This article looks very interesting, but it's full of jargon from the ad industry that makes it somewhat opaque to me. What I have an interest in is, what will this do to the stock market on Tuesday?
Also, I find it interesting and confusing that the site puts up a panel on the privacy policy, which says "By using our site, you agree to these terms". But then it has an "Accept" button, as well as an "X". So (not that this site is unique) what does it mean if I don't click Accept (as is my wont)?
This keeps coming up and people keep saying that's the way it is, but Belgium's biggest newspapers just GDPR-walled their websites. You can't read the paper unless you agree to data gathering, cookie setting and tailored advertising. Maybe what they're doing is against the rules. Maybe their interpration is different. I don't know, but it is what it is.
I'm not so concerned with one newspaper's interpretation of the law or the risk in not following it, what I'm more worried about is that I can't find a word about it in the law. The relevant clause is supposed to be article 7.4 I think:
> 4. When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia, the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary for the performance of that contract.
So they have to sit in contemplation for a few hours before going right ahead with collecting data that is not functionally required? Utmost care was taken...
> 4. When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia, the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary for the performance of that contract.
It seems like the interesting question here would be what happens if the thing conditional on consent isn't the provision of service but rather something like waiving payment of a fee.
The reason this hasn't been offered historically is economic. There aren't enough people willing to pay to justify the effort, and the people who are willing to pay are also the best advertising targets, which means the fee would have to be high enough that hardly anyone would choose it.
But what happens now if they put a box on the site that says "pay $75 for this article or consent to be tracked and get it for free"?
EDIT: Am I really being downvoted for requesting a citation to a claim that seems to have no apparent/straight-forward basis in the law? What has this site became?
In most countries, regulators are given broad authority to issue supplementary rules, explaining exactly what's required or forbidden to comply with the original law. The goal is that people who know a lot about data privacy, rather than random EU representatives, can figure out the specifics.
The basic argument as I understand it is that products paid for by advertising and tracking require you to accept advertising and tracking in order to obtain them. In other words, you are explicitly agreeing to purchase the product in exchange for your privacy / attention. This argument will be settled in the courts. If it holds up, GDPR won't affect privacy much because I don't think most people will opt for privacy over convenience. If the courts rule against this reasoning, we'll see the rise of micropayments on the web.
I thought that was literally what the law was supposed to prevent. That is: viewers should not even be allowed to agree to data collection that is only used for tracking and not for the actual business.
A newspaper might argue that their business is tracking users so they can show ads and afford journalists, but it won’t hold up.
Of course sites will rather try to pull a stunt like this if the option is shutting down your business directly - but I sure hope regulators force sites to turn to paid content or shut down.
> A newspaper might argue that their business is tracking users so they can show ads and afford journalists, but it won’t hold up.
I think it will hold up. Newspapers are a big factor in European the courts would not risk anything against them. Especially not if they might loose a big chunk of revenue.
It’s certainly going to be a battle. Allowing “ad-walls” like agree in order to see content they are making GDPR pointless. The law text seems pretty clear on that I think.
Q is what will actually happen if the law is interpreted the way I want/think?
Newspapers are doing quite poorly already.
They can always show the same ads as in the print edition, which are targeted to the demographic based on the content instead of targeted to a person based on their browsing history. It may not even be the case that they have less ad revenue.
> Allowing “ad-walls” like agree in order to see content they are making GDPR pointless.
Not at all: on the surface, it's the difference between "give me a dollar for a bar of candy" and "here, have a free bar of candy (and I'll help myself to a dollar (or two))".
Beneath the surface, it means that the ad-financed newspaper will have to aggregate their PII in-house (or with the help of carefully vetted partners) into targeting decisions instead of blindly throwing it over a wall to random third parties.
There's a difference, but the principle behind the GDPR is that "personal information cannot be conceived as a mere economic asset", and both those versions violate it.
You can't put forth accumulation as a legitimate use of data, as in "it might help our eventual value when the company is sold, therefore we sleep it all up" and neither would "we hand over the data, we get money, therefore it's our business" fly, but using PII in-house for running ads in a "registered, but not paying" service tier has all the trappings of legitimate interest.
Things like this don't really have a "point" until the courts give it one. And I think the courts are going to give serious consideration to the viability of the press.
The press is viable using ads, just not ads that are targeted by spying on people and selling their information. In the long run it also might be the only thing that reduces use of outright ad-blockers, which could kill industries.
But ads are not viable unless they are driven by information about the audience - down to the individual. However, I am also an advocate of returning to the "sponsorship" model - old-fashion ads, if you will. No tracking there - the sponsor just knows approx audience size and demographics.
But ads are not viable unless they are driven by information about the audience - down to the individual.
Oh totally! That’s why ads have never been a thing until the internet, and why there have never been print ads, television ads, and ads on the radio. No individual data, no ads, it all adds up.
I didn't say "ads have never been a thing". I'm saying they are no longer viable. Sort of like horse-draw buggies were no longer viable after the arrival of the automobile.
If you’re going to claim that targeted ads are that kind of improvement over the alternative, you should present some evidence of their relative efficacy. From what I’ve seen, unless you rely solely on marketing claims, you won’t find it because the improvement is marginal at best.
If I block JS, and the way they've implemented means that the site is readable and usable despite me never seeing or opting in, are they in violation, or is it on me for 'tampering' or whatever?
AFAIK, it's on them. They can't track you without explicit consent, and they can't force you to consent to improper tracking in order to use the service. By improper I mean something that's not literally required for the service to function; a newsletter obviously needs to know email addresses to work since that's the core operation of the service.
What is "the service"? Why can't personalized ads be part of my service? I can how selling personal data isn't part to the service, but the ad content displayed to a user is.
If you're a newspaper for example, personalized ads isn't part of your service which is to present news. So you can't make presenting the news conditional on accepting ad tracking.
You're free to have ad tracking as long as it is optional and by explicit consent only.
It means that when you set yourself the task of undermining someone's comment its easier to find the gotchas in a process, than when just doing it casually.
"Intelligence" in snark-validating environments like this means "successful oneupsmanship", and quotient means "upvotes".
...and a “pay up or get tracked" model (vs "consent or no business") will go a long way for counting as not forced.
But "pay and agree to get tracked, or else your payment will get you nothing", that would be a surefire way to get in trouble.
Also unconsentable would be a carte blanche for passing on the data to undisclosed third parties for unrestricted use and redistribution. This is where many existing revenue models will still have to adapt and where a lot of bad actors will dwindle or shift from grey to deep, actionable black.
giving every random game root access on my machine is what killed PC gaming for me.
I could play and encounter the ocasional cheatet. great f... deal. to this day I still play wii mario kart with some friends and there is still some loser spamming bombs all over the maps because nintendo screwed up (I wouldn't mind games havin root access to a console). we simply couldn't care less. yeah everyone will lose to the loser and switch servers asap, but we still had a good time.
while on the PC every crap you install from steam (which already have root access, expose network ports for who knows what, etc) will also install with root access for what? so people can't cheat on solitaire2000 mmo? I gladly would like all that crap software to run securely in a sandbox and find the ocasional cheater that I will lose to and then proceed to ignore.
heck a blocking list would be better than every single anti cheat code.
I don't even know where I am going with this rant. giving up your entire computer to every crap game is dumb. period.
The commenter specifically complained about giving root access to games, which is a pretty insane idea, security-wise. If anticheating techniques really require root access, then people that care about competitive gaming should have an option to consider this trade-off and turn the anticheating pieces on if they think this has a better reward/risk ratio than not giving root access to a game. It definitely shouldn't be on by default and unconfigurable, though.
> If anticheating techniques really require root access, then people that care about competitive gaming should have an option to consider this trade-off and turn the anticheating pieces on if they think this has a better reward/risk ratio than not giving root access to a game.
In CounterStrike (Global Offensive) this is already the case. The official Valve anticheat is not as intrusive as the anticheat provided by external services like Esea or Faceit. If you choose to use such service they basicly take your system apart. It turns out that in order to get good results this is needed.
I think you underestimate the impact massive cheating can have on a game. Even casual players will leave games that have cheaters in every other lobby.
There was a piece of news lately about a gaming company tracking users and exfiltrating data about their web use to catch pirates. I'm afraid I don't have a link handy.
Tho back then I missed their spin how they are supposedly only targeting "that one specific cracker", they must have come up with that a bit later because on their Reddit they mostly tried to argue "it's only affecting pirates".
I don't know about Tuesday, but you should have been shorting any company that derives a significant percentage of their revenue from the EU ad market for the last several months. Online ad revenue from the EU will fall and never rise again, it's just a matter of exactly how much. The only thing that might change this is if there is such a public outcry about the negative effects of GDPR that it gets dialed back. But that seems like a longshot.
> the general public over there seems to have drunk the Kool Aid
Seriously? Comparing privacy regulations with blithely following a cult leader into mass suicide? Aside from a few emails asking for permission to keep sending newsletters and announcing new privacy policies being mildly annoying, most EU citizens just gained a few basic rights without any significant downsides.
HN feels like a cult. If you raise even the tiniest objection or critique against GDPR you get downvoted into oblivion. I've never seen so much one-sided hate and bullying on here.
For me it's very clear that while GDPR has many good things, it ís disasterous to some companies, which I really don't like and question myself whether it's worth it.
Really? HN is the only website I frequent where there is any significant opposition to the GDPR. All social media I frequent, all general-interested news sites I read are universally happy about a crackdown on ads and personal data selling. They joke about the deluge of privacy policy updates, but the jokes definitely make fun of the companies and not of the law.
Think it has anything to do with the HN crowd consisting disproportionately of the tiny minority of the workforce who make a living out of exactly the kind of behavior the GDPR wants to restrain?
I've been on this website for many years, and have been following the privacy topic for more than a decade.
I never had the feeling in the past that HN visitors were especially pro-privacy. There were a few notable exceptions, but many more were the entrepreneur/hustler, "I don't care" or the "let the market sort it out" types.
In the past 1-2 years I guess there were several data leaks and privacy-related scandals and more and more people have had enough of these Monday to Friday advertisers on this Monday to Friday plane (of existance).
Hate would not be a wrong word to describe the feelings those people have towards the advertising industry.
That’s a fact. Net neutrality, GDPR, socialism — disagree with any of these and you’re an outcast here. It seems like “unintended consequences” is not something that many people seem to care about or understand. It’s like listening to freshman dorm-room pseudointellectual pontification at 1 am.
It slows down the innovation in a small subset of leeches which were taking advantage of new technology to abuse the citizens and residents of the EU. Cry me a river.
> Sounds awfully cultish, and it also happens to be wrong.
GDPR is a piece of human rights legislation. For entirely sensible historical reasons, Europeans are acutely sensitive to issues of privacy. Many of them were born and raised in totalitarian regimes and learned painful lessons about the dangers of mass surveillance.
By passing the GDPR, the European Parliament said in no uncertain terms "if you can't run a business without infringing the rights of our citizens, we don't want you to do business in our Union". The citizens of that union are supportive of the decision taken by their democratically elected representatives.
As a note - this is only one interpretation of the situation. In my opinion, if the privacy policy of a website is clear, then using their service and having one's collected data used as stated is not infringing on anyone's rights.
