The Power of the Hashed Email: Mano Pillai, Chief Product Officer, LiveIntent on the Future of Privacy

Consumers use their email addresses for many aspects of their digital footprint, but we often need to pay more attention to how much information it stores and collects. Some industry experts have even described your email as a digital passport

Your email touches every app you use, such as retail, social media, newsletters, and streaming. It holds enough information to create a profile for your consumers’ digital identity because it contains your audience’s first-party data straight from the source. 

Many see email addresses as a critical component of digital media and marketing and for the future of privacy in the industry. In lieu of third-party cookie replacement, the hashed email is a strong identifier for the consumer. Since their email touches every aspect of their digital identity, publishers and advertisers, have access to a robust data set on the consumer. 

How does it comply with privacy and data ethics? 

We spoke with Mano Pillai, Chief Product Officer, LiveIntent, to give us a deep understanding of how the hashed email can replace third-party cookies. We discussed the LiveIntent platform that targets audiences in a cookieless environment, balancing revenue and data ethics, and more. 

LiveIntent’s Email Hashing Tech

Andrew Byrd: In 2009, LiveIntent created an advertising technology platform that identifies and targets audiences in cookieless environments by replacing the cookie with a hashed email address. Can you explain how a hashed email address can replace a cookie? How does this method comply with privacy and data ethics?

Mano Pillai: A hashed email address identifies users without storing personal information, like an email address in plain text. Instead, a cryptographic hash function converts the email address into a unique fixed-length string of characters, called a hash. This hash can then be used as an identifier for the user, much like a cookie.

This method complies with privacy and data ethics by not storing personally identifiable information (PII) in a form that can be easily accessed or used for malicious purposes. The hash function is a one-way operation, meaning it is practically infeasible to reverse the process and retrieve the original email address from the hash. This helps to protect users’ privacy by making it difficult for the hashed email address to be misused.

However, it’s important to note that hashed email addresses are not a perfect solution for privacy protection. There is still a risk that bad actors could match hashes to individuals with their personal information through techniques such as rainbow tables or hash collision attacks. Using strong hashing algorithms helps mitigate those risks.

A hashed email address can be an alternative to browser cookies for user identification and addressability by serving as a unique identifier for a user without storing personal information such as their email address in plain text.

This method complies with privacy and data ethics by not storing personally identifiable information in plain text, making it difficult for the hash to be misused, and minimizing the amount of data collected from the user.

Balancing Monetization and Data Ethics

AB: Many publishers and advertisers worry privacy regulations will hinder revenue growth. Yet, Liveintent’s identity solutions propose higher CPMs for publishers and better performance for marketers. How is that so? 

MP: LiveIntent provides identity and addressability solutions powered by email, the original channel built on consent that respects a user’s preferences. LiveIntent enables publishers to better understand and monetize their audiences by connecting audience signals to anonymized email addresses. In so doing, we provide publishers with more robust and accurate datasets that help publishers inform monetization strategies.

For example, when a person subscribes to a publication, an email newsletter, or an app, they consent to provide their email address in exchange for something of value to them. With LiveIntent, publishers can extend that consent to wherever readers are paying attention and deliver added value to their readers through improved offline and online experiences and performant audience or inventory packages for the advertiser partners — all while securing higher CPMs for themselves. 

Furthermore, solutions like our prebid module help our publisher partners identify which browser a visitor uses to reach a publisher’s website, including cookie-challenged browsers like Safari and Firefox. This approach enables LiveIntent to improve publisher bid density, further improving CPMs.

Tech Breakdown

AB: To my knowledge, there are four main components to LiveIntent’s identity solutions — LiveTag, LiveConnect, the Identity Graph, and the nonID. Can you walk me through the function of each piece? 

MP: The four components of our identity solutions connect user actions across the digital landscape and their encrypted email, enabling addressability. As discussed, LiveIntent is powered by and built on email, so naturally, that’s where identity resolution and addressability capabilities commence. 

LiveIntent’s LiveTags register email actions, like opens and ad impressions, served. It places LiveTags on publisher emails, creating a privacy-compliant connection between email actions and a hashed email address. So, when a person receives a publisher’s email newsletter for which they’ve subscribed, the LiveTag will register that the email was opened by email hash “dc123456789123456789123456789123,” — we’ll call them #dc32 for short — and the ad impression served. 

Our LiveConnect tag, when placed on a publisher’s web pages, connects the email reader activity on a publisher’s digital properties to an email reader via their hashed email address. The LiveConnect tag allows publishers to drive and act on insights in real time. So, our LiveConnect tag would then register that #dc32 visited the publisher’s latest article on transatlantic sailing from the publisher’s newsletter. The publisher can use this insight to add that person to a new audience inventory package, like “outdoor enthusiasts,” for instance. 

The nonID, LiveIntent’s alternative, stable and encrypted identifier, has a one-to-one connection to LiveIntent’s Identity Graph. It connects a publisher’s first-party data to the programmatic ecosystem in real time, enabling addressability across all browsers and devices — sans third-party cookies. With the nonID, a hypothetical cruise line could target #dc32, a previous customer of theirs, on the publisher’s website, for example.

LiveIntent’s Identity Graph attributes a person’s organic interaction across devices, browsers, email alerts and newsletters, websites, and mobile apps to an encrypted email hash via the nonID. With our identity graph and LiveConnect tags in place, the publisher could identify that #dc32 also read its recent articles on composting and climate change, even if the user visited the site organically and without registering for or logging into an account. The tech allows the publisher to attach more audience signals to #dc32, enabling improved targeting and monetization. 

Because LiveIntent’s Identity Graph has an extensive scale — 900mm active hashes, 25B identifiers, 10B devices — LiveIntent can also identify anonymous traffic to the publisher’s site. It enables publishers to capitalize on every signal across their digital properties — regardless of whether or not the visitor was previously unknown or anonymous to the publisher.

How-to: Choosing the Right ID Solution

AB: There are many identity solutions that publishers can choose. How would you propose a brand choose the best identity solution for their business and prepare for third-party cookie depreciation?

MP: Choosing the right identity solution for a brand can be a complex process, and there are several factors to consider. Here are some steps a brand can take to choose the best identity solution and prepare for third-party cookie depreciation:

Assess current needs and goals, including data collection and use practices, privacy policies, and the experiences the brand wants to offer its customers.

Evaluate identity solutions, such as hashed email addresses, browser-based solutions, and alternative technologies, like Federated Identity, and decide which solution best meets their needs.

Review flexibility and ease of use, such as whether the solution enables first-party data activation across channels to drive and unlock revenue.

Consider privacy and security implications and choose a solution that protects user data and complies with relevant privacy laws and regulations.

Assess the trustworthiness of the vendors offering each solution and choose a vendor with a proven track record of protecting user data and complying with privacy laws.

Continuously monitor and evaluate the performance and effectiveness of its chosen identity solution and make adjustments as necessary to ensure you meet your goals and privacy and security standards.

Liveintent’s identity solution is interoperable, and its nonID serves as a bridge to other identifiers in the bidstream. Brands and publishers can implement Liveintent’s solution and test and optimize yield through its configurable options. For example, if a brand or publisher wants to test yield using Unified ID 2.0, LiveIntent offers a configuration option to translate the Liveintent nonID into Unified ID 2.0. Essentially, the brand or publisher only needs Liveintent to optimize yield, eliminating the need for multiple identity solutions.