You rarely hear a word more from big tech companies like Apple, Facebook, and Google than from “privacy” these days. For ad blocker and privacy-focused browser vendor Ghostery, what they mean when they say privacy is not what you mean when you use that word.
Jean-Paul Schmitz, CEO of Ghostery told me recently at TechFirst Podcast.
“But obviously, I think privacy has to be defined from the user’s perspective, right… that’s the only perspective that really matters.”
For example, Apple’s App Tracking Transparency defines privacy as that companies don’t share the data they’ve collected about you with other companies without your permission…not companies that collect data about you, period. Google’s neglect of the often-delayed third-party cookie (delayed again recently) will prevent cross-site tracking, which is good for privacy, but doesn’t hurt Google at all because Google has a first-party relationship with you. Facebook’s more detailed privacy settings define the finer details that (along with Facebook) can see everything about you, but they don’t protect you from the big social network that gives it absolutely everything.
So even with all the talking and talking and talking… we are still naked in the dark on the web, at least as far as our personal data and digital behavior are concerned.
“Some data points are leaked roughly every 750 times a day in Americans, and Europeans… 360 times a day,” Schmitz says.
In other words, this big, burdensome legislative behemoth, GDPR, which has forced more mouse clicks (to accept or decline cookies) than any other law in history, has only succeeded in halving European data privacy exposure.
The interesting thing, according to Schmetz, is that all this aggregate data, done in the name of making ads more relevant and effective, doesn’t actually get its job done.
“I don’t think we have much to lose in advertising or in machine learning if people collect data in a way that doesn’t automatically compromise the lives of their users,” Schmitz says. “It’s really possible to do it. We’ve proven it many times, you know, academically, etc. It’s doable. It’s not done because there is no reason to do it. Neither the users nor the governments nor anyone else is actually pushing in that direction. “.
There is evidence that publishers, specifically news outlets, can earn more by removing layers of ad technology targeting (each taking its share of the revenue) and simply enabling contextual ads, which do not require personal information. The Irish Civil Liberties Council, for example, cites A Norwegian news agency quadrupled contextual advertising revenue versus tracker-based advertising over 12 months, and a Dutch publisher boosted revenue 149%.
And Google’s Privacy Shield, which is still in development and not in a wide release, is actually a technology that aims to enable this, keeping targeting data on the device so that relevant ads can be shown to the right people without their data being taken, their data exposed, or compromising their their identity.
However, it’s not clear that specific small brands can use contextual targeting appropriately to reach niche audiences…even if publishers do better.
Whatever the case, Schmetz says Google is already moving to break privacy-enhancing tools by changing how extensions work in the Chrome browser.
“They have a lot of different policies, but the ones you take on anti-tracking basically tell us that you can block an order but you can’t modify it,” Schmetz says. “But if you can just block, the site doesn’t work anymore. And you can’t remove identifiers like we do in Ghostery to say like, ‘Look, the web is working like it should, it’s just that your IDs don’t arrive.'”
Translation: The Ghostery extension for Chrome cannot modify the data out of the browser that would give the website your personal information. The extension can only block it, which means that the website you want to use will not work.
Understandably, Google has concerns: an extension that can read and modify the data your browser sends and receives could, in the wrong hands, be a great tool for withdrawing money from banks or draining cryptocurrency from users’ wallets.
However, Schmitz has a point:
“The fact of the matter is that Google has become a browsing monopoly, because you know Edge also uses Chromium as a base,” he says. “Firefox isn’t as powerful as it used to be and it gets all of its revenue from Google. Google felt it could now squeeze the plugins system.”
This is something Europe’s new digital markets law might address, given that Google holds power in multiple areas: search, email, browsers, and more. DMA can force abstraction, and this presents a potential challenge for Google over the next few years. Apple is not immune: by owning the iPhone, iOS, and the App Store, it controls what happens on its platform and who has access to it.
Big tech in general – Facebook, Amazon, Microsoft as well as Google and Apple – may have similar problems, much of it down to data.
Data is a great thing, Schmitz says, but it has its challenges.
“The data sets that are being built are somewhat the nuclear waste of the 21st century, right? Like… Nuclear is great, but it has a waste problem, the web and machine learning are great, but there is a waste of all that data collected and it shouldn’t be really exist.”