Most users aren't tech savvy enough to block tracking technologies and don't have the legal knowledge to actually understand byzantine privacy policies written in deliberately confusing legalese. It's not obvious that the presence of a "like" button, an ad unit or a hidden pixel means that you're being tracked by a third party. None of us have the time to actually read and understand the privacy policies of every single website we visit. The old "by visiting your website, you agree to our terms and conditions" doesn't actually give users any choice in the matter - you're being tracked before you've actually had the chance to read the policy. Opt-ins without opt-outs create a ratchet effect of ever-diminishing privacy, especially when those opt-ins include overly-broad third-party permissions.
GDPR doesn't stop you from creating a service that's a massive invasion of privacy, but you've got to ask permission first in plain language and allow people to change their minds later. If it turns out that users aren't willing to give that permission and revoke permissions that they have previously granted, it vindicates one of the basic arguments for GDPR - users wanted privacy, but they weren't being offered the opportunity to make a free and informed decision.
Consent must be informed in all cases. If a user does not know the privacy policy of your website while using it, it is not informed consent. How do you make sure that the user is aware of the privacy policy while using the website?
Are you talking about cookie tracking? Most websites show their privacy policy or provide a link when you sign up, before one provides any personal information. Either way, nearly all websites have a privacy policy in their footer which can be read before continuing.
That's not just emotive language, it's insulting and degrading. The GDPR is a multi-party, supranational, democratically legitimized regulation. Also, I haven't seen a single PR campaign about the GDPR, and I'm from "over there". The grandparent is not arguing objectively nor purely based on facts.
Huh? It’s not meant to be insulting, nor could I find any reference in any culture in which it would be considered an insult. It simply means that all of you from the EU seem to say the same things about GDPR - that it’s wonderful, has no downsides, that our new self-declared privacy overlords will be kind and benevolent, etc. It’s like there is one person behind all of your accounts, and that person is a big fan of it. That’s why I used the non-derogatory term “party line”.
"Party line" implies that it's a position everyone's obliged to take as part of being a party member, rather than something freely and independently reached.
And I suspect the main driver for GDPR cheering is that nothing else has been done about so many other privacy incidents. We can look back on HN and find such things as the massive Equifax leak (the next one of those is going to be interesting!) and the smart TVs that exfiltrate a list of all files on any media inserted.
That is in turn called a strawman. And there are many different opinions in the EU regarding the GDPR. I think HN users are non-representative of the general public since they tend to be a lot more concerned about privacy issues - and that no just the users from the EU. But in general, the EU does seem overall more positive towards regulation of business than Americans.
This is some high-strung rhetoric. And claiming GDPR outlaws machine learning is just FUD. ML performed on personal data collected without the user's consent is illegal - but so is doing anything with illegally obtained data. ML is not the issue here, and ML has many other applications besides stealth user profiling.
"So why is interpreting the GDPR as placing a ban on ML so misleading?
Because there are significant exceptions to the prohibition on the autonomous use of ML—meaning that “prohibition” is way too strong of a word. Once the GDPR goes into effect, data scientists should expect most applications of ML to be achievable—just with a compliance burden they won’t be able to ignore.
Now, a bit more detail on the exceptions to the prohibition.
The regulation identifies three areas where the use of autonomous decisions is legal: where the processing is necessary for contractual reasons, where it’s separately authorized by another law, or when the data subject has explicitly consented.
In practice, it’s that last basis—when a data subject has explicitly allowed their data to be used by a model—that’s likely to be a common way around this prohibition. Managing user consent is not easy. Users can consent to many different types of data processing, and they can also withdraw that consent at anytime, meaning that consent management needs to be granular (allowing many different forms of consent), dynamic (allowing consent to be withdrawn), and user friendly enough that data subjects are actually empowered to understand how their data is being used and to assert control over that use.
So, does the GDPR really prohibit the use of ML models? Not completely - but it will, in many of ML’s most powerful use cases, make the deployment and management of these models and their input data increasingly difficult."
I did read your comment. You claimed "outlaws most machine learning applications". That is a pretty far cry from "makes it harder to get training data".
Huh? It contains a blanket ban on most forms of machine learning. There is a way around that ban, in the form of special authorization, but the ban exists nonetheless.
You're conflating "machine learning" with "machine learning based on data you hoovered up indiscriminately from non-consenting third parties".
Want to use machine learning to analyze stock price movements? For self-driving cars? You're fine.
For an example, looking at kaggle's page of open competitions, only 2 of 19 use datasets that I suspect would run into consent issues (predicting home credit default risk, and predicting demand for classified ads).
I'm starting to think you are not arguing in good faith. This is like saying a ban on using illegally obtained private photos is "a blanket ban on most photos".
There was already european privacy legislation which was just as strict, and companies like google and facebook already had been fined under those laws (though not to the degree that GDPR allows). What GDPR does is harmonize this kind of legislation across europe. You can argue that it is now easier for startups to build a product that targets the european market, since there is only a single set of rules to follow.
Can you point to the specific bit of GDPR that outlaws machine learning?
Here's a whole article on the subject [1] and HN discussion thread [2] . Any machine learning application that utilizes automated decision making - which is the entire point of machine learning - is forbidden under the GDPR. This can be overcome with explicit consent for that specific application of ML, but getting that in most circumstances will be a low percentage shot.
There are no additional risks imposed by GDPR; all of those risks already exist in other privacy directives.
Fines of up to 20 million EUR are a significant and new risk.
>Any machine learning application that utilizes automated decision making - which is the entire point of machine learning - is forbidden under the GDPR.
Not true. Article 22 allows automated decision making if it is contractually necessary, is authorised by law or is based on explicit consent.
Many use-cases for machine learning do not constitute automated decision making within the meaning of Article 22, because they do not produce "legal effects concerning him or her or similarly significantly affects him or her". Using ML to recommend a product or enhance a photo is perfectly permissible without any special safeguards. Most ML models based on personal data are effectively anonymous in line with Recital 26, so are not considered to be personal data.
If you're using ML in a way that respects the rights of users, GDPR is not a significant obstacle.
”The GDPR, as a matter of law, does contain a blanket prohibition on the use of automated decision-making, so long as that decision-making occurs without human intervention and produces significant effects on data subjects. Importantly, the GDPR itself applies to all uses of EU data that could potentially identify a data subject—which, in any data science program using large volumes of data, means that the GDPR will apply to almost all activities (as study after study has illustrated the ability to identify individuals given enough data).”
That stuff is completely ridiculous. If your news aggregator ran a ML-based application to filter out science-related articles so as to keep out click-bait, bogus articles, you'll be able to continue running it without any problem. It doesn't even have anything to do with GDPR.
Ah, yes, if what your ML application does is suck user data on one end and produce "useful" information on the other end, then you will have a hard time explaining users why you need to collect all that data and why you need to hold it in storage for as long as you do. Because, indeed, you don't really know how that data is processed, nor how long do you really need to keep it. (This is very much an oversimplification though; many ML-based things don't necessarily fall under the rule about automated decision-based making)
Both are pieces of information that should be essential to making an informed decision about whether or not to allow private data to be collected. If you can't provide it, you need a better business plan. I'm really sorry that your founder won't be able to buy that new yacht this summer but it's hardly my problem -- and it does nothing to stiffle ML progress.
In fact, if anything, it'll be beneficial to society if some smart people give up doing ML to show ads and go someplace where they can apply ML to something useful.
Can you point out some examples of machine learning usages where: (a) they are clearly beneficial for the users; (b) it wasn't forbidden before; and (c) it is very hard to get user's consent for them.
I'm going to point out some counter-examples:
- One of the first machine learning stories around was movie recommendation. Under GDPR, when you click the "Recommended for me" link in your typical movie recommender, they now have to show you a page that says something on the lines of:
> UberRecommender needs to automatically process your previous ratings/view history/whatever data to make you good recommendations. We will find users with similar taste to yours, recommend movies they have liked to you and vice-versa. Click on "I agree" to continue, or "I don't agree" to disable this functionality for your account (you may change this preference later on in your settings page).
It doesn't seem too difficult to get people to click that "I agree" button, does it?
- Machine learning applied to medical diagnosis/early detection/etc. This usage was already heavily regulated (at least in the EU). So much that I'm pretty sure the GDPR does not change anything in that space.
The existing fines in the UK of upto £500,000 are a significant risk, but don't seem to have had much impact on start ups. It should also be reassuring to see that the maximum fine of £500,000 has never been applied.
A company really has to do terrible things to data to come anywhere near the €20m maximum fine.
So in your opinion the only way to not slow down innovation, is to missuse peoples private data by ad-companies which don't even produce anything valuable?
I looked at that and noticed a quote I feel is salient:
"The GDPR isn't vastly different to the old Data Protection Directive, which has been in force since 1997. The panic over GDPR suggests that a lot of companies had simply been ignoring the DPD. If a bit of bullying is required to get businesses to obey the law, then so be it." (https://news.ycombinator.com/item?id=17149581)
This rings true to me. I do have a strong suspicion, as an American who's worked for an American multi-national at a low level, that people have been ignoring the existing requirements for dealing with EU data properly. For years.
The flip side of all the wailing about heavy handed regulation is that business people will not obey something that isn't enforced. And then feel it is some sort of natural right to go on that way.
Yup, GDPR is pretty much harmonizing data protection laws across the EU. Much of the stuff that's in GDPR had already existed on a national level for quite a while in some EU countries, like France and Germany, but got mostly ignored by multi-nationals.
That's why the EU made these laws a big EU thing, so they are in a better position to actually enforce this stuff on multi-nationals.
> The flip side of all the wailing about heavy handed regulation is that business people will not obey something that isn't enforced. And then feel it is some sort of natural right to go on that way.
Business people aren't special - this is true of all people. Consider the wailing that would occur if police actually enforced speed limits.
forever slow down the pace of innovation in your country
On the contrary, since we’ll be wasting so much less time than countries still addicted to the attention economy, we’ll run rings around them in terms of productivity
You can always cancel any human-oriented law and get even more progress. Look where most of the [inhuman] progress was done: wars, henocide, communism. s: Imagine how many downsides we could experience by preventing big wars and ideologies of last century, oh my /s. Personally I’m glad that at least EU citizens can state where them lines should be drawn.
Wait, Communism as in "a socioeconomic order structured upon the common ownership of the means of production and the absence of social classes, money and the state."? Or did you mean Stalinism?
GDPR will have some negative effects, but why is lowering online ad revenue (if that is what will happen) one of them? What I mean is, why is that a negative effect for the whole society, not an industry?
Stopping a war has the negative effect of having to manufacture less war supplies, but the overall effect tends to be positive.
> why is lowering online ad revenue [a negative effect]?
It may not do that in the long term. Total spend for online advertising is probably a relatively stable figure.
In the short term it will likely have, at least from where I stand, a net positive effect. Now that industrial-grade stalking is finally illegal, companies whose sole business model was based on it will suffer. Possibly collapse. Well boohoo, cry me a river.
If and when large enough portion of the target market may no longer be stalked, the advertisers will have to come up with new (or rediscover old), non-intrusive ways to target their audience. The value of intent- and context-based audience segmentation might just go up again.
But how do you know which ads, and on which sites, ended up working the best? How about generating per-impression [bonus] codes? You don't need to stalk your potential customers if they willingly submit opaque and non-trackable information that allows you to trace the ad campaigns. GDPR does allow incentivisation, after all.
