Episode 7 - CMP: Adoption & Market Share Analysis

June 6, 2022

DataChat LIVE! Episode 7: CMP: Adoption & Market Share Analysis

Join digital marketing and analytics leaders for regular live discussions around data problem-solving, industry news, strategy, governance, technology, regulations, and more!

In this episode we discuss insights and trends in:  

  • Adoption, implementation completeness, and functionality of CMPs in the US and Europe
  • Privacy technology challenges you should be aware of
  • Prominent CMP providers and their market share
  • Which Tag Management System (TMS) was paired with which CMP providers
  • Dark pattern privacy fines and how to avoid them

Mike Fong 

Mike Fong is the Sr. Manager of Product Go To Market at ObservePoint and assists in aligning the Product, Marketing, and Revenue teams on product strategy, value propositions, and promotion. Previously a Senior Consultant and Solutions Engineer on ObservePoint’s EMEA team in London, Mike has been integral in ensuring ObservePoint users are obtaining the highest quality of data from their marketing technologies. With over 10 years of experience in the analytics world, Mike is an expert when it comes to data analytics, SQL, problem solving, and spreading good vibes.


Cameron Cowan

Cameron Cowan is the Sr. Director of Product Strategy & Marketing at ObservePoint and a veteran of the marketing analytics, digital advertising, and enterprise software industries. He plays an active role in product management, technical marketing, and GTM execution. Prior to his time at Strala, Cameron spent 13 years working for Adobe (via the Omniture acquisition), and gained experience in account management, consulting, and technical sales before establishing himself as a leader in product management, technical marketing, and business strategy. His career has included living overseas on multiple occasions and collaborating with marketers and technologists on four continents.


Subscribe to future episodes here and follow our podcast on SpotifyBuzzsprout, and Stitcher!



DataChat LIVE! Episode #7: CMP: Adoption & Market Share Analysis

Cameron Cowan, Sr. Director of Product Strategy, and Mike Fong, Sr. Manager of Product GTM, discuss the adoption, implementation completeness, and functionality of CMPs and more trending topics.


Cameron Cowan: (00:02)
Hi everybody and welcome to the April edition of DataChat LIVE! This is Cameron Cowan coming to you live from Pleasant Grove, Utah here at ObservePoint headquarters. For those of you who don't know me, I help run product strategy here at ObservePoint and joining me as often is the case, across the pond over in London is Mike Fong. Mike say hello to everybody. 

Mike Fong: (00:27)
Hello everybody joining you from central London. How are you, Cameron? 

Cameron Cowan: (00:32)
I'm doing well. How are you, Mike? 

Mike Fong: (00:34)
I'm really good. It's great to be on another session talking to our audience, talking to you. 

Cameron Cowan: (00:41)
Yeah, we got a few interesting topics to jump into. Some things for those that are interested in privacy. Something interesting to those in the analytics space. Where do you want to start? 

Mike Fong: (00:52)
Well, let's talk about an event that you attended. You went to IAPP Global Privacy Summit, right? 

Cameron Cowan: (01:00)
That is correct. 

Mike Fong: (01:01)
I wish I could have gone, but they didn't fund me to go cause you were closer. So why don't you tell me what you saw, what you experienced. Take a minute. 

Cameron Cowan: (01:09)
So for those of you that don't know, IAPP stands for the International Association of Privacy Professionals. ObservePoint is proud to be one of the newest corporate members of the IAPP, and as part of that, we, as you said, we decided to sponsor the big global summit that happens every year in Washington, DC. A lot of really interesting findings. This was ObservePoint's first sponsorship of a privacy show. We, for years, as you know, have been involved in the analytics space in Tag Management and MarTech, but really getting deeper into the privacy offering that we have and just try to understand and solve problems for specifically privacy professionals. In fact, I think you can, brought up right here, Mike, the regulatory world view, I thought this was just fascinating. So Brad Smith from Microsoft was one of the closing keynotes, and what he observed through this visual was how many different jurisdictions, how many different nations throughout the world are now covered by some level of data privacy regulation law or legislation. Now Mike, I know you've been experiencing this probably longer than most, being there in London. Europe's been one of the leaders in this space. What's your takeaway from seeing a visual like this? 

