Meta’s restricted categories update and what it means for your business

Meta’s restricted categories update and what it means for your business

What does this even mean?

Meta has been rolling out an update to the way it allows businesses advertising on it’s platform to share data about what users do on their websites/apps. Businesses affected could see their ability to share conversions and use certain objectives and targeting options restricted, likely significantly impacting the performance of the platform.

Why the update?

From Meta's perspective…the boardroom party line is of course about protecting user data privacy. The underlying financial motivation is that since the Cambridge Analytica scandal in 2018, Meta has become very data compliance proactive and is keen to avoid any more hefty fines or lawsuits in future. However, in recent years law firms, in the US in particular, have been looking to capitalise on digital data privacy grey areas and have started to make moves to raise legal challenges against businesses and tech platforms who don't comply with legacy laws about data sharing.

What kind of businesses are affected?

The vast majority of businesses won't be. But SOME companies that operate in sectors covering products or services that convey information about an individual's personal health or financial situation might be. Meta provides a list of 'prohibited information' - and is now grouping this prohibited information into categories e.g. 'health and wellness'.

In the example of health and wellness - while I can't guarantee the classification of individual businesses – I want to be clear that not all 'health and wellness' businesses will be flagged as belonging to a restricted category. The distinction mainly boils down to if the product or service could reasonably disclose information about the condition or state of an individual e.g. consider a website selling general food supplements like turmeric, potassium or creatine, compared to a business that sells pregnancy tests. One is retailing general products that do not convey the condition or health state of the consumer - while the other one very much does.

Clearly, someone viewing a page about a pregnancy test, adding one to cart or purchasing the item is very likely giving a strong signal that they may be pregnant. And it is that kind of inferred condition or state where Meta is looking to restrict information pass through.

Is my business impacted?

Well, Meta should tell you. Go to your Meta Ads Manager > Events Manager > Data Sources and click on your pixel(s).

Firstly, you'd likely see a notice in the overview window informing you.

Secondly, go to Settings > and look at two sections in particular:

'Manage data source categories' and 'Data restrictions'

'Manage data source categories' will show you if your website(s) has been classified into any of the restricted categories e.g. 'Health & wellness condition'.

'Data restrictions' - will tell you about what kind of data Meta is blocking from being passed back into the platform.

The first section relates to something called ‘Core set up’. That’s like the tier 1 of restrictions Meta could apply. If Meta has classified your business as being in a restricted category you will not be able to turn off this option. However, businesses that haven’t been notified of any restriction do still have the option to opt into 'Core set up' if they wish.

'Manage event blocking' will show you what, if any events (e.g. purchases, form submissions etc.,) are being blocked as a result.

If you see any of the events you are currently using or optimising towards in your advertising in the ‘Action Required’ or ‘Blocked’ list of events – it’s likely that Meta is restricting some of the event information your website is trying to send back to the platform.

Read on for a definition of the restriction 'tiers' Meta can apply and the ramifications of each.

What is the potential impact?

Meta has set three tiers of restrictions based on how sensitive it deems the category your website has been classified into.

Tier 1 Core set up

This is the least impactful tier of restrictions and may include one or all of -

  • URL truncation - URLs for webpages that mention the sensitive information e.g. www.site.com/products/pregancy-tests would be trimmed to just www.site.com
  • Custom event blocking - standard events like purchases and leads would still be tracked. But if you wanted to track something non-standard - like say a user interacting with a quiz that tells them if they have Crohn's disease or not that could be blocked.
  • Custom parameter blocking - these are non-standard bits of information you've set for data collection. Standard might be the value of a conversion or the currency.

Tier 2 High intent exclusion

As with core set up but also…

While broad engagement-based events like pageviews and view content will still be enabled, actions that represent a higher intent to purchase, subscribe, fill a form etc., will be blocked e.g. events like add to basket, initiate checkout and purchase. That's because as defined by Meta - those actions represent a higher probability of being linked to the condition or state of that individual (e.g. the purchasing of a pregnancy test).

Tier 3 Total data exclusion

Essentially almost all outside-of-platform data is blocked with on-site web events and information restricted from being passed back to Meta. Outside of correlational increases or decreases in business outcomes from internal systems, you would largely be advertising blind as far as conversions or information gathering outside of Meta.

OK, I think my site has been added to a restricted category, how do I know what tier I'm in?

To understand which tier your website has (or hasn’t) been categorised into you’ll be able to deduce that based on what you are seeing in Events Manager.

If there is no option to turn off ‘Core set up’ then that indicates your website has had ‘tier 1’ restrictions applied as a minimum.

If you can see that there are domains listed in the ‘Manage data source categories’ report then clicking on ‘view details’ should open an overlay message. If the message includes reference standard events being restricted, that likely pertains to tier 2 restrictions, if the message states that data sharing more generally is blocked that can indicate a full tier 3 restriction is in place.

As you’ll also see, restrictions can also vary by market – for example in the European Region, due to GDPR, restrictions may be more stringent.

What can I do about it?

Appeal

If you feel that your website(s) has been erroneously categorised, when reviewing the data source categorisations, there should be the option to request a review from Meta as shown in the screenshot above.

Review your content and product sets

If you suspect that only some of the products, content or services you offer may qualify for restricted status, removing those products from advertising campaigns and your product catalog may help to mitigate against some of the risk associated alongside proactively opting into the Core set up where appropriate.

Edit on-site content to remove references to sensitive topics that would associate someone with a particular situation or condition or review your form design for any questions or wording that requires users to self-identify a condition e.g. a form on a legal service provider website that requires users to click an option to answer 'do you have cancer?'.

Following the above you can then create and test using a new pixel.

A somewhat dubious workaround might also be achievable by customising your CAPI set up by changing the event types associated with certain actions – for example, if you find yourself with tier 2 restrictions applied, rather than triggering a purchase event when an actual purchase is made, trigger a pageview and then optimise campaigns towards that event – but we’re getting into murky waters there.

Diversify

It’s no wonder that for certain sectors, like health and wellness, other platforms such as TikTok are and having been growing in popularity. While it’s likely that eventually similar data protections will be emulated across likes of TikTok, exploring incremental growth opportunities through other media partners should be part of any businesses longer term marketing strategy.

Keep in mind user privacy

And most importantly, as a business don’t also lose sight of the fact that there are very legitimate reasons for restrictions being placed on this kind of targeting and data sharing. Health and financial conditions and protected characteristics are something that are extremely personal and shouldn’t be leveraged by ad platforms and advertisers to maximise profits.

Want to know more? Get in touch with Herd.

About the author

Mark Preston

Mark Preston, Performance Director

Mark joined Herd in early 2023 as Performance Director, bringing years of experience in large, network agencies working alongside some of the biggest brands in the world.

growing shopify giants

Ready to talk?

Looking for increased visitors, sales and revenue? We're here to help.

Find out how to drive measurable results with us, your growth partner.

Tel: 01482 256300 Email: hello@herd.io
Get in touch