In the two years since the Trustworthy Accountability Group got off the ground, the industrywide fraud-fighting coalition has received more than 350 applications from companies within and outside the United States for TAG registration to get verified as a trusted partner.
As of this time last year, the registration count was only about 100 mostly US-based companies.
Part of that precipitous uptick is thanks to nonnegotiable nudges from Procter & Gamble and the Interactive Advertising Bureau.
In January, the industry’s favorite firebrand, P&G Chief Brand Officer Marc Pritchard, explicitly stated that the CPG won’t work with any digital media partner that doesn’t take steps to get TAG-certified against fraud this year.
And starting next June, TAG registration will become mandatory for all current IAB members, while new members will be required to register as a precondition for joining.
“It’s a busy time for us,” said Mike Zaneis, TAG’s CEO and president. “We’ve hit an inflection point.”
Companies that register with TAG are required to undergo a background check and provide documentation that proves they’re a legitimate business and not a fly-by-night operation. Having gone through that process, registered companies are able to apply for TAG seals, including badges for anti-malware, anti-fraud, anti-piracy and inventory quality.
Zaneis is realistic about fraud fighting. The war is winnable, he said, but the ramparts can’t ever come down. The barbarians will always be at the gate.
“We obviously need to get a step ahead of the criminals – and then try to remain a step or two ahead,” he said. “But there will always be dark corners of the ecosystem where unscrupulous actors will continue to operate. The key is making sure that the smart money doesn’t go there.”
Being smart also means sharing information about threats with each other – advertisers, agencies, ad tech vendors and measurement companies – as well as with law enforcement. Since late 2016, TAG has had formal partnerships in place with the FBI, the Department of Homeland Security and the Department of Justice.
TAG houses several data-sharing hubs for members, including a place where companies can pool information about malware attacks and sources of nonhuman traffic, which, in theory, can then be passed along to the feds.
“The brass ring we’re reaching for is one day soon to be able to share that type of intelligence with law enforcement so criminals can actually be hauled off in handcuffs,” Zaneis said.
The question of whether law enforcement has an appetite for these types of cases is another story. But, recently, a precedent was set.
Last week, in what was hailed as the first-ever trial focused on click fraud, a Brooklyn jury found Italian national Fabio Gasperini guilty on one misdemeanor count of compromising a computer system for which he received the maximum penalty: 12 months in prison (which is cancelled out by the 13 months he spent in pretrial detention), 12 months of supervised release and a $100,000 fine. He was acquitted of felony cybercrime charges.
Although TAG wasn’t directly involved in bringing Gasperini to justice, the case is evidence of increasing scrutiny from law enforcement.
But for the moment, TAG members are doing what they can from a self-regulation perspective.
Publicis Media, an early member of the TAG initiative, regularly contributes to the group’s master list of data center IP addresses, which first rolled out in 2015 built off the back of Google’s extensive data center block list.
As a large media agency, Publicis has direct relationships with numerous supply sources and a substantive and always growing internal list of IPs that it’s flagged as fishy or identified as clearly fraudulent, said Nicole Cosby, VP of media tech standards and partnerships at Publicis Media.
“It’s a giant repository that any TAG-registered member can use to do a cross-check for whatever campaigns they’re running,” she said.
While that “might sound rudimentary,” said Cosby, who also sits on TAG’s leadership council, “it’s a very important start.”
“This is a good-faith effort to bring this information together and contribute to something tangible,” she said. “Our voices are being heard and our input is being quickly put into action.”