Mike Fong: (02:29)
This reminds me of one of those, films about like a virus, like a deadly virus spreading throughout the world, or maybe one of those games, Pandemic, but actually this is just simply privacy regulations spreading throughout the world. And it's obviously with GDPR starting in Europe, it would've started in that, in the center there, you know, the center of the world, of course, which is what Europe is. But no, it's great to see that data privacy is being taken seriously across the world. It's spreading to almost all continents. We can see Africa's probably going to be the next large growth spot. We know that the US has a few states that have state level privacy laws and Cameron, correct me if I'm wrong, are they discussing or just debating a federal level? 

Cameron Cowan: (03:24)
Yeah, it was one of the big topics of the event in DC is the need and the desire for a lot of folks to have a national level privacy regulation and guidance, here in the United States. As you mentioned, there's been kind of some state by state discussion. California was the first with CCPA and then the revamped rules around CPRA. Then you had Virginia and Colorado come online just this last month. Utah, us here in Utah, we became number four as far as states that have officially passed legislation, but if you start getting piecemeal and you have 50 individual different guidances and regulations that you have to abide by, that's a lot to get your head around. That's a lot to line up. Then the question is, which standards do you don't have to follow and to what degree? So, I think everybody, including Tim cook from apple who was there and did the opening keynote, including Brad Smith, who I mentioned, from Microsoft, the president of the IAPP they're, they're all definitely pushing and urging us to do what we can, to write to your representatives and really push forward this idea of a comprehensive national level data privacy law. not just all these here. 

Mike Fong: (04:30)
Are you going to write a letter or are you going to write a strongly worded email? 

Cameron Cowan: (04:34)
I'm old fashioned. I want to get on the phone and talk to my rep. Fortunately, I think I actually know who that is here in Utah. Like I said, we've already got our own privacy legislations. I don't want to say we're covered, but I agree. We need something that's more national level. I like the model of what you guys did out in Europe and I think we should be following, maybe not as strict, but something similar that's a little more broad and encompassing. 

Mike Fong: (05:00)
And Cameron, just a quick question from my side of the pond. I've not been following this US as closely. Would you say that the four states are broadly very similar, essentially copy and paste level of rights being assigned to the individual? Or would you say that they've each gone an individual, or each state has in a independent way of coming to their laws and would that, if that were the case, would that make it more difficult for a federal level regulation to kind of cover all bases satisfactorily? 

Cameron Cowan: (05:36)
Yeah, it's a good question and frankly, they are all similar but different and they have some notable differences. I think California is probably the most different, out of the four. Utah tended to follow a lot of the same guidance and guidelines as what we see in Virginia and Colorado. So there are similarities between those three. California is a bit of an outlier. None of them are to the extent of what we've seen in Europe with GDPR, but I think if you see this permeate across 50 different states, as well as additional territories, you can see quite a bit of variability, which, it's a lot of overhead. It's a lot to think about. It's a lot to get your head around if running a privacy program. 

Mike Fong: (06:18)
Sure. I can imagine it's going to be quite a debate, potentially a politicized debate as well to get to a federal or a state level regulation. So I want to move on. Obviously as ObservePoint, we are very interested in helping customers get the most and ensure data quality and data privacy of and user experience of their websites. But at IAPP you weren't talking to digital marketers and analysts were you? What was the audience like and what was their view on the data space? 

Cameron Cowan: (06:55)
Yeah, it was interesting because I think we knew it was going to be a little bit of a different audience. Instead of heavy on the analyst and marketer side for a lot of the conferences we typically go to, we knew there'd be a lot more privacy professionals, legal professionals. I don't think I anticipated to the extent to which I would be just speaking to lawyers all day every day at the conference. There was,  I would say between 70-75% of everyone there was a lawyer and was being pulled into data privacy, but their expertise was the law, not so much the technologies and the data collection components that we're pretty familiar with. So I definitely saw variability but I think the other thing that I heard loud and clear was that these people that are in charge of data privacy, whether it's the program manager, the DPO,  the in-house counsel, they don't know and talk to the marketers and the data analysts really at all. 

Cameron Cowan: (07:49)
In fact, we found out that we had 41 of our customer brands were represented at the conference. And so we actually talked to each one of our account champions, the contacts that we have over those companies before the event and we only found that three out of the 41 even knew who the people from their own company, that were going to the event, even knew who they were. And those three, only two of them had ever actually talked to that person before. So we are seeing this massive disconnect between the people that are responsible for data privacy and the people that are collecting the data and setting up the tags and really responsible for the implementation, kind of the control,  of data collection. It was a really big insight that we had coming out of that event is how do we make more of these connections? 

