I am reminded of this, from Paul Graham, about his time at Yahoo: http://www.paulgraham.com/yahoo.html
"...The reason Yahoo didn't care about a technique that extracted the full value of traffic was that advertisers were already overpaying for it. If Yahoo merely extracted the actual value, they'd have made less."
I'm pretty sure that, the more we learn about how well advertising works, the less money people will be willing to pay for it. What's happening to billboards and newspapers right now is probably coming to several other industries soon.
I know Twitter isn't known for being the best at advertising, but it was made exceptionally clear to me that online advertising is a massive bunch of lies when I did my GDPR Twitter data export and it included me in a bunch of incorrect, non-sensical and contradictory ad targeting groups.
Twitter claims I:
* Own a cat, dog and other animal (I don't)
* Have between $100k- $999k liquid investible assets (I don't)
* Have a net worth between $1 and $1m (cool - I own *something*)
* Am highly affluent (/shrug)
* Am a high spender (okay...)
* Am a frugal spender (...but how can I be both a high spender AND frugal)
* Own a house (I don't)
* Have multiple families (I don't)
This is expected. It's not desirable, but it is expected.
The problem is your comparing it to an absolute. I.e. to perfect.
If advertisers had that choice, they would love it. They generally don't. Remarketing is kinda close, but limits the scale.
Rather, the only other scalable options are far worse. Think about it. What are the marketers other choices?
The one that should come to mind, and the one they spend most of their money: TV.
With TV you pick up a huge amount of waste. Say you buy a spot on Big Bang because you want people thinking of buying a new iPhone. Not a big stretch, right? At the same time thinking of all the other people they have to buy, who watch the ad, and aren't buying an iPhone. It's waste.
And that waste is huge relative to what you're talking about above.
So you're asking the wrong question here. It's not how good is the targeting in terms of precision/recall. The question is what's better?
The waste here is generally known & its priced accordingly.
> I was very disappointed that the Google and Facebook data exports don't contain this data.
It's in my Facebook export. Under "Information About You" did you uncheck "Ads"?
That's where the information is contained & it's checked by default.
You can also view it here for both FB & Google, as well as opt of both:
Is it really worse than "this article is about X, Y is related, let's show some ads for Y"?
I bet from the point of view of the advertisement middlemen it is not. Because they capitalize mostly on showing ads of products that people already decided to buy or are very near deciding. But that is yet another racquet that only decreases the value of the industry. My question is, from the point of view of the real advertisers (the ones selling something), is it really worse?
So you'll end up having to try to monetize something that has little no no related things that are profitable to advertise.
Advertise on a tech site, 80+% will be interested in tech.
Advertise on a dog community site is probably pretty spot on if you want to target dog owners...
Far better than what, 5% ? This isn't rocket science, we sold everyones integrity for pennies.
> who watch the ad, and aren't buying an iPhone. It's waste.
No, advertisements like that are more about selling the brand than selling iphones. Something TV is probably pretty good for.
That would probably target dog enthusiasts or dog hobbyists or dog fanatics, which are all subsets of dog owners.
I think that one of the things that makes social media ad targeting so attractive to advertisers is that they can target the dog owners, instead of just the enthusiasts/hobbyists/fanatics.
Big brands struggle with UGC. Witness the events of YouTube & brand safety.
But even without that, what you're saying just isn't scalable. What community site can reach even 50% of dog owners -- let alone what a primtetime sitcom or YouTube can reach?
> No, advertisements like that are more about selling the brand than selling iphones. Something TV is probably pretty good for.
What? Sure, they have campaigns running for awareness, recall, perception.
But you're really saying Apple doesn't dramatically increase its spend when a new phone is released? That's poppycock.
> But you're really saying Apple doesn't dramatically increase its spend when a new phone is released? That's poppycock.
When is the best time to sell the brand? When your flagship is a year old and still costs as much as on launch day and when the competition has surpassed you? Hardly.
If you buy ads, you want them displayed to the non-fanatics that is not influenced by experience and vulnerable to brand exposure.
But the only one who cares is the middleman. They are the only ones that benefit from the scale.
Give me a list of dog community site to target 1 millions dog owners.
