, of course, is what people have been upset about with Apple for some time.”

Here’s what to know about Apple’s latest crackdown.

Legitimate cases for sites working with third parties

Websites work with plenty of third parties to enhance their functions, from tools like Google Analytics, which help publishers learn about their audiences, to Adobe Analytics, which improves site performance, to content hosting services. Sites want these partners to have the ability to track their audiences to perform their functions, but third-party cookies are no longer an option to do so since Safari deprecated them in 2017.

As a result, websites have developed a variety of techniques to cloak third-party cookies as first-party cookies, which Safari, over the past several years, has been steadily trying to curtail, spurring a steady game of whack-a-mole.

Even if there are legitimate use cases for the practice, it flies in the face of Safari’s efforts to limit third parties’ access to web users’ information, and there are plenty of shady ad-tech firms that can use these techniques to covertly track users.

Apple’s ongoing MO

In October 2022, an Apple engineer posted on GitHub Apple’s intention to curtail one such cloaking technique. In more simple terms, the post detailed how Apple planned to compare the IP address in the incoming response with the IP address of the main resource response. If they are mostly different—which they would be if they are coming from third parties—these cookies can only live for seven days before they are destroyed, limiting the ability of websites to use and make inferences from this data.

Apple never made a formal blog post about the change or indicated when it would go into effect.

Anton Lipkanou, president of Delve, an analytics-focused agency that offers support for tools like Google and Adobe Analytics, said the change is live and already creating anomalies in websites’ data.

However, Jen Simmons, Apple Evangelist on the web developer team for Safari & Webkit, tweeted on April 11 that the change had not shipped. Apple has not responded to a request for comment.

Part of ad-tech execs’ dissatisfaction with the change is how little Apple has communicated about it, given that it will affect the architecture of many websites.

How publishers and advertisers could be impacted

Sites that work with many third parties using this technique may have to retool how their websites work, said Loch Rose, chief analytics officer at Publicis-owned data firm Epsilon.

“There is plenty of sites where the majority of their traffic is Apple,” Rose said. “So they lose a lot of functionality.”

It creates a lot of blind spots and it creates a lot of unnecessary headaches

Ratko Vidakovic, founder of ad-tech consultancy AdProfs

Brands should start breaking up their reporting into other browsers to avoid making decisions on the wrong data, said Lipkanou. With these types of cookies now deleted every seven days, returning users will be much harder to identify.

Lipkanou also advised brands to rely on shorter-term metrics, such as last-touch or data-driven attribution, instead of first-touch.  

The change will also impact publishers and their advertising products, said Ratko Vidakovic, founder of ad-tech consultancy AdProfs.

“The less a publisher knows about their audiences, the less they can provide insights to advertisers,” he said. “It creates a lot of blind spots, and it creates a lot of unnecessary headaches.”

How worried should the industry really be?

This isn’t Apple’s first rodeo trying to stop the practice of hiding third parties in first-party cookies, and it won’t be the last.

Sources say there exists yet other workarounds that Apple hasn’t yet squashed. Equally, sources say that the industry should not be surprised by Apple’s ongoing moves to close these loopholes.

The safest way for websites to work with third parties, both in terms of user privacy and avoiding future changes in browser policy, is by sharing information server-to-server, bypassing the browser entirely. But websites using this approach miss some key signals about users that can only be gleaned by knowing browsing behavior, Lipkanu said.

Ultimately, in an age of cookie deprecation, savvy brands should be working on building their own stores of data and analytics paradigms and rely less on shortcuts like Google Analytics, he added.

“There is a default way to do marketing,” Lipkanu said. “Launch a campaign on Facebook … [or ] Google Ads and measure it in Google Analytics…For the brands doing that, nothing really changes.”

“The brands that are a bit savvier … Google Analytics or Adobe Analytics were not enough for them anyway,” he added.

Despite the protracted timeline for deprecating third-party cookies scheduled for next year, there is still little data to help marketers understand what that future might look like.

Google Ads is trying to add some clarity to this murky picture.

