What’s the success rate for people trying to evade marketing surveillance on the web?

I think it’s zero. Check out the story of Ross William Ulbricht AKA “Dread Pirate Roberts” of Silk Road infamy. He was alleged to be responsible for the sales of over $1 billion in heroin on the dark web. He had very good reason to cover his tracks–a long stint in Federal Maximum Sercurity–and was, by all accounts, very computer and security literate. Yet he couldn’t do it. There’s other stories of sophisticated cyber-criminals getting tripped up by basic OpSec lapses.

So what’s the chance that a normal person like you or me is going to perfectly:

• Always use their VPN?
• Have a  perfectly-configured ad blocker and always use it?
• Keep Google’s mitts off our location?
• Never log in to a site that shares anonymous login data?

It’s zero. It’s much safer to assume that some of our digital ephemera, whether it’s some login or log of an IP address, or device ID, is available to match or “onboard.” That means that it’s likely that we can be matched anonymously to some data that can, at the very least, say “hey, there’s a real human here.”

But when we attempt to advertise online and can’t match the cookie/mobile ID/etc. to an identity graph–after applying tons of (lousy) ad tech and mar tech solutions– we tend to do the stupidest thing possible. We look for yet more data to try to match that thing into an audience. Somehow the concept of “match rate” has overwhelmed good common sense in marketing.

Given that you can reach over 4 billion MAUs on the top 50 publishers in the US, and over 2.3 billion MAUs via the top 25 ad networks, William of Ockham suggests it’s more likely the weird isn’t human. Work with what you have. There’s more than enough MAU on any reputable publisher to hit your objectives, whether they are lower-funnel or pure reach/frequency.

Toss away the weird and focus on the impressions that you’re pretty sure are being served to some human. Ads served to and seen by any humans will always out-perform ads served to bots.

My alternative for digital marketing is to use a Zero Trust or operations security method of operations. When something looks weird, i.e. you have any doubt that it might not be a person, it’s not an outlier. Throw it away. Adding more data to something weird won’t turn it to normal, particularly when you start spending money on tertiary data and another sketchy vendor.

Weird gets noticed. That’s the way we tend to identify criminals, tax cheats, and terrorists. If it works for those categories, it should work for your digital marketing.

Takeaway: If it’s weird, it’s wrong. Don’t fixate on more data or match rate. Don’t try to fix weird and work with what’s real. And win.