Now tell me how expensive it would be to show ads on theses websites.
Plenty of dog owners are on Facebook, much easier to target 1 millions dog owner there instead.
Did I forget to mentions that it's for a dog shop in Montreal? Good luck!
Again, I guess this is because Twitter sucks at advertising.
All the things FB has done to extract things like resturant data etc are product development they undertook. Twitter spent 10 years moving form 140 characters to 280 instead.
There is no reason why Twitter couldn't have done the same 5 years ago. And no reason that they can't do it now.
(Also people are just as likely to follow and talk about things like tv shows and music and politics on Twitter as FB)
IOW, Twitter followers may be total strangers to many IRL, unlike Facebook followers.
I think advertisers have been chasing a chimera via targeting, because not only doesn't it work well, but there is a trade-off to maintaining a brand.
I try to buy quality goods because cheap stuff doesn't last. That means spending more up front to spend less in the long run. So frugal, but also maybe high spender?
My mom always says: if you're poor, you can't afford to buy cheap.
I don't think they pay off long term, at least it seems heavily dependent on the product type. That's because we are playing a lottery game, even if this product breaks in 0.1% cases vs 5% cases for a much cheaper product, we're not buying large numbers of them, we're buying just one and while the probability to break on me is smaller it can still happen and the monetary loss would be much larger than if I were to buy the cheaper product. That is, the warranty doesn't scale with the price (the expensive top quality TV is $2000 and the cheaper one is $500 and both have 1 year of warranty), for the same money I can buy 4 of those $500 TVs and would last at least 4 years (but very likely to find at least one that will work much longer, since I'm buying up to 4 of them).
* Your age bracket;
* The fact that your net worth is positive (not deep in debt);
* Whether you live in a city / suburb / countryside;
* Which part of country is that;
* Your gender;
* Your race / ethnicity, broadly?
* Yes, but the age bracket for me is _very_ wide (it says "alive and not in need of new knees yet probably", but not much more)
* They didn't have this info
* This was wrong
* No, they didn't have this (although the country itself was correct)
* They did not have this
It's a bubble!
I think it is an intentional stretching the interests way to far to look better for advertisers.
In more details:
Maybe it was all the clicking on CafeMom.com (mommy blog with tons of trackers and ads) while I was testing the Pi-Hole set up. :-)
Facebook has it available, if not in their Download Your Information tool. Go to Settings -> Ads -> Your Information -> Categories.
But interesting page. Looking at the "advertisers who have added your details to their targeting list" it again shows how bullshit this industry is:
* Playstation in 19 countries
* Musicians which I definitely don't listen to, like Keith Urban, Post Malone, Jack White, YBN Nahmir, and Ziggy Marley, whoever these people are.
* Pages like "Top Kickstarter Watches" and "Top Kickstarter Inventions"
* A bunch of restaurants that I've never been to, but are in the same complex that I used to live in (thanks whoever sold/'shared' my email, literally probably my former real estate agent)
I also see a lot of PlayStation related ads on my news feed... I haven't used a PlayStation since I got an Xbox one!
Also, one can be high spender and frugal. A person who buy one pair of very expensive shoes and wear them for 10 years rather than buying 10 pairs of inexpensive ones would be such person.
Facebook does have demographics and targeting data. Go to Setting -> Ads -> Your Information -> Your Categories. I haven't found a way to export it.
On the categorization side, Facebook does a half decent job considering I don't upload anything on FB or any other sister sites.
Twitter on the other hand might be running algorithm which tries to extrapolate too much from the available data.
Twitter is just entirely incompetent at everything, so no surprise they get their advertising product wrong too.
The fact that you choose to purchase certain items over other equally suitable items is largely because of advertising.
If that's true, it's not because ad tech doesn't work, it's that most advertisers don't use it properly. A large percentage of my company's revenue comes from performance marketing (running paid traffic to affiliate offers) and it works very well for us. You just have to know what you're doing, make sure you're not getting too much bot/junk traffic, and bid the appropriate amounts. We've written software that handles all of this automatically, and our paid traffic campaigns do amazingly well. Show me another investment in which you can reliably and consistently achieve 30%+ ROI weekly with a fair amount of scalability.