This week, Google released results of testing interest-based audience solutions, a suite of tools that are designed to be more privacy-safe than third-party cookies.

Essentially, the results found that these solutions only do a slightly worse job in scale, ad quality, and ad relevance than third-party cookies, digital advertising’s decades-old workhorse, which regularly offered inaccurate representations of real audiences online.

In a blog post, vp of Google Ads Dan Taylor called the results “encouraging.” A white paper that further details the findings notes that without third-party cookies, the internet will likely have coarser, less precise data signals. So, the fact the findings show just a slightly weaker performance than cookies might be promising.

Still, broadly, marketers are lagging in testing alternative IDs. Supply-side platforms aren’t testing Google Privacy Sandbox retargeting protocol Fledge (which Google renamed Protected Audience API this week), even though industry experts agree that it’s one of the more promising privacy tech solutions.

Crucially, the utility of the findings lies in the degree to which the industry trusts them.

The fact that Google has introduced Privacy Sandbox solutions like Topics into its browser, Chrome, and that this test was run by separate business units Google Ads and Demand & Video 360, has some people uneasy. Some are wary to take Google’s word that life without cookies will be just fine.

“I find these numbers unverifiable and heavily in Google’s interests,” said Robert Webster, global vp of strategy at marketing tech consultancy CvE. “We have still yet to see independent tests show such results.”   

A Google spokesperson said that the company is committed to using the Privacy Sandbox and other privacy-preserving signals, so it makes sense for the company to test these signals just as any other ad-tech firm might.

“We are conducting this work under the purview of the U.K.’s Competition and Markets Authority and privacy regulators, so there is independent regulatory oversight,” the spokesperson added. The spokesperson added that Google’s aim with Privacy Sandbox is to be transparent and collaborative, and it will continue to do more tests.

What we know: performance is only slightly worse

Google tested the efficacy of three types of interest-based audience solutions (dubbed IBA); contextual signals, Privacy Sandbox protocol Topics API and Publisher Provided IDs, which lets brands transact on first-party data within a particular publisher.

The study did not include publisher-provided signals, a tool Google introduced last fall that lets publishers transact contextual data across the open web according to seller-defined audiences protocol.

Google compared status quo traffic, which includes some IBA signals and third-party cookies, with traffic where third-party cookies had been removed.

Google looked at whether advertisers spent more money bidding on the IBA traffic, compared to traffic with third-party cookies, to understand whether campaigns using privacy-preserving signals would allow marketers to run the same size campaigns. It found advertiser spend on privacy-preserving IBA was 2%-7% less than on third-party cookies.

Google also measured the average number of conversions on an ad compared to the dollars spent on that ad, as a measure of how well the ad worked for marketers. Google found that on the IBA inventory, conversions per dollar were 1% to 3% lower than the conversions generated for status quo traffic powered by third-party cookies.

Finally, click-through rates on IBA traffic were within 90% of the status quo.

Google said click-through rates were a proxy for ad relevance, though Webster questioned the reliability of this metric.

“CTR is a fairly meaningless metric,” Webster said, noting that the IAB U.K. has called on brands to stop using the measure to judge ad effectiveness. “Most clicks on mobile (ie, most clicks) are accidents due to annoying placements.”

What we don’t know: efficacy of each protocol

Google’s test grouped together three different types of signals, showing all their results together, making it hard to isolate the efficacy of any one in the post-cookie landscape.

Of note, observers can’t pull out the results on Topics API, which was rejected by trade body W3C earlier this year and has faced criticism from the wider industry.

Taylor said on a briefing call with reporters this week that not testing Topics API in isolation was intentional.

“We did this because the Topics API is not being designed as a standalone offering,” he said.

The experiment also only tested a set of privacy-preserving targeting protocols and not other current use cases for cookies, like remarketing and attribution, which Privacy Sandbox protocols Fledge and Attribution API aim to respectively solve.

“We definitely want to be able to see how the other APIs perform both in isolation and then as a total package,” Taylor said on the call, on the choice to not test Fledge or Attribution API.