Cameron Cowan: (08:34)
In fact, the number one session that I went to, that I was most impressed by, and one of the best attended sessions of the whole event was the afternoon, the last session of the very first day of the conference. And it was called Marketing 101 for Privacy Professionals. And there were so many people that were in there and buzzing in at questions because honestly they know it's a gap. They know they need to understand the marketing and MarTech ecosystem better because all the data that's collected therein, they're ultimately responsible to make sure it conforms with the regulations and guidelines that they've set about as companies. But they also know that's a blind spot. They haven't been doing that in the past and they're eager to make up lost time and lost ground. 

Mike Fong: (09:13)
We've been saying all along here at ObservePoint and telling our audience and our customers that while the digital analysts and the tag management teams, they actually make the decisions on what tags, what custom dimensions, EVARS, props, whatever you want to call them. They make the, I would say, the executionary decisions, but they always do it on behalf of their stakeholders. If a marketing team says, “I want to track this,” or “I want to resell this on a Facebook ad or a LinkedIn ad,” we always implement those technologies on behalf of our stakeholders. Now, the issue is here. Traditionally legal teams have never been our stakeholders. It's not a case of the left hand not talking to the right hand. I actually see it more as like the left foot and the right foot not being coordinated. 

Mike Fong: (10:02)
And the brain actually needs to do the coordination first. Like when you're a child or a toddler, your brain is working really hard to get the left foot and the right foot to do things in the right order. One step, two step, three step, four step. But at the moment, because the legal tech space or privacy tech space is so in its infancy, many organizations haven't even put those two together, right? So it gets to the point where you need the corporate level and the executive leadership team level to actually tell the legal and the digital marketing analytics teams to actually get together, because legal teams don't know, legal teams have never been our stakeholders, and we've never been stakeholders over the legal team. So it's very much a situation where we need to bridge that gap. And, Cameron, anything you've learned from that conference, what would be the message you want to say to our audience today to get them to bash heads together with the legal counsel colleagues? 

Cameron Cowan: (11:00)
Well, that's just it. Get to know them. I mean, if you don't already know who runs your data privacy program, who's ultimately responsible for it, whether it sits under the head of legal or a separate data privacy office that's been created just for this purpose, reach out, learn who they are. In fact, it came up in that session I mentioned. Just take them to lunch or to coffee or to some opportunity just to build that bridge, to make that connection. Don't even worry about explaining all the things that you do and all the things that they do. Simply just get to know that person and build that relationship so you can then start to have those deeper discussions. It's a real small step. The problem is both sides are sitting kind of on separate cliffs and we're waiting for the other side to make that connection or to reach out. So don't wait. Be the person that reaches out and makes the connection. 

Mike Fong: (11:46)
I think you're absolutely right there. In terms of who takes who out to coffee, I'd say the legal counselor takes the marketer out to coffee. 

Cameron Cowan: (11:55)
Is that just based on overall salary ranges? 

Mike Fong: (11:58)
That's based on expectations, perhaps. So Cameron, thanks for talking about the I IAPP, and a very, I guess, a related topic. One of the things that we did, in run up to IAPP, was to actually look at something that I thought would be quite easy to find, which was the market share of consent management platforms. Now after about a whole 5-10 minutes of Googling, it wasn't easy. So what ObservePoint did, or what we did, we actually did our own analysis of consent management platform market shares and we some pretty interesting findings. 

Cameron Cowan: (12:36)
So when there's no research, we do our own, is what you're saying. 

Mike Fong: (12:39)
Yeah. I mean you'd almost call me an academic. You can call me Professor Fong if you want to.

Cameron Cowan: (12:46)
As you dive into that, just so everyone's on the same page, Mike, define what is a consent management platform. I've heard you use the term CMP, what is that? 

Mike Fong: (12:54)
A consent management platform is a technology, typically provided by a third party, but you can build one yourself if you have the appetite, but a consent management platform is your website, and it allows your customers to opt in or opt out of digital marketing and advertising technologies and a CMP, in essence, helps you ensure your website is in line with data regulations like GDPR or CCPA, or any equivalent. 

