Thursday, 9 February 2023

Calculation of return on investment for brand-protection programmes: Thoughts towards a new paradigm

Pre-existing ideas

Numerous previous studies have considered methodologies for calculating the return on investment (ROI) of brand-protection programmes which incorporate components of monitoring and enforcement. These ideas can be important both to justify the spend on a programme in the first place, and to assess its impact once established. Correspondingly, 'classic' ROI calculations can be categorised into two main types: the first (known as 'a priori' calculations) consider the probable infringement landscape in advance of the implementation of a brand-protection programme; the second aims to quantify the actions taken as part of an active enforcement initiative[1]. It is the latter category with which we are primarily concerned in this article.

To a very high level, many ROI calculation methodologies use a formulation along the lines of:

R = C × E

where R, the ROI (within a given timeframe) (i.e. the benefit of the brand-protection programme, to be offset against the associated spend) is equal to the product of C, the 'cost' of a pre-existing infringement being active, and E, the number of infringements removed through enforcement as part of the brand-protection programme (in the same timeframe).

Very many assumptions are typically required in order to estimate these figures. In some methodologies, the assumed 'cost' associated with a live infringement may be reflective of an estimate of its direct financial impact (e.g. the typical loss from a phishing incident); in others it may be calculated as the proportion of lost revenue which is reclaimable following deactivation of the infringement (i.e. the 'cost' in the above formulation essentially reflecting the pre-enforcement impact of not yet having taken the infringement down). In these types of approaches, it is very rare that these figures can be measured directly and therefore a number of assumptions (or 'proxies' for the data) are required. In cases of domain acquisition, for example, it may be appropriate to make use of figures such as web traffic when quantifying impact; for marketplace listings, it is typically necessary to consider factors such as price and quantity of items in the listings removed. In both cases, the methodology needs to consider assumed conversion rates (i.e. the proportion of customers who can be 'monetised' by the brand owner - e.g. those who will make a legitimate purchase once the source of infringements is removed)[2,3]. Even this part of the process is far from simple; complications include factors such as: 

  1. The conversion rate will be (strongly) dependent on the nature and price of the item (e.g. it will be much lower for (say) an obvious counterfeit, such as an item passing off as a high-end luxury brand but with a very low price point)[4].

  2. The conversion rate for customers knowingly navigating to an official brand website will potentially be different to that for those Internet users intending to visit a third-party standalone e-commerce site (if we are considering the case where this domain may subsequently have been acquired by the brand owner and its traffic re-directed to their official site) - this consideration involves taking account of a principle sometimes referred to as the 'substitution effect'[5]

Alternative proxies for the above figures may also need to be utilised, depending on the web channel under consideration (e.g. where absolute estimates of web traffic are not available or appropriate). For example, on social media, the 'exposure' or 'reach' of content can be estimated using numbers of 'likes' or followers; for mobile apps, the number of downloads may be relevant; for file sharing, it may be appropriate to consider the number of individuals accessing the content (e.g. 'seeds' and 'leechers' for BitTorrent). 

Numerous other approaches can also be taken. The ultimate objective when estimating the 'value' of a website is the identification a direct measure of the revenue it generates (e.g. via direct sales of products, for an e-commerce site). In practice, this information is almost never publicly available, though it is sometimes possible to make estimations via shipping or logistics information available through third-party databases. Some methodologies will utilise web-analytics tools to estimate value based on factors such as advertising spend by the site owner, or will analyse outgoing site traffic (e.g. to payment service provider platforms) to estimate customer volume and/or conversion rates[6]

It has also previously been noted that sometimes determination of ROI can reflect more qualitative goals (i.e. the statements of 'what success looks like' for a brand-protection programme). For example, a brand owner may consider a programme 'successful' once there are no infringing results returned on the first page of search-engine results, or in pages of search results on a range of key marketplace sites, in response to brand-specific queries. Similarly, the 'ownership of the buy button' (i.e. being the first vendor listed for a particular product on an e-commerce marketplace site) might be a key aim.

The success of a brand-protection initiative can also be judged based on other (again, more quantitative) metrics which may be only available to the brand owner themselves (as opposed to, say, a brand-protection service provider partner). These might include factors such as increases in the numbers of visitors to physical stores, or in volumes of traffic to official websites (as might be directly measurable using the brand owner's webserver log information).

