Making Data-driven Decisions in a Privacy-centric World

Episode 329

State of Identity Podcast


Episode 329

Making Data-driven Decisions in a Privacy-centric World

Measuring the reach of digital advertising and smartphone app performance is a difficult task made more challenging by tightening data privacy regulations. Edik Mitelman, SVP & GM of Privacy Cloud at AppsFlyer joins host Cameron D’Ambrosi to discuss the current state of the consumer data landscape, how platforms must balance first- and third-party data usage, and why the death of cookies is a tremendous opportunity.


Cameron D'Ambrosi, Senior Principal at Liminal


Edik Mitelman, SVP & General Manager of Privacy Cloud


Share this episode:

Cameron D’Ambrosi [00:00:02] Welcome to State of Identity. I’m your host, Cameron D’Ambrosi. Joining me this week is Edik Mitelman, general manager of privacy cloud at AppsFlyer. Edik, welcome to the state of identity.

Edik Mitelman [00:00:14] It’s great to be here

Cameron D’Ambrosi [00:00:18] It’s so great to have you really excited for this conversation. I think, you know, the mobile space in particular, the resulting analytics that are flowing out of that space and you know, what we can do with those is becoming increasingly important. Privacy, obviously, on the rise from a regulatory perspective, from a consumer expectations perspective as well. So, I think both of those secular trends really, really pushing, you know, brands globally to understand how and what they need to be doing to meet those new burdens. So, before we get into all of that, you know, if you’ve listened to the show that I’m fond to understand just a little bit about your background as a guest and as I like to say, what that road into digital identity was for you. So, would you mind giving us just a little bit of your life story, how you came to get bitten by that digitally identity digital identity bug, so to speak?

Edik Mitelman [00:01:18] Yeah, sure. So, I’m based in Israel as an upstairs and Israeli company, so that makes sense. I started as an engineer, as a software developer pretty much in my high school, even slightly before as everybody else here, pretty much I served in the Army and in the Army. I kept writing code and then at some point I got bored, and I got tired of writing code, and I was kind of looking for what should I do? And I pivoted to product management, and it was somewhere around 27, like 2007 where product management was not yet defined even as a profession, at least not here. So, I was doing product management without knowing that I’d do it, but then it became a career and I love it. And so pretty much since then I’ve been in different product management roles. I was an entrepreneur myself. I worked for startups, I worked for Mean companies and before a player for five years, I was at Autodesk, which is actually a San Francisco based company, and I was leading the Israeli site for Autodesk, doing, you know, managing engineering. PM everything that it takes and leading the AutoCAD mobile product. And then for the last two and a half years, I’m in apps like This is my Control. And here when I joined it actually happened. I think by chance the whole privacy shift happened that you mentioned specifically was Apple and the ATP and all kinds of regulations and everything. And we started to kind of the market. It was a perfect sphere of things without with our vision evolving and the market thing happening and the regulations and all of the changes and this is when we came up was the privacy cloud. And this actually became part of our vision and our mission. And I got the honor and was super happy to take on as the leader of that in the in the company alongside of course all of our C levels and our CEO and everybody else. So, I was I just happened to be here in the in the right place at the right time when privacy became a big thing in the industry and now, I’m here.

Cameron D’Ambrosi [00:03:45] Fantastic. And you know, for our audience that maybe isn’t familiar with AppsFlyer and what your role within this digital identity space is, maybe we can do a quick, you know, 15,000 foot hit on AppsFlyer and then dive into, you know, this privacy cloud in particular and well, I got a bunch of follow ups there after that.