Cameron Cowan: (13:29)
Okay. So from a front end, it allows a user, somebody, a visitor to your website, to tell you exactly what they're comfortable with you collecting or understanding about them. And from a backend perspective, it's then all the controls that actually make that reality and don't just make them feel good, cuz they click on one button or another. 

Mike Fong: (13:46)
Exactly. So I want to focus today on what we found in terms of just penetration or for frequency you might call it, of consent management platforms across the dataset. So we scanned over a thousand websites and we grouped those websites. Well firstly, before we get into grouping, we found out about 33. So just exactly a third of all the websites we scanned actually had a consent management platform. What do you feel about that Cameron? Surprised? Not surprised. 

Cameron Cowan: (14:21)
A little disappointed if nothing else. I understand that CMP adoption, especially outside of Europe, has been a little bit slower. Maybe that's the first question of whether I'm surprised or not. The first question I'd have for you is, what's the breakdown? I mean, are we talking about heavily North American companies here? Are we talking 50/50 with Europe or other parts of the world? What was that breakdown geographically? 

Mike Fong: (14:42)
Well, you've jumped the gun, but seeing as you have, I'll answer, we actually found that approximately, equal even, proportion of US and European, yeah US Northern American companies and European organizations had about a third of all of those organization’s websites contained a consent management platform. Now slightly surprising, but probably within the margin of error. We actually found the US were ahead of Europe. 

Mike Fong: (15:19)
That may be because of the multinationals in our organization as our clients and that we scanned that actually their results were very, very similar. 

Cameron Cowan: (15:28)
So I'd say if that's the true breakdown, that does surprise me. I think I assumed that especially European based and headquartered companies would be well over 50%, probably closer to 70 or 80% just because not only is it required by the more strict regulation around GDPR, but there's actual fines that are being handed out right now. We've heard about fines going out to some of the biggest companies in the world, millions and tens of millions of euros. I mean, are you seeing that right? 

Mike Fong: (15:56)
Yeah, absolutely, and I think what this data says to me is that if your organization hasn't selected a CMP yet, and you're in Europe, you can be confident that you're still in a crowd. It's still a lot of people that haven’t installed their CMP yet. And so it's never too late and just to get started on that journey. The third actually surprised me because I genuinely thought that more than a third across the world would actually have installed a CMP by now. But it also tells you that there's still a lot of growth in the sector, right? 

Cameron Cowan: (16:37)
Yeah, and I think the third from US based companies, North American based companies, that seems a little more in line with what I was expecting. Obviously, we don't have the requirement to have a consent banner on every possible landing page for a website. I still do know a lot of the bigger organizations, as you mentioned the multinationals, because they're already adhering to European standards. They just bring their whole global operation in line with that and so I would expect some of that drafting happening. And I also know that even here in the US where it's not required to have consent explicitly, there's still a lot of people that are baking a CMP in behind the scenes. Every page has to have a privacy policy, for example. And I know, I see a lot of websites where if I actually click into that privacy policy, there's still all the same controls that a CMP offers I can still opt in or opt out of advertising pixels or analytics tracking or things like that. So I think the 34% for US headquarters are a little bit more in line with what I was expecting. I hope to see that creep up over time, but Europe, while you may be in a crowd, I think you're still probably a little bit behind the game and you'll want to get moving on that. 

Mike Fong: (17:45)
Absolutely. And I found this quite funny. I found a vendor for CCPA and essentially in order to be CCPA compliant, you just need to be able to offer your customer the option to opt out. So I found a so-called technology vendor, I won't name them, but essentially they just provide a phone number for you to call to opt out. 

Cameron Cowan: (18:10)

Mike Fong: (18:11)
And I think that was a very low tech and, I would say, a slightly inelegant solution to the regulation, but at the same time effective. 

Cameron Cowan: (18:21)
Yeah. I'm sure that lowers their opt out rate. I don't know how well that does or doesn't follow anyone's interpretation of that law. 

Mike Fong: (18:28)
All I hope is it's not a premium rate phone number, right? 

Cameron Cowan: (18:32)

Mike Fong: (18:33)
Okay. So let's move on. So we've looked at overall. We've kind of divided it into European and US segmentations. The next thing we looked at was actually the market share of the CMP vendors. And this one actually yielded some more interesting than I was expecting. It appears that in North America, OneTrust and TrustArc are the clear dominant two providers. Whereas in Europe there's actually a wider range of vendors. So you can see OneTrust and TrustArc on the bottom right pie chart. They still make up over 75% of the market between them but the remaining vendors are still visible on this chart. Whereas for North America, TrustArc and OneTrust are just blowing it away. It's almost like maybe the smaller vendors haven't approached the US market yet or maybe they're focusing on the EMEA market, but it just seems to me that there's a lot stronger… it's more of a competitive field than in the US. 