How exactly will higher quality news publishers pay for their existence? Most people are conditioned to not pay for it. So where does the money come from?
> How exactly will higher quality news publishers pay for their existence? Most people are conditioned to not pay for it. So where does the money come from?
I can't find the link where I read this, but targeted ads tend to be detrimental for high-quality publications. Targeted ad peddlers are mercenary. If they want to target a high-quality site's audience, they'll run just enough ads to profile them, then target that audience on cheaper, lower-quality sites which that they also frequent.
tl;dr: Targeted ads and tracking mean advertisers have the technology to shaft high-quality sites in favor of cheaper, lower quality ones.
The idea is that small publishers go out of business and further media consolidation occurs. Those remaining can force personalized ad compliance by virtue of their reputation and limited choices left.
> The idea is that small publishers go out of business and further media consolidation occurs. Those remaining can force personalized ad compliance by virtue of their reputation and limited choices left.
This is by far the most likely result. Why run an ecommerce store when you can rely on Amazon or eBay to shoulder the costs and risk?
GDPR will cause further consolidation, and ironically the companies people are forced to use will have everyone opt-out of the GDPR law by spamming them constantly with "opt-in" links until they click the "stop spamming me" button and the situation is exactly the same as it was yesterday, but with less competition.
> Those remaining can force personalized ad compliance by virtue of their reputation
Hm? I don't see this happening. Under GDPR you have to offer the same service 'without detriment' if the user does not want personalized ads. Most people would pick this option as long as it is clear to do so. I don't think reputation makes much of a difference. As far as I can tell, they could become paid subscriptions more likely.
The high quality news will be gladly paid for, while there will be far less clickbait sites as the ads revenues will drop. We will have less garbage on the internet and this is actually great, on the other side, the real journalism (not news like how to enlarge your penis) will hopefully come back into spotlite.
The issue with paying for journalism is that quality journalism is spread out over many, many publishers on the web. I can't afford to pay for subscriptions to dozens of quality news sources. Until micro-payments or, more likely, a multi-publisher, subscription-based model is available, I would not be interested in moving to a payments based system.
Ironically, the most effective micro-payment or subscription-based system will probably come from Google or Facebook in the end.
I agree micro-payments are likely to be Google/Facebook/Apple driven. The EU has been pushing for a mandatory "link tax" that may help fund some news organizations. That'll force more media consolidation though.
I wouldn't be so sure. It's not just you that has to pay for the news and other websites, it's your entire family. Would your grandma pay for it? Would you pay for this for your children?
GDPR will have some negative effects, but why is lowering online ad revenue (if that is what will happen) one of them?
It's simple math. The ad industry has gotten so large because complex ad targeting tools made it possible to deploy ad campaigns profitably. With those tools extremely watered down due to GDPR, most ads that were profitable on May 24th are not profitable today. Most companies will not sustain these losses for long, and will simply shift their ad spend to other markets where they can still make a profit.
Some brand advertisers might stick around in the EU market - Coke, Pepsi, maybe Apple, etc. But with most everyone else out of the picture, the market will shrink. It will likely never again be the size that it was on May 24th.
> will simply shift their ad spend to other markets
That's totally fine, and nothing of tangible value will be lost to society.
Some valuable innovations have happened thanks to $$ being fueled into the tech sector via adtech and privacy invasion, and those will suffer, but that's a trade me and many others are happy to make. The "value add" of privacy invasion is purely an arms race.
It's simple math. The ad industry has gotten so large because complex ad targeting tools made it possible to deploy ad campaigns profitably.
I don't think anyone really knows this for sure. Of course, Ad Tech companies will come up with some type of "metrics" to show how profitable their particular targeted ads are compared to everyone else. But I think much of the recent technical advances in ad tech are driven more from an arms race mentality - i.e. as an advertiser I feel pressured into using the latest ad targeting tech, not because it is more effective, but because my competitors are using it and I don't want to be left behind (kind of like the VC FOMO herd mentality).
Edit: Perhaps you meant profitable for the Ad Tech companies themselves and not the actual product companies purchasing the ads. In this case, I believe your statement is valid (again, not because of the effectiveness of the tech but because of FOMO).
scratching my head - that sounds to me like a positive thing. If a industry has gotten big by doing something bad (misusing private data or using slaves as workers) and a law comes along and forbids that practice than I can't see how this is something negative for the sociaty overall.
You used the slavery reference for a reason - because you consider those two things to be in the same ballpark. There are millions of other references you could have chosen. So yes, my use of the term “compare” was accurate.
No I didn't, I used it because I was looking for another bad thing for my analogy and slavery was the first bad thing which came into my mind this time. There are always millions of other and better references one could take for an analogy.
But let's look at one of the examples on the wikidiff:
> "hardware is to software as a television set is to the shows that appear on it"
Would you say that in this analogy the author compares "hardware" to "a television" and "software" to "shows that appear on a television"?
I know what an analogy is. I also know that you chose the slavery reference specifically because you wanted to equate - or compare, if you like - the two things.
I just told you that I didn't chose it to compare but to insert into my analogy, you still keep comming back with telling me that you know what I wanted to do. I'm not sure how to respond to that.
This is the kind of hyperbolic metaphor that's part of the problem. Is online ad spending a net negative for all of society, or a net positive?
It allowed millions of web sites to fund themselves and publish content for free, which enabled millions of other people, many of whom don't have a lot of money to pay for content, to access it. Many of those people would never respond to the ads, so in effect, they were subsidized by those who would respond to the ads.
I grew up poor myself in Baltimore city, I could never had afforded to pay for any online content. My parents couldn't even afford cable. We watched broadcast television only. I got all my books from public libraries or used book stores. If most of the services that exist today were behind paywalls and I were still poor, that content would be off limits to me.
On the flip side, advertising used to be incredibly wasteful for small businesses. If you're a local dress shop, bakery, or piano teacher, it was much harder for you to "target" people who were highly likely to use your services. Instead, you had to place much more generic ads in many different channels like signage, local newspaper classifieds, the yellow book, circulars, direct mail, and so on.
The more precise web based advertising is a revolution for smaller businesses to limit their costs, track campaigns, iterate and test what works, and reach customers cheaper and faster. Is your local bakery saving money and bringing in more local business, evil?
Way too much of the rhetoric on HN lately IS literally drinking the cool aid. It's people taking theoretical damage scenarios and way over-inflating them into actual harm. It's worse than the anti-vaxxers who inflate minute risks, or the anti-GMO crowd, who bridge a sledgehammer when a scalpel is needed.
The downside of making ad spending less efficient, or erecting pay walls, is going to be greater centralization of the web. Because if you need to do untargeted advertising, than the greatest efficiency comes from reaching the most number of eyeballs. If you need to get paywall subscribers, most small brands won't be able to convince people to pay $10/mo for subscribers, so this will force small publishers into the arms of large consolidators who sell subscriptions, and then dole out pennies, just like the record industry did to musicians.
So those wishing for the destruction of the ad supported web as it exists today are really, in effect, creating the unintended consequence of even bigger publishing oligarchies tomorrow, while the little guy is squeezed out by lower margins and higher costs. These regulations aren't really going to punish Google, Facebook, or the other large players very much. They'll survive. It's the mid-sized and smaller companies who will face the greater challenges.
>"Is online ad spending a net negative for all of society, or a net positive?"
I don't have a precise answer for that question. I would love to read a good analysis.
>It allowed millions of web sites to fund themselves
Not sure about that number.
> which enabled millions of other people, many of whom don't have a lot of money to pay for content, to access it. Many of those people would never respond to the ads, so in effect, they were subsidized by those who would respond to the ads.
Yes, and it also allowed centralized ad agencies (google, fb, twitter...) to gather and mine their data, to behave irresponsibly and give us the Age of Anger fueled by social and video sites extracting value from human interaction while disregarding the huge social costs of all this.
I don’t get it. If I need bakery, I search for it. In either general search engine or in local advertizing app that shows map locations and customer reviews. It’s not ‘80s anymore. I don’t need my local bakery, barbershop and meat market to pop up everywhere once I googled for steak types or haircuts. It is of no use to me; it is of use to those who want to oversell their product (which is average). Removing ads spam competition allows product competition for small products.
All the heat comes from those who want to push instead of provide. It is so obviously wrong.
> Is your local bakery saving money and bringing in more local business, evil?
Your comment accuses people who are opposed to surveillance capitalism of being "hyperbolic" "anti-vaxxers" talking about "theoretical damage" but the only scenarios you provide to argue your case come from your imagination.
"Think of the small businesses!" is not an argument for surveillance capitalism. I have worked in adtech on and off for about a decade. The first adtech company I worked for specialized in software for agencies/directories advertising on behalf of small business.
In fact most small business owners do not have the knowledge and time to effectively market using online advertising. It is very easy to spend all of a small online advertising budget without getting any results. The bigger players have much greater advantages and leverage over small businesses in Internet advertising than they did pre-Internet. In fact this enables the very centralization you hypothesize: the small business discovery space is captured by Yelp, Google's business listings, Facebook pages, etc., in a way that the Yellow Pages never matched. There is no way for a small business today to effectively compete in digital marketing with franchises and national chains.
Of the small businesses I see having success with Internet advertising today, they are also organized differently. Instead of being a traditional small business than happens to do X, they are run like Internet marketing firms that happen to market X. This is more like the TV infomercial business model.
A client of mine leases offices from WeWork. All the offices have glass walls, so you can really see everything about a business. Just from walking around the halls, I see a number of small apparel startups (no production equipment for making samples, no patterns hanging around, no supplies - just some computers for doing marketing), a home improvement gadget than 15 years ago would have been "As Seen on TV" (no actual tools around though - again, only computers for doing marketing), and a couple of fad diet meal substitute companies (I don't see them preparing their gloop in the communal kitchen...).
Literally the exact opposite of what you describe is the reality. Surveillance capitalism is driving a decline of small businesses and centralization into oligopolies.
> I got all my books from public libraries or used book stores. If most of the services that exist today were behind paywalls and I were still poor, that content would be off limits to me.
It really does not surprise me that you missed the point here too. Your first sentence contradicts your second. In fact, books from independent publishers and periodicals are available from public libraries. Public libraries also have subscriptions to digital journals and information databases. Publishing worked fine (in fact, in many ways better) before the surveillance capitalism oligopoly, and it will survive and thrive once the surveillance capitalism oligopoly is dismantled.
> but the only scenarios you provide to argue your case come from your imagination.
And in what concrete scenarios in Europe, has someone's data at say, Google, Facebook, or Amazon actually harmed them? Is it more or less than the people who had a bad reaction to a vaccination? (~1 in 1 million)
> In fact most small business owners do not have the knowledge and time to effectively market using online advertising.
True, the holy grail would be pay for customer acquisition, only pay for ads that work and convert. Which would allow businesses on the margin to precisely estimate their CA costs, and whether the LV justifies it. That is only possible with some kind of end-to-end information, from click to purchase.
>A client of mine leases offices from WeWork. All the offices have glass walls, so you can really see everything about a business.
(Small irony that you're opposite to surveillance capitalism, but as a capitalist, you used access to your client's workspace to gather intel on others :) )
When I say small business, I'm not talking about people trying to ship products, like your WeWork example, I'm talking brick-and-mortar, your local Italian eatery, or French bakery.
