
Google introduces 'Customer Match' – target web ads to email addresses - TomAnthony
http://adwords.blogspot.com/2015/09/Google-brings-you-closer-to-your-customers.html
======
baconner
Get ready for ads to start addressing you directly by name and doing other
like things to get your attention. Google isn't usually _too_ overt about
these sort of things but the less savory ad networks could get really
unpleasant.

"Hey there George Thompson, click to see one weird trick to hide your arrest
records from your wife Mary"

~~~
panarky

      You are prohibited from creating ad content which implies knowledge
      of personally identifiable information or sensitive information
      about your customers ...
    
      Sensitive information about your customers can’t be used in Customer
      Match campaigns or ads. Additionally, you can't use data from
      your Customer Match campaigns to identify sensitive information
      about your customers.
    

Sensitive information includes:

    
    
      Interest or participation in adult activities (including alcohol,
      gambling, adult dating, pornography, etc.)
    
      Sexual behavior or orientation, such as sexual orientation
      inferred from a user's visit to a particular website
    
      Racial or ethnic information, such as from sites or apps that
      collect affirmative racial or ethnic identification from visitors
    
      Political affiliation (other than the public registration information
      of United States voters), such as from sites or apps that solicit
      or store people's affirmative political stances
    

More here:
[https://support.google.com/adwordspolicy/answer/6299717](https://support.google.com/adwordspolicy/answer/6299717)

~~~
baconner
There is actually a creep-out effect with taking this too far I think that
drives people away from ads that are too stalkery. Consider the case of target
who toned down the exactness of some of their targeted mailer ads to women
likely to be pregnant after accidentilly kicking off the outing of a pregnant
teen to her family.

Perhaps we should be more creeped out by the more subtle personalized ads than
the clumsy attempt I suggested.

~~~
notahacker
The creep-out effect depends heavily on whether you're a company with a
reputation to protect (like Target)

As for the more subtle way of using this personalization will be to stick more
ads in the faces of people that once signed up for a service but don't use it
as much these days and don't open the reminder/newsletter emails that end up
in their "social" or "promotions" tabs. I found this sort of badgering with
traditional ad retargeting creepy enough to drive me to install an ad-blocker,
but it undeniably works and is heavily used by companies that care about their
reputation.

------
shostack
This is nothing new as FB has had Custom Audiences available for a while now,
and you could also do this with 3rd party audience lists via cookie onboarding
services like LiveRamp, etc.

What I'm wondering here is if Google will provide any way to upload this info
to them anonymously similar to how Liveramp does it.

I personally won't be running these, but I'm curious if others are _really_
comfortable with the idea of uploading their customer lists to Google (or FB
or anyone else for that matter) in plaintext vs. going through a neutral
middle-man that lets you just provide hashed values to get a match.

 __EDIT: __

Looks like my reading comprehension failed this morning and they do allow you
to upload hashed lists per their support doc. Also, to clarify, I have little
doubt that Google, FB, etc. can 't figure out who the people are. The main
concern is with the people managing the AdWords accounts pulling/sending
around plaintext email lists of all these customer records. That is often
extremely sensitive and valuable company data that should never be sent around
like that. From my experience, the people managing these campaigns are often
not technical or experienced enough to think of risks like that. So hopefully
the only way they can access such info is via someone who does have the
knowledge/experience to say "yeah, plaintext lists of our customer emails are
NOT something I'm going to be sending you a CSV of."

~~~
magicalist
> _I personally won 't be running these, but I'm curious if others are really
> comfortable with the idea of uploading their customer lists to Google (or FB
> or anyone else for that matter) in plaintext vs. going through a neutral
> middle-man that lets you just provide hashed values to get a match._

according to the linked [1] you only upload hashes of email addresses.

[1]
[https://support.google.com/adwords/answer/6276125](https://support.google.com/adwords/answer/6276125)

~~~
vomitcuddle
nothing stopping them from storing precomputed hashes for every registered
gmail address and using them as a lookup table

~~~
eli
If you don't want Google matching your customer list to individual gmail
accounts for targeting, then this service isn't for you. That's kinda the
whole point.