Cameron Cowan: (19:41)
Yeah, no, I don't know. I think in some ways I feel like this is a function of the maturity of the privacy model and just experience in Europe GDPR went into effect in, what was it, 2018? 

Mike Fong: (19:54)

Cameron Cowan: (19:55)
Yeah. So, I mean, you guys have had a number of more years to actually get in, to try out what you think will work, to rev on that or switch vendors as you had individual needs. I think as you start to see some of that longer tail of CMPs come into play in Europe, it's simply because not all technologies fit all needs in the same way. We see that across all technology landscape and as you start to get more nuanced on exactly what you need and what you do and don't like about a given technology, you're going to start seeing some of those other more niche players creep up. And I think you're also right. There's a lot of the folks in Europe, the technologies that simply haven't made their way over across the Atlantic yet. In fact, I just had lunch a couple weeks ago with a local product manager that was hired by a European firm because they're getting ready to really make a big move into the United States. And so I think you're going to start seeing more and more of that other bucket creep open and wider. I still think OneTrust and TrustArc are in great positions to be strong players and leaders in the space, but I do expect to see more variety as the US market catches up as far as its maturity in the privacy space. 

Mike Fong: (21:06)
Great. Thanks for weighing in on that, Cameron. So we're running short on time. There are more insights in this report, so if anyone in the audience is considering a CMP or choosing or considering changing, our consent management platforms, adoption and market share analysis report will be released tomorrow. So, come to our website and sign and you can download your copy and you can learn more on what's available and also which are the leaders in your region. 

Cameron Cowan: (21:35)
Yep. And I'd say one other thing as  we step away from that report, and that is, don't assume that just because you've got a CMP or you did the initial implementation that it's still running exactly the way it did on day one. I think we learned this the hard way. I think back to my years at Omniture and everything, John Pestana, our co-founder, learned about analytics. It's like once you get analytics up and running on day one, it's great. And then a month later, and then a quarter later, and then a year later, things start to decay. Entropy happens. That's true not just in the analytics space, it's true in the CMP space. It's really true with all technologies that you implement on a website. They decay over time and so you want to keep an eye on, are there pages that are simply missing that tag? Is that CMP banner not only firing, but is it still connected and working with your TMS to make sure the right data is being collected in the right way? I'm not going to call anybody out by name, but I've run several ObservePoint scans on the leading CMP providers that you showed in that report and not a single one of them has their tag and their banner on every single page. So even they have challenges keeping up everything on their website

Mike Fong: (22:39)
Every single page of their own website?

Cameron Cowan: (22:41)
Of their own website. So if they're not doing it a hundred percent perfectly on their own website as the provider of that technology, you can only imagine how you and their customers are potentially having similar gaps that they need to close as well. 

Mike Fong: (22:55)
Awesome. So finally we're going to end our session today. Just a reminder to our audience, feel free to post your questions in the chat, so far we haven't got any, so you guys better get some questions out there. Feel free to talk to us, but just a bit of a public service announcement from Google analytics themselves. So Cameron, do you want to start talking about this while I just bring up the email? 

Cameron Cowan: (23:20)
Yeah, so this shouldn't be news to too many people. I think we all got hit by multiple messages from Google, but the end is coming and we've seen now a specific date. Google has let us all know that Google Universal Analytics will be sunset. It will be mid next year. So we've got a bit of a ramp, but as most people that have a complex or a large installment of any analytics platform know it takes time to migrate to anything. And so we want to be thinking about that now. GA4 is the new standard and for those of you who aren't familiar with it, we talked about it in some depth in a previous DataChat LIVE! but it's notably different from previous Google Analytics versions. The structure of the data, how it's collected, how it's organized. So you're going to want to get your head around that now. Mike, I don't know what your perspective is. Have you worked with any customers that are making this migration or just understanding how different GA4 is from Universal Analytics? 

