OPINION: An Expert Delves Into the Creepy World of Advertising Tech

"MY TALK AT THE EU PARLIAMENT"

By Bob Hoffman

https://www.bobhoffmanswebsite.com/

[EDITOR’S NOTE: We spotted this article Tuesday in a publishing newsletter that we read regularly. It seemed particularly concise and useful for anyone at all concerned about online privacy and security. And since we are doing business online (though rest assured, we are as ignorant of what goes on ‘in the platform’ as anyone) it seemed worth sharing with Franklin readers. Mr. Hoffman was gracious in granting permission to repost in the Observer.]

This week I was invited to give a keynote talk to a group of Members and other interested parties at the EU Parliament in Brussels. Viewers were also invited to attend online. The subject was the dangers of tracking by the online advertising and marketing industry, as described in my book ADSCAM.

The following is a transcript of the talk.

Good afternoon

In my brief time today I would like to describe to you why I believe the adtech industry and the online advertising industry as they are currently configured are a danger to individuals and a danger to democratic societies.

And why I believe it is important for legislative and regulatory bodies to take further action to curtail some of the practices that are harming both individuals and society,

First we need to acknowledge that advertising is essential to the free internet as we currently know it. People love the web. On average we spend about 6 hours a day online.

The web gives us free entertainment, free information, and free communication. None of this would be possible without advertising. Advertising provides the financing for most of the web resources that we utilize every day.

But online advertising has an unnecessary and dangerous dark side.

It is called tracking. Tracking is the process by which advertisers, online website publishers, and online media have the ability to know everywhere we go and everything we do on the web. Some call it tracking. Some call it surveillance. Some call it spying. It doesn’t matter what you call it — it is a menace.

The adtech industry is capable of knowing every click we make, every site we visit, and where we are located at any time. In its worst moments, adtech knows who we are talking to and what we are saying. They can infer who our friends are, what our interests are, what our sexual preferences are, what our political leanings are, and where we are at any moment. They use this information in two ways: to sell us things, and to re-sell this information to other marketers.

Today I will talk about two of the most serious problems that this creates. First is the peril to individuals and society. Second is ad fraud. While on the surface, these may appear to be very different problems, beneath the surface they are both to a substantial degree manifestations of the online ad industry’s original sin: tracking.

Here are some of the problems that the current version of adtech have created.

- Tracking, and the unrelenting collection, sharing, and selling of personal information about us is a danger to individuals. The worst governments in history have been the ones that abused the privacy of its citizens by following them everywhere, listening to their private conversations, and compiling secret files on them.

Today it is the marketing industry that is engaged in these practices. The KGB, the Gestapo, and the Stasi could only dream of having the depth of information about citizens that Google, Facebook, and other adtech companies have. According to a report by the Irish Council for Civil Liberties, people in Europe have their online behavior and location broadcast to thousands of companies and organizations around the world 197 billion times a day. Google alone sends this data to 4,698 organizations around the world, including Russia and China. There is no control over this data once it is sent.

A report to the British Parliament asserted that by the time an average child in Europe is 13-years-old, the adtech industry has 72 million data points on that child. We would never accept this level of spying on us by governments, but for some reason we have learned to accept it by marketers.

- Next, tracking is a danger to the integrity of democratic institutions. In recent years we have seen a serious wedge driven into the political life of my country and several European countries. There is a direct link between tracking by the online ad industry and the polarization of democratic societies.

A study by a group of Facebook executives in 2018 reported that almost 2/3 of people who joined extremist groups on Facebook were directed there by recommendations from Facebook’s algorithms. And where do these systems get the data that informs their algorithms? From tracking us.

Professor Hany Farid, an expert at the University of California, Berkeley, has said, “They didn’t set out to fuel misinformation and hate and divisiveness, but that’s what the algorithms learned.”

- Tracking is also a national security threat. The Congress of the United States has asked U.S. intelligence agencies to study how information gleaned from online data collection may be used by hostile foreign governments to spy on individuals and on the activities of the security apparatus.

In April of 2021, a bipartisan group of U.S. Senators wrote, “This information [from adtech data] would be a goldmine for foreign intelligence services that could exploit it to inform and supercharge hacking, blackmail, and influence campaigns.” They went on to say, “Few Americans realize that [adtech companies] are siphoning off and storing…data to compile exhaustive dossiers about them…we must understand the serious national security risks posed by the unrestricted sale of Americans’ data to foreign companies and governments.”

- Further, The whole practice of online tracking may itself be illegal. The online ad industry operates on a system called Real-time bidding or RTB. RTB is the engine that drives the bulk of online advertising activity and it may itself be illegal under the terms of GDPR. As I mentioned earlier, RTB tracks and broadcasts peoples’ online behavior and location tens of billions of times a day in Europe without the informed consent of the individuals involved. I’m no legal scholar but it’s hard for me to understand how this can be reconciled with the intent of GDPR.

Next I want to talk about online ad fraud. While there are certainly fraudulent activities aimed at consumers online, when we speak of ad fraud we are generally generally speaking about fraud perpetrated on advertisers.

The total amount of money spent by online advertisers worldwide is reported to be about $400 billion. Ad fraud is probably costing marketers tens of billions annually.

In its simplest form, ad fraud is a type of crime in which criminals steal money from businesses. The businesses think they are buying advertising, but they are actually buying nothing.