Edik Mitelman [00:04:03] Yeah, sure. I’d love that. So. Upstart was established 11 years ago or so to solve a problem which is somewhat similar to the problem solving today, where you had networks and you had advertisers, but you had nobody that connected between them, and you had nobody to help advertisers to properly measure and run their marketing campaigns. It was like early 20 tens. The App Store was a new thing, and the iPhone was a new thing. The entire mobile thing was new, and people wanted to start advertising on mobile. But it was very hard because attribution was broken on mobile, because unlike on the web where you have cookies and you can just attach anything to a URL follows you on mobile, you are going through an app store beat, an Apple App store or Google store. It doesn’t matter, it breaks. So Upload was performing attribution and is performing attribution till this day, which is basically if I if I think of the simplest level connects, clicks and installs and tells the marketer which clicks or which campaigns led to this specific install to this specific event in the app, to this specific purchase, and eventually you can calculate LTV across and all of your crucial business metrics because of that connection, right? So, it evolved from just simple attribution to various different products, which we have it up later that really helps marketers and brands to grow, right? From fraud protection to predictive analytics and creative analytics and any type of platform measurement. Now, we don’t just do mobile today. We are also measuring CTV and the web and cross-platform adventures and user journeys, and we are able to provide the advertiser with the full picture of all of their channels and sources in one place for them to make smart decisions on where to put the budget or which campaign to kill, which campaign to start, which creative worked and which didn’t. And this is a space called MMP Marketing Measurement Partners. So, there are like four or five of us in the world really who have certified them on the big networks like Facebooks and the Googles of the world. They have this MMP program, and you have to be certified by them to be in them. And B and we are a market leader in in the space.

Cameron D’Ambrosi [00:06:34] And can you speak to a little bit about, you know, what the shifts in this space have been that have precipitated, I guess, the need for the rise of platforms like app flier? I think for folks maybe on the outside looking in, it’s always been a bit of a presumption that, you know, as an advertiser, as a brand, as someone who has an app, it’s really easy or straightforward to kind of understand, like who saw my ad, who opened my app, who downloaded my app, who has an account with my platform? What’s the current state of that space? And how have these trends been impacting the ability to kind of capture and measure these datasets?

Edik Mitelman [00:07:16] Right. So, I think from the inception of the Internet, the entire industry started to take a drug. And this drug is called user level data, or in the mobile space, you can call it device level data. And this is what the cookies were built for, and this is what the entire Internet for any device, any platform was using. Ever since, you always could have looked at a user. Where did she come from? What did she do? And then on the API level, like in some sort of data warehouse or system, you would collect all of it together and then get reports. And then by these reports, by these analytics, you would make decisions. Nobody really needed user level data. None of us like if you a marketeer, you never make a decision based on one single user, right? You don’t care if it’s Cameron or everybody looks at parts of the way to build these cohorts was always based on user level. So be it. Cookies on the web or device, ideas on mobile or emails or phone numbers. It doesn’t matter. You had that identifier, and everybody would happily share these identifiers between each other to create connections, to create user journeys, to create parts and graphs and the privacy changes. And as always, the regulators come in a good, decent few years late to the party. But they came, and this is what is now being treated as user tracking or all kinds of bad rep that these practices get because essentially PII right. Personally identifiable information is being shared between different parties, not necessarily with the right level of consent by the end user or by the owner of the first party data. And this is really what the whole story is about. How can you collaborate on data, shared data between parties? Because again, this is how the Internet works, and it will never change. But how can you do that by preserving end user privacy, by keeping PII private and safe, by not exposing data you are not allowed to expose, by not getting consent or approval from the end user to share this data. And then GDPR was the first kind of category in the coal mine, if you will. But then it evolved a lot since that, right in Europe you have a lot of different policies, not GDP. Here in the States, you have the CCP, and you have copper for kids in China, you have people in Brazil, you have something else. Now, in the States, every state pretty much tries to come up with their own something and it all comes to regulate and answer questions about what can and what cannot be shared between parties and how, of course, this hinders the entire ecosystem. And it’s not just for mobile. It started with mobile because of Apple and the ATP, but Google announced they will kill cookies and Chrome a while ago. They keep pushing it the way right now. Probably its they say it’s 2024, but the industry is waiting for it for a while now and everybody is trying to prepare themselves to the post cookie apocalypse. Whereas we believe and many others believe that this is not an apocalypse at all. This is rather an opportunity for change, to build it in the right way without using utility at all. So, we believe I personally believe this is our vision. This is what we share with others, that utility and user experience can and should be maximized with privacy. And there is this paradigm that says if there’s a tradeoff, you’re either private or you can provide great user experience. And that’s a bad practice because then you’re looking at it wrong. We believe and we build products, and we work with others in the industry to enable maximize maximizing both privacy, security, and experience for end users.