> Publishing worked fine (in fact, in many ways better) before the surveillance capitalism oligopoly, and it will survive and thrive once the surveillance capitalism oligopoly is dismantled.
Demonstrably false. The amount of free information I have access to at the touch of a button is exponentially greater than it was when I was growing up in the 70s and 80s. A library in the 80s didn't have "digital subscriptions", they had "subscriptions" to actual paper magazines. And libraries in poor neighborhoods don't exactly operate like a library in Manhattan or Palo Alto.
It's easy to sweep away things as working "fine" if you don't have the experience of only having a public library that stocks few books, doesn't have "digital databases", and to access more information, you have to take a bus far away.
Billions of people now have access to almost the sum total of human knowledge in an instant, except the truly evil people who keep publicly funded scientific papers behind expensive paywalls. This didn't work "fine" 30 years ago, raising the barrier to information to a level that only the truly dedicated would put in the effort to get it.
People who were born after the creation of the internet and of less modest economic means I think have a different perspective of just how hard it used to be to obtain information, especially on demand. I taught myself programming from a ripped up book on 6502 assembly programming, and a VIC-20 register map. That was all I could obtain, and even finding where to find a library that had other books I might want was an epic quest for a child, something thanksfully, today's kids don't have to worry about.
But you have to ask yourself how we got from zero in the 1980s, to trillions of web pages today. Someone directly paid for that out of pocket, and it wasn't me, and it wasn't publicly funded.
_That_ is the positive social externality I was talking about in my original post. It's easy to lose sight of the bonanza of riches you have today that was invisibly funded and not understand how it was funded, nor what model can replace it. It's all too easy for people to bring out the pitchforks and torches over theoretical harm and completely ignoring the concrete benefits since they aren't paying for it.
I looked at purchasing options for a similar bet, and walked away. I couldn't be certain of the drop. I've made a written prediction instead, and will see how I've done in August.
What fraction of your investable wealth have you (downandabout) committed to the short?
I have half of my high-risk portfolio bet against companies that are highly exposed to the EU ad market (so about 5% of the total). I did not bet against Facebook, as they have the market dominance to get users to agree to anything. Ad RPM and available inventory in the EU will drop for everyone including Facebook, but they may have gains elsewhere that offset these losses. However, there are a number of smaller companies that are heavily exposed under GDPR that I have spread out bets against.
1) I have not made hundreds of posts about anything recently, much less GDPR
2) I have not made a single "doomsday" post about GDPR. I am realistic about its consequences, which happen to be negative for the most part.
3) There are many, many people on HN that invest in various things, and I have not once seen a financial disclosure about anything, even from incredibly high profile individuals on here that are known to be investors in or associated with the things they are talking about.
You are one of the most vocal anti-GDPR commenters in HN. I'm not going to count your comments of course, but for each GDPR related topic in the last weeks (which means close to daily), I invariably encounter a discussion where you are warning of the threats and unknowns GDPR poses to companies.
It's good to have multiple viewpoints of course, but I was a bit surprised by your commitment to anti-GDPR commenting. It's as if the previous discussions accounted for nothing, and it all has to be hashed out again.
I would for sure classify your viewpoint as "doomsday" (or FUD), but I have to admit I'm probably biased by my opinion: I legitimately feel GDPR is the best thing to happen to not only privacy, but Internet in general in the last decade.
The problem over the last few weeks is that people kept repeating the same falsehoods about GDPR over and over again. So the same correct information needed to be posted in response. In every one of these threads, for example, somebody posts about how regulators must issue warnings and that companies must be given a chance to correct any problems well before they are issued a fine. This is patently false, and it needed to be corrected wherever I saw it posted.
Everyone should have a chance to learn accurate facts about this nightmarish regulation, especially here on HN where we have many tech entrepreneurs. Most people don’t see every post on GDPR. For the record, I just searched for GDPR stories on here and it turns out I have commented on only a small percentage of the GDPR threads that have been submitted.
I guess the UK ICO has a different (read: the correct) view:
""When we do need to apply a sanction, fines will not always be the most appropriate or effective choice," Denham said. "Compulsory data protection audits, warnings, reprimands, and enforcement notices are all important enforcement tools. The ICO can even stop an organisation processing data."
"None of these will require an organisation to write a cheque to the Treasury, but they will have a significant impact on their reputation and, ultimately, their bottom line," she said."
Good strategy, I also believe the impact on ad revenue is not fully priced in, and the lawsuits against FB / Google will just fan the fear flames for a while.
Thanks for the reply -- I'm so accustomed to people claiming that "you should have been shorting X" without actually doing it that it was a real pleasure to hear that you've made the shorts. Bravo.
But there is not going to be a pulic outcry, I was asking people around, also those that were using the "I have nothing to hide" phrase in past and they are all satisfied with the GDPR. People want this, also in US, but there it will take some time to adopt some law like GDPR as US goverment is working in interest of industry, not people.
People don't want this is in the US. At least I don't. I would be strongly opposed to it as GDPR violates the rights of a person to pay for a product through personalized, targeted advertising.
>I would be strongly opposed to it as GDPR violates the rights of a person to pay for a product through personalized, targeted advertising.
How so? GDPR doesn't make personalized, targeted advertising illegal, rather it gives you (the targeted individual) the right to know how your data is being collected and sed, and to opt out of that collection if you want.
If you want to continue paying for content with your identity, fair enough, but not everyone does.
Simply because it forces companies to give the same service away without personalized ads. As long as the options are clear, most people would choose non-personalized because there is nothing they get out of handing their data over.
So under this system a user who doesn't mind personalized ads doesn't have the option to 'pay'. They have the ability to 'donate' their personal information but there would be no reason to do this.
Now if GDPR had allowed companies to either choose personalized ads or pay for the content, that would have been different.
If personalised ads are so marvellous, and people are happy with them, surely they will be happy to "donate" their data in order to receive these incisive topical ads purely as they give such a better experience? My experience is they are just as terrible - just sometimes terrible in different ways.
The inexorable rise of ad blocking, the increasing pace of adoption recently, and not solely amongst citizens of the EU makes me think most people's trust has been burnt out.
I suspect many people in the US would be in favour of more consideration of their privacy and data security if given a choice.
>So under this system a user who doesn't mind personalized ads doesn't have the option to 'pay'. They have the ability to 'donate' their personal information but there would be no reason to do this.
If a web business can still remain profitable with personalized ads being optional, then the targeting behind those ads was never paying for that content to begin with, it was always a 'donation.'
Not sure what 'can still function' means. If a business is unable to make enough of a profit from its new business model, it simply shuts down. It was certainly not always a 'donation'.
History suggests that every time a political entity chooses the winners and losers in a market that bad things happen -- usually in the form of a small number of increasingly larger companies capturing the market.
Google and FB (with their small army of lawyers) can afford to jump through all the hoops to make the regulators happy while "a small Belgian newspaper" will probably just get steamrolled.
>What's debatable is whether targeted advertising is necessary for a business to maintain that profit. The GDPR suggests it isn't.
You're right to a degree. You're right, because ad revenue from the EU is a lot lower than the US. Even if targeted ads in the EU aren't a thing, then a service that mostly gets US ad clicks and ad views will be able to handle it just fine. However, this means that EU viewers/readers will be treated as second class citizens.
It's hard to tell what fraction of websites have made shifts out of the enormous amount of businesses that exist on the web and serve EU consumers. On top of that, it's still too early to tell what the effects of the law will be. Many are waiting to see how it will be implemented.
I don't think the US can constitutionally adopt a law like this. Just the Right to Be Forgotten by itself violates the 1st amendment (and the EFF opposes it as it's generally used in Europe for censorship .. as we saw recently with the pulled NPR article).
Perhaps, perhaps, but (a) I think I've seen this sort of thing before, and (b) your interpretation nonetheless contradicts the statement that using the site is agreeing, and (c) I'm not in the EU.
GDPR doesn't work like that, the user has to explicitly opt-in.
So the website has to block users that don't explicitly agree, a simple statement won't do.
There are exceptions, GDPR having the notion of "legitimate interest", which many services will try to abuse, however it has a precise definition and user tracking, ads targeting, marketing, or other interests like that that don't cut it, even if by not doing so results in less revenue for the service.
The GDPR has teeth, which is why companies that have been violating user privacy are freaking out ;-)
We don't know how GDPR works. Its structure grants immense discretion to political bodies. Given the EU is undergoing another cycle of political weakness, it would not be safe to assume anything about interpretation or enforcement.
GDPR is formulated in this way, because good laws are not special and well-"explained", they have to be general so you can apply them to almost everything.
> good laws are not special and well-"explained", they have to be general so you can apply them to almost everything
This is a good principle for Constitutional law. It's a bad principle for general law, as it introduces political uncertainty and authoritarian risks into everything.
In my experience this just opens or expands corruption. You pay your way to be able to be "approved" by the authority.
For example, the legitimate interest. Who determines that? The authoritaa. But then the authoritaa might approve Google and disapproves small-naughty-trackor. Both are doing the same privacy invasion. So why one gets a free pass and another is reprimanded.
Even if the current regulator (persons) are honest, they are not irreplaceable. Maybe the guy after them will be corrupt. And since there is a lot of money here, money corrupts.
> (b) your interpretation nonetheless contradicts the statement that using the site is agreeing
IANAL but implied consent, by visiting the site, is not enough anymore. Consent must be explicit and informed, afaik there are a few exceptions there for stuff that's "vital to the sites function".
There seems to be common misconception that GDPR only applies to the geographical region that is the EU, this is false. GDPR applies to all Europeans, independent of location.
I thought this, too. But it does depend on location:
* If your company is EU-based, you must comply with GDPR, whatever the location of your users/clients
* If your users/clients are EU-based, idem
* If your users/clients are EU citizens located abroad, it applies *only* if you target EU as a market. If you operate a website dedicated to sell t-shirts to Californian people, and an EU citizen living in California buys from your website, you aren’t expected to comply with GDPR.
No it does not. It covers data in the EU. Being from the EU but using for example a US service while you are in the US means you are not covered. EU law doesn't cover people not inside the EUs borders.
With one exception, when your business targets EU markets, EU citizens abroad are still covered.
For example, when you are a EU citizen using a US social network that operates world wide (and thus also targets EU markets), you are still covered when in the US.
1. This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not. [i.e. EU companies, or EU subsidiaries of foreign companies, have to obey GDPR with all data they deal with]
2. This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to: [foreign companies dealing with the data of people physically inside the territory of the EU have to follow the GDPR if...]
(a) the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union [they're offering services to those people]; or
(b) the monitoring of their behaviour as far as their behaviour takes place within the Union. [they're tracking what those people do in the EU - but tracking what they do abroad doesn't trigger GDPR!]
3. This Regulation applies to the processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law. [it applies to businesses in places with weird legal status, like some overseas possessions, or maybe the Channel Islands]
High quality, highly relevant content just became a lot more valuable.
I subscribe to Sound on Sound, a magazine about music technology. I pay them $90 a year, but I also whitelist them in my ad blocker, because the ads complement the content. If I'm reading a review of a synthesizer or an article about how to record electric guitars, it's really easy to serve relevant ads with good click-through and conversion rates without intensive tracking. Both the content and the advertising serve to enhance my enjoyment of a hobby that I care deeply about.