Ironically, native ad networks like Taboola and Revcontent will flourish in the new GDPR world. Since they target ads based mostly on nothing more than the topic of the content that the user is viewing, these ads are effective enough for smart performance marketers to make money with, and GDPR doesn't fundamentally change anything about their model. EU advertisers will flock to native and abandon other forms of advertising that were based on more invasive targeting.
I can't believe nobody is making a profit. I just suspect most of the trick is in generating demand, not finding it. That or diversifying offerings.
I’m not sure what you mean by that. But generally we get about a 30-50% ROI on our native ad campaigns once they are optimized, and most affiliate networks pay weekly if you produce significant revenue. We do better than most because I wrote some clever stuff to identify sites that were sending us mostly bots/bad traffic and automatically blacklist them from showing our ads. There are a ton of these in the native ad space.
I just suspect most of the trick is in generating demand, not finding it.
There are evergreen affiliate niches such as weight loss, hair loss, erectile dysfunction, etc. Aging, bad genetics, and poor lifestyle choices generate the demand for us. Making money in these niches is generally as simple as placing ads on sites where people that belong to certain known demographic groups visit, and reducing fraudulent traffic by as much as possible.
That said, the niches you describe sounds like snake oil markets. :(
EDIT: reminds me of that one story about A/B testing, which pretty much directly told us how adtech companies are bullshitting their own customers.
I highlighted the more interesting parts back then: https://news.ycombinator.com/item?id=10873226.
In it E. Ann Hollier and Tim Ambler make a strong case for what has been known from the start about branding: that mass media do it best, without performing at the personal levewl. One corollary for their case might be, "Not everything you value can be measured, and not everything you can measure has value."
Because digital advertising can be both targeted and measured, the whole advertising business decided that ads perform only when they are targeted and measured. But that's not advertising, really. That's direct marketing, which -- as I say in that post -- is descended from junk mail and a cousin of spam.
It's no accident that the $trillion or more spent on adtech hasn't produced a single brand known to the world.
The unanswered question is the one raised in The Problem With Targeting (https://www.dotcoma.it/2015/06/22/the-problem-with-targeting...), and pretty much everything Don Marti and Bof Hoffman (look them up) have been writing as well: is it possible for online advertising to brand products the way offline print and broadcast media could, and still do?
I suspect the answer is no. But my mind is open on the matter.
Compared to what?
It may be easy to provide evidence for:
* Time and resource intensive prebiased word of mouth has a higher conversion rate.
* Conversion rates for mass advertising are very low numbers.
It is also easy to provide numbers for:
* Conversion rates for targeted advertising are significantly higher than non-targeted advertising.
* Having a non-existent marketing strategy for scale markets has a high probability of failure.
What is your position exactly?
Consider also some of what is implied throughout the article, that changes implied may price smaller companies out of the market. This doesn't bode well for competition, particularly for less funded competition. Small p&l organizations typically need to market to drive revenue, they're rarely in a position to push brand marketing strategies alone. Indeed this is a common huge difference between fine and coarse targeted platforms - when did you last see a small p&l trying to advertise on cable? What about on fine target platforms such as Facebook? Do you want such companies to become competitors to brand giants?
I test drove a car and after I got almost a dozen follow up calls while I was busy with other stuff, I blocked the dealership number. They kept calling me from other numbers, which I also blocked (with the new Android spam filter on my phone). But the amusing thing was that I started seeing ads for the dealership online promoting their "low pressure" sales team!
I made fun of a company called Salsify for naming their business after oyster plant, a root vegetable I can't stand, and now I see ads for them all the time.
That sounds like a statement from someone not very familiar with advertising.
Minimally it's contrary to the agency model & its incentives. A lot spend (the majority?) goes through that model, and it's not likely to change any time soon. And if anything GDPR, will increase it.
That said, even as measurement & attribution improves, the reality is that the effect will be shift to spend around. The better an advertiser can identify waste, they better they can redeploy that spend. Because that improves the ROI, the less it hurts the margin, and the more it makes sense for them to spend.
