audience targeting, Data Quality, cookieless, data transparency, identity, data onboarding, data enrichment, first party data, third-party data

Let's Stop Talking About Second and Third-Party Data - It’s All Non First-Party

By: Eyeota

It's all non first-party

Late last year, Kristina Prokop sat down with Project A’s Florian Heinemann for a general chat about Kristina’s time with Eyeota. One of the subjects that came up was the importance of first-party data and the confusing terminology that surrounds the three main data types.

That exchange turned out to be one of the most popular excerpts from the interview, so we thought it was worthwhile to provide you with a refresher on what the terms, first-, second- and third-party data actually mean.

After that, we’ll talk about why we should change the terminology to be more transparent and why the distinction between first-party and “non first-party” is the only one you need to worry about.

The data types

Let’s start with first-party data — data that a business collects about its own customers. For example, think of a sports retailer that keeps transaction records for customers who belong to a loyalty program.


The sports retailer is the ‘first-party’ to have access because the data source is their own transaction records. Simple enough.

It gets more complicated with “second-party data”. This is data obtained from another first-party data owner. For example, the sports retailer might buy data from a closely aligned business such as a fitness supplement retailer.



The fitness supplement retailer has sold their customer data to a second-party — the sports retailer.

Then, we have the most talked-about type of data source: third-party. A third-party transaction is where a business buys or licenses data from one source and uses it to provide services to another business — services such as data enrichment and activation on online advertising platforms.

This is essentially what data brokers do.


So if you buy or license data from a data broker, you are a third-party to the data. The data owner has sold it or licensed it to a broker, the broker gives you the right to use it, and you are the third link in the chain. Of course, there can be many more hops in the chain of transaction until it gets to you. But is the third-party distinction helpful?

Why the distinction isn't useful

Consider the example of second-hand clothes. Let’s suppose you knit yourself a cardigan but realize that it’s a little too small. So you decide to give it to your friend who likes it. He knows that it has already been used — it’s “second-hand”. Later, your friend callously donates the unloved cardigan to a second-hand store. Now, if a third person buys it, that cardigan is still “second-hand” not “third-hand”. That person doesn’t know how many owners the cardigan has had, just that they aren’t the first person to wear it.

Perhaps you’re asking where we’re going with this. It’s this: the distinction between second-party and and third-party isn’t that important. If we use the euphemism for “second-hand”, we can say that both types of data are “pre-owned”. We as an industry really need to move to just talking about first-party data and non first-party data (I’m not sure if “pre-owned data” will catch on).

We’ve historically distinguished between second- and third-parties to signify the level of trust. It is easier to trust the data’s original owner than a broker. You might have questions about quality and legality. Are you buying accurate data? Are you buying data that was stolen? Nowadays, there’s no reason to believe that third-party data is inherently less trustworthy than second-party data. It’s a lot easier to verify the quality of data that’s had several owners.

For example, if you buy an expensive collectible item, you always get a certificate of authenticity that is passed on from owner to owner. And we now have a similar mechanism for data.

Last year, Eyeota received a certification from Neutronian — a company that provides the industry’s most comprehensive independent data certification. We also received IAB's Data Transparency Label which is designed to give every marketer, agency, data provider and publisher a clear view of the audience segments they use.

So, when buying data from someone else, it doesn’t really matter if it’s their own data or if they bought it. What matters is how it was collected, what methodology was used and whether it was collected in a privacy-compliant fashion. Which is exactly what these certification providers check for.

After all, it’s in everyone’s interest to build more trust in non first-party data. Without it you can’t really scale because the insights that you can get from first-party data will only take you so far. If you want to build a highly-scalable marketing or branding strategy, you’ll eventually need to take a leap of faith and bring in outside data sources to enrich what you have already. When you do take that leap, there’s no need to wonder if your provider is a second- or third-party — just make sure where the data has come from is transparent.