A lot of publishers are really going to struggle post-GDPR, because their content is clickbaity and vapid. It isn't worth paying for and it isn't relevant to the readers' lives. It exists because it briefly hijacks your attention, which can be profitably monetised by ad networks that invasively track your activities online.
Some good publishers are going to get caught in the crossfire which is unfortunate, but I think that the overall effect will be net positive. If publishers can't sell their ad inventory without recourse to surveillance, they need to seriously examine whether their business model is honorable and whether they are offering something of real value.
>It exists because it briefly hijacks your attention, which can be profitably monetised by ad networks that invasively track your activities online.
Yep, I really hope that the law incentivizes businesses to really add value by producing better content rather than turning up the frequency and hitting everybody with addictive clickbait.
Can someone ELI5 to me why we can't simply have ads targeted to content instead of to visitors?
Native ads do this. It's a huge industry, and will likely get far bigger under GDPR. But it takes highly specialized techniques to make the numbers back out as an advertiser. There's a ton of fraud, the bidding strategy is very different from programmatic/retargeting, the ads that work are different, etc. Most of the ad industry doesn't know how to do this, and many types of ads simply won't be profitable on native networks.
From what I'm hearing from my friends that do ecommerce stuff, product ads targeted to the EU are no longer profitable across the board either. That will force a ton of review sites aimed at EU visitors to shutdown, along with many YouTube reviewers. As advertisers pull product ads out of the major ad networks because they can't make money, the revenue of publishers/content creators in the product review space will plummet in lockstep. Amazon has cut affiliate commissions to the point where turning to them is no longer an option for any site that costs money to maintain either.
GDPR seems to be on track to wipe out vast swaths of businesses serving the EU market, and not just the "evil" ones it was trying to wipe out. It's a shitshow, but it was entirely predictable.
Maybe, but ad prices going down, Amazon cutting affiliation commissions, clickbait race to the bottom etc. has happened over a period of the last ten years anyway and is unrelated to GDPR. It hasn't exactly resulted in quality content, or financial stability for content creators, either.
A situation where your average page contains tens of tracking scripts wasn't sustainable much longer.
If anything, GDPR should be seen as an opportunity to disrupt the quasi-monopolistic online ad market.
Which is how the paper and TV ads industry worked for more than half a century, forcing brands to push creative limits in creating campaigns that we regard sometimes as a pinnacle of arts and media culture.
Just because the Internet lets you laser focus a campaign by profiling the shit out of people, it doesn’t mean that is how things should work.
> Which is how the paper and TV ads industry worked for more than half a century, forcing brands to push creative limits in creating campaigns that we regard sometimes as a pinnacle of arts and media culture. Just because the Internet lets you laser focus a campaign by profiling the shit out of people, it doesn’t mean that is how things should work.
How did the paper and tv industry work? Oh yeah, advertisers would crowd around and bid up the largest players. Small niche products would receive little to no revenue and die quick deaths.
That is what I suspect will happen in the EU. Without tracking Advertisers will be unable to know how their ads are performing. Without metrics such as conversions which require end to end tracking advertisers will need to rely on the reputation of the platform.
Products such as google and facebook will receive significant attention from advertisers. The tiny blog you enjoy reading that is barely scraping by will receive very little.
> Without metrics such as conversions which require end to end tracking advertisers will need to rely on the reputation of the platform. Products such as google and facebook will receive significant attention from advertisers.
Yes that's a valid concern. But blogging hasn't been profitable or even sustainable for a very long time now in the way it used to be ten or fifteen years ago, with YouTube, Fb, microblogging platforms, and news aggregators having taken this space instead. Those who keep on running blogs do so for promoting their own services, products, or other agendas, or as a hobby, and will continue to do so. So it's not a terrible loss really; the great starving of blogs has already happened in the past.
But sites such as product review blogs could get a boost by ad money being in need to be allocated in innovative ways. Post-GDRP advertising requires thinking a little bit out of the box, and leaving the "ad" model as we know it behind which isn't very effective to begin with. If you consider attention a scarce resource to compete for, I could imagine ad money going into more and new native advertising sites, temporary sites for local events with direct sponsoring, focused sites for special interests, etc.
Small niche products thrived on their inherently high precision in content-based targeting. When their niche had ad buyers. (edit: actually I meant "if", niche content providers without much on-topic ad budget are a winner of tracking-based targeting)
The more recent capability of targeting those niche ads also on random click-bait sites didn't exactly help those small niche products.
(Edit, for clarification: with unrestricted tracking, if you publish to a niche with good ad money, the few ads that you do show, for a tiny fraction of the ad budget of your niche, become the information source used for drawing much of your niche's ad money to ads displayed to your audience on unrelated sites. Your ad-network should practically "steal" your content-targeting information to divert on-topic ad money to entirely unrelated sites)
> Your ad-network should practically "steal" your content-targeting information to divert on-topic ad money to entirely unrelated sites
Do you have a link to support that? I believe it, but I'm looking for an article that explains it well. I read one that had a good example of an advertiser basically telling the operator of a high-quality, premium site that he's only going to use them to gather audience targeting information so they can be targeted at cheaper sites.
The tiny "share on facebook" button, a google analytics script and so on, you don't even need to show an ad to associate my browser identity with the topics on the site I am visiting. But ads can certainly serve the same purpose.
Maybe you misunderstood what I meant (my wording wasn't exactly perfect), I'm not talking about some dramatic ad-fraud scheme: without tracking-based targeting, all ad-money about scuba-beekeeping (just making up some really small niche) would go to the few sites dedicated to pleasures scuba-beekeeping. This is how Google started their dominance, they were the best at automatically matching scuba-beekeeping advertisers to scuba-beekeeping websites. Content-based targeting.
With tracking, ad-networks show a small, cheap ad (or even just some tracker the site includes without monetary compensation) on the scuba-beekeeping site and take a note that the browser identity a target for scuba-beekeeping. Ads about scuba-beekeeping will now appear to that browser-identity on random news sites and the like while the niche site won't see a cent for the targeting information.
All in all, if the "native" ad market (the one addressable by content-based targeting) of a site has above-average value per eyeball, a site will tend to lose more from cross-site targeting than they will gain from showing ads unrelated to their content (but related to whatever their visitors have visited before), if the "native" ad market is lower then they may win. Visit frequency also plays a role, if the content-targetable sites take only a small percentage of their users' browsing activity, a no-tracking scenario would cause a bidding war amongst on-topic advertizers, if they take a large chunk of their users' browsing, inbound tracking targeted ads (about other topics) could easily more than make up for the losses in on-topic ads.
It should be possible to track ad campaigns and therefore see exactly the turnover ratios as long as the campaigns are broad enough that they don't target individual users.
In the analog world they do this for example via coupon codes which are unique to the ad.
>It should be possible to track ad campaigns and therefore see exactly the turnover ratios as long as the campaigns are broad enough that they don't target individual users.
In the analog world they to this for example via coupon codes which are unique to the ad.
This will severely undercount the number of conversions. It's not atypical for someone to view/click an ad and then purchase at a later date through a different channel.
It was possible to track that before GDPR. It is not possible now.
By following a different business model? Employ a small team, sell ads based on relevance to the content you're reading, going after niches... It's not like there's only one formula for success. GDPR is going to force a different formula on the market.
This relies on the fact that your business can be served anywhere. What if you're in a niche that can only be limited to your area or to people who speak a specific language in that geographical area?
If anything, GDPR should be seen as an opportunity to disrupt the quasi-monopolistic online ad market.
The problem is that the market itself is shrinking (as we speak) as a result of GDPR. There won't be much of a market left to disrupt. Ad targeting got as invasive as it did because that was the only way to make it profitable. The moment that ads stop becoming profitable, advertisers will pull out. This won't be gradual thing for most companies - this will be a next week type of thing. Few companies can afford to light money on fire in the form of ad spend if they can't recoup it. Some ads might still work in the EU, but it will be a dramatically smaller market within a month or two.
>" Ad targeting got as invasive as it did because that was the only way to make it profitable. The moment that ads stop becoming profitable, advertisers will pull out."
Good. The situation was absolutely unacceptable, and I'm glad the EU decided to shake it up.
I think that's a misunderstanding of what the market is in the first place. If there ever was an ad budget, it'll go elsewhere (native advertising, direct sponsoring, whatever).
It might be that big media, everything-and-the-kitchen-sink portals with a large target audience get a cut back, to the benefit of small, focused sites and maybe also paywalled content.
I'd say that could be another welcome collateral effect of GDPR, and give us back the federated Web we lost, though I'm not sure it'll be world-wide any longer given different incentives in US and EU markets, let alone the Chinese and regional (such as Russian and Turkish) markets.
If there ever was an ad budget, it'll go elsewhere (native advertising, direct sponsoring, whatever).
I'm not exactly sure what you mean here. There was quite a bit of money being spent on advertising to people in the EU on May 24th. Due to GDPR, many of the advertisers that were spending this money will no longer be able to make a profit from this activity. They will therefore cease that spend, and the EU online ad market will dramatically shrink as a result. The EU companies that were receiving the money from those advertisers will no longer receive it, and many EU publishers will go out of business.
I love this approach pushing every advertiser and publisher into spit bucket.
An analogy here would be someone hating cars' tag readers in public. Law gets passed its illegal, yay! Then 2 months later your car payment goes up 30% and you scratching your head. Yeah well since they couldn't recover enough cars from people who don't pay, they had to adjust their financial models and you are the one to pony up for it.
GDPR will wipe out many niche blogs that make few hundred bucks a month top and - as this article clearly points out - will ironically help companies like Google to make more money and jack up pricing for remaining ads, as the whole ad network will get much thinner.
If I'm completely honest, I wish the marketing and advertising industries would simply die off completely. I don't need businesses to tell me what I "need" to buy, in order to feel fulfilled.
>"An analogy here would be someone hating cars' tag readers in public. Law gets passed its illegal, yay! Then 2 months later your car payment goes up 30% and you scratching your head. Yeah well since they couldn't recover enough cars from people who don't pay, they had to adjust their financial models and you are the one to pony up for it."
Maybe they should have shown some responsibility, and not just pushed unrealistic loans on every Joe Six-pack who walks through the door.
Also, this culture of instant gratification that advertisers and money lenders have created is truly vicious. It has become culturally accepted to just take another loan to buy stuff you "need" (read: desire, to one-up your peers), never mind the consequences.
Try saving up instead or (shock and horror!) simply doing without the trivial material possession in question. You'll be tired of it in a short while anyway.
>"GDPR will wipe out many niche blogs"
That is purely unfounded speculation on your part.
>>"GDPR will wipe out many niche blogs"
>That is purely unfounded speculation on your part.
It's speculation but not unfounded. GDPR will absolutely reduce small publisher revenue significantly, so making the leap that it causes a culling is rational.
I'm sorry to have myself made not very clear then.
What I meant is that ad spend for large customers has always been handled such that a budget is handed over to an agency (to the winning one of several ones competing for the budget). That ad spend is allocated to multiple media channels and campaigns; now it will have to find other, more creative ways to get the message across to the customer.