While there are dozens of types of ad fraud, much ad fraud falls into one of three buckets— fraudulent audiences, fraudulent websites, or fraudulent clicks.

The way fraudsters take advantage of the vulnerability of the system is often by creating fake websites, fake audiences, and fake clicks. Criminals use software strings, called bots, to produce fake audiences and fake clicks. According to web security company Barracuda Networks, there is more traffic on the web from malignant bots than there is from human beings.

I am grossly simplifying the types of ad fraud here because in many cases you need to be a computer scientist or a software engineer to understand how these criminals corrupt the system.

Exploiting the online advertising system is apparently remarkably simple. According to Hewlett Packard Enterprises, ad fraud has both the highest potential for profitability and the lowest barrier to entry of any form of online criminal activity.

Nobody knows the exact extent of ad fraud, but several credible organizations estimate worldwide ad fraud in the range of $60 to $80 billion.

Juniper Research has estimated it at $68 billion.

Ad Age magazine estimated it at 20% of online ad spending - about $80 billion today.

The Association of National Advertisers in the U.S. estimated it variously at $81 billion and $120 billion.

Professor Roberto Cavazos, economist at the University of Baltimore who studied business fraud for over 30 years said, “ … the level of ad fraud is now staggering. The digital advertising sector has … higher fraud rates than multi-trillion-dollar sectors.”

Dr. Augustine Fou, an expert in online ad fraud, calculated that just one detected instance of fraud called “Fireball” could generate 30 billion fraudulent ad impressions a minute. He said, “ … fraud on such a massive scale is beyond belief.”

The World Federation of Advertisers has asserted that by 2025 ad fraud could become the second largest source of criminal income in the world, after drug trafficking.

Once again, there is a connection between ad fraud and tracking. According to experts, most of the fraud occurs in what is called programmatic advertising. Programmatic advertising is advertising bought and sold by computers.

According to a report by the Incorporated Society of British Advertisers 80% of the websites participating in the programmatic ecosystem are quote “not premium.” Not premium is a nice British way of saying crap. And where does the programmatic ecosystem compile the data that it uses to feed these “not premium” websites? From tracking.

You might ask yourself, so if marketers are foolish enough to allow themselves to be cheated like this, why should we care? I think the answer is frightening. No one knows where all this stolen money is going. It is possible that it may be funding the activities of organized crime around the world. It is possible that it may also be falling into the hands of governments hostile to our democratic principles who are using it to undermine governments that this Parliament represents.

Think about it. If you were a bad guy and you could easily steal billions of dollars with very little chance of being caught and virtually no consequences even if you were caught, why wouldn’t you?

The advertising industry was tremendously successful for many decades finding appropriate targets for TV, radio, newspaper and magazine advertisers before tracking came along. But the online ad industry claims that tracking is an essential part of their business model and without tracking, their business model would fall apart.

I find this hard to believe. It is the equivalent of saying that online advertising is such a weak force that the only way it can survive is if it is allowed to spy on the public. It is hard to take this argument seriously coming from some of the most profitable corporations the world has ever known.

As I said at the beginning, advertising is necessary for the continued operation of the free web. But tracking is not.

The problem is not advertising. The problem is tracking.

The problems that tracking have created are of a scale enormously greater than any benefit tracking may claim to provide.

I firmly believe that we can continue to have online advertising that is profitable to media companies and successful for online advertisers of all sizes without the perilous consequences of tracking.

I think we have a very simple but important question in front of us. Is protecting the dangerous practices of the adtech industry more important than protecting the privacy rights of citizens and the integrity of democratic institutions? I hope not.

Thank you very much for listening.

A video of the event at the EU Parliament should be available online within the next week. I will post a link to it when it's live.

The following night I participated in a lively event in Amsterdam presented by a cultural organization called de Balie which produces a robust lecture series on topical subjects. This event was broadcast via the web and if a video of it is made available I will post a link.

* * *

I was hugely energized by the number of people I met on this trip who are serious about taking action to protect our freedom and reform the dangerous and corrupt adtech industry. I am hoping to be able to announce some actions in this regard soon. It's clear to me that Europe is way ahead of the US in recognizing the perils of continuing along the path we are on.

* * *

I would like to acknowledge some of the people who made the trip a great pleasure for me: Paul Tang, Member of the European Parliament; Arie Oosthoek; Tim Van Lieshout; Dr Johnny Ryan; Paul Albers; Isabel Sheridan; Laila Frank.

* * *

Next week I will write about my conclusions from this experience and why, despite the best efforts of intelligent and dedicated officials, the adtech industry keeps winning, and also about the "leaky roof" problem and the confusion over "targeted advertising."

And While We're On The Subject...

For those who don't know, "Privacy for America" is a despicable and cynically named lobbying cabal made up of the ANA, the 4As, the IAB and other lapdogs of the adtech industry whose only distinguishable activity is to oppose privacy for America.

They have fought every serious attempt to rein in the excesses of the adtech monoliths. They are now at it again. Knowing that the US congress is a pathetic clown show unable to agree on where the mens' room is, they are opposing the FTC's examination of data privacy abuse, claiming that it should be "a matter left to the democratically accountable legislative branch." In other words, it is a matter better left undone. Read about it here.

.Bob Hoffman is the author of ADSCAM: How Online Advertising Gave Birth to One of History's Greatest Frauds, and Became a Threat to Democracy