Older blog entries for dmarti (starting at number 620)

News sites and the tracking game

Here's a screenshot of a recent story from The Nation. Click to see full size and check out the purple bar on the right.

Yes, Ghostery detects 54 trackers on a story about web tracking. Isn't that special?

But that's not the point.

First, go back to that story and read the whole thing. If your direct experience of adtech comes from inside Marketing, from the artisan-cheeseburger-eating point of view, you're not seeing the ads that the rest of the world sees. Not only do a lot of adtech and malware look the same to users, many of the real ads are deceptive. The ad blocking problem makes more sense when you see some of the actual hinky ads out there that are motivating people to block.

Second, The Nation is rational to let those 54 trackers raid its audience. Really, even though data leakage is a bigger problem for high-quality sites than ad blocking.

Henk Kox, Bas Straathof, and Gijsbert Zwart, at the CPB in the Netherlands, explain, in Targeted advertising, platform competition and privacy.

We find that more targeting increases competition and reduces the websites' profits, but yet in equilibrium websites choose maximum targeting as they cannot credibly commit to low targeting. [emphasis added] A privacy protection policy can be beneficial for both consumers and websites.

High-value content sites are participating in ad targeting systems, even though it would be in their interest to work more like the magazine business.

If websites could coordinate on targeting, proposition 1 suggests that they might want to agree to keep targeting to a minimum. However, we next show that individually, websites win by increasing the accuracy of targeting over that of their competitors, so that in the non- cooperative equilibrium, maximal targeting results.

An individual site can't become trustworthy in an untrustworthy medium.

So what can The Nation, or any other publisher in the same situation, do about the tracking problem? Regulation might work in the Netherlands, but in the USA, it would just be subject to regulatory capture by surveillance marketers. Sites need a workable fix, a way to turn users' state of creeped-out-itude into action.

Sites can help users get protected

That's where tracking alerts come in. A high-reputation site such as The Nation can help move users from more to less trackable without interfering with existing third-party services.

Helping users get started with tracking protection is one or two lines of JavaScript. Easier than adding a social button. Cut, paste, save Journalism, and still have time for that artisan cheeseburger.

Syndicated 2015-06-02 04:36:26 from Don Marti

Hey, kids, let's play Adtech or Malware!

It's time to play "Adtech or Malware?"

For each of the following Fair Use news excerpts, can you figure out if it's from a story on recently discovered malware, or from a story on a new advertising technology? Answers at the end.

1

If "a person with a smartphone takes the metro, a/an (Adtech or malware?) application" uses accelerometer readings to trace the person, to infer where the (victim/consumer) gets on and off the train. They said that "metro trains run on tracks, making their motion patterns distinguishable from cars or buses running on ordinary roads."

2

It detects your actual address and uses it to scrape and gather all the data associated with where you live. The application is so powerful, say (adtech developers or malware researchers?) that it can know when you’re at home or away.

3

Once users enable the macro content, it creates a VBScript, a batch file and other files around the version of Windows victims are running, (security researcher or adtech analyst?) said. The files then download the (ad or malware?) payload and a “statistics image” from a public picture-hosting service. The (malware writer or ad agency?) can then see how many times the image was downloaded.

4

This looks like a real site (except for those weird empty scrollbar windows; not sure what's up with those...). It has very professional text content, not the normal randomly-scraped junk that often populates sites being used for Search Engine Poisoning attacks -- and that's because this network isn't doing SEP.

Scroll down for answers...

 

 

 

 

 

 

 

 

Answers

1: malware

2: adtech

3: malware

4: heck if I know.

How did you do?

3-4 right: I salute your mad skillz. You are truly among the 31337. Just don't hack my site....please?

1-2 right: You're on the right track. Better take a quick tracking protection test just to help protect yourself from this stuff.

0 right: Shouldn't you be working on your Medium piece about how Big Data is transforming Marketing?

Syndicated 2015-05-27 01:57:36 from Don Marti

Bonus links and a point of order

Interested in the Targeted Advertising Considered Harmful material, and looking for next steps for making web ads work better for sites and brands? Sure you are.

New blog in progress: blog.aloodo.org. This is about small changes that site and brands can do to get better web ads. A few simple rules...