Finally, the test showed that the IBA traffic produced better results for advertisers when they also used some of Google’s AI-driven ad-buying tools. Machine learning has been advantageous in filling gaps amid signal loss.

But what is unknown is how buyers using other demand-side platforms outside of Google’s ad-tech tools might replicate those results.

“Other companies provide their own solutions in this space …. based on their own proprietary technology,” Taylor said. “Google built solutions that are focused on leveraging Google’s AI to deliver results.”

The ad tech world can be a “grizzly” place, so Ryan Reynold’s MNTN is trying to make it more serene.

On Wednesday, MNTN released three new 30-second spots ahead of the 2023 upfront. The ads have a meditative and comedic undertone, promoting MNTN as the “hardest working software in television.” Reynolds provides the voiceover work, waxing poetic on everything from the benefits of ROI to the dangers of… bears.

“We want marketers to destress. That’s why we show them their return on ad spend in real-time,” Reynolds says in one spot before eventually noting that the real worry is the aforementioned furry forest dwellers.

“You should worry about bears, though,” Reynolds explains. “I can’t prove one stole my wallet once, but he was super suss.”

In another spot, Reynolds talks about the benefits of hyper-targeting over 80,000 audience segments before the ad eventually cuts to a man enjoying berries.

“Relaxing, right?” Reynolds adds.

A third spot wants marketers to feel at ease, explaining that MNTN’s software makes 200,000 ad-buying decisions per second, automatically adjusting to optimize for performance.

“It’s like swimming with jellyfish but knowing you have all the urine you need if you get stung,” Reynolds quips.

The spots will run across MNTN’s social and performance TV, targeting marketing decision-makers during the 2023 upfront season, the company explained.

In addition to the ads, the company recently brought on three tech veterans, Hadi Partovi, Grant Ries and Joe B. Johnson, as board members to help MNTN as it goes through period of rapid growth. However, the company has yet to make it clear if the three have any experience with jellyfish or bears.

Publishers have long been wary of ad-tech firms undermining their profits through unnecessary fees and incorrect classification.

Of late, publishers have been frustrated by another ad-tech business model: the scraping of data from their websites, which ad-tech companies package into contextual segments that advertisers can use to target.

The practice is not new, but it is causing fresh consternation from publishers anxiously preparing for the deprecation of third-party cookies, which is slated for next year, four publishing industry sources told Adweek. And given the rapid rise of generative AI, publishers are on higher alert than ever to third parties scraping their content.

In lieu of cookies, publishers are investing in alternative signals like contextual data to monetize their audiences. As a result, publishers claim third-party ad-tech firms’ packaging and selling of this data as an intellectual property infringement. While it is tricky to quantify the exact impact on revenue, publishing sources voiced fears of buyers choosing ad-tech firm’s contextual segments, which tend to cover more of the open web, unlike publishers’ bespoke offerings, at a time when publisher’s revenue is already under threat from economic headwinds.

“There are hundreds of intermediaries who are classifying publisher intellectual property and then are taking it back to market as their own data and using it to compete for ad dollars against the publisher,” said Danny Spears, chief operating officer of Ozone, a publisher advertising platform for titled like The Guardian, Reach Plc. and The Telegraph.

Last week, the U.K. trade body the Association of Online Publishers wrote an open letter outlining the issue and “calling time on publisher IP theft” by content-verification firms for their sale of contextual audience segments built on publisher data. The organization, whose members include the BBC, Condé Nast Digital and The Guardian, called on ad buyers to hold ad-tech firms accountable.

Despite the emotive language and strong accusations, the acrimony so far between publishers and content-verification firms has mostly amounted to a war of words. Publishers, facing layoffs and softening ad revenue, are spread too thin to rise to this particular challenge. Plus, their leverage with ad-tech firms to stop a practice that has been going on for years is limited.

“They have bigger fish to fry,” said Jana Meron, founder of ad-tech consultancy Lioness Strategies and former svp of programmatic and data strategy at Insider, adding that the issue is still significant. “The cookie is dying and the publishers’ most valuable asset is being taken advantage of by ad-verification companies.”

