Product & technology

IAB Tech Lab proposal OPJA sets a high standard for security in clean room interoperability

No items found.
Key visual with the title of the article
Written by
Andrew Knox
Published on
March 7, 2023

What is OPJA, why does standardization in retargeting matter for clean room users, and what role do Privacy-Enhancing Technologies (PETs) play? This article covers the basics of the IAB Tech Lab's new proposed standard for clean room interoperability.

Recommended reading

IAB Tech Lab recently published the Open Private Join and Activation (OPJA) Clean Room Interoperability Standard. Decentriq is happy to support this standard as a co-author. We believe that establishing such a high bar for security in the standard sends the right message for the level of protection that all Data Clean Rooms should be held to.

Decorative image of a glass-windowed building in front of a hazy sky, overlaid with OPJA proposal title

What is the OPJA and why does it matter?

The Open Private Join & Activation is a new proposal by members of the IAB Tech Lab to standardize how companies match data privately with clean rooms for activation campaigns. By proposing it as a standard, the authors are improving interoperability by establishing a common set of inputs, outputs, and privacy principles to abide by.

Standardizing retargeting with security technology

Brands, media companies, and agencies use clean rooms in a variety of ways to measure outcomes and activate audiences, and each vendor has slightly different requirements and limitations. OPJA establishes a consistent way to provide more robust security that helps standardize retargeting using a clean room with a high-security bar. Promoting this standard accomplishes several things:

  1. Clean room vendors are incentivized to adopt Privacy Enhancing Technologies because it becomes the new norm.
  2. Clean room clients (e.g. brands) have more flexibility to change clean room vendors because the data is more standardized.
  3. Publishers, SSPs, and DSPs are incentivized to build privacy features into their ad stack to interoperate safely.

The most important feature of OPJA is the data output of the system. Under the OPJA proposal, the sell-side (e.g. publisher or SSP) receives information about how each of their users should be targeted by ads by that advertiser — but that information is encrypted with a cryptographic key that only the buy-side (e.g. advertiser or DSP) possesses. The sell-side includes this encrypted label in bid requests, and then the buy-side is able to decrypt the information and use it to inform their bidding strategy. This is a reasonably strong privacy paradigm because the buy-side never learns which of their customers they were bidding on. Also, the sell-side only gets indirect information about why the buy-side is bidding, and only for bids that actually happen.

There are two reference implementations of the matching system that powers OPJA. Both are based in Privacy Enhancing Technologies (PETs):

  1. One reference implementation relies on Private Set Intersection (PSI). This is a pure software approach that encrypts raw data commutatively and carefully orchestrates how that data moves between different participants and a coordinator to keep it secret.
  2. The other reference implementation relies on Trusted Execution Environments (TEE). This is a hardware-assisted approach that encrypts raw data in a way that only special hardware designed to keep the data secret during calculation can use.

Decentriq’s Data Clean Rooms are always powered by Confidential Computing — running the entire data clean room system within TEEs, and have security properties that are comparable to or stronger than these reference implementations.

Privacy-Enhancing Technologies are a must, not an option, for Data Clean Rooms

Very few clean rooms today deeply integrate PETs into regular operation. The standard approach for many clean room vendors is to use conventional security measures, such as access control lists, passwords, contractual enforcement, and audits.

Decentriq remains one of the few clean room providers to keep all data and computation secured with Confidential Computing on top of Trusted Execution Environments at all times. As far as we are aware, we are the only vendor that enforces this in every clean room, and we always have. This protection prevents anyone from getting access to data, not even the clean room provider or cloud host — exactly the protection a clean room should provide.

We hope this standard both empowers advertisers and publishers considering using clean rooms to insist on the best privacy technology available and inspires other companies providing clean rooms to begin to adopt these technologies.


Recommended reading

Related content

Subscribe to Decentriq

Stay connected with Decentriq. Receive email notifications about industry news and product updates.