If that was true, Coca-Cola and McDonald's wouldn't exist.
McDonald's is a funny one. They really don't seem any worse than most other fast food to me. I suspect they saw more expansion from their franchise methods than anything else, though.
Which is not to say the marketing isn't important. I just don't think it deserves the full victory.
- Coke: their branding, market research, and consumer strategy got them where they are today. All are marketing functions.
- McDonald's: franchise go-to-market strategy, branding, consistency of product. All are marketing functions.
Whether or not paid advertising helped them is a whole different argument (and one I'd argue, as when 'tis the season, it's always the real thing...)
Might as well debate that "business" is responsible.
Especially if the success is not repeatable. Which, most early practices of large companies today are not repeatable by smaller companies.
The "business" defines the problem-space and strategic direction (in these cases, food/drink), marketing defines how you address the space (specifics of the products from research and evaluation, market positioning, promotion to audiences), operations executes on the above (supply chain, training, maintenance), and then customer support feeds into all three of the above.
This GCSE Bitesize piece (revision material for UK exams students take at 16) outlines why marketing is more than simply advertising and promotion: http://www.bbc.co.uk/schools/gcsebitesize/business/marketing...
Advertising is a subset of marketing, but marketing is a broad term, and is often mistakenly limited in how it's used in arguments (usually to belittle the role of it).
Consider, as well, that the engineering department is also responsible for the Product. In large, they are also influential in the Price. Yet, I think it would also be unfair to give engineering full credit for a successful product. Even if it was well engineered or poorly marketed.
Which is to further my point that I was not trying to dismiss marketing as a valid area that a company should invest in. I just don't think it should deserve full credit for Coke and McDonald's existing. :)
There is no reason to expect that ad spending will drop in total, because ads never worked very well in any medium, but they worked well enough that it's worth investing in them. The portion of ad spending in TV has not changed significantly the past decades, what has happened is spending has shifted from newspapers to online. but the overall the volume keeps increasing in all media
I saw a similar up-ending of an ad-dependent industry 15 years ago with newspapers. Advertisers for years assumed a certain value based on the circulation numbers as reported by ABC. There was no real way to directly measure that value other than inferred activity within a geographic region that could arguably be tied to newspaper advertising. With the internet advertisers began to be able to track specific value for ad campaigns based on click-thrus, cost-per-action, etc. Those values were lower than the assumed value of newspaper advertising, which began a shift in where money was spent. Combine that with the fact that ABC numbers started to show that they were far less accurate than originally assumed, due in part to gaming by the papers themselves, and revenue started seriously shrinking. The last firewall that newspaper had was classified, which quickly folded in the face of job and real estate sites and of course craigslist.
Internet advertising has been suffering the same game-playing by sites that newspapers pulled with ABC circ numbers, and as advertisers gather more and better performance data about the value of ads and campaigns they're realizing that value is less than they thought and seems to be trending down.
Regardless of whether there's more or less privacy for users/consumers, the indications are that advertising is becoming less and less valuable.
I don't see any evidence to support that. Total spending on advertising is increasing every year. Newspaper spending is down, Google & Facebook is way up. Overall it's up.
The math is 100 x 100, or one sale for every 10,000 eyes who sees your ad.
In a vacuum, those numbers are awful. If your entire marketing strategy is buying ads to convert to sales, then of course, advertising doesn't work, and really, you probably shouldn't be advertising in the first place.
Also about half the market is branding, which is all about exposure rather than direct clicks or conversions.
(Its a virtual-goods product. Not subscription, but usually multiple-return customers. Around 70% gross margin since we have some high upfront provisioning cost.)
I just don't understand the anti-social media agenda. The same people who for 2 years have been saying that social media advertising is so effective that it got trump elected are now saying it is ineffective. They demand that political advertising on social media be monitored because it is so effective that it gets presidents elected. Now, it's social media ad spending is so ineffective that these companies won't be around.
> What's happening to billboards and newspapers right now is probably coming to several other industries soon.
What's happening to billboards and newspapers is that ad money is flooding into digital space ( where the young kids are ).
Why speak so authoritatively about something you obviously know nothing about?
1) US election went “wrong”.