Online ads have been under pressure, and their effectiveness has been questioned for much longer than yesterday when the GDPR came into effect. The GDPR legislation has been a long time in the making, so if publishers haven't prepared for it, then they have only themselves to blame. People have certainly no obligation to sustain a rotten big-data/big-media mindset by giving up their privacy, especially when that only benefits very few.
The situation for publishers has been precarious for many years, so publishers should focus on the opportunities not risks of this change. For example, exactly because clickbait isn't going to be sustainable any longer, quality media might get a boost, and could even make a profit from paywalled content. Holding on to a model that's on its way out isn't a winning strategy.
That's how brand marketing works, and maybe those ad budgets aren't going to budge much, but the great swaths of performance marketing budgets are going to get a big haircut.
Performance marketing companies will spend as much as they possibly can for incremental profit, the budgets float based on the results. So the cycle goes:
In victorian era, asbestos was used as a gods gift. Like plastic today, blooming bussiness. When they figured out that it hurts people, they forbid it. And? What's your point? Business will transform and something else will bring money. This was happening trough whole human history, nothing special.
And anyway, the marketing business was already going down, ads became so invasive and annoying that everyone is using ads filters today.
But I don't know why are we talking only about ads. What about people getting some bad credit rates as bank bought the data from ads network? Or things like Cambridge Analytica. Like the marketing and ads world is everything we know of and GDPR isn't bringing any positive effects as it hurts tracking. Tracking market goes down, human freedom and rights + democracy goes up. Who cares for targeted marketing in respect to that.
> From what I'm hearing from my friends that do ecommerce stuff, product ads targeted to the EU are no longer profitable across the board either. That will force a ton of review sites aimed at EU visitors to shutdown, along with many YouTube reviewers. As advertisers pull product ads out of the major ad networks because they can't make money, the revenue of publishers/content creators in the product review space will plummet in lockstep. Amazon has cut affiliate commissions to the point where turning to them is no longer an option for any site that costs money to maintain either.
Native ads don't do this unless you mean something other than the standard definition.
Native ad is just an ad that is formatted so it fits with the aesthetic style of the page, (for example it uses the same fonts and colors). This makes the ad less jarring to the user and makes the overall page look better. Many people don't like them for this exact reason, because they say ads should be very obvious and native ads might look like content.
Native ads can do tracking the same way non-native ads can.
The rest of the comment is more or less spot on though.
Native ad is just an ad that is formatted so it fits with the aesthetic style of the page
Most native ad networks run based on topics, and the ads themselves are usually not targeted to the individual person. I run ads through major native ad networks such as Revcontent. You choose "topics" to target, and then your ad is shown on content that relates to those topics.
1) The correlation between the content people peruse and the products people buy is pretty poor. Take a news site with an article about school shootings- what related content would they advertise? Guns? Back to school supplies? Without knowing why a person is on a page, it's difficult to understand what related products might appeal to them.
2) Tracking user behavior is fairly important to implement click fraud detection- obviously that doesn't justify shady behavior on the part of ad networks, nor does it necessitate the in-depth amount of personally identifying information they may or may not collect. However, some forms of that data- think IP addresses, click history- may be useful.
3) If you already have some data per point 2, why would you waste an opportunity to display something meaningful by putting up an ad that might be completely irrelevant given what you happen to know already?
None of this is meant to justify targeted ads, only to explain why they have better appeal to both content providers and ad networks.
My instinctive response is always: 1) people paid for untracked content-related ads in newspapers for what 200 years or more. Should be possible now too (it might support just a hundred publishers rather than ten million sites - but so be it).
2) in a vast global experiment where advertisers knew everything about everyone they still completely failed to show people relevant ads. Most notoriously even the giants who know what you ate yesterday fail to realize you probably don’t want ads for toilets for a year after you bought a toilet.
There's actually quite a bit of independent auditing involved in making sure that newspaper ads are actually shown to the number of people that the newspaper claims they are, especially for free papers where those still exist.
>it might support just a hundred publishers rather than ten million sites - but so be it.
You want millions of people to loose their lively hood over this issue? That sounds cruel and spiteful to me.
You also have to think of many small companies that make niche products that would no longer be able to find their customers and thus be forced to close.
> 2) in a vast global experiment where advertisers knew everything about everyone they still completely failed to show people relevant ads.
The premise of your statement is false, advertisers have never know every thing about anyone. That was just marking bullshit by ad-tech companies targeted at adversities and publishers, "We know everything about your users! So if you hire Acme Ad Tech your profits will go through the roof!" The fact that users hear the statements and understandably freaked out was collateral damage. The fact this statement was demonstrably false was irrelevant.
The fact is that the amount of data used to do targeted advertising is quite sparse in-fact, no-one wants to spend the effort to individually go through mountains of data and figure out the best advertisment. Really the only data used is
1. demographics (age, gender)
2. location (this is so a NYC based restaurant chain doesn't waste money advertising in California),
3. language (people actually hate seeing ads in a foreign language)
4. interest categories (like do you like Football, or Cars, or video games, this is how facebook advertises a lot they figure out your interests based on posts, then allow advertisers to advertise to you based on that category, (interestingly they don't actually sell the list of interests mostly because that would mean advertisers would not have to buy ads through Facebook and more))
5. product targeting (this is you visited acme.com and put an acme roadrunner trap in your cart but never checked out so now it follows you around the internet.)
> Most notoriously even the giants who know what you ate yesterday fail to realize you probably don’t want ads for toilets for a year after you bought a toilet.
Yeah, that's my point, using more data (like the fact you bought the toilet) is more work and using the current amount of data works well enough for them so that is all they do.
I never even considered a million jobs as a factor in the matter of my privacy, and now that you mention it - I still don’t. My basic viewpoint is that if anyone needs your business you can monetize it tomorrow too, OR everyone is better of if you shut down.
> what related content would they advertise? Guns? Back to school supplies? Without knowing why a person is on a page, it's difficult to understand what related products might appeal to them.
Training for teachers? Security services? Access control systems? Yes, a lot of those reading are parents, not teachers, but what do you think they'll do if they are convinced something exists that will reduce the risk of school shootings?
Editing: ad "targeting" as it has existed so far has also been insultingly, embarrassingly bad IMO. Even Google tried for years to send me ads for Russian, Ukrainian, Philippine and Thai dating sites. Round robin. I was delighted when they started showing me Wordpress ads.
Those are not relevant either but now we are approaching something useful and not actively insulting (I'm very happily married and have small kids.)
I think you're right about the targeted ads. Many people have expressed similar sentiment.
I suspect that most advertising is actually driven by supply (that is, somebody wants to advertise X), not demand (somebody needing Y at the moment), and that's why targeting doesn't really work that well, and the disadvantage of untargeted ads (or targeted by content) is much smaller than advertising industry claims.
I think for a lot of businesses this isn't a huge deal because they're already targeting a specific market. If you know your market then you should know what will appeal to them and be able to advertise as such... High quality content plus high quality recommendations.
With regards to 2), there are specific exemptions in GDPR to allow this kind of data usage (specifically in 6(1)(f), this is the general interpretation of "legitimate interests", though the exact definition is up to member states' data protection agencies).
The problem is, the "balancing test", a subjective measure of the users interest against the legitimate interest, may still cancel out the exemption.
It's completely subjective, which may or may not be a good thing depending on the mood of the regulator, court, and your opinion of rule by common law.
This was/is unclear, I actually remembering having an hour long discussions about this exact topic several months ago. This is the biggest problem with the GDPR it was hard to understand what could and could not be done.
The market is too segmented for broad interest ads to work, and advertisers don’t want to deal with multiple content channels.
Plus, the editorial quality of ads is generally so awful, so you need to align with the users interests to help them accidentally click on it in many cases.
The newspaper was a beautiful business. They had a monopoly or minimal competition, and a critical mass that supported everything from classified ads to flyers to the pet store.
Someone should just invent a standard cookie that people can use if they are comfortable with it and that’s all ads can see. I’m comfortable telling advertisers my age group, gender, 3 hobbies and my zip code.
I’m not comfortable with ad networks deducing those very same parameters from my browsing habits.
That is an awesome idea! I really like it, one thing I do know if you dig in the the ad settings for most provides you can find a page where they display this info and you can edit it.
Unfortunately short of some type of mandate I don't see how this could work, because it would be next to impossible to get 90% of the population to fallout the cookie.
My company actually did a bunch of research on collecting consent from users to show personalized ads, (aka what everyone is doing right now)
Only 25% of the the users read the 3 sentences before clicking on a selection. 25% did not read anything many thought our privacy dialog was in fact an ad. :(
Many people said they didn't want personalized ads because they thought it would mean filling out a survey like the one you just described even though it obviously (to us) did not.
One person actually said, "I'm okay with them using my browser history to show ads but, I don't want them to use my personal data like my banking records or my medical history." This is very ironic because we presented the option to do exactly what they wanted by they didn't understand what it was because they did not consider the browser data to be "personal".
I really wish that when you first opened a browser their was a dialog about hey these or the things you need to know about how we pay for the internet. Though I have no idea how get to that spot.
> I really wish that when you first opened a browser their was a dialog about hey these or the things you need to know about how we pay for the internet. Though I have no idea how get to that spot.
There are always untracked situations like that, but the ROAS for your demographic will so drastically different it’s like throwing money in the garbage to target you.
How likely is a man reading Cosmo to care about tampons vs cups relative to the average man?
How likely is a Cosmo reader to be a cis man?
Alternatively: How likely is a Cosmo reader reading an article about menstruation to be interested in a female hygiene product?
The death of tracking-based ad targeting doesn't mean you have to show the same ads everywhere like an animal. You can still make the ads contextually relevant. And you don't even need to disguise them as native content (which, btw, is illegal in some EU countries already).
Google's main ad products, AdWords and AdSense, are content based. For many advertisers, this has always been the best type of targeting. E.g. some hotel in Toronto may advertise on the search engine results page when you search for "hotels in Toronto", or view a video about things to do in Toronto.
I'm confused by your comment are you saying diffrent rules should apply to Google vs other companies or are you saying Google lack the engineering talent to comply and everyone else has it.
The former is a deeply troubling form of government that leads (in my view anvetiablly) to corruption and abuse of power. The latter is plain backwards Google has the resources to be profitable under any regulatory regime it is small companies that don't.
The latter, because it doesn't scale. Google is just a middleman that with the help of tracking sells lots of badly targetted ads cheaply. Google doesn't care for stuff that cannot be automated to a large degree.
Now without tracking you have to actually understand the audience and the product, this research will make advertising more expensive but also in many cases have better success.
And suddenly there is no reason to rely on google.
Ad buyers are uncertain about what the fallout of the GDPR is and are taking a "wait-and-see" approach to advertising. That's causing the price drop, since fewer people are buying. When the dust settles, and they know how to proceed, it will return to normal.
If I could predict how quickly it would bounce back, I'd be tempted to get involved in the exchange market.
When the dust settles, and they know how to proceed, it will return to normal.
Unless there isn't a corresponding drop in product sales. That would show the ads aren't driving sales, and there's no good reason to go back to spending on them...
But then it's not about new sales, but rather brand loyalty and maintaining market share. If coke or pepsi stopped advertising, I'm curious how long it would take for them to take a hit if the other kept advertising. Maybe it would be fast, maybe it would take a generation, but either way it would happen eventually.
