Older blog entries for dmarti (starting at number 561)

Optimal privacy protection?

Good paper from Henk Kox, Bas Straathof, and Gijsbert Zwart at the CPB in the Netherlands: Targeted advertising, platform competition and privacy (via Frederik Borgesius)

We find that more targeting increases competition and reduces the websites' profits, but yet in equilibrium websites choose maximum targeting as they cannot credibly commit to low targeting. [emphasis added] A privacy protection policy can be beneficial for both consumers and websites.

Read the whole thing. Good explanation of why high-value content sites are participating in ad targeting systems.

If websites could coordinate on targeting, proposition 1 suggests that they might want to agree to keep targeting to a minimum. However, we next show that individually, websites win by increasing the accuracy of targeting over that of their competitors, so that in the non- cooperative equilibrium, maximal targeting results.

But I don't buy the conclusion that web sites are forced to get creepier and creepier, and less and less profitable, in the absence of certain privacy regulations.

The missing piece here—and I know it makes the model much more complicated—is that on the real web, the "consumers" are actually people who can switch browsers or install privacy tools to adjust the level at which they are targeted.

And the web sites have more options than just "target more" or "target less". For example, another move that's available to a site is to encourage the use of anti-tracking technology. As a webmaster, you could identify the users of privacy tools and offer them some kind of bonus content, such as single-page views of long paginated articles, full interview transcripts, or a forum for submitting questions to ask in upcoming interviews. You don't have to wait for regulators to pull you out of the death spiral of creepy.

Syndicated 2014-07-07 13:34:04 from Don Marti

The Internet is Temptation Island.

I'm still trying to unpack and interpret some of the "privacy is dead" claims.

Remember the TV show "Temptation Island"? It's all about inducing people to violate a norm.

On the Internet, you're always on the island. Behavioral marketing people, gamifiers, and growth hackers are inducing you to violate your civility, thrift, diligence, and privacy norms everywhere, all the time.

"Privacy is dead," in many cases, is short for, "Marketing can circumvent the norms-enforcing, long-term-thinking side of the user's brain, to reach the mindless-clicking, short-term-gratification-seeking side of the user's brain."

Betsy Haibel writes, in The Fantasy and Abuse of the Manipulable User,

“Banner blindness” - the phenomenon in which users become subtly accustomed to the visual noise of web ads, and begin to tune them out - is a semiconscious filtering mechanism which reduces but does not eliminate the cognitive load of sorting signal from noise. Deceptive linking practices are intended to combat banner-blindness and increase exposures to advertising material. In doing so, they sharply increase the cognitive effort required to navigate and extract information from websites.

If it's just one brain versus the collective manipulation power of the entire Internet industry, we're doomed. But our species has been fighting off temptations for a long time. We have those exhausting mental filters, sure, and if we work on it we can build temptation-resisting habits. But in the long run we build other tools.

In effect, we learn how to stay off the island in the first place. On the Internet, the biggest example of how to help our brains is email spam filters, but web ad blockers are catching up. The interesting trend is that the old-school general blockers are being joined by Disconnect and Privacy Badger—tools that specifically address targeting, not just ads in general. If we stay off "social" sites as much as possible, the available protection from manipulation that follows us across sites is looking pretty good.

The biggest problem with targeted ads, of course, is that they don't pay their way in exchange of information. An ad that's targeted to the user is no better than a cold call at carrying information to me, so it's not in my interest to spend time on it. But for targeted advertising, it's dammed if you do, dammed if you don't. If it fails, it's a waste of time. If it works, it's worse, a violation of the Internet/brain barrier. Haibel again:

“Growth hacking” - traditional marketing’s aggressive, automated, and masculinely-coded baby brother - will continue to expand as a field and will continue to be cavalier-at-best with user boundaries.

But boundary-testing is not news. The boundary between self and not-self has been under attack for thousands of years. Sometimes we lose, but we survive because we can win often enough. If the brain can beat habit-forming substances and cults of personality, it can beat surveillance marketing, too.