Old practice, new practitioners

Contextual scraping is raising publishers’ ire partly because the practice has only recently been deployed by content-verification firms. Some publishers had viewed these companies, which originated to help block invalid traffic and protect brand safety, as friends rather than foes.

“[Content-verification firms] bring you business and then you find out [they’ve] scraped your pages and are setting up a competitive angle into your business and undermining your efforts to stand up your own data,” said Scott Messer, a media consultant and former executive at The Leaf Group.

Two of the largest content-verification firms, Integral Ad Science and DoubleVerify, rolled out contextual targeting products called Context Control and Custom Contextual Solution, respectively, both in 2020. IAS revealed in its earnings call last month that 47% of its programmatic revenue in 2022 came from the tool, up from 38% in 2021.

The content-verification companies’ tools help brands find optimal contextual categories, such as auto enthusiasts, to place their ads, leveraging the same technology that crawls webpages to determine whether they carry brand safety risks. But such technologies do not ask publishers’ permission and may categorize their content inaccurately, the AOP alleges in its letter.

Publishers cannot easily disable content-verification firms’ web crawlers from their sites, as the brand safety checks they provide are considered table stakes in programmatic advertising.

Adweek has learned that the AOP has set up meetings with IAS on behalf of its members to ask if it would be possible to uncouple the contextual targeting function from its web crawler. Publishers were unsettled when IAS said the product was engineered in such a way that it couldn’t be unbundled, per a source familiar with the matter. More recently, IAS said it would look into whether it could re-engineer the product to allow for unbundling, but it was unlikely.

IAS and DV did not respond to requests for comment.

Whose context?

Not all would define ad-tech-sold contextual targeting as intellectual property theft. IAS and DV say their solutions are a way for publishers to earn more money.

After offering its contextual targeting tool for advertisers, DV rolled out a separate contextual targeting solution marketed toward publishers in 2021, with a press release touting the solution’s potential to raise CPMs, decrease data costs and increase scale. IAS has said on its earnings calls that its Context Control product results in higher CPMs.

Larger publishers who have invested in developing and selling contextual targeting units have more to lose if buyers begin to favor the scale inherent in these firms’ contextual solutions.

A media buyer source said that direct deals with large publishers are always the first choice, but solutions like those offered by IAS and DV have a place for buying context at scale across the open web.

Smaller publishers, by contrast, might benefit from working with a third-party ad-tech firm for their contextual targeting, Spears said, but the parameters of the relationship need to be contractually regulated.

Whether ad-tech-led contextual targeting is a net positive for small publishers, some may feel they don’t have the knowledge or choice to take a stand against it.

“Am I going to lose money because the advertiser on the other end [say]s we only spend money on the Integrated Ad Sciences’ [tool]?” said Brian Warner, founder of site CelebrityNetWorth.com.

There has been an increase of 72% in requests from people to companies to modify or delete their data over a year, according to a report by privacy management company DataGrail.

DataGrail analyzed the data subject requests (DSRs)—formal requests made by a person to a company to access, modify, or delete the personal data that the company holds on them—that it processed on behalf of customers from January 1 to December 31, 2022.

The company found an average of 650 DSRs per million identities in 2022, compared to 377 per million identities in 2021. Identity refers to information associated with a unique record of a single person at a company. A single identity accounts for one customer’s personal data within multiple systems across an organization. The customer set has more than 100 million consumer records.

In 2022, data privacy incidents made headlines, with fines imposed on companies like Sephora in the EU and U.S. This may have heightened awareness and led to more DSR requests, according to DataGrail’s CEO Daniel Barber. The widespread use of generative AI, which does not require consumer consent, further complicates the situation and may prompt action from Congress or the FTC to protect consumer privacy. As more people take charge of their data, there could be a knock-on impact on advertising revenues.

“Consumers’ desire for greater control over their personal information grows stronger by the day as people recognize that privacy should be a human right, even if it is not yet federally protected,” said Barber. “Businesses are going to have to respond in an efficient manner, if for no other reason than for the value of earning and maintaining consumer trust and reputational capital.”

