InsightsCareersGet in touch →

Privacy’s Impact on Facebook Performance

Privacy regulations are a new challenge marketers need to overcome, as platforms like Facebook are increasingly implementing their own requirements. And the results of non-compliance are dramatically impacting conversions.
Adam Lovallo
December 11, 2020

Privacy regulations are a new challenge marketers need to overcome, as platforms like Facebook are increasingly implementing their own requirements. And the results of non-compliance are dramatically impacting conversions. At Invisit, a software for e-commerce marketers to manage the privacy requirements across all marketing channels, we audit hundreds of websites daily. And over 70% of e-commerce websites suffer from privacy issues that are directly impacting their marketing performance.

Facebook Limited Data Use is the newest of these platform requirements. This privacy restriction passes the compliance burden from Facebook onto the advertisers using the platform. Specifically, Facebook requires advertisers to send ‘Limited Data Use’ signals, which provide information on whether each site visitor has chosen to remain opted-in to targeted advertising campaigns (the default option per CCPA) or if they have exercised their right to opt-out.

As a privacy management company built on e-commerce, we’ve seen a wide range of Limited Data Use implementation issues with substantial performance impacted as a result. On average, 13% of conversions are lost from privacy mismanagement, with California often seeing the most dramatic impact. And in some instances, this amount can be far higher when certain Limited Data Use signals are implemented incorrectly.

Let's walk through some of the most common issues.

No Facebook Limited Data Use implemented

The most common problem most e-commerce companies are facing is taking no action in response to Facebook’s Limited Data Use. Since this restriction is so new and Facebook has been very brief in their explanation, it's understandable that so few websites have implemented the Limited Data Use signals yet.

In our experience with Limited Data Use so far, clients see nation-wide improvements after implementing the Limited Data Use signals. This suggests that Facebook’s algorithm favors campaigns where it has full compliance information since it reduces Facebook’s own liability. By taking no action, marketers are losing out on performance uplift.

Limited Data Use firing on ALL site visitors

This is another common issue and has even more substantial performance impact. Many businesses have misinterpreted Limited Data Use and CCPA’s opt-out requirements. Under both of these mandates, site visitors are opted-in by default. They must go through the manual process of opting-out of targeted advertising.

When the ‘LDU’ signal loads in the ‘dpo’ parameter, this is telling Facebook to opt users out of targeted advertising. Many companies are doing this by default, which means they are telling Facebook to remove every site visitor from targeted campaigns.

The correct experience should be to fire an empty array in the ‘dpo’ parameter and update it with the ‘LDU’ field only when a user has opted-out (correct implementations later in this doc).

Limited Data Use working, but an opt-out mechanism is not in place (CCPA violation)

Getting closer to the correct workflow, here is an example of sites that have the Limited Data Use signals implemented correctly. However, their site visitors have no way of opting-out. While their Facebook performance is likely unaffected, this opens them up for significant liability.

CCPA carries a potential fine of $2,500 for each violation and $7,500 for each intentional violation. By implementing Facebook’s privacy signals but neglecting to provide an actual opt-out mechanism, it could be argued that this is an intentional violation of CCPA.

Everything working correctly!

And finally, we have a handful of sites that have Facebook Limited Data Use and CCPA implemented correctly. It's a rarity, so kudos to the sites that have this in place. The ‘dpo’ parameter is passing an empty array, meaning the user is still opted-in, and their site features a mechanism to opt-out of targeted advertising.

By Dean Shapero

Dean is the founder and CEO of Invisit, a software for e-commerce companies to automate privacy requirements in all of their marketing channels to protect their performance. Prior to Invisit, he led a martech software company called RADS from concept to exit. He then started Hearst Magazine's data monetization division, building it to a $15mm ARR business.

Get in touch
More insights
Why We Use Local TV News Content in Our Online Ads

We've seen surprisingly strong performance using local TV news content in our online paid ads. In this post, I provided an overview of local TV lifestyle programming and how we use that content to drive paid performance.

Adam Lovallo
How Nextdoor Compares to FB, Google, etc. as an Acquisition Channel

We (along with the entire industry as far as I know) have seen Facebook's performance decline since Apple's introduction of ATT. Over the last 12 months, we've made channel exploration and expansion a core focus.

Adam Lovallo
2021 vs 2022 Black Friday Performance on FB Ads

Our friends at Nest Commerce recently published their Readout for Jan 2023. In it, they discuss a number of trends they see impacting D2C. Their graphs comparing 2021 and 2022 performance on Black Friday caught my eye as they saw a considerable improvement...

Adam Lovallo
Thesis is a remote company headquartered in Brooklyn, NY.
© 2017 - 2022 Sheridan Media, LLC DBA Thesis
Links
BlogContactCareers
Social