But this drop is only for online ads, correct? So unless they buy fewer ads overall, what has happened now is that companies moved their ad money to print/broadcast/posters and other traditional media?
I dont think ads were ever efficient, but ad spending never stopped going up. It's an essential business lubricant. arguably however targeted ads are more efficient than anything else , even marginally.
Good. Adverts are a drain on society, they increase prices of goods which are advertised, and mean you as the product/consumer end up paying more than the service/website gets, as the adverts take a cut.
Look at television in the US, or even in the UK on non-BBC channels. You watch something for an hour, you get 40 minutes of actual use out of it, you get massive breaks in the narative which reduces your enjoyment, and you waste 20 minutes of your life.
Does this mean you get free tv? No, you're still paying. The only reason that $CORP spends $1 advertising to you in your program is because it will make you spend more than $1 with them at some point in the future.
When you watch advert TV, you're selling 20 minutes of your life not for $1, but to shift your $1 expense now to a $2 expense hidden elsewhere in the future.
Far better to save 20 minutes, and that $2 in the future, by spending $1 upfront, and being the customer, not the product.
> they increase prices of goods which are advertised
I think that's completely false. The price of things goes down with volume, and if no one knows about something its going to be far more expensive than something everyone uses.
Advertisings entire purpose is to increase the volume sold, which lowers the price.
> I think that's completely false. The price of things goes down with volume, and if no one knows about something its going to be far more expensive than something everyone uses.
That applies between companies (where you have real competition), but does it apply over a marketplace? And even if over an industry you were able to persuade more people to buy more product, is that necessarily delivering value for the customer? Wouldn't it just be better if they found things by going out and looking for them if or when they need them, and soliciting expert advice?
The obvious example is pharmaceuticals, if patients seeing adverts leads to more prescriptions for a particular drug, is that a good thing? If the pharmaceutical industry manages to get people to take more drugs, is that a good thing? The unit price might go down, but that doesn't mean utility for the consumer goes up.
Netflix seem to be doing very well without adverts
How much does a website typically earn from my visit (with adblock etc)? I haven't had a site with adverts since 2000 so no idea
Sky in the UK gets something like 80% of revenue from subscription, but still have adverts on top of that, trying to extract every last penny. Thats why I won't subscribe -- plenty of other choices for entertainment. If your time is worth say £15 an hour, having 2 of you watching a 40 minute program and 20 minutes of adverts costs you £10. Given the income ratio is 8:1 revenue, your £24 subscription brings in £3 of advertising money to sky per month, if you watch 1 hour a day, that's 10 hours a month, or your time being worth 30p an hour.
Don't know about very well, but I do know about the ads and if you're in any UK major city, you should've seen a ton of Netflix ads, recently on the 'Lost in space' a series of wooden block attractiveness that I've personally attempted to watch only because I've seen it on the ads.
It's somewhere in the middle, depending on how elastic demand for the thing being peddled is.
If you're talking about something like Coca-Cola, where each ad exposure might prompt someone who already has a fridge full of Coke to go grab a can right now, then yeah, that is very much true.
If you're talking about something like prescription pharmaceuticals, where demand is tightly constrained by how many people actually have the condition your drug treats and what doctors are prescribing, then I would bet the GP is correct. Then I'd expect advertising for competing drugs to behave more like a prisoner's dilemma.
It makes a lot more sense that that would directly tie to the US healthcare system approach and how it prices products & services rather than more to the ad market impact.
Everything in the US healthcare market is similarly far more expensive. From radiologist salaries, to a bag of saline, to hospital stays.
You could cut pharma prices in the US in half through increased negotiating power, imported drugs and government price restrictions for Medicare/Medicaid and still have a very large industry full of advertising.
Ads are primarily paid for by Procter & Gamble, Berkshire Hathaway, GM, Comcast, AT&T, Pfizer, etc.
Procter & Gamble all by itself spends $7 billion per year on advertising.
The top 100 advertising companies in the US by spend - not one of which is a VC firm, a tech start-up, or powered by VC money - spend more annually on advertising than the entire combined value of all venture capital in the US.
You can easily see this in action: when venture capital plunges dramatically every five or seven years, the total US ad spend doesn't similarly plunge with it.
Completely false. As volumes sold ramp up the company makes more profit per unit, it's almost unheard of to cut prices. Competition on the other hand can lower prices.
If anything these days they tend to increase price as market share increases.
But increased ads grow the category around the same product so competitors benefit from it too and overall in more competitive markets prices go down on average.
Why spending $2 is necessarily bad? I could be buying advertised product that actually improves my life that I wouldn't have known about otherwise. While it's not the case all the time, there's no explicit loss to you in spending more.
Also in regard to TV, ads are needed even for simple toilet breaks. Excessive ad amount such as 20 minutes per hour is definetely way to much, but some time off the show makes sense in broadcasting where the user can't pause the show whenever they want.
We were sat outside the cinema drinking a coffee and talking, the ushers were very concerned we were missing the 8pm showing. Walked in at 8.30 as normal, still had 10 minutes of trailers.
Cinema adverts acknowledge that nobody likes them, and cinemas wonder why people do t turn up. Perhaps they should stop treating paying customers as a product.
I've never had an intermission in any film (unless you count 12 months waiting for the sequel), although I can't think of anything longer than 3 hours. That would be horrendous, and would certainly mean I don't visit the cinema.
> Does this mean you get free tv? No, you're still paying. The only reason that $CORP spends $1 advertising to you in your program is because it will make you spend more than $1 with them at some point in the future.
Not necessarily. It could be that the advertisement gets you to spend that dollar that you were going to spend anyway on them rather than their competitor.
So Tesco spend £1m taking 100k customers from Sainsburys, and Sainsburys spend £1m taking 100k customers from Tesco. No overall change, other than Tesco and Sainsburys customers end up paying £10 extra on their shopping, what a waste of everyone's time and money.
If the advertisement is "Buy our static analysis tool. Catch bugs in your C programs", your argument considers the purchase equally as bad whether it catches 0 bugs or 100 critical CVEs.
Most people don't use static analysis tools, so without persuasion the purchase would never occur.
Which highlights the need for a neutral product-discovery tool.
Advertising makes most popular the products with a higher marketing budget, not necessarily the better ones. For example, search for "youtube downloader": at least the first ten results link to shady websites and apps which offer a crappy wrapper around youtube-dl, which is the ultimate youtube downloader but unknown by non-programmers. Even among wrappers, the clean versions are not as popular as the advertised and SEO'd crap.
Targeted ads are like a cancer on the web front-end. It started out unnoticeably with one mutant script infecting a page, and now we’re at the point where the majority of client network traffic from accessing a news article goes to ad peddlers and trackers — the cancer has overtaken the host.
A chemotherapy that starves the cancer’s food supply by 25-40% overnight sounds like a success to me.
(Edit: USA Today decided to actively remove the cancer tumors and created an adless site for EU visitors. The results are amazing: load time shrunk from 45s to 3s, network requests from 500+ to only 34! Source: https://twitter.com/fr3ino/status/1000167643431784449?s=21 )
Not to mention the ads keep following you after you buy the thing.
And this is not only because of lack of information. Checks out a cellphone from Amazon, buys the cellphone, still get ads saying "you might like this cellphone"
While some advertisements can alert you to a product that will be helpful, many have the psychological intent of producing dissatisfaction and are an attempt to compel you to purchase something you do not need and your life probably would be better off without. Advertising is deliberately about producing discontent and it makes people more unhappy and more dissatisfied with their lives.
I would rather see ads that I can immediately dismiss than have ones that make me start desiring that which I don't really need.
That's fine but I don't think there is an alternative business model that doesn't rely on advertising to feed the current demand of entertainment. I hope I'm wrong and people like you who find advertising distasteful can have access to the wealths of society with some alternative form of funding
But if I want relevant ads don't I want them relevant to things I'm searching for anyway? I.e. advertise things on sites (and sections) where I'm looking for that category anyway.
There's no need for 'targeted' ads that follow me around if the ads are in the places I expect when looking for something.
Content providers should be ensuring they display quality and relevant ads, not relying on 'other' services to come find the consumer.
Quality and relevant ads is exactly what targeted marketing is about. If the advertiser doesn't know who I am how will she know to serve me a qhality and meaningful ad? Maybe if it's targeted to what I'm searching for and it often is, but that leaves out a lot of people that rely on advertising, like newspapers and social media companies. What's a relevant ad for a news article?
> Quality and relevant ads is exactly what targeted marketing is about.
Not really. Targeted marketing is about particularly narrow conceptions of quality and relevance. IMHO, the logic of targeting and tracking has severely twisted the meaning of those terms in marketer's minds.
> Not to mention the ads keep following you after you buy the thing.
There may be sense to this madness.
I believe rate of returns is increasing as online sales takes over. The only way to actually see and touch many electrical devices is to buy and return them e.g. there is no store in my major UK city that has premium non-mac laptops on display. It means you might buy and return 3 devices to find the one you want to keep. If the return rate is 30%+ then a completed purchase really is a strong indicator that might purchase the same thing.
Scoff. 30%? There's no way a rate of returns is anything like that. Just think of the volume of post that would be going out of suburban post centres! The delivery network obviously doesn't look anything like that.
I think it's much simpler. The chance that any person is say, buying a fridge at any point is very low. If you're 99% sure that person has already made their purchase, that means there's a 1% chance you're wrong, and they're still looking! That's a much better signal than any other signal you're going to get.
The only place I’ve seen powerful/prosumer non-Mac laptops that you can play with in store in the UK are big department stores - e.g. John Lewis.
Actually, PC World had demo machines out to play with last time I was in there, but very few in comparison to the tech department of the department stores.
A simpler explanation might be "They don't know you bought the thing." Either because they're different retailers, or because the data are hard to put through from the checkout to the marketing department.
Maybe it's hard to connect Google's idea of who a user is with the store's user accounts. Maybe the ad-buying algorithm is suuper simple, and getting a dev to "do it better" isn't worth the cost.
If it's just "this person searched for car rentals two days ago, let's show them car rentals today," that seems simple enough to make money over "no targeting," with obvious and acceptable failure cases like "already booked a car" and "phone got stolen, should show ads for pawn shops instead."
30% is not sustainable for any business. You have to take into consideration that once a product is returned then the merchant has to sell it as a used one with a significant discount. Selling 30% of your inventory at discount means you're doomed.
Amazon Warehouses is the official Amazon seller of used (returned) goods.
However they also sell returned items to others. There are multiple huge warehouses where I live filled with (mostly) returned products being auctioned off to the public by a middleman. The volume is astounding.
That's been up for quite a while, actually, to help low-bandwidth and screen-reader users.
What's new is that they're redirecting to it if you're EU (like myself)
Edit: It's a pity there's no real archive in the text version, as far as I've been able to tell. No way to scroll down to yesterday's news or anything.
I'm loving that the privacy policy linked on text.npr.org links EU users to a URL on the non-text version which is again just showing a prompt. The actual text-only version of the EU privacy policy is the one linked from that prompt, not the text site.
I'm pretty sure that wouldn't satisfy the requirements for the privacy policy being easily accessible if this were an EU company.
You still have the issue that the content must be of a form that a) attracts advertisers and b) attracts readers, so ad-blockers are only partially effective, you are still consuming content that is written with (consumption of) advertising in mind.