2) The same is happening to them
3) They’re mostly not hitting their own companies
Obviously it’s a lie. The “right” is gaining in Europe like crazy, not because of Facebook, but because the existing governments have seriously underperformed.
But politicians faced with the choice of admitting mistakes that they don’t even know how to fix, or to wildly and randomly strike at whoever got blamed ...
Is it really the same people? Do you have any examples of this?
So does that mean you think that social media advertising is effective as people claim and Russian use of it got Trump elected?
Regardless of whether your "same people" is a straw man, the opposite of a set of inconsistent claims tends to also be inconsistent, so I'm not sure what you are trying to say here.
People think that adtech has some incredible insights but 99% of data is terrible. If you check your profile at any major site, you'll quickly find that you're probably in several conflicting segments that have nothing to do with you. Context is still king for any marketer who knows what they're doing, but unfortunately the industry is overwhelmed with subpar talent and politics through layers of agencies that buy buzzwords like "AI" and "data". Barely any adtech companies have a direct link to a person, and any links that did exist are even harder now with adblocking, 3rd party cookie deletion, ephemeral mobile device ids, IP renewals, and other noisy and loose signals.
Interestingly, big companies like Facebook and Google that have user logins and 1st party data connections will actually benefit from the higher industry regulation and are not going to lose any of the data that users willingly give to them. ISPs are another major source of data, along with credit agencies and banks, and now giant ecommerce companies like Walmart and Amazon, all of which have very accurate and exhaustive histories and will see little change from GDPR. Overall it's well-intentioned, and good progress, but what it will do is vastly overstated.
However, financial firms are usually pretty against open academic research that would allow publication of papers. Many researchers truly value the ability to contribute to this field openly. Perhaps you are right and they will move to health.
We can see the next most lucrative fields where ML can be applied to by Alphabet's portfolio:
* Calico, Verily - healthcare
* Waymo - self driving cars
Another fields which comes to mind is robotics but Google liquidated their holdings related to this (Boston Dynamics) for some reasons.
I wish I knew more about this subject.
EDIT: those two links might give you a quick overview:
- https://spaceindividuals.com/space-jobs?country=Germany (over 50% of all listed, but not surprising, since the site's owner is in Germany as well)
Right now, I'm trying to map the industry myself.
Also you can definitely apply ML techniques to data without PII, it's just harder, which actually makes the job more in-demand for high-quality talent.
Not to mention, no amount of AI powered results can beat a slick sales team. $1M spent on quality salesperson is much higher ROI than $1M on fancy AI engineering when it comes to relationship-powered media spend.
This should be printed in large letters on the wall of anybody claiming to do data science.
I would not at all be surprised if this is enough for the machine learning and data science people to be effective, especially at very high traffic sites like Facebook and Twitter.
Even the most sophisticated ad modeling pales in comparison to fintech and bioscience/pharma where the real money is.
At my particular company in logistics, I can see many places where it can be applied- especially in the dispatching of deliveries and helping to set up a call with customer support.
My guess would be similar learning systems that aren't subject to GDPR, such as government, external to EU (US), the ludicrous information of things (smart sensors, cloud, etc) where information doesn't leave the user's control, AI driven products, etc.
Then you'll have quite a few who will just continue regardless, sometimes it's easier to apologize (and pay a small fine) than it is to ask for permission.
Don't get me wrong, I would love for all of these people to end up in the (Scientific) health industry. (It's worth mentioning Scientific, as there is a lot of useless crap that uses some form of learning and offers no real gain - would be disappointing to see them all end up applying deep learning to homeopathy for example.)
Requiring them to check an "I agree to be tracked" checkbox and signing an agreement (which has just happened to me yesterday in an EU country in accordance to GDPR) before they can use a product/service is hardly much better. This reminds me of the Android app permission system which requires you to allow an app to do everything it wants (including ridiculous requirements like when a game requires access to your contacts list) or just give up the idea of installing it (as for me I just grant the permissions at the installation time and then block everything redundant with XPrivacy). So I doubt it is going to do much good, a way like the cookie law doesn't really do anything but just introduces useless cookie warning banners.