The four lines of defense as I see them are:

• Willpower

• Habit power

• Technology

• Regulation

Listed from fastest-acting, most responsive, to slowest-acting, least responsive. When we get weary of using one, we fall back on the next one.

Oh, and how did that TV show come out? Three couples split up, one couple stuck together.. Better get your Privacy Badger on, people.

Syndicated 2014-06-29 15:47:43 from Don Marti

We marched on Google 12 years ago.

In 2002, The Mountain View, California Xenu Study Group did a small-scale Google protest. There was some issue with bogus DMCA takedowns against Scientology results in Google searches, so we organized a small group...

photo: "everybody look numerous"

We got some media coverage: Google Restores Church Links

...and Matt Cutts invited us in for a meeeting.

Eventually Google started sharing DMCA takedowns with Chilling Effects Clearinghouse to help expose that kind of thing.

Most importantly, the company protected the Google brand. They can stick with "Google’s mission is to organize the world’s information and make it universally accessible and useful." and not get stuck with "Google's mission is to organize the world’s information unless the Church of Scientology squawks about it, in which case we'll drop it like a hot rock." The company has taken a similar approach to other censorship issues too.

It wasn't the solution we wanted as protestors, but it was in the company's interest.

So that was Google in 2002. What about the Google of today?

At the Google I/O conference this week, the topic of security came up a few times. I got a flyer for a protest about lousy pay and benefits for security guards and also went to a talk on "Security at Scale at Google" by Stephan Somogyi. Looks like the video of the talk is up. Worth watching.

Today, the threat to the Google brand is that first, the company wants you to trust Google with your personal information, while at the same time the physical security of the place, well, based on how the contract firm handles it, it doesn't seem to be a priority. It's not an issue of loyalty or diligence. The problem is the cognitive load of dealing with poverty. You don't make people carry bricks and memorize random numbers while doing their jobs, because that interferes with decision making. Same with the whole extra job of "just getting by."

Google will always do two things: protect its brand and do something "googley" instead of whatever the prognosticators on the outside come up with. But I'm going to make a guess anyway. Instead of either beating down the protests (which beats down "the cloud" as collateral damage) or supporting SEIU, they're going to bring the security guards in-house.

Costs don't have to go up too much, since the company will be able to cut out the middleman, offer security guards Android development and SEO training as benefits to help with recruiting (it's all about the "learn to code" now, right?), plus put the security guards on (the thing that Google is going to do to disrupt health insurance) and charge it to R&D. SEIU will hate it, the contract security firm will hate it, but Google will come out ahead.

Again.

Syndicated 2014-06-28 15:00:07 from Don Marti

Evil

It would be good to see a little bit more "I choose to do this Evil thing" and a little bit less "this Evil thing is inevitable because of TECHNOLOGY." If you're going to Hell anyway, better to stride in as a badass than mope in like a nerd.

That's all.

Syndicated 2014-06-26 00:29:49 from Don Marti

Hey, kids! Actionable insights!

First, remember the gas pump sticker? Here's another image for you. This is a tag I found lying around:

Why do things like this even exist?

Why don't people want "RFID Amplifying Product"?

Why isn't there something like "This front pocket features RFID Amplification to share relevant personal information with brands you love!"

Anyway, look what the RSS reader dragged in. (Advertising/surveillance marketing/privacy link dump follows. If you only have time to click through to one thing, read this one from John Broughton: Disintermediation and the curious case of digital marketing – revisited.)

Rebecca J. Rosen: Study: Consumers Will Pay $5 for an App That Respects Their Privacy

Timothy B. Lee: Thousands of visitors to yahoo.com hit with malware attack, researchers say Two Internet security firms have reported that Yahoo's advertising servers have been distributing malware to hundreds of thousands of users over the last few days. The attack appears to be the work of malicious parties who have hijacked Yahoo's advertising network for their own ends.