Cameron D’Ambrosi [00:11:41] So is it safe to say that, you know, you feel you’re enabling platforms to pursue much more of a first party data strategy as opposed to a third-party data strategy? You know, we saw with the proliferation of cookies to your earlier points that I think companies and platforms had gotten used to being able to go out into the open marketplace and just buy information oftentimes meant maybe for people who had not interacted with the platform, had not opted in to sharing their information. And we’re seeing increasingly brands pursuing a first party data strategy where they’re relying purely on consent to data that that customers have trusted them with. Right. Because to your point, I don’t think privacy has to preclude providing a good user experience. In many cases, it’s about making sure that the person whose information you’re capturing knows that you’re capturing and says, yes, I would like you to do that. And when businesses have the opportunity to explain to customers, hey, I’m going to pay attention to X, Y, and Z things you do on the platform, and then I’m going to use that to provide you with a superior experience to recommend products that you like, to make your user experience less friction filled. You know, by and large, most people consent into that. So, I guess that’s a long-winded way of saying, you know, do you see this this shift from third party data to first party data continuing? And do you see that as a key driver of your business?

Edik Mitelman [00:13:09] So I think it’s a little bit of both. First, definitely first party data strategy is a must. Now, having said that, it was a month before too, but some companies, as you rightfully mentioned, sort of neglected it because it was very easy to build lookalike audiences and to rely on different networks and graphs that would just give you users that are not yours. Right. You would go on the big ad network, and you would say, I want Tip. I’m a shoe company. I want people who like shoes. And you would get them not because they bought shoes on your property or liked your shoes, but because they needed it somewhere else. Right. That’s how targeting your store. Now, this becomes a bit harder these days. And we do see it in the stock of different companies who rely on these advertising networks. Right. So, of course, first party data must be top priority and top of mind for the CMO of the brand and for the data people of the brand. And they must look at that. But it’s not enough to get first party data. The most important thing is how do you activate it? What do you do with it? How do you leverage it to run great marketing to optimize your business KPIs, raw cell TV to increase and grow your business and provide the best user experience. And this cannot be done without third parties at all. So, you still need the third-party data strategy, but in the privacy preserving collaboration way. Right. So, when you marry the two, when you have a very strong, solid first party strategy and you collaborate with the right partners in the privacy preserving way on their data, on third party data, this is where growth really lies, and this is where it’s not just today. Like this thing is not a trend. This is not something that we just need to wait somewhere underground for a year and this will pass by know this will become stricter and stricter. Just look at the FTC. Look at everything that happens, like how many companies are getting checked on or punished by different watchdogs across the world. And this will become harder and harder. So, the earlier you start to do right, the better chances you have of growing your business, of succeeding and beating your competition, of which who might not do that in the right time.

Cameron D’Ambrosi [00:15:45] And in thinking about, you know, where the market is, obviously it feels as if there’s still somewhat of a false dichotomy that I think many executives might hold, which is, you know, I can either have successful growth of my platform or I can meet these looming, you know, data privacy requirements. I tend to agree with you that, you know, this is this is a false dichotomy, right? That that privacy and respect for consumers preferences and compliance with regulations like GDPR does not have to be at the expense of growth and in many ways, pursuing a strategy that lets you be compliant can actually unlock a lot of value by putting the customer first and their needs first. How are your customers responding and how are you finding the best ways of kind of talking to DPOs or data privacy officers, getting them to work with their product team and then maybe breaking down some of these walls internally that have hindered some of this thinking around the net positive that these types of privacy preserving data approaches can yield for organizations.