Overly aggressive email marketing campaigns from brands that people have had brief encounters with lead to DSRs. And brands that offer a one-off service, like weddings or school searches, are susceptible to people asking to delete their data once they no longer need the service. 

An ad buyer at a leading media agency, who did not have permission to speak to media on this topic, said DataGrail’s findings were in line with the internal DSRs received in the last 12 months.

However, Horizon Media received less than 10% of such requests in the U.S. for this period, including opt-out requests from consumers.

“I am shocked at the 72%,” said Laura McElhinney, chief data officer at Horizon Media. “That could be because our consented data is mostly with loyalty programs. When you have a client that’s offering value, then the consumers are more likely to consent to the brand using their data.”

The report found that 52% of the privacy requests came from outside of California, including states that are yet to implement a privacy law. Most global companies tend to have a ubiquitous DSR link at the bottom of their homepage, even in regions without privacy laws.

“This tells you that the awareness of privacy and the expectation that it will increase is definitely there,” said Barber.

DataGrail’s dataset includes information from companies of all sizes, from startups to publicly traded household names.

Deletion requests rise

In 2022, the request to delete people’s data held by companies outpaced the request to access their data, per the report. For every access request, there were 56% more deletion requests. 

Barber suspects that any time a company sends an email alerting their customers about their updated privacy policy, it reminds people of how their data is used, spurring them to carry out an access, delete or opt-out request.

Costs and investment

The cost of processing a DSR—deletion or access—doubled from 2021 to 2022, per the report. It costs approximately $1,524 for a company to manually process a single DSR, according to Gartner, via DataGrail.

The cost of manually processing access and deletion requests could cost companies $648,000 per 1 million identities. This is an increase of $409,000 per 1 million identities from 2021, per the DataGrail report.

“On average, we see about 26 people involved in processing one privacy request,” said Barber.

Horizon Media’s investments in technology and automation to process privacy requests helps it manage these costs.

“Many companies haven’t invested in that technology yet and are manually having to manage [requests],” said McElhinney. “And that is very costly and time-consuming.”

Transparency is key

As the industry moves to solutions to counter signal loss, such as data clean rooms, handling people’s data, anonymization practices and utilizing it safely and competently is foundational regardless of the technology, McElhinney said.

In the future, marketers could see a rise in people using ad blockers, a reduction in targeting capabilities to avoid the costs of DSRs, a shift to contextual advertising, leading to a change in ad revenue, and the growth of privacy-centric platforms, said Barber.

Companies could “change their practices, or they could align around some general set of privacy-forward principles,” said Barber, adding, “it will affect the amount of data advertisers get, the types of data they get, and changes to how that data is shared or acquired.”

Publisher ad management outfit CafeMedia, which manages the tech and sales for titles like MacRumors and Thought Catalog, is working with tech platform LiveRamp to offer its data clean room Safe Haven solution to the millions of readers across CafeMedia’s 4,000 creators’ sites. The move will ultimately lead to higher publisher ad revenues.

This expands CafeMedia’s work with LiveRamp’s Authenticated Traffic Solution (ATS), which lets marketers buy authenticated inventory on the open market without relying on third-party identifiers.

Safe Haven—now the preferred data clean room for CafeMedia, which helps marketers securely match their first-party data with that of publishers—builds on top of ATS and aims to offer wider audience reach for marketers across CafeMedia’s publishers, growing their ad revenue.

“A lot of clean room solutions are very marketer focused and therefore, have a lot of use cases handled for them,” said Paul Bannister, chief strategy officer of CafeMedia. “This opens up a lot more possibilities for how [publishers] can activate on a campaign and make it work.”

There’s a smorgasbord of data clean rooms in the market. This announcement comes as the industry is aiming to solve marketers’ signal loss woes, often putting the burden of tech integrations onto publishers as the clock ticks on cookie demise.

“Partnering with CafeMedia to unlock these use cases will help extend marketers’ performance across the open internet while promoting fairness and trust for publishers and consumers,” said Travis Clinger, svp of activations and addressability at LiveRamp.