Jason Mander: Big Data, meet Big Privacy

Cody Beck: The Circle of Junk: Traffic => Content => Advertising

Egor Homakov: Cookie Bomb or let's break the Internet.

Google Public Policy Blog: Busting Bad Advertising Practices — 2013 Year in Review

Tim Peterson: Consumers Becoming Less Trusting of Google, Warier of Facebook, Twitter

BOB HOFFMAN: The Slow Painful Collapse Of The Social Media Fantasy

joebsf: Ad-Tech Valuation: Color by Numbers

iMedia Connection: All Feed: The future of third-party cookies

Salon.com: In defense of militant anti-Google protests

MediaPost | Data and Targeting Insider: Fake Clicks To Cost Marketers $11.6 Billion

Chris Heilmann: Why “just use Adblock” should never be a professional answer <q?>Creators of original content are not the ones who make the most money with it; instead it is the ones who put it in “this kid did one weird trick, the result will amaze you” headlined posts with lots of ads and social media sharing buttons. This is killing the web. We allowed the most important invention for publishing since the printing press brought literacy to the masses to become a glossy lifestyle magazine that spies on its readers.

Michael Schrage: Big Data’s Dangerous New Era of Discrimination

Chester Wisniewski: Misleading advertisements lead to hijacked browser settings

glyn moody: Interview: Eben Moglen - "surveillance becomes the hidden service wrapped inside everything"

mitchell: Content, Ads, Caution

eaon pritchard: I'll see you in the sewer

Dare Obasanjo: How Facebook Knows What You Looked at on Amazon

Lucia Moses: New Report Says How Much Advertising Is Going to Piracy Sites

Barry Levine: The average piracy site makes $4.4M each year on ads from Amazon, Lego, etc.

BOB HOFFMAN: The Epic Screwing Of Online Advertisers

Bill Davidow: Redlining for the 21st Century (via O'Reilly Radar - Insight, analysis, and research about emerging technologies) Businesses would like customers to believe that they use big data only to add value to the consumer experience. But the behavior of many businesses demonstrates a deep interest in customer control.

Tim O'Reilly: The Creep Factor: How to Think About Big Data and Privacy

Home - CBSNews.com: The Data Brokers: Selling your personal information (via Blog of Rights: Official Blog of the American Civil Liberties Union)

Glyn Moody: What Happens When You Marry The NSA's Surveillance Database With Amazon's Personalized Marketing?

Jack Marshall: Fraudulent traffic: adventures in ad farming

lioninasidecar: Disintermediation and the curious case of digital marketing – revisited The whole issue of disintermediation is one of the key phenomena of the internet age, yet for some reason digital advertising seems to have missed out. In fact, somewhat perversely, digital advertising has instead managed to go in entirely the other direction, filling up with a whole new class of mediators, the adtech companies.

The Tech Block: A ‘crisis’ in online ads: One-third of traffic is bogus

Alex Kantrowitz: Digital Ad Fraud Is Rampant. Here's Why So Little Has Been Done About It

Bruce Schneier: Don’t Listen to Google and Facebook: The Public-Private Surveillance Partnership Is Still Going Strong

Dillon Reisman: Cookies that give you away: The surveillance implications of web tracking

Barry Lowenthal: Mobile is hitting the nuclear reset button The startups I spoke with believe there are better ways to make money in mobile than advertising. I think this is very telling and worrisome for all the people reading this piece: Advertising on mobile devices is still broken.

BOB HOFFMAN: My Talk At "Advertising Week Europe"

Jonathan Levitt: In-Store Cell Phone Tracking Pits Consumers Against Retailers Industry research shows that consumers overwhelmingly reject cell phone tracking. In a recent OpinionLab study of 1,042 consumers, 77.0% said that in-store cell phone tracking was unacceptable, and 81.0% said that they didn't trust retailers to keep their data private and secure.