  • No calls for collective action. That's what the adtech people are trying to do on fraud, and it's not working.

  • No long-term projects. The "backlog" never gets done. Web sites have to work at the speed of git push, not the speed of cheese tweets. Every to-do item on blog.aloodo.com will be as simple as adding a social button widget to a page template, or simpler.

  • No appeals to privacy. Privacy is an important philosophical concept, which reasonable people disagree on, and which we do not have time for. We can fix obvious bugs without discovering the meaning of a complicated word.

  • No assumptions that users are changing. We ignore surveillance marketing people when they say that Consumers want to connect and share with their beloved brands, and we need to ignore Users are becoming concerned about PII and autonomy just as much.

  • Work with norms and laws, don't change them. The niche for brogrammers doing creepy and/or illegal stuff in order to do a business is filled. More than filled.

Anyway, feed. Blog.

Bonus links

Timothy B Lee: How to be better at PR

Mark Duffy: Copyranter: Digital is destroying all creativity

BOB HOFFMAN: Agencies Cheating Clients, Says Former Mediacom CEO. No Shit, Says Me.

Tales of a Developer Advocate: Detecting injected content from third-parties on your site

Francis: The advert wars

Darren Herman: Mozilla’s mission in the context of digital advertising

jm: Epsilon Interactive breach the Fukushima of the Email Industry (CAUCE)

Warc: Brands still look to print

Kurt Wagner: Snapchat’s Discover Publishers Are Asking for Big Ad Rates — And They’re Getting Them

Sell! Sell!: Building Real Brands: The Difference Between Building A House, And Painting A Picture Of A House.

Monica Chew: How do I turn on Tracking Protection? Let me count the ways.

Evan Soltas: The Rent Hypothesis

Sell! Sell!: Advertising Is Losing Maverick Thinking - What's The Solution?

Alexandra Bruell: Media-Agency Kickbacks. Yes, They're Real. (via The Ad Contrarian)

Jeff Kagan: Google Glass Should Stay Gone

Samuel Gibbs: Facebook 'tracks all visitors, breaching EU law'

djbriane: Meerkat Vs Periscope: Tech journalist is a sickly mess | BGR

Bruce Schneier: Survey of Americans' Privacy Habits Post-Snowden

Monica Chew: Two Short Stories about Tracking Protection

Joseph Lichterman: The Economist’s Tom Standage on digital strategy and the limits of a model based on advertising

Mike Proulx: There Is No More Social Media -- Just Advertising

Maciej Zawadziński, ClearCode: How the U.N.’s new privacy move will shake up the adtech industry

BOB HOFFMAN: How Do You Untrain A Generation?

Todd Garland: Context is Everything: How to Counter AdBlock

Jason Kint: Debunked: Five Excuses for Dismissing Do Not Track

Adotas: Proximity Networking: Can You Buy Me Now?

Adotas: Celtra offers “Programmatic Creative” for brands and agencies to better target customers

Alex Kantrowitz: Brands Are Swiftly Taking Automated Digital Ad Buying Operations In-House

Digg Top Stories: How Click Farms Have Inflated Social Media Currency

Mona Patel: When Big Data Becomes More Valuable Than Your Products/Services

Ed: Whys and Hows of Suggested Tiles

JWZ: Wherein I ridicule Facebook some more, then collaborate with the Panopticon

Media Briefing TheMediaBriefing Analysis: Who are the fraudsters costing the ad industry billions? (via blog.aloodo.org)

Jordan Weissmann: One of Today's Pulitzer Prize Winners Left Journalism Because It Couldn't Pay His Rent. Now He's in PR. (via Digiday)

Freddie: the supervillain’s guide to saving the internet

Garett Sloane: Here's How Europe Is Stifling the Ad Business for Google, Facebook and Others (via Technology & Marketing Law Blog) (via Technology & Marketing Law Blog)

Gregory Raifman: How the Advertising Industry Can Get Rid of 'Bad Ads'

MediaPost | MediaDailyNews: Google Names Ad Networks Responsible For Ad Injectors

Google Security PR: New Research: The Ad Injection Economy

Don Marti: Why adtech fraud would make the worst heist movie ever (had to put one from the new blog in here, right?)

