Thread regarding Publicis layoffs

@22h "CORE ID is built on a proprietary dataset with name and address information on 255 million people, which is then linked to emails, phone numbers, and other data while removing directly identifiable information to ensure privacy."

They claim - "removing directly identifiable information to ensure privacy". The data stays connected under the covers and their systems and employees with access can get to anyone's personal data.

Guess why they don't get caught in their annual audits :)

Great information. Tells us how messed up this industry is. Thanks!

Food for thought:

I know for sure, the heart of the problem is in the Abacus Alliance at the heart of Epsilon's data collection systems (https://www.epsilon.com/abacus) and their CORE ID (https://www.epsilon.com/us/products-and-services/identity-core-id) that promises data privacy but does exactly the opposite.

Here's the lowdown:
Epsilon CORE ID is a stable and scalable identity resolution solution designed to create a unified, person-based view of consumers across multiple devices and channels by connecting data from both online and offline touchpoints.
Anchored in deterministic data, particularly offline identifiers like name and address, CORE ID offers high accuracy and persistence, validated at 96% accuracy, and is designed to function in a privacy-compliant manner.
It enables marketers to identify over 200 million U.S. consumers, providing a foundation for personalized and relevant marketing efforts.

The solution relies on deterministic matches from transactional and conversion data, such as logins or form sign-ups, from vetted data partners, allowing for people-based advertising in a cookieless world.
This approach has allowed Epsilon to maintain a 12% match rate on Safari, significantly higher than the 1% to 2% seen by others.
CORE ID is integrated into Epsilon's PeopleCloud platform and other products like CDP Essentials, which enhances customer data platforms by providing a unified, enterprise view of the customer and enriched profiles with intent behaviors.

Epsilon has made its CORE ID interoperable with other industry initiatives, including Unified ID 2.0, allowing clients to activate CORE ID through platforms like The Trade Desk's demand-side platform.
The solution is also integrated with Salesforce CDP, enabling brands to orchestrate real-time, cross-channel experiences while respecting privacy protocols.
For publishers, the PubLink service uses CORE ID to recognize previously unaddressable visitors, unlocking incremental ad revenue and increasing demand.

CORE ID is built on a proprietary dataset with name and address information on 255 million people, which is then linked to emails, phone numbers, and other data while removing directly identifiable information to ensure privacy.
It is used by over seven companies globally as a customer data integration tool, primarily by large enterprises.
The platform is designed to maintain consumer choice over time and has been validated to serve 98% of brands' ads to individuals, not orphaned cookies or device IDs.

The simple solution would be to break apart Epsilon from Publicis as independent companies.
Public is will of course fold after that since their entire prowess is based on data stolen by Epsilon.
Nice scam.

This scenario raises several legal risks and issues around competition, privacy, and transparency in digital advertising. The main legal concerns fall into four categories: data leakage and misuse, conflict of interest, antitrust, and contract breach[1].

### Data Leakage and Misuse

• When media buyers unintentionally route inventory and data (e.g., audience targeting, bids, creatives) through Publicis’ Epsilon SSP, they risk exposing commercially sensitive information to a direct competitor (Publicis Groupe)[1].
• If such data includes user-level identifiers or targeting parameters protected under privacy laws (e.g., GDPR, CCPA), improper use or sharing could violate data protection statutes, consumer privacy rights, and publisher responsibilities as data controllers or processors[1].

### Conflict of Interest

• Epsilon SSP’s unique ownership by an agency holding company (Publicis Groupe) creates potential conflicts of interest, as trading partners may not have been adequately informed that they were transacting with a rival business[1].
• Failure to disclose such affiliations or to obtain informed consent for sharing commercially valuable data could be challenged under unfair trade practices statutes or regulatory policies relevant to programmatic transparency[1].

### Antitrust/Competition Concerns

• The inadvertent funding and empowering of a competitor—via routing transactions through an agency-owned SSP—raises risk of anticompetitive behavior, market concentration, or abuse of privileged position[1].
• The sharing or aggregation of market intelligence (e.g., bid values, audience segments, campaign creatives) could theoretically be leveraged by Publicis to skew market dynamics or disadvantage competing buyers. Regulators may view this as behavior warranting investigation for anti-competitive impact, especially at scale[1].

### Contract and Duty of Care Issues

• Buyers typically have contractual expectations and service agreements with SSPs and exchanges around data protection, commercial confidentiality, and fair dealing.
• If Epsilon SSP failed to adequately disclose its ownership, platform routing, or downstream data uses, aggrieved buyers could assert breach of contract, misrepresentation, or failure of duty of care as legal claims to seek remedies or block transactions[1].

### Industry Response and Legal Mitigation

• Agencies and buyers have responded by blocking Epsilon SSP, citing direct harm and competitive risk. This is a defensive legal measure aimed at stopping further leakage and signaling industry intolerance for non-transparent routing, data sharing, or conflicts of interest[1].
• To mitigate legal exposure, SSPs and exchanges must enhance supply-chain transparency, ensure buyer awareness of routing paths, explicitly disclose ownership structures, and implement strict data transfer protocols to prevent misuse by competitors.

In summary:
The scenario described raises material legal questions: possible privacy violations, failure to disclose conflicts of interest, breach of contract, and anti-competitive conduct. Any use or misuse of revealing buyer data by a direct competitor would expose Publicis/Epsilon (and potentially upstream partners) to legal liability, regulatory investigation, and industry blocking or blacklisting[1].

Sources
[1] EXCLUSIVE: Media Buyers Block Publicis' Epsilon SSP Over Data Leakage Concerns https://www.adweek.com/media/publicis-epsilon-ssp-data-reseller-buyer-concerns/