Elizabeth Dwoskin: Student Data Company to Shut Down Over Privacy Concerns

zephoria: New White House Report on Big Data

George LeVines: 1p – As domestic abuse goes digital, shelters turn to Tor Today, many abuse cases contain at least one digital facet because abuse is about power and control and most victims are using some form of technology...

Shoshanna Zuboff: Dark Google will earn its money by knowing, manipulating, controlling reality and cutting it into the tiniest pieces.

DoctorBeet: LG Disables Smart TV features in the EU to force users to accept new oppressive Privacy policy

Kif Leswing: Not all ad blockers are the same. Here’s why the EFF’s Privacy Badger is different

Tim Bray: Pervasive Monitoring Is an Attack I think it was very important, for the continued relevance and usefulness of the IETF, that it, in this case, rise above its own naysayers, bring to bear a mix of idealism, suspicion, and paranoia, and do what is right for the actual people who use the Internet.

Stacey Higginbotham: AT&T’s GigaPower plans turn privacy into a luxury that few would choose

BOB HOFFMAN: Ad Industry Is The Web's Lapdog

frederic: Privacy evaluation: what empirical research on users’ valuation of personal data tells us Most of the consumers whose privacy was fully protected did not considered $2 as a price high enough to sell their future purchasing data, while nine out of ten of the not protected individuals estimated $2 as a too high price to buy protection for future purchase data.The results of the experiment therefore suggest that when consumers feel that their privacy is protected, they might value it much more than when they feel their data has already been, or may be, revealed.

Neal Ungerleider: On The Russian Black Market, Prices Are Dropping For Your Personal Data

Adam Tanner: For Sale: Lists Of Men Who Take Viagra

MediaPost | Online Media Daily: FTC Says Web Sites Should Inform Consumers About Data Brokers, Allow Opt-Outs

BOB HOFFMAN: The Soon-To-Be-Legendary 45-Day Cheese Tweet (via Ad Aged)

VINDU GOEL: California Urges Websites to Disclose Online Tracking

David Ulevitch, Founder/CEO of OpenDNS: No more ads There’s also the elephant in the room: ads and security don’t mix. It’s clear to us that they are fundamentally incompatible. Text ads and banners alike, they’re all vectors for the spread of malware. We’re a security company first, trusted and relied on by Fortune 100 organizations to protect their people, data and networks. Anything that weakens our security offering by introducing vulnerabilities is a conflict. As we’ve become more and more of a security company, it was clear ads couldn’t stay.

Kate Crawford: The Anxieties of Big Data (via Freedom to Tinker) In other words, they use the concept of normcore to gesture toward something much more ambiguous and interesting. I think it captures precisely this moment of mass surveillance meeting mass consumerism. It reflects the dispersed anxiety of a populace that wishes nothing more than to shed its own subjectivity.

Reid: Bot traffic is not just a nuisance: Major brands are wasting more than half their budget

Alex Kantrowitz: Here's How Bots Scam Advertisers By Pretending to Be Human

kb: Find and kick Google Glass users off of a network (via prosthetic knowledge)

Dan Goodin: They’re ba-ack: Browser-sniffing ghosts return to haunt Chrome, IE, Firefox (via LWN.net)

Esther Dyson: The Private Sector’s Privacy Puzzle

Elizabeth Smythe: Online ads 'accepted as a feature of free content delivery', survey finds

Aaron Parecki / Articles: iOS 8 Wi-Fi Changes - A Privacy Win? Or iBeacon Lock-in?

CloudClinc: The Baycloud Privacy and Data Protection Blog: Is the Dutch DPA investigation of YD the beginning of the end for "AdChoices”?

jjerome: Interest Based Ads and More Transparency

AdExchanger: Fraud And Programmatic RTB: Perverse Incentives

PCMag.com Breaking News: Microsoft Promises Not to Scan Accounts for Targeted Ads

Ars Staff: Why online tracking is getting creepier

Kashmir Hill: Facebook Will Use Your Browsing and Apps History For Ads (Despite Saying It Wouldn’t 3 Years Ago)

Derek Thompson: A Dangerous Question: Does Internet Advertising Work at All?