Edik Mitelman [00:16:57] So that’s an amazing point. And then the great question we are this is so nascent that we are still in the market education phase, right? And if we think about the famous Crossing the Chasm graph, we are still as an industry, not as a player. We’re still in the early adopter’s kind of phase. I’m part of an IAB working group which looks at data cleanrooms in general and given has a day at the clinic where there and we are participating, we’re trying to standardize it. And one of the researchers that was just published recently says that only about 15 or 20% of the of the brands even consider a clean room, which is currently the way to go to keep working, keep growing, keep doing everything you’re doing and still preserve privacy. So definitely the marketing space is still in the learning and education phase. And every customer I meet, every time I meet, it’s always like first explaining the need and explaining what it can do, explaining why it’s working. There’s a lot of math and cryptography behind this, right? This is not a mumbo jumbo, so people are kind of scary scared sometimes of it like, oh, this is very complex tech. I don’t get it, but that’s okay, because the whole point of it is brands and GPOs and CMO’s don’t need to solve it themselves. They have companies like UPS Flier out there who make it almost plug and play. Like it’s pretty easy to onboard and pretty easy to start using a clean room if it’s built in the right way and if it meets the needs and the requirements of the legal and the privacy teams of that specific brand. So, there’s nothing to be scared off. Rather, it’s something that you should just try. Right. So, it takes an of an attempt like, let’s see, what can you do for me? And more and more, I see inbound requests. Like a year ago, I was going around places, talking at meetups, conferences, etc. I would say data clean room, and people would look at me like, isn’t this something from the medical or chemistry classes? Today there are full day events and there is like everybody has a clean room today. Every company now launches their own clean room. If you’re in the space, there is no day good that goes by without the new cleaner popping up. And this all happened within the year, right? So not the changing style of adoption, but still for a piece of new tech to get into a new market so fast. This is pretty incredible. And this is a validation that this is probably something that everybody needs. But I would say 2023 is the year of adoption for this technology and for the solution. I do hope that during this year, much more CMO’s and GPOs within the brands and I both besides outside, will familiarize themselves, will educate themselves on that and will be willing to find the right solution for their business. And this will definitely give a good kickstart for if it’s going to be a mass adopter and I am sure it will. And this is the year.

Cameron D’Ambrosi [00:20:16] That’s fantastic. I hope you’re right. I think all signs point to this trend continuing. Certainly. And I certainly think this is a trend we see across the broader identity space, which is in some ways, you know, the lack of preparedness of the existing org structures within most brands to kind of handle this new landscape we have ahead of us. Oftentimes, I’m speaking with buyers about, you know, other products or verticals within the digital identity space. And there just isn’t a role that really encompasses what some of these things need to tackle, right? In many cases, we see companies spinning up. You know, chief identity officer roles to kind of start thinking about these broad tentacles that identity often has. Right, because it’s sitting at the top of your sales funnel before someone even comes into the platform. It’s guiding your onboarding, it’s getting your authentication processes, it’s guiding your authorization processes, your customer identity and access management processes. Not to mention the regulatory components, you know, data rights requests and post-sale attribution and all sorts of fun stuff. So, I’m very curious to see how organizations respond to this. I certainly share your optimism with regard to the fact that it seems like more and more brands and companies are catching on, understanding that they need to put someone kind of in the catbird seat, so to speak. Right? You need one person who can be responsible thinking about these issues holistically and not let the traditional org chart that kind of breaks things up into these traditional silos. You know, okay, we have our compliance team over here, we have our product team over here and never the twain shall meet. That’s just not going to cut it in this new environment. So, all that being said, you made a great prediction for what we can expect to see in 2023. What are your other expectations regarding, you know, this privacy landscape as we look to the year ahead?

