The fundamental redesign of the data market

The Internet is about data exchange. WEB had ascended out of raw, fragmented data and a shallow level of user experience seamlessness. Later, with the advent of digital networks, aggregated user bases appeared, which started endlessly harvesting data from all over the Internet based on universal static identifiers (third-party cookies, mobile device ID, email, phone number etc). This is how we ended up in WEB2, where control of the internet is concentrated in the hands of three Internet gatekeepers - the data-centric corporations Alphabet, Meta, and Amazon.

“We’ve come to a point where we have to take action. A point where the power of digital businesses – especially the biggest gatekeepers – threatens our freedoms, our opportunities, even our democracy” – Executive Vice-President of European Commission Margrethe Vestager.

Valuable data-generating businesses (i.e., retailers and telecom operators) are limited in their value as data vendors for tech giants’ spyware-harvested Big Data. Moreover, by transferring data tied to static IDs, the data vendor loses all control over the further life of the data and the actual monetisation results. This imbalance is complemented by high legal costs to reduce third-party data-sharing risks and the danger that data segments may end up with direct competitors, resulting in unacceptable risks for the core business. This way, we find ourselves in a “surveillance capitalism” where unknown app trackers, stealing data from users' devices, and Data Management Platforms, collecting data to match different datasets tied to all kinds of static IDs, turned out to be the ultimate beneficiaries of the highly profitable data market instead of businesses who generate data on their own.

Brands are forced to search for advanced audience management tools fit for delivering relevant impressions while spending marketing budgets more efficiently than their competitors. Their pursuit motivates them to invest in building their data warehouses and discovering opportunities in the market for undervalued advertising inventory. Data exchange takes place based on the identical static IDs comprehendible to the market, which inevitably leads to privacy risks and, additionally, to the unwillingness of data vendors (retailers and telecoms) to share data. Furthermore, data handling serves both an analytical and an advertising goal - to deliver an impression to a relevant audience, which unavoidably means that brands transfer their customer databases to the vendors’ AdTech solutions. As a direct consequence, such data vendors expose themselves to uncontrollable risks of customer databases being leaked to competitors.

“One visit to a website, prompting one auction among advertisers, can result in a person’s personal data being seen by hundreds of organisations” - the UK Information Commissioner about oRTB.

The EU regulators carry on strengthening measures to protect user privacy. First of all, the GDPR dealt a blow to third-party data sharing. As a result, the business model of Data Management Platforms, various app trackers, and data brokers have become illegal in the EU and other countries that have successively adapted their data protection legislation. Coincidentally, this also constantly undermines the struggle against gatekeepers, as it strengthens the positions of "walled gardens" (Google, Meta and Amazon) while handicapping the other actors. Relying on third-party cookies, emails, and mobile-device IDs, the tech giants continue to apply gobs of their own data to deliver targeted ad impressions within WEB. Therefore, they strengthened their market power over the booming digital ads market, where triopoly managed to capture 80% of all market gains (442 billion dollars in 2021). At the same time, Meta's advertising revenue share is 98%, and Alphabet's - is 80%.

On top of that, the European Commission is persistent in taking new measures against digital monopolies. By the end of 2023, the Digital Markets Act and Digital Services Act, designed to limit the power of internet gatekeepers, should come into force. Moreover, the European Commission keeps Google under pressure to block third-party cookies in the Chrome browser. According to promises by Google, this is expected by the end of 2023. The entire advertising market is waiting for the apocalypse associated with blocking the primary user identification tool on desktop devices. Apple's approach has already shown how iOS restriction of apps' access to IDFA (mobile device ID) has led to a $10bn drop in Meta's annual in-app ads revenue and a painful collapse in the capitalisation of the Meta.

“Ten years ago, a page was turned on ‘too big to fail’ banks. Now — with DSA and DMA — we’re turning the page on ‘too big to care’ platforms” – the European Commissioner for Internal Market Thierry Breton.

myGaru solution

Since we define our mission by placing people's security at the heart of digital processes, we had no intent to create another workaround to the emerging regulatory restrictions. Creating our platform from scratch, we initially prioritised privacy and transparency. Providing a complete personal data lifecycle, we exclude third-party data sharing and data enrichment by participants. A cryptographic Onion ID is independent of any third-party cookies and mobile devices' IDs, unique for every user's Internet session.

With myGaru Segments Module, a business (data vendor and/or advertiser) can securely upload datasets avoiding any transfers of identifiable data. The mission of the Module is to ensure safe data transfers in compliance with the most robust GDPR requirements, which is achieved by:

• Full encryption of Personally Identifiable Information;

• Anonymising data during processing with regularly updated ephemeral segments&users IDs;

• Avoiding persistent identification on the user side;

• Enforcing statistical security measures during segment offload ("anonymisation");

• Audit logging to ensure only audited access to sensitive data.

Data vendors and advertisers can customise access levels for their data segments. The product architecture opens up a pay-per-use approach to data handling and other techniques for explicit control of the data provided. For example, the rule of access to a given segment to a specific partner is empowered by the principle of three access keys.

Businesses get unique anonymised analytics by layering the available segments in the myGaru Segments. After that, they can create ad campaigns based on multi-attributed segments in the myGaru DSP. The decisive point is that the myGaru ecosystem contains full-stack AdTech tools avoiding any intermediaries during ad serving.

From a legal point of view, myGaru acts as a data intermediary for people. In pursuit of user privacy, we can revoke perjurious consents and require from various data brokers (e.g., DMPs) deletion of personal data related to people protected by myGaru. According to the European regulators' requirements, the role of data intermediary is unavailable for companies affiliated with data-related businesses (e.g., telecoms, retailers, Google, Meta). Therefore myGaru DPIA acts as a common denominator when exchanging data between businesses, significantly reducing data compliance costs and eliminating data leakage risks.

An ad conversion affects the value of each ad impression. That is why the same mentioned tech giants are dominating the data analytics market investments. In our platform, analysts get access to opportunities to create and market analytics tools based on data noised using the Differentiation Privacy technique. By doing so, we are shaping entirely new liberty for analysts and data vendors; thus, the free market's invisible hand will balance digital advertising market revenue distribution among a vast number of participants compared to WEB2.

By guaranteeing an individual supreme privacy and control, we create a trusted environment where the rules are enforced by design:

• Session-based cryptographically protected Onion ID;

• Decentralised storage of raw data;

• Prevention of data enrichment;

• Direct market access, avoiding gatekeepers;

• Billing with smart contracts and revenue-sharing principles;

• Distributed consensus to verify all data-related transactions (crypto Audit log).

By creating transparent conditions for all participants, we embody the Ukrainian vision of WEB3, where data exchange is founded on the principles of liberalisation, democratisation, and trust. We believe that a level playing field unlocks the true power of the data and conveys endless rewards for the online community.