Beyond this, wholly different methodologies can also be applied. Some will take account of 'intangible' factors such as brand value[7], considering the spend on brand protection to be a business cost necessary to lower the risk of damage to the brand. This type of approach is also not straightforward - higher levels of abuse can be considered an indicator that the brand is a desirable one, which can actually be reflective of greater brand value. Other factors, such as new product launches, can also affect the visibility of the brand and its likelihood of being targeted, all of which can serve to further complicate the landscape. 

However, in this article, we will primarily consider the simpler approaches discussed in previous work, and look at how they can potentially be modified to better account for the overall impact of a brand-protection programme.

Variations over time in the infringement landscape

Part 1: Single-brand analysis

In this section, we consider an extremely simplified model looking at changes in the infringement landscape over time for a brand, considering in the first instance the example of a newly-launched brand. In this case, the growth in the number of infringements over time might look something like that shown in Figure 1.

Figure 1: Mock-up of the changing infringement landscape over time for a newly-launched brand

The above framework is formulated using a timeframe expressed as numbers of months for convenience, though the timescales observed in practice may vary hugely. There is also a deliberate choice to avoid stating any quantitative numbers for the volumes of infringements, as these will also be dependent on any number of different factors - one brand may see tens or hundreds of infringements; other may see many thousands or more. Beyond these points, the construction of the above trend lines is based on the following scenario:

  • Following the launch of the brand (in month 1), there is a ramp-up in the number of monthly numbers of new infringements ('N') appearing online, up to a constant level.
  • There is also a (slower) ramp-up in the rate of infringements disappearing naturally from the Internet ('natural removal', 'R') even in the absence of any enforcement activity. This will arise through a combination of factors, including: content which is deactivated by the infringer following a period of use; domains expiring after their registration period; older content gradually dropping down search-engine rankings (and potentially therefore eventually ceasing to have any damaging impact), and so on.
  • There is a resulting growth in the cumulative number of active online infringements ('I'), caused by the difference between the monthly values of 'N' and 'R'. 
  • Finally, it seems reasonable to assume in most cases that 'I' will eventually reach a steady state, rather than continuing to grow indefinitely. This implies that 'R' will eventually 'catch up' with 'N' (possibly in part due to the fact that 'N' may also drop off slightly over time, after an initial peak in infringement activity). 

Of course, in practice the exact balance between the above numbers will be dependent on an enormous range of factors, including considerations such as the type of Internet channel. For example, marketplace listings will typically have a shorter 'lifetime' than domain registrations (affecting, for example, the rate at which 'R' catches up with 'N').

Let us now consider the case where a brand-protection programme, incorporating the introduction of enforcement actions for the removal of infringing content, is added into the picture (say, after the landscape has reached steady state in month 12) (Figure 2).

Figure 2: Mock-up of the changing infringement landscape over time, with an enforcement programme introduced in month 12

In this case, we use the following formulation:

  • In month 12, the enforcement programme is introduced, which incorporates a particular level of resource sufficient to action a certain maximum number of takedowns each month. This number will of course need to be greater than the rate at which new infringements appear, if the programme is to be successful. 
  • Following the introduction of the enforcement programme, the rate of natural removal ('R') of infringements will quickly drop off to zero (essentially, the infringements are being removed via enforcement quicker than the rate at which they would otherwise naturally disappear).
  • As enforcement progresses, the cumulative number of infringements drops off from its pre-existing level, until we reach a steady state (the 'whackamole' phase[8]) where the monthly number of enforcements ('E') simply needs to 'keep up' with the rate at which new infringements appear ('N'). In other words, each month a certain number of new infringements appear and these are all removed through the actions of the enforcement programme. (N.B. Equivalently, at this point we could express the 'cumulative number of infringements' ('I') as zero, depending on the point in the month at which we carry out the calculation (i.e. whether pre- or post-enforcement).)

In reality, the situation is likely to be far less straightforward, with a number of additional factors complicating the picture, including (but not limited to) the facts that:

  • The types of infringements actioned over time may change (potentially starting with higher-impact or easier takedowns).
  • Monitoring will inevitably start to uncover lower visibility and/or lower severity infringements once the initial high-visibility, high-impact infringements have been taken down.
  • The rate of appearance of online infringements may change in response to the enforcement programme (e.g. infringers turning their attention to easier targets).
  • The infringers may change their tactics in response to the enforcement programme (e.g. describing goods in different ways) - accordingly, both the monitoring approach and the enforcement methodologies may need to evolve in order to account for this.

Nevertheless, the above very simplistic picture does reflect some of the top-level trends typically seen in a brand-protection programme, with an initial period of 'cleaning up' the pre-existing backlog of infringements followed by a steady-state period of lower required activity, just keeping pace with new infringements as they appear. 