Solving for interoperability

While the industry is solving for clean rooms to be more interoperable—a term that is becoming a catch-all in the debate around data clean rooms—Safe Haven advances interoperability for publishers who generally work with several marketers and sit on troves of valuable data.

“If you’re a marketer, you can pick one clean room for your data and tell everybody else to come to you,” said Bannister. “Whereas for a publisher, you can’t lock yourself into a single solution.”

LiveRamp’s integrations across most supply-side platforms and demand-side platforms make interoperability possible across the ecosystem, according to Clinger. This means if a marketer wants to activate a deal via a particular SSP, working with CafeMedia will let it use any of Safe Haven’s integrations across the ecosystem, letting marketers reach a wider audience.

If we make money then LiveRamp makes money, and marketers are getting results. And that’s win win win.

Paul Bannister, chief strategy officer, CafeMedia

Solving for interoperability was a differentiating factor for CafeMedia, who spoke with several other cleanroom solutions in the market before working with LiveRamp.

Overall, said Clinger, working with Safe Haven will open up more opportunities, data, and more efficient buying for both the marketer and the publisher. And as more data clean rooms look to become interoperable, any of LiveRamp’s partners, as recently seen in its partnership with Snowflake, will have access to CafeMedia’s audience as well.

Data activation and collaboration fees

Currently, publishers and marketers working with data clean rooms pay a monthly or annual fee to access the privacy-focused tools. This proves to be an expensive investment for publishers, who usually need to partner with several clean rooms to make it more appetizing to marketers.

However, with Safe Haven publishers pay fees only when there is a data activation.  

“It makes a lot of sense, if we make money then LiveRamp makes money, and marketers are getting results. And that’s win win win,” said Bannister.  

Although LiveRamp and CafeMedia wouldn’t share specific commercials, Clinger told Adweek that LiveRamp doesn’t get a media rate on its brand side, but instead charges marketers data collaboration fees for activating their data across the ecosystem.

Eliminating third-party identity providers

LiveRamp’s ATS technology helps monetize authenticated who log in through a publisher’s site by providing their email address, in this case, CafeMedia, according to Clinger. LiveRamp then hashes this information into a cryptographic ID, known as RampID, creating a series of numbers and letters.

“Because it’s based on RampID, you can activate a campaign without having to actually send personally identifiable information (PII) into the clean room,” said Bannister. “It’s one less place that you need to be putting any sort of PII which always has risks associated with it,” he added. Publishers have been wary of any PII in the open exchange leading to data leakage.

This makes a combination of the ATS technology and Safe Haven a safety differentiator for marketers and publishers while activating both RampID and ATS inventory, the platform said.

“Other data clean rooms have to work with a third-party identity provider for this,” said Clinger. But “our customers, marketers and publishers will be able to use our clean room technologies with our existing ecosystem integrations.”

Corners of ad tech are having another rough few weeks.

Supply-side platform EMX filed for bankruptcy. The following day, Yahoo said it was shuttering its SSP and laying off more than 50% of its ad-tech employees. TripleLift, which had been struggling with its branded content division and differentiating its connected TV offering, sources told Adweek, laid off staff last week. Execs are also posting about layoffs at ad-tech firm Criteo, which operates an SSP and demand-side platform, and is in search of a buyer. Criteo declined to comment.

This culling is likely to continue as more ad tech players get squeezed ahead of cookie deprecation, especially if the tech vendors that package and sell publishers’ inventory to advertisers can’t meet new industry expectations, more than half a dozen industry sources told Adweek.

“There’s no reason to have multiple dumb pipe SSPs,” said Scott Messer, consultant and a former executive at publisher Leaf Group. “There are reasons to have multiple smart pipe SSPs. A product doesn’t need to sell through 10 Costcos, but they would they like to sell through several boutique stores,” he added.

Publishers and marketers want more than a connection to the open internet: they’re asking for superior tech, speed and adaptations for third-party cookie deprecation.

