Privacy News Online has written a number of articles looking at the threat to privacy posed by the widespread use of micro-targeted ads. At the heart of the idea is that the more online sites and services know about their users, the more they can charge advertisers to reach them. To recoup these higher charges, advertisers have honed their messages to the point where they can display ads to very small numbers of people – what is generally called micro-targeting. The theory is that highly-personalized ads attuned to an individual’s psychology are more likely to elicit a positive response from the people viewing them.
READ ALSO: Since advertisers often use different cookie identifiers, they may not be able to recognize a visitor to a Web site that is conducting a real-time ad auction from the information supplied.
In principle, this sounds like a good thing. It means that we are shown ads that are more likely to match our interests. But the downside of this approach is that it has led to the growth of an entire industry based on watching everything we do online, collating that information from multiple sources, and then offering it as widely as possible, typically using real-time bidding. In particular, it lies at the heart of Facebook’s massively-successful business model, which regards user privacy as an obstacle to be overcome, not an obligation to be respected. Recently, this world of “surveillance capitalism” formed the subject of a 704-page book by Shoshana Zuboff , which gives an idea of how complex it has become.
There’s already growing pushback against micro-targeting and real-time bidding, not least using the GDPR. As this blog reported last September, a formal complaint has been submitted to the data protection authorities in the UK and in Ireland, asking them to investigate the use of real-time bidding systems by Google and other ad tech companies. Recently, the complainants added more information, this time about leaks of highly-personal information that real-time bidding systems can lead to:
Every time you visit a website that uses ad auctions, personal data about you is broadcast in “bid requests” to tens or hundreds of companies. Part of this process categorizes what you watch or read or listen to. The categories can be benign, such as “Tesla motors”, “bowling”, or “gadgets”. But, as the new evidence filed today shows, they can also be extraordinarily sensitive.
For example, one category is “IAB7-28 Incest/Abuse Support”. This could enable ad auction companies to target and profile a person as an incest or abuse victim. The letters “IAB” in this category title refer to the Interactive Advertising Bureau, the organization that defines the rules of the ad auction industry.
Other IAB categories relate to sensitive and embarrassing health conditions, religious denomination, sexual orientation, etc.
The IAB (Interactive Advertising Bureau Europe) has responded to this new information, and Open Rights Group, one of the organizations that filed the original complaint, has offered its own on that response. That war of words is an indication of how important this particular fight is likely to be for both privacy and the advertising industry.
Although readers of this blog will be familiar with these practices, it seems that the general public is only just waking up to micro-targeted ads and real-time bidding based on categorization of users and their interests. New research from the Pew Institute suggests that when they do learn about them, people aren’t very happy :
Facebook makes it relatively easy for users to find out how the site’s algorithm has categorized their interests via a “Your ad preferences” page. Overall, however, 74% of Facebook users say they did not know that this list of their traits and interests existed until they were directed to their page as part of this study.
When directed to the “ad preferences” page, the large majority of Facebook users (88%) found that the site had generated some material for them. A majority of users (59%) say these categories reflect their real-life interests, while 27% say they are not very or not at all accurate in describing them. And once shown how the platform classifies their interests, roughly half of Facebook users (51%) say they are not comfortable that the company created such a list.
READ ALSO: Indeed, Los Angeles prosecutors were moved by the news to sue the operators of the Weather Channel app , which is owned by IBM: The operator of the Weather Channel mobile app misled users who agreed to share their location information in exchange for personalized forecasts and alerts, and they instead unwittingly surrendered personal privacy when the company sold their data to third parties, the city attorney, Michael Feuer, said.
Hitherto, the response to concerns about micro-targeting has typically been to argue that it is a necessary price to pay for free services, and that there is no alternative. However, an intriguing article on Digiday suggests otherwise :
When the General Data Protection Regulation arrived last year, The New York Times didn’t take any chances.
The publisher blocked all open-exchange ad buying on its European pages, followed swiftly by behavioral targeting. Instead, NYT International focused on contextual and geographical targeting for programmatic guaranteed and private marketplace deals and has not seen ad revenues drop as a result, according to Jean-Christophe Demarta, svp for global advertising at New York Times International.
Of course, that’s only one data point, but it’s nonetheless an important hint that advertisers don’t need to use micro-targeted ads bought using real-time bidding, but could instead simply buy space according to geography and editorial context. A recent report from the New Economics Foundation entitled “Blocking the Data Stalkers: Going Beyond the GDPR to Tackle Power in the Data Economy” wants to see the latter approach enshrined in law. The authors of the report say that there should be a ban on sending personally identifiable data to advertising networks. Instead, advertisers should be provided with general demographic information about the Web site or service’s audience. This would allow them to supply demographically-appropriate advertising, but without affecting the privacy of users.
Services like Facebook and Google, as well as many businesses advertising on their sites, will doubtless recoil at this suggestion. They will probably make claims about how this will lead to the death of online advertising, and with it, the collapse of the digital ecosystem. But it’s important to remember that using general demographic information to help place appropriate ads, rather than highly-personal characteristics for micro-targeting, was exactly how things functioned in the world of television, radio, newspapers and magazines. Broadcasters, publishers and advertisers all managed to make a healthy profit under this system; there is no reason why they shouldn’t flourish using the same approach online.
READ ALSO: We have not been impacted from a revenue standpoint, and, on the contrary, our digital advertising business continues to grow nicely.” So while (of course) not every publisher is the NYT, publishers that have or can build brand cachet, and pull in a community of engaged readers, must and should pause for thought — and ask who is the real winner from the notion that digitally served ads must creep on consumers to work?
Just because it is now possible to gather huge amounts of information about us as we move around the online world, and then use that personal data to sell micro-targeted ads, doesn’t mean companies should. As more and more people realise how important it is to protect their privacy, so their tolerance for the intrusiveness of surveillance capitalism will diminish. The sooner the online advertising industry starts developing alternative models, the better it will be for them – and for us.
Featured image by Babu.
READ ALSO: The individuals filing the complaints have now submitted additional evidence showing lists of ad categories used by Google and online ad industry association, the Internet Advertising Bureau (IAB), that they say show sensitive inferences are systematically made.
About Glyn Moody
Glyn Moody is a freelance journalist who writes and speaks about privacy, surveillance, digital rights, open source, copyright, patents and general policy issues involving digital technology. He started covering the business use of the Internet in 1994, and wrote the first mainstream feature about Linux, which appeared in Wired in August 1997. His book, "Rebel Code," is the first and only detailed history of the rise of open source, while his subsequent work, "The Digital Code of Life," explores bioinformatics - the intersection of computing with genomics.
READ ALSO: The team behind the Brave internet browser have filed a complaint with authorities in Ireland and the UK regarding privacy violations perpetrated by Google and other "ad tech" companies under the EU's new European General Data Protection Regulation (GDPR).
advertising, , gdpr, real-time bidding,