That's specifically not allowed under the GDPR. Either the information is needed to provide the service (and needed means actually needed, not "my business model depends on it"), in which case they don't need to ask, or the use of the service can't depend on that consent.
(By the way, even if the information is needed, they still need consent to use it in other ways, and the same applies)
See the ICO guidelines on the issue: "If you make consent a precondition of a service, it is unlikely to be the most appropriate lawful basis."
I'm extremely skeptical of regulation that interferes with consensual deals between economic actors. You want transparency? Fine. But you don't get to randomly outlaw certain entire classes of business.
Business models are arbitrary and orthogonal to services provided.
> But you don't get to randomly outlaw certain entire classes of business.
Why not? Some business models are clearly antisocial and don't deserve to exist. GDPR is only outlawing business models based on large-scale abuse of people's private and identifying information. If you can obtain proper consent from enough percentage of your users, then your business model will be fine. If that's a problem for you, then ask yourself why.
I find it funny to see people complaining that their business model will be in trouble under GDPR. GDPR literally only outlaws being a huge asshole (in context of users' data).
that doesn't change the fact that the business model depends on that orthogonal action. Is it unlawful for gyms to charge by subscription instead of per-use knowing that most people don't use them? Should the NYTimes be forced to go pay-per article instead of subscription? Should nightclubs not be allowed to overcharge the bottle?
> GDPR literally only outlaws being a huge asshole (in context of users' data).
It goes beyond that, by forcing you to serve people that don't agree to your business model.
It isn't, and it shouldn't. Either can choose whatever works for them best. GDPR only outlaws a few particular antisocial behaviours, which makes a particular class of business models illegal or much less profitable.
The "but business model!" whining sounds a bit like complaining that you can't make money mugging people, because the government disallows theft and assault. Cry me a river.
That's a very interesting claim. So you're saying it'd be possible to organize fighter jet production as a co-op vegan collective?
Either way, you don't have an inherent right to specific business models and the EU is simply not allowing a business model anymore that has been widely abused. Of course it'll hurt some but I think overall the industry will adapt and change for the better.
This has become the default business model of the B2C Internet, as distinct from offering a service in exchange for payment.
Maybe "orthogonal" was a bit much. But almost always there's plenty of wiggle room to choose alternative business models.
People want more control over how information about them is used.
For web, most people don't understand the scope of tracking and privacy. None of the people I know understand what these web companies are doing, how they are being tracked and what data companies have about them. Nobody reads the privacy notice in those websites. Even after someone tells them facebook is tracking everything, they don't understand and just ignores it. There are no consensual deals on web. So GDPR is for all of them (and for people who understand and wants protection).
Also in America a company is more important than people. That's why there are so much negativity towards GDPR.
Of course if it's essential medication which people can't afford without the discount then that's another matter, but otherwise it seems kind of fair to me. And it gets a bit more complicated if you're in America where that data is going to be used by health insurance to adjust your premiums.
If revoking consent causes a detriment, then it's not freely given, and so that "consent" isn't sufficient to grant the data controller a legal permission to use that data.
Quoting recital 42 from https://gdpr-info.eu/recitals/no-42/ "[...] Consent should not be regarded as freely given if the data subject has no genuine or free choice or is unable to refuse or withdraw consent without detriment.", so it's quite explicit.
Bigger discounts would be a problem since that would be more of a detriment.
I wonder why not? Personal information is useless for most people, they give it away for free to the state institutions and the police wont even ask your consent. Some websites and services have found a way to make money off it, in exchange for free services etc. Why is this an ethically unacceptable proposition?
It's a bit ironic that you brought up mass surveillance because GDPR explicitly exempts the police and security services from its reach.
Edit (i can't post a reply):
- consent should always be required, but if you don't consent i shouldn't be legally required to service you. GDPR is more than just consent hence the overreach
- The NSA has more data than any single actor on the internet, we can't possibly claim that private surveillance is worse. The NSA may have a better profile of me than any private actor even though (and especially because) i m not american. And their profiling can harm something that businesses generally don't care to harm: my freedom
I didn't consent to shit. GDPR is the response to rampant abuse of personal data without obtaining proper consent. You're still allowed to use my data if I consent, you only have to obtain an actual, informed consent.
