Twenty Questions: Zero-Party Data Edition

What is zero-party data? 

Ask ten people (well, not ANY ten people; ten adtech dweebs) and you’ll get ten different answers—along with some medium-to-heavy ridicule. 

Zero-party data is still a relatively new concept (having been coined a scant three years ago), and adtech likes to take its time settling into new ideas. Just ask the CDP people.

But zero-party data probably is a thing. I used to scoff at the idea myself, but when Apple and Google started seriously investing in on-device digital marketing features like Hide My Email and Federated Learning of Cohorts, I accepted that first-, second-, and third-party data were no longer sufficient to describe what was going on. 

The world of tech is working hard on zero-party data use-cases, which means that marketers will need to confront the concept head-on within a few years.

Is This Really Just a List of Questions?

Yes! My aim here: if we can’t yet agree on exactly what zero-party data is (or whether it’s a legitimate concept at all), perhaps we can at least figure out the relevant criteria to debate. Think of this as a very sad game of twenty questions.

In all seriousness, when I encounter disagreement on what “zero-party data” means, the following seem to be the key questions that are shaping people’s definition of the concept.

Now let’s play! (And TBH, this really isn’t a game of 20 questions but more like seven.)

1. Who Originated the Data?

Must zero-party data originate from the data subject (say, a person filling out a form), or might it originate from elsewhere such as a company with whom that person has a relationship? 

For example: If a company resolves my ZIP code based on observing my home IP address, is that zero-party data, or is it the company’s first-party data? Do I need to actively provide my ZIP code to the company (i.e., be the originator of the data) in order for it to be zero-party data?

2. Where Is the Data Stored?

In my opinion, this is the most important question of all. I happen to think of zero-party data as existing either on a person’s device or in some other environment where access from the outside can be strictly controlled, which turns much of the architecture of adtech and martech upside down. 

The best example I’ve heard along these lines is from Michael Ogunjobi of Permutive who explained in 2020 that when you use your fingerprint to unlock your iPhone, your fingerprint is stored only on your phone and not in an Apple data center.

However, if you think of zero-party data as basically declared data, then the location of that data isn’t as relevant.

3. Does Zero-Party Data Have to Be digital?

I know my favorite brand of athletic shoe is Nike, but if that information is only in my head, can it still be zero-party data? Or does it only become zero-party data when I explicitly supply the answer in one of those YouTube surveys? Or if Zappos infers it by analyzing my purchase history?

4. Does the Data Subject Know the Information Contained in the Data?

I don’t know the exact balance of my checking account. My bank has it on file, though. Is my bank balance my bank’s first-party data about me, or is it zero-party data because it’s my money? And does it matter that I don’t actually know what my balance is?

5. Is the Data Factual / Literal or Observed / Inferred?

My web browsing history is what it is (at least until I clear it). My Mac contains a factual, literal record of the sites I visit. Something like Federated Learning of Cohorts, however, would use this factual basis to derive an ID matching me with people with similar browsing habits. 

Is one or the other (my literal browsing history or the derived FLoC ID) zero-party data? Both? Neither? Is the difference material to the debate?

6. Can the Data Be Revoked?

Can the subject of a piece of data unilaterally revoke, delete, or change said data? Meaning: who really owns the data? If I control it, then no matter where it’s currently residing, it is, in practical terms, very much my data. The power to revoke essentially correlates to ownership; a data custodian such as a consumer brand or an adtech platform is essentially just “borrowing” data that can be revoked at-will.=

Apple’s Hide My Email feature is as close an example to this as I can think of. The burner email itself can’t be revoked, but access to the end user sure can.

7. Can Data Be Simultaneously Zero- and First-Party?

Take a basic data point like my gender. In a perhaps zero-party state, I know I’m a male. In a first-party state, Facebook knows I’m a male. And then perhaps in a third-party state, Axciom thinks I’m male.

Is my gender the same data point existing in multiple states simultaneously? Clearly not. It’s different data points residing in different places that happen to be consistent with one another. If I change the gender on my Facebook profile, my actual gender does not change.

I’m sure there are other ways to debate the “same data, multiple states” question, but it doesn’t seem clear-cut.

Food for Thought

Food for thought is all this is. Rather than leap to my own prescription of what zero-party data is, I wanted to establish some terms of debate. Because every time I see an unsatisfactory or partial definition of zero-party data, my main takeaway is that the definition simply didn’t take account of all the things zero-party data might or might not be. 

So even though this was just a list of questions, I hope it was helpful.