Edik Mitelman [00:22:22] So I think as I as I mentioned, it will become stricter, and it will become broader. We see all the main platforms, of course, led by Apple and now Google. They already announced a few things, and they have there they started from a web, but it’s coming to mobile as well. They’re also changing the rules of the game. But I see a lot more of the platforms changing. There’s a great initiative proposed to W3C coming from Meta and Firefox and many other companies that is called IP private attribution, Interoperable with attribution. So many, many, many companies. The best minds in the in the tech system, in the in the tech part of our industry, of the marketing industry or the advertising industry are all effort you it’s definitely I just I’m passionate about it just even just because I see how so many brilliant, bright people are trying to solve this problem. Right. This is not I mean; we are not making the world a better place or something. But still, you see a lot of people putting their heads together, forgetting about competition, in many cases, forgetting about that these two companies are competing or these two companies are competing. We’re all getting together to solve it because, A, it’s a hard technical problem to solve. It requires cutting edge and sometimes not scalable, yet algorithms coming from the academia, right. Second, it needs this education. I don’t believe there is a one. It’s a one market solution. There will not be one clean room to rule them all or one privacy, something to rule them all. It’s just impossible. So, there will be many of them. And the ones there are many of something. You must have interoperability. Otherwise, each and every one of them will build their own walled garden and will try to generate their own network effects should the hindrance and the problems of advertisers. Right. So, if we if I put my product management, how can they say customer obsessed, right. This is what all the companies try to be. So, if our customer as an industry is the market here, let’s make it simple to them. And making it simple to them means don’t make them buy them different clean rooms because of their supply side uses ten different cleaners. Let’s all work together. Let’s all put our brains together and let’s create an interoperable network where the market you will choose whatever they choose for pricing reasons, for tax reasons, whatever. But once they choose one solution, it will work with the rest of them. Otherwise, it will remind us, I think at the early mobile days with the GSM and different other protocols, and you would be able to have connection here, but love connection here. Same thing about the early days of the Internet, whereas before it became the standard. So, we must have a standard and we must have interoperability. Otherwise, it will be a hot mess. And I really like as an as a leader in the space, as an executive in the space, I would hate that because I would hope that in 2023, we can step on the shoulders of the Giants and just learn from these tectonic shifts that happened prior to us. The iPhone revolution, the Web 2.0 revolution, whatever. We’ve been there. So, let’s learn from it and let’s not repeat our mistakes from the past. So, this is what I would hope to see this year, other than just adoption.

Cameron D’Ambrosi [00:26:08] Amazing. I couldn’t agree more. And I remain, you know, extremely, extremely excited about the future of this space. And, you know, companies like yours that are helping to push this narrative that, you know, the sky is not falling. And, you know, privacy does not have to be a zero-sum game if you will like. The only winners are not going to be regulators with brands and consumers losing out. I guess to bring it to a close here. Opportunity for what I like to call shameless plug for, you know, whether it’s product managers, whether it’s investors, anyone else who is listening, who is extremely excited about what you have shared and wants to get in touch to learn more about the platform, what’s the best place for them to go to reach out to you as well as to learn more about the platform?

Edik Mitelman [00:27:01] Yeah, thanks. So first I would say even before reaching out is don’t treat privacy as a necessary evil. Stop treating privacy as a problem you need to solve. Rather, look at that as an opportunity, because it really, really is. Your customers will appreciate that. Your end users will appreciate. Your investors will appreciate that. The market will appreciate everybody. Use it, use it, write it. Join. It’s not a revolution. It’s an evolution. So, join this early and I can assure you that you will benefit and profit from it. So, the negativity about privacy must change and it should become a positive. And we should all look at that as like, of course, privacy for sure. Now, we should use these in these products to make it work. And for the product side, I would really welcome people to reach out. To me personally, it’s not middlemen at upside dot com. Pretty easy or connect from LinkedIn magic middleman and also visit Napster dot com and you can read everything about our privacy cloud solution our data clean within it. We have many happy customers using it today. It’s not a dream, right? It’s a commercially available product and it serves different use cases for different types of activities. So really come look, listen, learn, and then make the right decision, which hopefully is using up player. But even if you don’t choose as much to choose somebody else, as long as you’re doing privacy and you’re doing it in the right way, I’m happy.

Cameron D’Ambrosi [00:28:35] I love it. Fantastic advice. Thank you so much for your time. I think this is an area of intense interest that’s only going to continue intensifying. You know, the people who have already kind of discovered God, if you will, are going to continue preaching. And I think there’s masses of unconverted that still need to be brought on board. So, looking forward to circling back with you sometime soon to check in on progress in and see how we’re doing. Thank you again for the time. Greatly, greatly appreciate it.