SSPs maximized bid density over tech

For a while, and especially since the advent of header bidding, the common notion had been that more demand was good for publishers, even if that meant duplicated bid requests and inefficiencies, said Justin Wohl, chief revenue officer of Salon.

“As an industry, we overstuffed the bid responses,” Wohl said, noting that publishers wanted to work with as many SSPs as possible because they were worried about missing any sliver of demand. “[Anxiety about demand] was an overdeveloped concern.”

This made it more important for SSPs to maximize bid density over having superior tech, said a publishing ad-tech source.

SSPs that don’t have that differentiation [are in] a race to the bottom.

Anonymous ad-tech exec

“A lot of these SSPs serve market-making functions which have very little to do with the actual technology,” said the source, who was not authorized to speak to the press.

As a result, many SSPs require publishers to input gobs of javascript on their page, leading to slow webpage loads, slow ad rendering, a poor user experience and, ultimately, penalties from Google search.

While industry-leading SSPs, like PubMatic and Magnite, offer huge amounts of inventory, others, like Teads, offer features like bespoke ad units. These ad-tech vendors aren’t without their struggles, especially in today’s tough economic climate, but those in the middle, where sources said that Yahoo and TripleLift sit, struggle to differentiate themselves as the industry moves toward supply path optimization, which seeks to limit demand, not encourage it.

“SSPs that don’t have that differentiation [are in] a race to the bottom,” said an ad-tech exec, speaking anonymously to freely discuss industry relations. “[For an SSP] to be the preferred path for a DSP, if they can’t maintain that over the time, [they have to] lower the take rate, and then someone else is going to come in and undercut them.”

Solving for speed and signal loss

SSPs hoping to avoid this crunch can become faster at ferreting bid requests between advertisers and publishers with better tech, two publisher sources said.

This is especially true in the less developed area of transacting via contextual signals. Wohl said that some SSPs can take 24 hours to find a buyer based on contextual signals. By that time, an article that receives lots of traffic could already be out of the news cycle.

“Curations that can be done in real-time will be very valuable,” Wohl said.

And as more of publishers’ audiences become unaddressable due to cookie deprecation, SSPs can help publishers and their buyers use other signals, especially by enriching bid requests with contextual and behavioral signals, Wohl said.

SSPs can also help publishers test new cookie replacement solutions like Fledge and seller-defined audiences that publishers wouldn’t have the resources to test themselves, the publisher ad-tech source said.

TripleLift is already starting to adopt this playbook. The company’s connected television division was not competitive with other SSPs several years ago, two sources told Adweek. Late to the game of grabbing broadcaster inventory, TripleLift has leaned into its proprietary product that helps insert 2D signage and 3D product placements into TV shows, one of the sources said. NBCU recently announced a partnership to use the product.  

TripleLift did not respond to requests for comment.

Less is more

While publishers and buyers are both expecting more from SSPs, their interests are not 100% aligned. Publishers are seeking SSPs that make their inventory more attractive, ultimately growing their revenue, while buyers want better and cheaper inventory.

“You want to look for exchanges that have the least hops between the publisher and the DSP and fewer fees along the way,” said Kelly McAloon, associate director of programmatic at media agency Good Apple, describing her approach to picking SSPs to work with.

While it’s a shift from the more-demand-is-better mindset, many publishers are keen to provide direct paths to try and increase the value of their inventory rather than leaning on auction dynamics inflating bid density.

“There is definitely supply path optimization to drive DSPs to orient themselves toward the inventory as best they can,” Wohl said. “As a publisher, I’m into that. Let me give you the cleanest look at my inventory.”

Yahoo is shutting down its supply-side platform and pivoting its ad-tech business to focus on its demand-side platform, CEO Jim Lanzone told Adweek Thursday.

In the process, the company is laying off more than 20% of its total workforce and more than 50% of its ad-tech employees for a total of more than 1,600 people, Axios reported.

Lanzone said the decision was a result of a shift in business strategy and not the result of economic hardships roiling the advertising industry. Lanzone took the helm of Yahoo in September 2021, shortly after private equity firm Apollo bought Yahoo from Verizon.