(Still here? You did read that John Broughton essay, Disintermediation and the curious case of digital marketing – revisited, right?)

Syndicated 2014-06-14 18:55:08 from Don Marti

QoTD: Dustin Kirkland

If I could do what Elon Musk did with Tesla's patent portfolio, you have my word, I absolutely would. However, while my name is listed as the "inventor" on four dozen patents, all of them are "assigned" to IBM (or Lenovo). That is to say, they're not mine to give, or open up.
What I can do, is speak up, and formally apologize. I'm sorry I filed software patents. A lot of them. I have no intention on ever doing so again. The system desperately needs a complete overhaul. Both the technology and business worlds are healthier, better, more innovative environment without software patents.

—Dustin Kirkland

Syndicated 2014-06-13 13:51:02 from Don Marti

Adtech fraud: you can't cheat an honest man

More news from the world of online ad fraud. Florida-Based Ad Fraudsters Skim Millions From Advertisers, Then Disappear: Some of the globe's most recognizable brands—including Oreo, GlaxoSmithKline, Burger King and Sprint—were bilked out of millions of dollars by a Florida company that used fake websites to skim from the ad-tech ecosystem.

Naturally, the industry's response to fraud is to turn up the creepy. (adtech, privacy, fraud control: pick two). Remember how they always used to say ad tracking was anonymous? Well, not so much any more. Ari Jacoby, CEO of Solve Media, writes, Fortunately, a new trend has emerged where users are ‘logged in’ to sites through existing social media accounts like Facebook or Google+. Publishers who also utilize the log-ins are then able to link the user to a logged in account, verifying humanity. In addition, social log-ins give advertisers access to a bevy of information about consumers and allow them to serve targeted ads.

Making adtech creepier makes it less vulnerable to fraud, but only by compromising privacy.

But where does adtech fraud come from in the first place? Unfortunately, the fraud we see, in examples like the Florida story, is just the mushroom on top of the fraud fungus that is inherent in the fundamental value proposition of adtech.

There has long been an understanding of reciprocity between advertisers, publishers, and the audience. Advertisers get some attention from the audience, and in exchange, they pay publishers to hire people to write articles, take photos, and all that good stuff.

If you read a collection of short stories, you're probably reading work that was originally paid for out of some company's ad budget.

Adtech is enabling advertisers to break the deal. Instead of paying for content in order to reach a user, the advertisers pay the surveillance marketing industry to track users onto increasingly skeevier, cheaper sites, and show the ads there. (And incidentally, instead of paying an ad agency 15%, they're paying 55-75% to adtech intermediaries.) As they say on the Internet, What could possibly go wrong? (Of course, not every ad impression ends up on a bottom-feeder sites, but the original sites have to lower their ad rates to compete.)

So this post is a longer way of explaining that thing I posted on Twitter yesterday. Privacy tech such as Privacy Badger can help fight fraud in a publisher-friendly way, but only by squeezing out the third-party tracking that powers adtech in the first place.

More: adtech, privacy, fraud control: pick two?

Syndicated 2014-06-12 12:52:09 from Don Marti

Leaving money on the table

It's that time again. The latest Internet Trends Report, from Mary Meeker at Kleiner Perkins Caufield and Byers, is out.

The question I always have about this report, year after year, is: why does print advertising bring in so much money compared to the online kind?

The 2011 numbers in the 2012 version have print at 7% of time spent and 25% of ad spending.

For 2012, print has 6% of the time and 23% of the money.

As of 2013, print is 5% of the time and 19% of the money.

The amount of time that people spend on print is declining, but print advertising is consistently more valuable per user minute than web and mobile advertising.

Why?

Maybe John Battelle has part of the answer.