Syndicated 2015-05-10 15:07:31 from Don Marti

Why ad blockers don't have to do content marketing

From the Condé Nast "User Agreement & Privacy Policy" page:

The use of Tracking Technologies by third parties is subject to their own privacy policies, not this Privacy Policy, and we have no responsibility or liability in connection therewith. If you do not want the services that Tracking Technologies provide, you may be able to opt-out by visiting http://www.aboutads.info.

Sounds like checking into a hotel and getting this...

Feeding by third-party insects in guest rooms is subject to their own policies, and we have no responsibility or liability in connection therewith. If you wish to opt out of feeding by third party insects, here is the card of a really lousy exterminator we know, who only gets some of them but that's your problem.

Ad blockers don't have to do content marketing, because publishers are doing it for them.

But there's a way for publishers to opt out of the whole tracking vs. blocking race to the bottom, and neither surveillance marketers nor conventional ad blockers have it. More: Ad blocking, bullshit and a point of order

Syndicated 2015-04-19 13:49:00 from Don Marti

The end of Please Turn Off Your Ad Blocker

More news from the ongoing malvertising outbreak.

These aren't skeevy ads on low-reputation pirate sites. These attacks are coming in on big-budget sites such as AOL's Huffington Post, and included in fake ads for real brands such as Hugo Boss. They're using A-list adtech companies. Read the articles. Nasty stuff. The ongoing web ad fraud problem is hitting users now, not just advertisers.

So far the response from the ad networks has been a few whacks at the problem accounts. So I can make the safest kind of prediction: someone made money doing something not very risky, not much has changed, so they'll do it again and others will copy them. Want to bet against me?

Users already trust web ads less than any other ad medium. Malvertising takes a form of advertising that's a bad deal for the user and makes it worse. (If sewer rats are coming out of the commode, users are going to put a brick on the lid. If the rats have rabies, make that two bricks.)

The more malvertising that comes along, the more that the "please turn off your ad blocker" message on web sites is going to look not just silly, but irresponsible or just plain scary. "Turn off your ad blocker" sounds like the web version of "If you can't open lottery-winner-wire-transfer.zip, turn off your antivirus."

Time to rewrite the "turn off your ad blocker" messages and talk about a sensible alternative. Instead of running a general ad blocker (and encouraging the "acceptable ads" racket) or running entirely unprotected, the hard part is just starting: how to educate users about third-party content protection that works for everyone: users, sites, and responsible advertisers.

Bonus links

Sherwin Siy: IP Rights Aren’t a License to Kill Devices (And No, Fine Print Doesn’t Make It OK)

Planet Debian: Joey Hess: a programmable alarm clock using systemd

Calvin Spealman: The Curl Pipe

@feedly: Why we retired the feedly URL shortener

James Gingell: Where Did Soul-Sucking Office-Speak Come From?

Glyn Moody: China Turns From 'Pirate' Nation To Giant Patent Troll

Joe Wein: Disclaimers by spammers

SMBlog -- Steve Bellovin's Blog: If it Doesn't Exist, it Can't be Abused

phobos: Partnering with Mozilla

Eryn Paul: Why Germans Work Fewer Hours But Produce More: A Study In Culture

The Tech Block: The tech worker shortage doesn’t really exist

Heidi Moore: The readers we can’t friend

Lary Wallace: Why Stoicism is one of the best mind-hacks ever devised

Steven Sinofsky: Why Remote Engineering Is So Difficult!?#@%

SysAdmin1138: Application firewalls for your phone

Syndicated 2015-04-18 14:57:06 from Don Marti

It's not about freedom

Doc Searls writes:

We hold as self-evident that personal agency and independence matter utterly, that free customers are more valuable than captive ones, that personal data belongs more to persons themselves than to those gathering it, that conscious signaling of intent by individuals is more valuable than the inferential kind that can only be guessed at, that spying on people when they don’t know about it or like it is wrong, and so on.

I'm going to agree with Doc that these are all good and important principles.

But then I'm going to totally ignore them.

Yes, it is "self-evident" that it's important to behave as a decent human being in online interactions, and in marketing projects. (Complexity dilutes understanding of a system but not moral responsibility for participating in a system. Just because you don't understand how your marketing budget gets diverted to fraud does not mean that you aren't ultimately responsible when you end up funding malware and scams.) Thinking about user rights is important. 30 years ago, Richard Stallman released the GNU Manifesto, which got people thinking about the ethical aspects of software licensing, and we need that kind of work about information in markets, too.