This being the case, we can look to this model to draw insights into how our classic ROI calculation methods could be augmented to provide a fuller picture. In many of the traditional approaches, monthly ROI calculation methodologies make use just of the total monthly numbers of enforcements carried out ('E'). Although the drop-off in the numbers of pre-existing infringements is reflected in the ROI calculations associated with the enforcements carried out during the 'ramp-down' phase itself, it is usually not reflected in the ongoing calculations during the subsequent 'whackamole' phase. Really, it may be preferable to make use of the difference between the ongoing number of infringements ('X') and that observed at the start of the programme ('Y'), if we are to fully assess the impact of the brand-protection programme. In other words, rather than using the number 'X' as the basis of our monthly ROI calculation, it might instead be better to use 'Y – X'. This number instead provides a measure of the value of the ongoing brand-protection programme - essentially, reflecting the difference in the ongoing number of infringements (with the associated 'cost' of them being live) compared with that which would have been observed if the programme were not in place. In practice, determination of these numbers will require the brand-protection initiative to incorporate a comprehensive programme of monitoring (as well as enforcement) throughout, incorporating a full landscape 'audit' at the outset.

Part 2: Benchmarking and the use of controls

To further complicate the situation, what the above approach fails to consider is any changes to the infringement landscape which would have occurred if the brand-protection programme were not being carried out. This is known as the 'attribution' issue in the physical sciences. Of course, once enforcement starts being carried out, we lose the ability to see what would have happened to the numbers of infringements if they were not being actively taken down. It is well established that external factors can significantly change the infringement landscape. For example, numerous previous studies show that real-world events can drive spikes in resulting infringement activity[9]

One way in which this problem can be addressed is via comparison with another 'control' brand of a similar type, operating in a similar industry area, but for which brand-protection activity is not being carried out. In practice, a brand owner can never be completely sure what any given competitor is doing, so a more realistic scenario is the use of analysis a group of industry peers, across which the infringement trends over time can be averaged to create a 'benchmark'. Of course, this requires active monitoring across all these brands, and so may be far from straightforward.

In this case, we may end up with a scenario such as that shown in Figure 3, where the control or benchmark brand (actually ideally an average of the data collected across multiple third-party brands) - which we have to assume reflects external drivers in infringement trends in the absence of enforcement initiatives - shows a change in the infringement landscape since the start of the programme for the brand being protected.

Figure 3: Mock-up of the changing infringement landscape over time, with an enforcement programme introduced for the customer brand in month 12, and compared against a (pre-existing, established) benchmark brand(s)

In the above example, the control brand shows a ramp-up in infringements during the period of the brand-protection programme, perhaps driven by an external event of some sort. Additionally, by using a benchmark comprising data from across numerous brands, we reduce the likelihood that the change is driven by some characteristic specific to one brand (such as a new product launch) and increase the likelihood that the change is representative of the industry landscape in general. 

In this case we can assume that, in the absence of a brand-protection programme, the infringement landscape for the customer brand would have increased by the same proportion as that seen for the benchmark brand(s). Therefore, instead of our ROI calculation being a function (' f ') of 'Y – X' (written as 'ROI = f [Y – X]'), we can say that:

ROI = f [ ( (B/A) × Y ) – X ]

Essentially, we are saying that, had the brand-protection programme not been in place, we might have expected the 'background' level of infringements for the customer brand also to have increased by a factor of ('B/A') by the end of the monitoring period, and so the benefit of the programme is in reducing it from this value to the value observed ('X').

Of course, the same approach can also be used if the benchmark shows a decrease in infringements across the monitoring period.

Discussion

The calculation of ROI for brand protection is fiendishly complicated, and no single approach will be applicable in all cases. In any selected methodology, it is necessary to make use of a wide range of assumptions and proxies for the data to which we would ideally like to have access. Nevertheless, there are some general industry-accepted standards for these calculations, many of which utilise metrics around ongoing levels of enforcement activity. In this article, we have considered some approaches which could be taken to modify these methodologies towards a new framework of ideas, involving the following two fundamental changes:

  • Considering the difference between the ongoing levels of enforcement (as a measure of the ongoing level of infringement activity), and those seen at the outset of the programme, as a measure of the overall impact of the brand-protection programme (rather than just considering the ongoing levels of enforcement in their own right).
  • Considering the use of one or (ideally) more benchmark brands, to separate out the observed change in infringement levels (for the customer brand) arising from the enforcement activity, from other background or landscape changes applicable to the industry vertical in general

Even then, there are still other factors to consider - the customer brand may also have experienced (company-specific) issues (such as product launches, changes in sales channels or target markets, etc. etc.) which themselves could have driven changes in the number of infringements, even in the absence of an enforcement programme or industry issues. All of this can further complicate the calculations to be carried out.