I don't think there is any solution for that when visitors to the web site are the primary source of income for the individual or organisation behind it. All schemes, even Basic Income for journalists, are flawed in some way if you rely on single sources for what you would consider authoritative sources of information. A return to the Coffee Shop model, as advocated by The Economist, seems to be the most viable, given current human nature.
But is everyone really using ad-blockers? I thought it was obvious, like you, I mean, why wouldn't people use ad-blockers and keep living inside a garbage typhoon? Then, I saw some "studies" [1] saying the total of users relying on ad-blockers is ridiculous, like not even 1/5. It's baffling but seems like most people are still struggling against pop-ups.
Most people are using whatever is the default browser on their mobile phone. And if they do use a desktop, most users still struggle with the single-vs-double-click, never mind the right-side mouse button.
Most people also don't understand the difference between a URL and a Google search. Installing an ad blocker is way beyond their understanding of how the web works.
Wow, that America Today stunt is really impressive, feels almost surreal. Great way to fill the time until things sort out and they eventually devise a way of compliant monetization.
Yes it's fantastic. Now if we only could ride the momentum of this and slam something equally as punishing on Facebook, then we could be heading towards a renewed golden age of the internet.
Targeted ads are great. Things cost less because there is more competitions between suppliers and they don't have to pay a lot per piece, since they can target only the specific people who needs the thing they sell. This is GREAT for people with small business and low budgets... but we know now that Europe only care about the big business and billionaire overlords.
Also with targeted ads you don't have to hear/read about products you will never care for a moment in your life.
I feel like the GDPR is working for me to help prevent companies treating my data like it belongs to them.
I guess I'll have to check under the bed for my missing billions.
> Also with targeted ads you don't have to hear/read about products you will never care for a moment in your life.
I don't have to look at irrelevant adverts at all because I use an adblocker. Something I started to use because of the battery sucking CPU fan abusing privacy invading toxic wasteland that is the online advertisement industry.
The tech industry in general, and online advertising companies specifically proved over many years they couldn't be trusted to look after people's data and privacy, so forgive me if I don't shed a tear for the shitbags who now have to stop exploiting me and my family's data.
In no way do the benefits outlined by OP even come close to outweighing the systemic risks posed by omnipresent surveillance coupled with precise targeting of individualized persuasive messaging with the intent of behavioral change.
The way targeted advertising is currently implemented is a mass violation of privacy and autonomy, a clear and present threat to democracy and liberty, and an indicator of the complete ethical collapse of the US tech sector.
"Also with targeted ads you don't have to hear/read about products you will never care for a moment in your life."
When I'm researching for product of a certain kind, I often get advertisements for months after I bought such a device. I still get ads for a 3D printer that I bought 3 months ago, I stopped caring then and find it frankly annoying.
It has been more then 10 years now but I've worked a couple of years in e-commerce when Google Analytics was still Urchin and ad-sense was not a big thing. You know how we needed to drive sales traffic to our sites ? By providing good and informative content and that sometimes being the smaller shop.
The corrupt ecosystem around enabling "they can target only the specific people who needs the thing they sell" however is a terrible thing for humanity and targeted ads are a neccesary (and welcome to me) casualty.
GDPR benefits the US and US tech dominance. With GDPR the EU just legislated away one of the most profitable monetization schemes ever devised. I think the administration will sit back and do nothing and watch the fire from across the pond.
You mean the consent like not going on the website in the first place? And if all GDPR was just a bunch of consent forms it wouldn't even be a problem.
GDPR is bad/onerous for the following reasons
- right to have access to the information that is being stored on you
- right to be forgotten
- right to view a web page without being shown ads
If GDPR was only asking for consent + banning the sale of information to 3rd parties it would hardly have had the chilling effect it is currently having.
I've been seeing GDPR supporters saying that a lot recently. Time will show if it's true. I admit it's possible that removing ads as a revenue model could somehow allow europeans to innovate and discover a superior model but I'm not betting on it.
Thank you Europe for being the guinea pigs, you will either lead the way or hopefully prevent others from making the same mistakes.
Thank you for giving my comment the least charitable reading possible. If that were the case why would I even bother leading with
"you will either lead the way" If a better monetization scheme that ads arises from the ashes of GDPR then I really will have no reason to be frustrated.
i hope the US manages to pass a sensible, pragmatic regulation that takes into account the realities of the internet, because gdpr is a bureaucratic nightmare.
It's perfectly possible to do targeted ads without collecting personal data! You just keep personal data where it belongs - on the user's computer/phone - rather than stealing it.
Keep the personal data in local storage, have the logic that chooses ads run locally, and you have targetted ads without invading anyone's privacy.
I don't know if that satisfies the GDPR - not a lawyer. But it would satisfy me.
Unless you are unconditionally loading all possible ads into that code that runs locally, it still betrays the result of the local code's analysis when it loads the specific ad. This kind of request is already used to exfiltrate personal information. Even if it isn't explicitly sending personal encoded into the choice of ad, simply sending coarse data about someone is still an unacceptable betrayal of privacy. Small, currently insignificant pieces of data become revealing specific life details when joined with other databases.
In addition to the choice of ad, the server can also log at least a timestamp, the IP Source Address, the {TCP,UDP} Source and Destination Ports, and any other interesting features in the IP protocol headers[1]. With some effort, this is probably enough to allow the ad requests to be correlated with other sources of personal data.
> you have targetted ads without invading anyone's privacy.
No, you only made it very slightly more difficult to invade privacy. This would only result in a minor rate limit to exfiltrate personal data, and added the need for a few more INNER JOIN clauses.
[1] This may include a significant amount of identifying entropy. For example, nmap's -O uses the variations in the IP headers and protocol implementation to guess the remote host's OS (sometimes to specific versions).
Careful about unintended consequences. I saw a project where someone built a version of "Asteroids" where certain fake asteroids would appear or not based on ":visited" css or something. Then by recording where players shot at, the site was able to infer which of various websites you had visited.
Mozilla experimented with the idea you're replying to -- a system that would download a bundle of disparate ads from a central server, and then decide based on information in the browser which ones to show. Take away active content from the ads, or (very distant second best) sandbox them, and you can do targeting without the advertisers or even the distributor being able to figure out why a particular ad was shown.
Yes. If you're trying to build an honest ad network, you're not going to do that; but you still have to worry about leaking information to less honest clients. If the information is in the browser, someone will try to exfiltrate it.
Yeah, you could imagine something like this. You could train a model about the types of ads that would be effective using the online data of those who consent (or Americans). You could download the model on each EU person’s computer, evaluate the model against local history, then request ads from resulting categories. It wouldn’t require moving their personal data off of their device. You could pay a small subset of people to serve as trainers for the model.
Yes, it would be hugely challenging to implement, but it definitely seems possible to do something along these lines.
you need to ask permissions if you re processing them, locally or not. plus then you dont have control on data deletion, with the user leaving their data on public computer etc.
I always wonder how many of my decisions have been subconsciously influenced by ads. At the moment the only stuff I feel like spending money on is tech stuff. Probably because the only place I visit on the web is tech forums. My spending on other stuff has dropped down drastically ever since I took a hiatus from Facebook.
Solution is simple: don’t do business in the EU. problem solved. Let the companies who can be bothered to expose themselves to litigation and spend $$ on compliance service those customers.
Funnily enough, the GDPR applies not just to foreign companies processing the data of people in the EU, but also to companies in the EU processing anyone's data :-D
i think he meant "invasive pop up ad networks". These are not necessarily tracking you (in fact most likely not as they are low tech), and gdpr doesnt do anything about them.
Could someone please ELI5 how programmatic ads could be compliant with GDPR? I can vaguely imagine how Google could be compliant. But generally, there are just so many players. How could PII transfers even be tracked?
> how programmatic ads could be compliant with GDPR?
One way would be to:
- store all user data client-side, stuff it in a cookie.
- Guess this user data, associate particular articles with particular data, e.g. X % chance of being male/female, probably likes cars, probably likes the colour "yellow", even if some of this data has been given to you directly by the user.
-"Clean room" ad selection. Have the ad selection algorithm run on the same server/network that serves the content and retrieve desired ads directly without exchanging any user data. Advertisers provide matrices of desirable matches of available ads to match against.
Matches won't be as precise, available data will be very limited, and if a user clears the cookie, you'll have to start from scratch again.
This way:
- you know nothing about the user, except for what could be inferred from their reading behaviour on a single site.
- even that limited data never reaches advertisers, so it can't be collated and aggregated in a pernicious way
- users are in complete control of their own data. If they clear their cookie, there's nothing left on the publisher's side.
-if you shield and rotate your ip logs, they're nothing more than addresses that requested some page at some time. None of the data is combined in an attempt to identify a user, other than possibly in a security context.
So yes, it should be possible even if it needs a more careful approach and more deliberation with regards to user privacy, but that's a main point of the legislation.
"Tracking Cookies are a specific type of cookie that is distributed, shared, and read across two or more unrelated Web sites for the purpose of gathering information or potentially to present customized data to you."
You still make a valid point though, but my guess is it's not going to be considered pervasive tracking, where a data subject loses hold of their information, and will be considered in-line with the spirit of the GDPR, since it addresses the excesses the law set out to regulate: the wide-spread leaking and sales of profiling data.
It is unlikely, these ad networks are going to have to do a pop up each time they added another ad buyer to their network to allow you to opt in. It really couldn't happen to scummier people in many ways. I expect there are exists some reasonable third party ad aggregation and distribution networks but given the low bar to entry and ease with which the advertiser can be defrauded out of a few thousand dollars, the number of scummy ones dominate by a large margin.
You can capture consent on your first party site (enumerating each of the networks and letting user opt out) and pass that to advertising networks: http://advertisingconsent.eu/
I think the more difficult part is that you also have to be able to retract consent. So a first-party site has to offer this possibility as well and pass that to the advertising networks, which will have to remove the relevant data.
Of course, this is technically possible. But apparently everyone has been sleeping during the two-year grace period.
As I understand it, ad networks integrate PII from many sources. From first-party sites, yes. But also using third-party cookies. And, at the point where a user is asked for consent, how can the eventual path of PII sharing be predicted?
I don't think that ought to be possible (i.e. it's probably legal today, but shouldn't): if I'm giving consent to be tracked by company A, that does not extend to company B.
And blanket consent like "ok to be tracked by whoever" should be illegal.
Wow! What are sites supposed to do to place non-targetted ads (traditional content-based banner ads)? AFAIK, ad networks (if there are still any left) and ad customers still want tracking pixels or other instruments to measure (unique) impressions, which would also need consent under GDPR. OTOH, you could say that DoubleClick and Facebook ad impression figures aren't really more transparent or fraud-resistant than no stats at all since nobody can verify those anyway - except your own trackers, that is
Traditional banners would be fantastic. I’m hoping for a future where a fraction of sites move to traditional print style ads, some fraction moves to paid content, and a huge fraction simply moves to the waybackmachine. If tracking ads support a business it’s not a business it’s a scam.
Also, I find it interesting and confusing that the site puts up a panel on the privacy policy, which says "By using our site, you agree to these terms". But then it has an "Accept" button, as well as an "X". So (not that this site is unique) what does it mean if I don't click Accept (as is my wont)?