But that's not what I'm on about here. Targeted Advertising Considered Harmful is just background reading for a marketing meeting. And I've been to enough marketing meetings to know that, no matter how rat-holed and digressed the discussion gets, Freedom is never on the agenda.

So I'm going to totally ignore the Freedom side of discussing the targeted ad problem. You don't have to worry about some marketing person clicking through to this site and saying, WTF is this freedom woo-woo? It's all pure, unadulterated, 100% marketing-meeting-compatible business material, with some impressive-looking citations to Economics papers to give it some class.

Big Data proponents like to talk about "co-creating value," so let's apply that expression to advertising. The advertiser offers signal, and the reader offers attention. The value is in the exchange. Here's the point that we need to pick up on, and the point that ad blocker stats are shoving in our face until we get it. When one side's ability to offer value goes away—when a targeted ad ceases to carry signal and becomes just a windshield flyer—there's no incentive for the other side to participate in the exchange. Freedom or no freedom. Homo economicus himself would run a spam filter, or hang up on a cold call, or block targeted ads.

The big problem for web sites now is to get users onto a publisher-friendly tracking protection tool that facilitates advertising's exchange of value for value, before web advertising turns into a mess of crappy targeted ads vs. general filters, the way email spam has.

Syndicated 2015-03-30 14:33:29 from Don Marti

QoTD: Julie Fleischer

Kraft is reinventing marketing around data, infrastructure and content to be more informed, addressable, personal and meaningful. We have invested significant resources in building a proprietary data platform that allows us to know, serve and engage our consumers uniquely and at scale. We have trained our marketers on data literacy and reshaped our agency relationships to capitalize on our infrastructure and the opportunities that exist in today's media landscape to act with agility and purpose. We're creating new capabilities in content creation so that we can tell personal stories and launch experiences that attract and delight our next generation of consumers.

Julie Fleischer

My macaroni and cheese has an awesome surveillance bunker, which fills me with delight.

—nobody, ever

Syndicated 2015-03-08 18:37:20 from Don Marti

Digital dimes in St. Louis

From Jason Kint at Digital Content Next, here's all the third-party web tracking that comes with browsing the St. Louis Post-Dispatch web site.

Read the whole thing. (via Darren Herman, on Twitter)

So, not much of a surprise, people don't trust web ads, because creepy tracking. Kint writes,

This problem is only getting worse and the consumer tools that counter it are getting less effective and more and more damaging to those who respect the consumer’s right to understand when and why their activities are being tracked. Transparency and providing the consumer with adequate control over their online privacy are vital—not harmful—to businesses that are built on a solid foundation of trust.

But he's only got part of the solution. Transparency is unworkable. How can regular people read every privacy policy for the third-party trackers they run into, when nobody at the St. Louis Post-Dispatch seems to be able to read the privacy policies for the trackers the paper uses on its own site? Here's what the Post-Dispatch site has to say about their third-party ads:

These companies may employ cookies and clear GIFs to measure advertising effectiveness. Any information that these third parties collect via cookies and clear GIFs is generally not personally identifiable.... We encourage you to read these businesses' privacy policies if you should have any concerns about how they will care for your personal information.

In other words, "third party tracking? That's a thing on the Internet now. We have no idea what's going on with it, so you're on your own." No wonder, as Kint points out, Online advertising is trusted less than any other form of advertising.

The result of all this tracking isn't just wigged-out users and ever-increasing ad blocker installs. The real problem for newspaper sites is data leakage. All those trackers that Kint points out are busily digesting the paper's audience like flies on potato salad, breaking the readership down into database records, and feeding the "print dollars to digital dimes" problem by breaking signaling.

When it comes to data leakage, publishers aren't bringing a knife to a gun fight, they're bringing a white paper about a knife to a gun fight. Terry Heaton, in “Local” is Losing to Outsiders: In 2015, [non-local] independent companies will account for nearly three-fourths of all digital advertising, elbowing out local-media competitors who have tried for two decades to use their existing sales forces to also sell digital advertising. Why is it that when a St. Louis business wants to advertise to a St. Louis newspaper reader, three-quarters of the money goes to intermediaries in New York and Palo Alto?

