Recently, one of our fellow mobile measurement partners (MMPs) has been in the news for a disagreeable reason: on August 29, the FTC sued Kochava for selling sensitive consumer data.
More specifically, the FTC alleges that Kochava has been selling geolocation data that “can be used to identify people and trace their movements.”
At Branch, we typically try to avoid commenting on situations like these. However, the headlines for this story are alarming enough that a number of our customers have reached out to us with questions. They want to know what this news means for Branch, and what it might mean for them.
In other words, customers are asking if the data of their own users might also be for sale.
This answer is very simple, so I want to make sure it is completely and impeccably clear: Branch does not sell our customers’ user data. We never have, and we never will. This has been one of our core principles going back to the beginning of the company.
But how did this situation happen?
I could end this blog post right here. But I know at least a few readers will want to understand why we are having this conversation in the first place. The ad tech ecosystem is complex, and we don’t always do a good job of explaining things in a way that makes sense for people outside the circle.
In Kochava’s case, the FTC lawsuit stems from a different line of business known as the Kochava Collective. This is completely separate from Kochava’s MMP (which provides ad attribution), and does not include any data collected by their MMP product (for a full explanation, here is the open letter from Kochava’s CEO).
Why does this matter? Keeping customer data private and confidential is inherent to an MMP’s existence. In fact, this is a fundamental tenet of what it means to be a mobile measurement partner: we exist to serve as your trusted independent arbiter, acting on your behalf to provide accurate and unbiased ad measurement. And just to avoid any confusion, there is no valid reason why an MMP would need access to a user’s precise location coordinates (you can’t send this kind of geolocation data to Branch even if you wanted to — we can’t use it, and we don’t want it).
Unfortunately, the distinction between Kochava’s MMP offering and the Kochava Collective is almost universally getting lost in the noise.
As a brand, what should you be thinking about for the future?
Stories like this one are not exactly new for the adtech industry, but the importance of user privacy has only grown over the past two years. This means it will become even more critical for brands to carefully consider the vendors they partner with, and to understand not only the risk of the products they are using, but also any reputational risks relating to the vendors that they select.
Yes, any respectable MMP will keep your user data private and confidential. That is true by definition today, and is unlikely to change in future. But in this new world, where privacy has become an insanely complex, three body problem and news stories about user privacy and data security can spread like wildfire, companies have to look at an even bigger picture: are there other areas of reputational exposure relating to this vendor that could hurt my brand?
At the end of the day, you cannot succeed in the digital world without working with partners, so it’s critical to make sure you’re keeping good company. At Branch, our commitment is to be an industry-leading MMP and a partner that you can be proud to work with.