“It’s really about narrowing our focus on the piece of ad tech we do best, which is our DSP [and] not spreading our resources too thinly across every part of the stack,” Lanzone said.

Yahoo will also refine the scope of its DSP to focus on the premium side of the market, Fortune 500 companies and top agencies instead of the long tail of advertisers, Lanzone said.

The decision casts a shadow over the SSP space, which multiple sources said has become increasingly commoditized in recent years, before taking into account recent economic headwinds. This week, SSP EMX filed for bankruptcy; back in January, Magnite laid off 6% of its staff.

Reflecting the health of Yahoo’s buy side of the business, which reportedly transacts billions in revenue, the number of advertisers spending over $1 million has increased every year for the past three years, per Yahoo chief revenue officer Elizabeth Herbst-Brady.

Publisher ad management platform CaféMedia and publisher Daily Mail, who both monetize via Yahoo, said the shuttering of the SSP would not likely cost them significant revenue. They also said they don’t plan to partner with another SSP to fill the void of Yahoo’s SSP, though both said the closure came as a surprise, as the product didn’t have any obvious flaws.

Yahoo plans to directly integrate some of its SSP publisher clients with its DSP, while other publishers will simply work with other SSPs, a spokesperson said.

Yahoo struggles to differentiate its SSP

The company, now called Yahoo, had made over 30 ad-tech acquisitions before being acquired by Apollo, Lanzone said (Yahoo itself merged with AOL in 2017). Yahoo struggled to find a way to consolidate all of this tech logically, especially when it came to the SSP, he added.

“It was extremely resource intensive and didn’t let any part of the business become exceptional, except for the DSP,” Lanzone said.

The current DSP is a result of six different companies and was able to merge seamlessly into one product much faster than the SSP, itself a combination of eight companies, said Herbst-Brady.

“The Yahoo SSP had no differentiating point,” said Jeremy Gan, svp of revenue operations and data strategy at Daily Mail, adding that he noticed Yahoo SSP’s user interface had actually improved in the past year.

While Yahoo’s SSP didn’t compare favorably with competitors, its DSP is on a par with industry leaders, like Google, The Trade Desk and Microsoft-owned Xandr, sources said.

We’ll definitely miss them in terms of our bid density.

Jeremy Gan, svp of revenue operations and data strategy at Daily Mail

A key way SSPs have been differentiating themselves in today’s market is building packages for private marketplace deals in light of industry trends toward supply-path optimization, said Ari Paparo, co-founder of ad-tech firm Beeswax and CEO of ad-tech media company Marketecture. But this requires a robust and expensive client-side staff that is inefficient for smaller SSPs.

“[SPO] accrues the benefit to a smaller number of larger SSP,” Paparo said.

Yahoo had already been right-sizing its sell-side ad tech. In November, it acquired a 25% stake in content recommendation firm Taboola in an all-equity deal. Yahoo’s internal native advertising product Gemini will shut down, a Yahoo spokesperson said.

A strong DSP product in transition

Yahoo’s SSP was a place publishers could count on for demand from Yahoo’s DSP, which will be one of the biggest consequences of the SSP’s shuttering, Gan said. However, the effects will likely be short-term as Yahoo redistributes its demand to different SSPs.

“We’ll definitely miss them in terms of our bid density,” Gan said.

Propelling Yahoo to its position as a top DSP is its ability to leverage its stores of consumer data, said a Yahoo programmatic partner who requested anonymity to discuss industry relationships freely. It’s easier for DSPs to sell audience data to buyers than for SSPs to leverage these assets, the source added.

But these strengths were not enough to let Yahoo’s DSP be all things to all clients.

Lanzone said Yahoo is pivoting away from long-tail advertisers to avoid “spreading itself too thin.” It’s a major pivot for the company, which has been focused on courting smaller performance advertisers as Meta and Google have successfully done, since former CEO Marissa Meyer’s tenure in the 2010s, a Yahoo spokesperson confirmed to Adweek.

“If you are going to cater to the long tail, you have to prove you have the science to drive performance,” the source said. “It’s hard to do that against Google and Facebook.”