------
calbear81
This is already an option on Facebook called "Custom Audience" so I'm not
surprised that Google is releasing this as well.

Regarding the privacy implications, almost every major e-commerce site already
uses third party marketing systems, oftentimes with e-mail address, so this is
pretty much the same. They're not selling the data to a 3rd party since they
are a 1st party using a 3rd party tool.

~~~
zombees
Yep, this has been a thing for a while now. [http://mysocialsherpa.com/the-
ultimate-retaliation-pranking-...](http://mysocialsherpa.com/the-ultimate-
retaliation-pranking-my-roommate-with-targeted-facebook-ads/)

------
Animats
The article, quoting Google's PR: _" Google is in a unique position to connect
consumers with your business in the most relevant ways. Whether they’re
searching on Google, checking promotions on Gmail, or watching videos on
YouTube, we can deliver the most relevant information based on what they’re
doing, wherever they are, when they’re looking, and on any device they’re
using. Today, we’re building on these capabilities with new ads innovations to
deliver even more relevance."_

"Checking promotions on Gmail"?

Eric Schmidt once wrote:

“Google policy is to get right up to the creepy line and not cross it… We
don’t need you to type at all. We know where you are. We know where you’ve
been. We can more or less know what you’re thinking about.”

That was in 2010. They're now well over the "creepy line", and probably well
past the European Privacy Directive.

Log out of Google, now. Delete all their cookies. And get off Gmail. There's a
site on how to do this.[1] You don't need Google's "services".

[1] [http://www.leavegooglebehind.com/](http://www.leavegooglebehind.com/)

~~~
tdkl
Can't use favorites on Youtube without being logged in... Anyone with a sane
workaround for that ?

~~~
Animats
Browser bookmarks.

~~~
ljk
Also don't log in to Chrome

~~~
josteink
Don't _use_ Chrome.

~~~
on_
What browser do you use? If there was a sane option, I would use it but
Firefox really consumes resources even putting effort in to optimizing my
settings. Using the tor browser or something is just not practical for
everyday use. You can either give your data to microsoft, apple or google (if
you haven't already) or use FF.

~~~
josteink
> If there was a sane option, I would use it but Firefox

I use it daily on all my units (Windows, Linux, Android) and I have zero
issues.

In what ways is it not sane?

~~~
on_
i meant to imply that suggestions about browsers, (following a statement like
"delete chrome") often aren't practical for most people, and as a web dev I
need a fairly traditional environment. So by "sane", I meant things like using
ice weasel with noscript or tor-browser, or a very non-traditional small
independent browser. I have reasonable privacy and security settings in place
but need to be able to test websites etc.

I was asking the above because I love FF but on my macbook it was spinning the
fan up and using a lot of cpu. I will try it again, but it would crash or
throw the computer into spinning beachball mode; a lot.

------
grayje
Reading a lot of the comments in this thread, you guys are taking this
announcement and running with it in some weird directions. Google's just
playing catch-up with ad targeting features that Facebook has had for years.
Nobody is targeting individual users. There are HUGE amounts of
depersonalization work and legal review that go into making something like
this a reality. If you think Google's engineers spent more time developing
this than Google's legal team spent approving it, you're probably wrong.

Say a company wants to target ads to people that are in their email
subscription list. Or a brick-and-mortar retailer wants to marry up their in-
store customers with online data to target in-store shoppers with online
advertising. These are features that have been supported for a while through
Facebook and through third-party services like Liveramp. Google is building
the infrastructure to support these natively. It's not a new technology. It's
a very old one - what used to be called database marketing back in the days of
direct mail and catalogs.

Granted, I make my living in marketing, so I may be biased, but I think a lot
of folks are looking at this the wrong way. More targeted advertising is less
annoying, not more. (A) You aren't getting spammed with things that are
irrelevant to you. The ads you are shown are more likely to be related to
something you actually care about or could potentially want to buy. (B)
Advertisers don't have to spend as much money on targeted ads as they used to
have to spend spamming the world with untargeted advertising (see also TV,
radio, sponsorship & endorsement deals, etc), so their margins go up and they
can afford better product development, lower prices, etc.