> The same way that when you go to a club, a strip club, or a casino you know you 'll be exploited.
What kind of clubs are you visiting? :o. Are you sure they're legal?
> It's a bit ironic that you brought up mass surveillance because GDPR explicitly exempts the police and security services from its reach.
It isn't, because adtech surveillance dwarfs government surveillance. Also, the police and security services are doing something valuable for me, even though they do it imperfectly. Advertising industry exists only to fuck me over. It's a cancer on society.
That's a big point in GDPR, I think -- there never was consent. It's the same as why terms and conditions aren't legally binding: nobody actually considers there to be a valid agreement when they click next. In a sense GDPR is just enforcement of people's expectations, and ending predatory practices that were misusing them.
> consent should always be required, but if you don't consent i shouldn't be legally required to service you. GDPR is more than just consent hence the overreach
Yeah, and in a world where companies were not abusive, it would work that way. As it is, we both know perfectly well what happens - companies have leverage over users, and they'll use it. They'll make you consent to every kind of data abuse and sharing to use the service, exploiting the fact that giving up privacy doesn't feel like it's hurting at the point the data is being taken. GDPR is designed to remove that leverage - to make it unable for companies to extract arbitrary consents on the threat of refusal of service.
This only really affects you if your business model was baiting users with "free" services, spying on them, and selling that data to adtech industry.
> The NSA has more data than any single actor on the internet, we can't possibly claim that private surveillance is worse. The NSA may have a better profile of me than any private actor even though (and especially because) i m not american. And their profiling can harm something that businesses generally don't care to harm: my freedom
Sure, so NSA may have pulled in your e-mail history at some point in time. But it's mostly sitting there. NSA doesn't care about you unless make yourself important to US national security. Adtech surveillance, on the other hand, track you constantly, through pretty much every device you have, every site you visit, and makes use of your data all the time. And all in all, this data might at some point finds its way to NSA too, already nicely packaged. NSA vs. adtech is kind of like choosing high potential loss but very rarely, vs. low loss all the time. I'd say the expected loss is worse with adtech, but I'm still happy GDPR will make the life difficult for both.
I understand you probably move in tech/libertarian circles so it doesn't seem like this, but the majority of the world population is in favor of laws protecting people from themselves and keeping them away from harm.
Now what is overreaching or not is a matter of opinion, and hence politics.
Also, under GDPR, you can always request export and removal of all your profile data from their data stores.
Sounds like something I'd opt-out, request all past data and have it deleted afterwards.
The whole strategy seems to be in bad faith. I wish more sites would react by minimizing usage of cookies instead of just adopting that dumb overlay.
If a company has no official office in Europe, how does this affect them? All advertisement and business focus is say only in the US, is it business as usual? What if an EU citizen decides to sign up?
Are US companies forced to deny customers not par of say an IP block (half assed method I know, but just speaking in general)?
With regard to enforceability outside the EU, that is anyone's guess. If you're in the US, there are already mechanisms that allow for the domestication of EU judgments in the US. Once domesticated, the judgment would have the same force and effect as if it had been issued by a US judge. However, the treaties that allow this are very complex, and allow for a large number of exceptions. So it would be up to a US judge in each specific case to decide whether or not a judgment for a fine issued under the GDPR can be domesticated. There are currently no treaties specifically relating to GDPR in the US, and I'd imagine there would be (very welcome) strong opposition to such a thing.
French in Canada, English and Spanish in the US, German among German expats (of which there are millions.)
Targeting a business for extortion because of the languages offered? Ridiculous. GDPR should only apply to businesses with a physical nexus in Europe, anything else is an attempt to assert extraterritorial jurisdiction.
Europeans don’t have to visit US/Canadian/Chinese websites. If they want to “protect” themselves, they simply stop using services they find objectionable. GDPR is nonsense — individuals should be allowed to do what they feel is right for them.
Why not ban all junk food from Europe? Tobacco? Alcohol? Those harm people far more than targeted advertising. If we actually “cared,” we’d be banning those industries.
GDPR is nothing more than a trade barrier.