Using programmatic tools, a media buyer can identify almost any audience segment they want with pinpoint precision – down to the exact cookie or data segment that matches a customer target. And for various reasons, including price, those audience members are targeted mainly on who they are, independently of what they are doing. Put another way, we buy audiences, but we aren’t buying the show they’re watching – we’re ignoring where that impression is served.

This is nuts.

It's not just context. An ad medium that requires ads to be attached to content, not targeted to the user, carries a signal that a user-targeted ad can't. (more on that) Direct mail, telemarketing, junk faxes, email spam, and user-targeted web ads can't perform the role that a print ad can. Richard Stacy explains it best: The great thing about advertising is that no-one takes it personally. If we want "great" (and the money we're leaving on the table) we have to be able to walk away from "creepy."

Syndicated 2014-05-28 14:02:38 from Don Marti

QoTD: Eben Moglen

The difficulty is that we have not only our good and patriotic fellow citizens to deal with, for whom an election is a sufficient remedy, but we have also an immense structure of private surveillance that has come into existence. This structure has every right to exist in a free market, but is now creating ecological disaster from which governments alone have benefited.

—Eben Moglen

Syndicated 2014-05-27 15:30:20 from Don Marti

Conventional wisdom on privacy

Just wondering if there are some alternate explanations for the things that "everyone knows" about privacy.

Users are unwilling to pay for privacy technology, therefore users don't want privacy.

Users weren't willing to pay for the anti-telemarketer products offered before Do Not Call, either, and that program got 72% of US residents to sign up.

Norms are not necessarily expressed in terms of willingness to pay. If I ask you to turn your loud music down, it's because I believe the costs of coming into compliance with a norm should be on the transgressor. (This is a place where Homo economicus and Homo sapiens are different.)

Users always pick convenience or entertainment features over privacy features.

Home users didn't express interest in stable desktop OSs before Windows XP and Mac OS X came along to give them fewer crashes but with the ability to keep their existing applications. Today, users complain about privacy problems in the same way that they used to complain about "blue screens" (MS-Windows) or "bombs" (Mac OS). They're inevitable. What the machine does is annoying but that's just what machines do, right?

Today, it would be difficult to sell a computer as unstable as the ones sold to the home market in the 1990s. User expectations have changed.

Most advertising people are not Evil, therefore users don't need privacy from advertising.

Most companies that use email don't send spam, but that doesn't mean a user doesn't need a spam filter.

If you count heads, most advertisers are non-Evil. But more user interactions with new advertisers involve the Evil ones, because they burn through more lists as users catch on to them. (It's similar to the problem of hiring the top 1% of job applicants.)

Einbinder Flypaper from the Bob and Ray Show had the motto, The brand you've gradually grown to trust over the course of three generations. There are some trusted companies with which a user will choose to share information, but most contacts will be new and unknown.

Today's surveillance marketing is creepy because it's in an "uncanny valley." Making it creepier will make users finally like it.

The term uncanny valley comes from the visual arts. We know that a photo-realistic face is not uncanny, because we can watch people's reactions to existing photographs. We know that cartoonish renderings are not uncanny because we can watch people's reactions to existing cartoons.

But we don't have an example of extremely targeted advertising that people are comfortable with. What we do have is accidental random cases where an ad appears to be highly targeted and it creeps people the hell out.

Users can't beat the NSA or PLA, therefore privacy is pointless.

Surveillance marketing has negative externalities, mostly in the form of identity theft, stalking and other crime risks that the surveillance marketing industry imposes on users.

Mass-market advertising has positive externalities, in the form of valuable content that is later usable outside the ad-supported context. (I'm still reading Kurt Vonnegut stories that some Collier's advertiser paid for in the 1950s.)

So any privacy technology that tends to move ad spend from creepy to mass-market is a win for the users, even if it's not effective against extremely competent adversaries.

Syndicated 2014-05-24 12:16:15 from Don Marti