The risks here are that you will somehow be outed as someone that shops
frequently at a particular store, not that you're going to be "spearfished" or
that the NSA will send drones to your house to kill you with missiles.

~~~
petra
Your post assumes that marketing generally helps people do the stuff they
want, not manipulate them into doing stuff according to advertiser wishes(to
some extent). Many users here don't share that notion.

------
mthoms
What's the implication here for sites wishing to monetize by selling (hashed)
email lists of their users? Take Reddit for example, it could make a lot of
money by selling the (hashed) list of users subscribed to /r/travel (or almost
any other sub). Suddenly all those users with adblock who won't fork out for
subscriptions would be generating income.

I know most TOS's say they don't share email addresses, but sites could
theoretically specify that a hash of an email address be allowed.

------
thephyber
Want to get the US government to push for regulation of marketing? Create ad
campaigns targeting legislators.

I fail to see how this will not eventually backfire eventually. This feature
is ripe for abuse from spearphishers.

~~~
dragonwriter
> Want to get the US government to push for regulation of marketing? Create ad
> campaigns targeting legislators.

That's already been invented. It's been a fairly big business for quite a long
time.

------
lukebennett
This is going to require merchants to update their privacy policies, surely.
Sharing personally identifiable information with Google (which could be
subsequently joined together with data from other merchants to form an even
bigger profile about you outside of your control) is entering a whole new
(terrible) world.

~~~
gk1
For most major ecommerce sites this won't be too different from what they're
already doing.

~~~
lukebennett
Few third parties have the potential to do with your data what Google can -
Facebook perhaps being one exception. I'd say this represents a significant
step up in terms of data collection. I've certainly never worked with a
supplier that could offer anything like Google could.

------
timthelion
This is a great reason to use subuser.org . Sign into google using one
subuser, and do you web browsing in another.

------
coldcode
Someday every ad will know us better than we know ourselves. Maybe that's
already possible.

~~~
frandroid
Therapy delivery through ad networks. Finally something socially
constructive...

------
NearAP
The article gave gave an example of 'Rewards program' of a company. Using that
example, most rewards program give you the option not to receive 'promotional
emails' from them. Does this mean such companies will also not upload to
Google, the email of someone who has opted not to receive promotional emails?
If the companies don't do that, how can a user 'opt out' of not receiving such
targeted advertising?

~~~
bamboo_7
Doesn't mean that at all. Reward program would just be an example of a not-
necessarily-web company that has a list of customer emails. Nothing prevents
them from adding your email to that list.

The scary thing is this means Google is targeting and following us on an
account basis, not just an anonymous advertiser id.

If only there was some universally accepted 'do not track' feature....

~~~
NearAP
I'm curious - is there any statistic around the number of people who browse
while signed in to their google accounts?Personally, I don't do that. I make a
conscious effort to be signed out when browsing but I've always wondered if
majority of people are like me

------
mmccaff
A list of email addresses "which can be matched to signed-in users" \- it is
not clear if the list will have to be gmail addresses matching the logged in
users? I'd assume so, unless Google is maintaining links between people's
google email addresses and other addresses they might use (eg. multiple email
boxes being used on the same phone)to make a match, which is also plausible.

------
pirsquare
The adtech term for this is call "CRM onboarding". This technique was actually
around for a while and popularize by 2 independent companies, Datalogix and
Liveramp (founded by Auren Hoffman). Both of these companies exited with
Datalogix (sold to Oracle) at around $1.2b and Liveramp (sold to Acxiom) at
$310m.

------
TomAnthony
It is unclear if this will be for the 'display network' (i.e. sites hosting
adsense) of just for ads on Google properties.

If this is across the whole web, then it will be interesting to see the
privacy protection they have in place.

~~~
shostack
I'd be shocked if it wasn't across properties. So GDN, Youtube, Search (via
RLSA).

------
rokhayakebe
Why do I feel someone is going to use this for dating?

~~~
thephyber
Spearphishers can use this to "date" you.

------
iridium127
spam worded in a better way is still spam?