Additionally, I anticipate that the general philosophy behind ROI calculations may need to evolve further to reflect other issues more directly tied to cybersecurity, as the importance of this area becomes more widely appreciated. A former colleague of mine recently asked in a LinkedIn posting[10]:

""So what's the cost?" is a frequent question I hear. Rather than thinking about the budget required, brands need to consider the financial and reputational costs of repairing the damage when they are impacted."

The key point here is thinking about proactive rather than reactive measures. This issue is particularly relevant when it comes to domain security, where a range of products are available to allow corporations to secure their domains from external attack vectors which can be highly damaging (from both financial and reputational points of view)[11]. The matter is of even greater urgency in a landscape where we still see significant proportions of the world's top companies failing to adequately protect themselves[12]

The expected financial loss ('L') per year due to (say) cybersecurity issues (an 'attack') is given[13] by:

L = patt × Catt

where patt is the probability of an attack occurring during the year, and Catt is the financial cost (the 'damage') resulting from the attack. From this, we can say that, if the probability of an attack can be reduced (from pattwithout_security to pattwith_security) through the implementation of domain security measures, the saving ('S') to the organisation can be written as:

S = ( pattwithout_security – pattwith_security ) × Catt

Whilst easy to formulate, this can be much harder to quantify. However, a recent study showed that 88% of organisations were subject to some form of DNS attack in 2021, with each attack costing the enterprise an average of almost $1 million[14]. If, then, the risk of an attack can be (conservatively) reduced from (say) 10% to 1% though the introduction of security measures, this equates to an equivalent annual saving to the company of the order of $90k. If the cost of implementing the security measures is less than this value, the return on investment will be positive. If we factor in also the implications for access to - and cost of - cyberinsurance cover, the importance of domain security products and services becomes ever clearer.

Acknowledgements

Thanks must go to Angharad Baber, Mark Barrett and David Riley for their feedback and input into this article.

References

[1] https://www.worldtrademarkreview.com/anti-counterfeiting/return-investment-proving-protection-pays

[2] https://www.worldtrademarkreview.com/global-guide/anti-counterfeiting-and-online-brand-enforcement/2022/article/creating-cost-effective-domain-name-watching-programme

[3] https://www.cscdbs.com/blog/four-steps-to-an-effective-brand-protection-program/

[4] https://circleid.com/posts/20220726-calculating-the-return-on-investment-of-online-brand-protection-projects

[5] 'Digital Brand Protection: Investigating Brand Piracy and Intellectual Property Abuse' by Steven Ustel (2019). Chapter 17: 'Accounting and Accountability'

[6] 'Digital Brand Protection: Investigating Brand Piracy and Intellectual Property Abuse' by Steven Ustel (2019). Chapter 9: 'Pivots'

[7] https://www.cscdbs.com/blog/brand-abuse-and-ip-infringements/

[8] By 'whackamole' in this context, I am referring to a consistent state in which infringements are reactively taken down as quickly as they appear (rather than implying a random or disordered approach).

[9] https://www.linkedin.com/pulse/four-new-case-studies-domain-registration-activity-spikes-barnett/

[10] https://www.linkedin.com/posts/stuart-fuller-17a7411_what-cisos-can-do-about-brand-impersonation-activity-7027979839747846144-E6ak

[11] https://www.linkedin.com/pulse/holistic-brand-fraud-cyber-protection-using-domain-threat-barnett/

[12] https://www.cscdbs.com/en/resources-news/domain-security-report/ (2022)

[13] This follows from the fact that, mathematically, the expected value ('Ex') of a variable ('X') is given by:

Ex = Si ( p(Xi) × Xi ), where p(Xi) is the probability of X taking the ith value

[14] https://www.efficientip.com/wp-content/uploads/2022/05/IDC-EUR149048522-EfficientIP-infobrief_FINAL.pdf

This article was first published on 9 February 2023 at:

https://www.linkedin.com/pulse/calculation-return-investment-brand-protection-thoughts-david-barnett/

at
Labels: , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Unregistered Gems Part 6: Phonemizing strings to find brandable domains

Introduction The UnregisteredGems.com series of articles explores a range of techniques to filter and search through the universe of unregis...