What is first party data?

It seems like the more it is spoken about, the more people are confused about what it is. I have had more people asking me about the difference between zero, first, second, and third-party data in the past 3 months as compared to the past 3 years.

Here goes my take on it –

Zero-party data: This is a fancy new term used to represent consented user data (PII or non-PII). In reality, all data collected should be consented to (the method of consent is a different topic). So, this is essentially the same as (or a subset of) First-party data. Zero-party data is positioned to be superior to First-party data, but there is no real difference.

First-party data: This is the most important term to understand. First-party data is user data that a website or mobile app collects/owns directly from its users after taking consent. This starts with an identifier PII (phone number, email id, etc) or non-PII (first-party cookie/GAID/etc) and then tracking user behavior on the website/app and storing it against the identifier. The entirety of this user data is called First-party data.

Second-party data: I look at this as another term introduced to confuse people. It is no different from third-party data. It can be said that Second-party data is to Third-party data, what Zero-party data is to First.

Third-party data: This is nothing but First party data that has been sold to or made available to another company (either via cookie-matching between the two companies or via 3rd party javascript/SDK/etc on the website/app). This too has to be consented to by the user. Again, I’m leaving the method of consent aside, since this is a completely different topic and requires to be addressed separately.

Now, another aspect we also need to understand is that there is absolutely no use of any data if we cannot perform a marketing action using the data. This action can be on a paid channel (ex: programmatic advertising) or owned channel (ex: email promotions, WhatsApp promotions, web-push notifications, etc). If the action is on a paid channel (ex: you are an advertiser and you want to show programmatic ads via a DSP using your first-party data), then you will have to make that first-party data available to the channel (the DSP in this case) either via a cookie-sync or by putting the DSPs 3rd party javascript on your website. So now, your first-party data becomes 3rd party data (via 3rd party cookies) for the DSP.

What happens after 3rd party cookies go away (aka are opted-out by default)? The DSP will no longer be able to cookie-sync or be able to collect your data from your website via its javascript. That leaves only owned channels for your marketing actions. That means data cannot move across websites, and data-source + marketing-channel are tied together. So, First-party data can only be actioned on advertising that’s shown on the same website.

Gourav Chindlur
CEO, Tercept Inc.

Leave a Comment