The Privacy Pitfalls of Personalized Advertising

You know the drill: you search a product or topic and within seconds every web site you load and your social media feeds are full of ads for those items. It’s creepy and convenient, right?  

Unsurprisingly, personalized advertising — and now even hyperpersonalized advertising (think retail sites that already know your clothing size and color preferences, for example) — have some significant privacy pitfalls. Personalization relies on invasive surveillance of your personal data, taken from everything you do online.  

Here, we look under the hood of personalized advertising at two issues receiving media attention right now: 

  1. Digital advertising may present national security risks. 
  1. Do consumers even want personalized ads? 

Issue 1: Digital advertising may present national security risks   

The global digital advertising spend is set to hit nearly USD 390 billion in 2021. But in yet another blow to the big tech companies reaping the rewards, a bipartisan group of    US senators has raised national security concernsover the automated process that makes personalized ads possible.  

The senators are worried about “real time bidding”, the split-second automated auction process used to rapidly place personalized ads on web pages, and the “bid stream data”, made up of users’ personal data, which is used in the bidding process.  

The senators have asked eight ad exchange firms, including Google and Twitter, to tell them exactly which foreign companies are receiving US citizens’ personal data during these digital ad auctions and exactly what that data contains. The senators fear that the easy access to bid stream data during the real time bidding process allows foreign governments to profile US citizens. “This information would be a goldmine for foreign intelligence services that could exploit it to inform and supercharge hacking, blackmail and influence campaigns,” the senators say. 

Have you heard about real time bidding? 

Real time bidding is an exchange that happens in the milliseconds before a web page loads. It automates the process of buying and selling ad space online and makes personalized ads possible. Real time bidding works like an auction in that advertisers bid on available space on web pages and the space typically goes to the highest bidder. It’s a mind-blowing concept, in that it’s so lightning fast behind the scenes but happening in real time.  

Picture this

  1. As soon as you click a link to open a web site, the site’s publisher sends the dimensions of its available ad space to what’s known as a supply side platform (SSP), a technology platform (like WebFX) that automates the process of web publishers selling their ad space to advertisers.  
  1. The SSP then analyzes your cookies to gather as much data about you as possible. This is known as bid stream data and typically includes URL, device type, model, screen size, CPU, operating system and connection, your web browsing activity and interests, IP address and ZIP code location, as well as your age and gender. This data determines the most relevant ad for you to see. 
  1. Next, a demand side platform (e.g. Google Ad Manager) uses the bid stream data from the SSP to assign a dollar value to your impression (display of the ad on your screen) and place bids on the ad space from relevant advertisers.  
  1. Finally, the SSP receives the bids and awards the ad space to the highest bidder. The web page you wantthen loads with the ad in the contested slot. The publisher has sold their ad for profit, the advertiser has got its product in front of you (a highly targeted audience), and you’re none the wiser that your profile data was up for grabs only moments before. 

Yes, you guessed it: the process is fraught with significant data privacy issues: 

  1. Hundreds of companies can participate in the real time bidding process. Every auction participant gets access to your bid stream data and they don’t even have to bid. 
  1. Most anyone can participate in the auction: barriers to entry are low. And while there are penalties for misusing bid stream data, parsing the data is still highly valuable to participants.  
  1. Bid stream data can be harvested even without third party cookies so recent efforts by Apple and Google to ban third party cookies do nothing to mitigate the privacy risks.  
  1. The bid stream data is usually anonymized but it’s relatively easy to match a user to their information.  
  1. Data brokers readily package the bid stream data (particularly valuable location data) and sell it to other companies and even governments with little oversight — the key point of the senators’ concerns.  

It’ll be interesting to see which the eight companies reply to the senators’ letter, what they say, and what happens next. Watch this space. 

Issue 2: Do consumers even want personalized ads? 

With all the backlash against surveillance capitalism (profiting off personal data), the question is now being raised: Do consumers event want personalized ads on their devices? Recent research in Europe and the US says yes and no.  

Yes, consumers like us want a personalized shopping experience for all the reasons marketers cite in defense of their practices: targeted ads matched to our immediate needs and interests save us time and money and can enhance ouronline experience. But also no, increasingly consumers don’t want personalization when it comes at the expense of our privacy

This consumer sentiment against personalized ads isn’t new, and it is increasing. As far back as 2012, Pew Research found 68 per cent of US consumers don’t like targeted ads and disapprove of the invasive data surveillance that drives them. Seven years later in 2019, they found an even higher number of US consumers, at 81 per cent, believes the potential risks from data-driven products and services outweigh the benefits.  

Then, in February 2021 YouGov polled 2,000 consumers in France and Germany and found 57 per cent don’t want personalized ads on their devices and feel “deeply uncomfortable” about the granular categorization based on highly personal information, such as illness, pregnancy and religion, that drives those ads.   

There are two sides to this coin: personalization is improving the user experience, but data abuse is growing—and consumers are noticing. Media and ad experts get the point too, and know they have to change.  

The YouGov poll says it’s the behind the scenes or back door nature of personalization that gives people the creeps(think dark patterns). It doesn’t help that consent to data practices is often so convoluted and tied to long-winded terms and conditions and privacy policies that none of us knows exactly what it is we’re agreeing to, right? 

At Anonyome Labs, we believe it’s time for brands to recognize both the opportunity to deliver privacy-first productsand the responsibility to comply with tightening regulations that better protect consumer data and privacy. Until they do, they risk losing the very customers they’re fighting so hard to attract.  

How do you feel about personalized ads? Do you use MySudo to protect your personal information online? Find out how you can

Photo by Zapp2Photo

Download MySudo

Plans start at $0.99 USD/mo.
Start your free trial today.
Browse Plans

MySudo was built by Anonyome Labs to provide more control and privacy online, on the phone, or wherever technology takes you.
Learn More About Anonyome Labs