The location data industry has become increasingly complex and messy in the last few years. Issues like replay data and fake UUIDs are becoming more frequent and challenging for teams to identify. This leads to poor product performance and tons of wasted time and resources in processing bad data. We’ll provide an overview of some common issues and how to ensure they don’t impact your business.
Data Sourcing
Generally, third-party location data (“3P”) comes from applications with a legitimate purpose to track a user’s location. For example, a weather application needs to know the user’s location in order to provide that user with weather information about wherever he or she is at that time. In the privacy policy or terms of service of an application, it must openly state how location data is to be used and shared, as well as offer the opportunity for a user to opt out from data sharing. 1
The application itself contains a component known as a software development kit (“SDK”) and relays data such as GPS data and application analytics back to the application owner (the “Publisher”). A publisher collects this data, normalizes it, and when allowed, sells that data to others. In some cases that data is sold to a data aggregator who then resells it to location data providers like Unacast.
Note that in some, limited cases, application publishers will sell their data directly to an application provider like Unacast. This first-party (“1P”) relationship tends to ensure the data is of higher quality than data that flows through an aggregator. This is because it allows for more direct interaction between the buyer and the seller of the data, and it allows the publisher to optimize for quality data output. It is very rare that a single 1P application has enough data to reliably deliver the level of insights and data that most customers require. Regardless of the 1P or 3P relationship between the buyers, sellers, and users of the data, it is incumbent on all parties to ensure that consent is collected, and that data meets ethical standards. At Unacast, we work with 12-15 data vendors at any given time — vetting them for quality and privacy — and striving for a balance of 1P and 3P sourcing. This deleverages our clients from being reliant on any one data source. 2
Data Reselling
Data aggregators and 3P data act as an intermediary between the data buyers and the data publishers. Due to the nature of these relationships, issues can arise from the limited control and communication between data buyers and data publishers. On top of that, the sharing of partner names is often prohibited by contract.
Generally, each 3P data aggregator has a handful of 1P relationships with publishers, and that data tends to be exclusive. This limited access to publishers and the fact that data aggregators get paid primarily on volume raises the question, “Where do they tend to go for their volume?”
The answer may surprise you.
They will go to other data aggregators to fill out the remainder of their volume. And sometimes, clients that buy from providers like Unacast also attempt to resell that data into the ecosystem (even though that is explicitly forbidden in Unacast’s terms of service).
This means if a data buyer like Unacast buys from two different aggregators, there is only minimal incremental new supply (generally around 5% or so). To mitigate this issue, Unacast uses proprietary methods to track how data is moving through the location-data ecosystem. The complicated nature of trying to find incremental supply has led to a few emerging issues across the ecosystem. Because of Unacast’s lengthy history of working with this data, and our privacy-centric manner of storing the data, we have been able to spot a number of these issues. We predict this will be a cat-and-mouse game for the foreseeable future.
Replay Data
One of the most concerning data integrity issues Unacast is seeing today is known as “replay.” At its core, replay involves recycling old location data by assigning it a new timestamp—making it appear fresh and real-time. But the tactic has become more sophisticated. In many cases, bad actors now slightly alter timestamps, dates, and even location coordinates to disguise the data as new and unique. This manipulation not only inflates data volume but also seriously compromises its accuracy and reliability.
Replay data undermines critical use cases, skewing insights, introducing false positives, and eroding trust in the data itself. For businesses relying on precise location signals, the impact is significant: wasted spend, misinformed decisions, and flawed outcomes.
To combat this practice, Unacast has dedicated an entire team focused on identifying and mitigating replay behavior across the ecosystem. Through years of analysis and pattern recognition, we’ve uncovered that replay can account for up to 50% of some third-party U.S. data, and as high as 80% in some international sources. To help clients stay ahead of these issues, Unacast provides forensic quality flags that identify suspected replay data, allowing users to exclude it from their datasets or weight it differently in longitudinal analysis. This ensures cleaner, more accurate insights and reduces the risk of making decisions based on manipulated data.
UUID Issues
One of the newer issues coming to light surrounds Unique User Identifiers (“UUIDs”). Similar to the replay issues outlined above, these issues began simply and have continued to progress. UUIDs contain a number of identifiers embedded in their values.
See below:
On older Android phones, the version referenced in the image above would be a number from 1-3, with the most current version being 4. While it is normal to see some mix of these, the vast majority of UUID versions should be 4 as those are the vast majority of devices in existence today. Recently, Unacast had seen a surge in version 1 UUIDs and has flagged these as suspicious. Unacast also offers this data in the file delivered to customers for replay analysis.
So this opens the question, “If this data is so messy, how does someone actually make use of this data?”
Signal Merging
One of the core uses of location intelligence is to build audiences on the basis of the relationship of a MAID to a location or persona. For example, an advertiser can build an audience of all the MAIDs of people who went to a Starbucks in the last three months. Alternatively, an audience could comprise all the MAIDs of people who look like they’re coffee drinkers (because they’ve gone to a Starbucks, Peet’s Coffee, etc.).
While the common approach is to get as much scale as possible to get as much reach as possible, this fails to take into account all of the issues above. For example, is there any use in targeting MAIDs who appear to have been to Starbucks in the last 3 months, if that MAID is a duplicated ID from 3 years ago? By applying scale without a quality filter, an advertiser is ultimately overspending on data supply and will always be artificially low in ROAS (Return on Advertising Spend).
In order to balance volume versus quality, Unacast takes the inbound signals from its suppliers and puts them through a process in which signals are merged together. On any given month, Unacast reduces over 8 Quadrillion (yes, you read that right) duplicative or misconfigured records globally. By doing so, we save the users of this data huge processing and storage costs, while helping to ensure that they have the data they need to build appropriately sized and addressable audiences.
This leaves product teams the ability to either take in Unacast’s location data and merge it with their own data to create unique audiences, or to use Unacast’s existing personas and location-oriented audiences to assist brands and advertisers in programmatic campaigns aimed at driving real-world behavior. Unacast audiences are available on all of the largest programmatic platforms in the industry and are available to platforms on a license basis. Unacast’s location data set is available to platforms on a license basis as well, and is available both via bulk data delivery or through interactive APIs.
To learn more about our data and process, book a meeting with us today.
2 Note that there are a number of existing international laws related to this topic, such as GDPR, as well as laws governed by various state and federal authorities in the United States. This document is not intended to cover each of those issues. While Unacast actively works to meet the legal and intended requirements of regulations, this is not intended as legal or compliance advice for your activities.
3 Being reliant on any one data source can create issues, especially when that source comes under regulatory or legal scrutiny. For example, see this lawsuit. Unacast regularly audits both its 1P and 3P data suppliers for compliance, and maintains a privacy and ethics committee to ensure adherence to both the written requirements and intended requirements across all locations where it provides data. Additionally, we require that all of our providers explicitly agree to our privacy addendum to ensure that their compliance is in compliance with the regulations where the provider operates/collects data.