The problem, though, isn't so much that the adtech firms are taking 3/4 of the advertising pie, it's that they're making the pie smaller than it could be, by building the least trustworthy form of advertising since email spam.

So how do we keep the local papers, the people who are doing the hard nation-protecting work of Journalism, going? Kint says the "consumer tools" are getting worse, and if you're just looking at the best-known ad blocker, I'd have to agree. The "acceptable ads" racket doesn't address the tracking problems that matter. Meanwhile, it's not practical to browse the web with no protection at all, because who's going to read all those "transparent" explanations of exactly how some company you've never heard of sells some information you didn't know you were revealing?

Fortunately, though, we have publisher-friendly alternatives to ad blocking such as Tracking Protection on Firefox, the Disconnect extension, and Microsoft's Tracking Protection Lists. Instead of focusing on the two bad alternatives: unaccountable tracking or misdirected ad blocking, why not focus on the tracking protection that works?

Don't worry, interesting stuff remains to be done. To start with, hey, where are all the ads on stltoday.com? Just because I want to get protected from creepy tracking doesn't mean I'm against advertising in general. I like to look at the ads in local papers when I'm going there, because it gives me a sense of business in the town. (The New York Times is showing me Saks Fifth Avenue ads, and I have tracking protection on.) St. Louis, please, make your newspaper site work with tracking protection, and show me some ads.

Syndicated 2015-03-03 03:39:32 from Don Marti

Personal data, politics, and an opportunity

Charles Stross, in A different cluetrain:

"Our mechanisms for democratic power transfer date to the 18th century. They are inherently slower to respond to change than the internet and our contemporary news media."

Bruce Schneier, on Ars Technica:

"Facebook could easily tilt a close election by selectively manipulating what posts its users see. Google might do something similar with its search results."

The bias doesn't have to be deliberate, though. Eric Raymond posted an example on Google Plus.

G+ may be engaging in non-viewpoint-neutral censorship of news articles relating to firearms.

Turned out that there was a bug in how Google Plus interacted with the CMS on a pro-Second-Amendment site. Not a deliberate political conspiracy, but software is full of bugs, especially when independently developed projects interact. When bugs affecting some political content are quietly fixed faster than bugs affecting others, it's not a sneaky conspiracy. It's just the natural result of programmers and early adopters choosing to test with less of the content that isn't a "cultural fit". Software developers have political views, and those views tend to escape into their software, and affect the software's users.

Google and Facebook don't have to decide to manipulate elections. Manipulation is an emergent property of networked software development. On the Planet of Classical Economics, Facebook and Google would sell their user-manipulating power to the highest bidder. But here isn't there. In the USA, the Data Party (mostly for mental extraction, mostly "blue") has the mainstream Internet businesses, and the Carbon Party (mostly for resource extraction, mostly "red") doesn't.

Which is the same problem that Roger Ailes had for TV in 1970, and we know how he ended up solving that one.

Today, is somebody on the Carbon Party side doing for their "SJW in our people's pockets" problem what Ailes did for their "liberal in our people's living rooms" problem? Yes, a Data Party has a head start over a Carbon Party in a race to build a mobile platform, but plenty of "red state" people can code, write checks, and place orders from the countries that still know how to make things.

Are we going to get two parallel user-tracking industries in the USA, the same way we have two factions in broadcast and cable media? And will each one offer tools to protect users from the other? I might buy a Koch-o-Phone just to watch the OS and the inevitable PLA spyware fight over my Facebook timeline.

Syndicated 2015-02-28 15:45:52 from Don Marti

Ad blocking, bullshit and a point of order

(Bob Hoffman says that the B word in a post title is good for more traffic so let's try it.)

Alex Kantrowitz for Advertising Age: Publishers Watch Closely as Adoption of Ad Blocking Tech Grows.

Adblock Plus, for instance, recently surpassed 300 million installs, according to spokesman Mark Addison, who said it stood at 200 million roughly a year ago. Mozilla has seen more than 200,000 downloads of Adblock Plus nearly every day since Sept. 1. Mr. Addison attributed the extension's popularity primarily to the fact that it is now available on every browser.