Edik Mitelman [00:29:07] Yeah, absolutely. Thank you so much for the opportunity. And I’d love to talk to anyone about this. Harrison and.

Cameron D’Ambrosi [00:29:13] Amazing. Well, I appreciate that. And hopefully all of the messages you get from my audience will be polite in nature. You’ll hear from me if they’re not.

Edik Mitelman [00:29:23] I hope so.

Cameron D’Ambrosi [00:29:25] Thanks.


Explore The Podcast Library

Episode 343

In the latest State of Identity podcast, hosted by Cameron D’Ambrosi, we’re joined by Laura Spiekerman, co-founder and president of Alloy, a global identity risk solution for financial services and a Liminal 2023 Company to Watch. We’ll discuss its pioneering role in the orchestration-centric approach to Digital Identity in Fintech. Spiekerman delves into the challenges Alloy addresses in the fintech space, where compliance and fraud often hinder innovation. Join us to explore the evolving landscape of digital identity in Fintech, trends in fraud prevention, and the critical intersection of customer experience and security.

Episode 342

In the latest episode of the State of Identity podcast series, we delve into the ever-evolving world of customer identity and access management (CIAM). Join host Cameron D’Ambrosi from Liminal as he sits down with Brian Pontarelli, the founder and CEO of FusionAuth, to explore the exciting developments and challenges in the realm of passwordless authentication, user data management, and the quest for seamless transitions in the digital landscape. Bryan shares his expertise and unique perspective, shedding light on the fascinating journey of FusionAuth and its pivotal role in this dynamic landscape. Tune in for a thought-provoking discussion that promises to expand your understanding of CIAM and its critical role in the modern enterprise.

Episode 341

Tune in to the latest episode of the State of Identity podcast series, where Data Security expert Shane Curran, Founder and CEO of Evervault, dives deep with host Cameron D’Ambrosi into the intricacies of data security. Discover why basic encryption methods aren’t enough, understand innovative data security strategies that ensure functionality, learn how encryption safeguards AI model training without compromising customer data, and grasp the significance of prioritizing current cybersecurity threats over quantum computing concerns.

Episode 340

In the latest episode of the State of Identity podcast, host Cameron D’Ambrosi is joined by Gadalia Montoya Weinberg O’Bryan, an ex-NSA crypto mathematician and the Founder and CEO of Dapple Security. Learn about Gadalia’s remarkable journey from the National Security Agency to the forefront of identity-focused cybersecurity. Learn about the limitations of current passwordless approaches, particularly in scenarios involving lost or stolen devices, and delve into the crucial distinction between authenticating the user behind the device rather than the device itself. Gadalia introduces Dapple Security’s unique solution, which involves generating an on-demand passkey using a user’s fingerprint—emphasizing the company’s commitment to user privacy by avoiding the storage of biometrics on the device or in the cloud—and how this approach is a key element in enhancing overall security posture.

Episode 339

In this episode of the State of Identity podcast, host Cameron D’Ambrosi talks with Eric Olden, the co-founder and CEO of Strata Identity. Join us as they discuss the challenges faced by today’s multi-vendor/multi-cloud enterprise technology landscape and how forward-looking executives view identity as an opportunity, not a cost center. They also delve into the importance of moving towards passwordless authentication and the role of identity orchestration in addressing these challenges.

Episode 338

In this episode of the State of Identity podcast, Liminal host Cameron D’Ambrosi and Justin McCarthy, the co-founder and CTO of StrongDM explore the dynamic landscape of digital identity and access management, addressing the challenges and trends that shape the industry. They talk about what it means to move towards a “credential-less” world and discuss the complexities of authentication, authorization, and the role of proxies in bridging old and new technologies. McCarthy highlights the imperative for convergence among various tools, including the essential role of AI, providing a unified approach to access control, governance, and policy enforcement.

Filter by Content Type
Select all
Case Study
Filter by Category
Select all
Customer Onboarding
Fraud and Risk
Growth Strategy
Identity Management
Market Intelligence
Transaction Services