Mike Fong: (24:16)
Yeah, so I haven't dived into it myself. I know that GA4 is more event based rather than kind of event and page load based and July the first date, I believe it's the same date as was previously announced, so this really is a reminder from Google. One of the things that we have seen with Google before is that they let dates slip when their customers are resisting change, but in this situation, we know that, or we believe that they're not going to let it slip because of the data privacy improvements in GA4. A lot of our customers are also taking the opportunity to actually migrate to server side, potentially GTM server side or another server side provider. So just perhaps Telium or Adobe Launch. So what we are seeing is a lot of migration projects. So again, if you are working on this this year, come talk to us. We can definitely help our customers who I know a lot of our customers are listening. We can definitely help with server side migrations and ensuring that you get basically just a clean start on July the first, to ensure that you've got that continuity of your data as well and comparing the GA4 with the GA 360. 

Cameron Cowan: (25:29)
Yeah, and I think it's also a good opportunity for brands to just reevaluate where they're at. I know I had a discussion just last week with a large insurance provider here in the United States. And they're considering, do we keep going in the Google ecosystem or does this make an opportunity to do a clean break, whether it's to go to Adobe or some other platform that collects the data we need in the way we need it? I think it really is a nice inflection point for all of us. I'm not saying go away from Google. I'm saying take the time to evaluate, because it is a notable change. The last thing I want to end on, and this question is for you, Mike, is you mentioned the push partly because of the privacy improvements and we have heard the GA4 is supposed to have more privacy compliant ways of processing and storing data and things like that. It was pretty big news earlier this year about some of the rulings that came down from the continental Europe. I want to say it was Austria and there was one other country… was it Germany?

Mike Fong: (26:21)

Cameron Cowan: (26:22)
France. And they said that essentially the way certain companies have set up their Google Analytics deployment, it wasn't legal based on privacy laws in those jurisdictions. Do you see this shift to GA4 kind of mitigating that and getting us past that concern? Or are there people still concerned about just data collection in general from Google? 

Mike Fong: (26:43)
Yeah, so ultimately, I read the legal text and fundamentally the US has laws which allow the FBI to demand Google to handover data. A lot of commentators saw that as data centers are in America, therefore the can reach them. And so what Google have done is actually, with the new implementations, through server side, you can actually choose European data centers. So obviously that does physically remove the data from America, but does it fully remove it from the grasp or the reach of the cloud act? Can the FBI go to Google and say, “hey, Google, give us the data from your European servers, your European data centers.'' Personally, I think it's a step in the right direction. Obviously Google is making changes. They want to ensure the continuity of their analytics business, but I think there's still more political ping pong to be played for a few more months yet. 

Cameron Cowan: (27:41)
Well and we have heard that there have been meaningful movements forward in progress to agreeing to terms, at least in principle, not signed into law, but about reestablishing a better framework for cross continental data transfer between Europe and the United States. So fingers crossed. Hope that continues to move in the right direction and we get to a much better place than where we've been kind of in limbo, honestly, for the last couple years since the previous arrangement was nullified. 

Mike Fong: (28:07)
Yeah. Okay, Cameron. We've got a couple of questions from the audience. Andy has asked us, “have you observed any performance benefits to server side hosted CMPs versus third party hosted solutions?” Personally, I don't think I've seen a server side hosted CMP. Cameron, have you seen any? 

Cameron Cowan: (28:30)
I haven't. I'm trying to think of how that would work. I could see some minor benefits. A lot of times when we see people move certain tags server side, they see small bumps in just page performance. One of the questions I have honestly, is with CMP being so centered around privacy going server side, does that create a layer of obfuscation where people can't actually see transparently, what is and isn't being collected and how? I'm actually kind of expecting that topic to bubble up, especially in Europe here in the coming months and years to see if server side really going to be fully viable. 

Mike Fong: (29:09)
I'll keep a look out for it. And then again, just to end these questions, if we generalize it to tags in general, we have seen some improvements for tags that have gone server side, but at the moment, the majority of third party tags, haven't got service side equivalence. So it's very hard to deliver a live chat experience server side. It's very hard to deliver an AB test server side. It's very hard to deliver an AB test without screen flicker because actually there's an additional layer of network activity. So actually, you make your AB testing more difficult. There's many tags that at the moment cannot technically be delivered server side. So it's something to think about. Diana has asked, “does ObservePoint

Mike Fong: (29:56)
work with server side deployments. So again, very similar question on server side. We will help customers during the migration process. We know that again, as I said, the vast majority of tags don't have server side equivalence, and while some technologies will gradually build up their repertoire of implementation options, we expect at the moment maybe 95% of your tags are still going to be on a client side. And then the small number of tags that are on the server side, those server side vendors will actually be providing better data quality options off the shelf, right? Because all your data is coming from a single server or a cloud, but they're all consistent. So that actually the necessity for ObservePoint is decreased and you should be able to have a much better data quality experience without needing ObservePoint. 