Lots of stuff is "available on every browser" but sank without a splash. There must be something more going on.

No One Should Be Outed By an Ad: Marc Groman of the Network Advertising Initiative points out that

A young man or (woman) searches on his computer in the privacy of his home for information about sexual orientation or coming out as gay. Hours or days later, he receives ads for gay-related products or services while surfing on totally unrelated websites. Maybe this happens while at school, in the office or when sharing his computer with family members. Recent developments in cross-device tracking mean that ads for gay events or venues could surface not only on his home computer where he originally searched for the information, but on his work laptop or tablet. In addition, the ads could even be displayed on his parents’ computers, which could unknowingly be linked to his PC because they appear to be part of the same household.

According to Groman, "nearly 100 of the most responsible companies in online advertising today" won't do this.

But as for the remaining, less scrupulous adtech firms, the take-away is: better get your ad blocker on.

Brian Merchant on Motherboard:

72 percent of US internet users look up health-related information online. But an astonishing number of the pages we visit to learn about private health concerns—confidentially, we assume—are tracking our queries, sending the sensitive data to third party corporations, even shipping the information directly to the same brokers who monitor our credit scores.

What could possibly go wrong?

That's just a couple of targeted advertising stories from the past week. And the IAB is worried that ad blockers are a thing? That's like crapping on the sidewalk and complaining about people wearing rubber boots.

"Online advertising" is turning into a subset of "creepy scary stuff on the Internet." Advertising done right can be a way to pay for things that people want to read, but it's not working.

So why do publishers put up with this? Why not just run only first-party ads? It's a long story, but basically because other publishers do.

If websites could coordinate on targeting, proposition 1 suggests that they might want to agree to keep targeting to a minimum. However, we next show that individually, websites win by increasing the accuracy of targeting over that of their competitors, so that in the non- cooperative equilibrium, maximal targeting results.

So the gamesmanship of it all means that publishers end up in a spiral of crap.

Ad blocking isn't helping. The AdBlock Plus "acceptable ads" racket will pass ads that are superficially less annoying, but still have fundamental tracking problems. It's "acceptable" to split a long article into multiple annoying pages to put ads at top and bottom, but not to put ads within the flow of a modern long-scrolling article. "Acceptable ads" requires 1990s-vintage design and avoids fixing the real problems.

Fortunately, there's a solution that works for users and for publishers. Tracking protection is a safe, publisher-friendly alternative to ad blocking. Blocks the creepy stuff, to help publishers, without dictating design or interfering with quality ads.

  • Tracking Protection on Firefox filters out tracking, while letting quality ads through. There's no "acceptable" program to join, and no limits on design.

  • Disconnect is a browser extension to protect users from the "web of invisible trackers."

Tracking protection helps publishers solve the big problem, the problem that the IAB doesn't want to talk about. Data leakage.

The prime "bovine-fertilizer-based information solution" here is all the verbiage about trying to break out the ad blocking problem from the ad fraud problem from the "print dollars to digital dimes" problem. It's all connected. Shovel through it all and you get something like:

  • Adtech as we know it is based on data leakage.

  • Ad blocking, along with adtech fraud, is a side-effect of the data leakage problem.

  • In the short term, data leakage is bad for publishers and good for adtech.

Having meetings to express grave concern about ad blocking isn't the answer, any more than having meetings to express grave concern about ad fraud is the answer.

Arguing about how to clean the carpet while the sewer pipe is still broken is not the answer.

Getting more users onto tracking protection, as an alternative to ad blocking? A way to fix data leakage at the source? For publishers, that's a good step toward the answer.

Point of order: I'm now avoiding the word "privacy" except in a direct quotation or a "Privacy Policy" document.

If I say it again, it's $1 in the jar for the EFF.

Terms to try to use instead:

  • tracking protection

  • data leakage

  • brand safety

Privacy is a big hairy problem, like the "freedom" in "free software." Plenty of people are philosophizing about it. But working with the web every day, the fixes that need to happen are not in the philosophy department, but in plugging the leaks that enable dysfunctional ads and building the systems to enable better ones.

Syndicated 2015-02-26 14:44:08 from Don Marti

611 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!