Mike Fong: (30:52)
Now, on the flip side, there is actually the service side tag itself. So for Telium, that's your Telium collect tag. For Google, it might be your first party server side tracking forward slash collect tag. That becomes all important. It becomes even more important than data layers. It's kind of all your eggs in one basket. So ObservePoint will still be there to help you validate that key. Essentially it's a trunk of the tree, whereas all your tags become kind of the branches spreading out. And the final question from Yong is “why do you think the entry to barrier for CMP is so high for a new vendor when the technology behind CMPs is not that complicated?” I think Yong’s question is about CMP vendors. So coming up to rival against OneTrust and TrustArc. I'm not a venture capitalist. I'm not John Pestana, but I would had to guess that marketing budgets and go-to market strategies and just organizational focus is part of it. Cameron, do you have any opinions on that? 

Cameron Cowan: (31:56)
Yeah. I've often heard “you fish where the fish are.” So, I don't think it's necessarily even barrier to entry. I just think it's focus. I've met a number of CMP vendors that we're working to partner with that simply have been focused in Europe because that's where the earliest legislations and and guidelines have come from. They always planned on moving outside of continental Europe, going to America, Australia, Singapore, all of Asia, but the focus has been on Europe simply because that's where the money is to be made and I think as you start to see more privacy regulations roll out in different jurisdictions across the globe, you're going to see the CMP vendors follow that money as well. 

Mike Fong: (32:33)
And then the final question. I know we are really short of time. So final question from Andy, “in our CMP analysis, did [we] only look at third party platforms existence on the site or was there a focus on cookie consent versus privacy policy or cookie policies?” That's quite a big question, Andy. What I would say is that for the specific analysis we shared, we very much only looked at consent management platforms, market share, and penetrate, but ObservePoint is capable of scanning pretty much everything on your site, whether you want to know about digital marketing analytics, you want to about know about the page performance or the user experience aspects, or testing if you are opted in and you're opted out states are valid, are actually meeting those data requirements. I think that's what the question is, but Andy, if I didn’t answer your question, feel free to reach out to us. 

Cameron Cowan: (33:26)
Yeah, it's a great call out because I think a lot of people say, “well if I don't have a CMP on my site, I don't need a scan for how compliant I am from a privacy policy perspective” but you still need that privacy link, privacy  policy link on every single page. If you're adhering to CCPA and the updates to CPRA for California, you need to make sure that you have a way to identify do not sell and do not share. So there's a lot more to privacy compliance and kind of validating and governing that space than just CMP validation. I think CMP validation is just kind of the forefront of it and you want to, are you doing all of those checks to really make sure no matter what jurisdiction you're in, you're lining up with how your business wants to comply with policy regulations. 

Mike Fong: (34:08)
Great. Cameron, we're just about out of time. 

Cameron Cowan: (34:12)
Yeah, great chat as always. I think we could probably go for another half hour, but I want to thank you, Mike, for joining us from London. I want to thank everyone that dialed in live to the call. Thanks for joining us. If you want to, as Mike said, you can get onto the ObservePoint website and download that new research we did around CMP market share. As we mentioned early on, we're really happy to be the IAPP's newest corporate member, and you can read about that on our press release. Otherwise for now, and for Mike, I want to say thank you everybody. Enjoy the rest of your day and we'll see you on the next DataChat LIVE! 

Mike Fong: (34:46)
Thanks everybody.

Previous Video
Episode 8: Transatlantic Data Privacy
Episode 8: Transatlantic Data Privacy

Guest speaker Jeff Wheeler, Head of Product, Didomi, joins the discussion on transatlantic data privacy reg...

Next Video
Episode 6: 2022 Digital Governance Report
Episode 6: 2022 Digital Governance Report

Cameron Cowan, Sr. Director of Product Strategy, and Mike Fong, Sr. Manager of Product GTM, discuss the fin...