Unfortunately, I must use words such as "likely" here because there is a large amount of ambiguity in these tests, along with a major conflict of interest - it will essentially be up to the would-be beneficiaries of these fines to determine whether or not you are subject to them. The EU HN crowd seems to believe that their various governments will only fine "bad" companies "reasonable" amounts under this law, and that it will not be abused to extract government revenue from foreign companies and/or hobble foreign competitors of companies in their countries. I certainly hope they are correct, but this would be the first time in the history of the world that such a broadly worded statute was not abused. The only safeguard we have is that the world is watching. If/when the EU gets too out of control in their abuse of GDPR, hopefully countries like the US will implement legislation that makes it impossible to enforce GDPR fines within their borders.
Pakistan was once considering issuing an arrest warrant for Mark Zuckerberg because someone created a Facebook contest that offended some Pakistanis  . The case would have carried a sentence of death by stoning. Even if charges had been filed, it is doubtful that the US would have extradited him to be stoned to death under the laws of another country. While GDPR fines are civil in nature, this case underscores the importance of not necessarily allowing the enforcement of other countries' laws in your own. If GDPR enforcement becomes abusive, one would hope that similar protections would apply in our home countries.
Also I am sure, half of world will have similar laws in next few years. Private data invasion just went to far, this has to be stopped.
It would be the first time in history that such a law has not been abused. The fear is real and fully warranted.
I am sure warning will come first
There is no mandate written into the GDPR requiring warnings before fines, nor is there anything preventing multimillion-dollar fines for first-time, minor violations.
See the Smartphone Charger regulation. It requires all smartphones vendors to come up with a standard for charging, everyone picked microUSB (though moving to USB C now). The EU is fine with that and the smartphone vendors know that if they start pulling the "everyone has their own port" shit again that the EU will get out the stick.
Nobody wants the stick. The EU not and the Vendors not. The carrot was the EU Cookie law, which was largely ignored and the consent dialogs poorly implemented (not even asking for consent the majority of the time). So this is them getting out the stick. Now you can pick which one you want.
>There is no mandate written into the GDPR requiring warnings before fines, nor is there anything preventing multimillion-dollar fines for first-time, minor violations.
Art. 83 of the GDPR details this. Art. 78 details what rights you have against them imposing a fine.
I don’t have to pick either. My company is not subject to the GDPR, and we will never put ourselves in a position to be subject to it. I will not be dictated to or threatened by a foreign government.
People keep saying things like this, and yet neither article a) requires that a warning be issued before they seek a fine or b) limits fines in any way, except for a top cap of $10 million/$20 million (or percentages of revenue, but the caps are more than 100% of the revenue of most companies).
I would love for someone to just say “yes, technically there are no required warnings or limits other than the $10/$20 million”. Because that’s the only true statement that there is about GDPR fines.
Canada, Japan and some other countries and even the US have indicated to copy the GDPR if not in letter atleast in spirit, though the US response is a lot weaker.
>I will not be dictated to or threatened by a foreign government.
The US is a foreign government and does it all the time to me, why is it a problem now?
>I would love for someone to just say “yes, technically there are no required warnings or limits other than the $10/$20 million”. Because that’s the only true statement that there is about GDPR fines.
You won't have that. The GDPR has a strict guideline on how to impose fines, it's not a law an won't be enforces as such. The regulatory bodies have bite because large players like Facebook or Equifax that leak large amounts of userdata require more than an angry letter in their mailbox.
As these articles mention, the agency imposing a fine should severely think about the level of fine and ensure it's appropriate. If you get hacked by a 0-day, you followed the advice of your regulatory body, your shit gets leaked and you inform your users immediately, it's very unlikely anything will happen.
If you get hacked because you didn't update your MySQL server in 5 years, you ignored what your regulatory agency said and you don't tell your users, don't expect them to go easy on you.
Easy as that. If you don't like it you can sue back and get the fine reduced or rescinded.
You cannot tell me that there is anything limiting the fines (other than the cap) because it isn’t written. You’re saying that you hope and think that each of the 28 governments involved here will be reasonable, but in truth you have no way of knowing, and they have every incentive to not be reasonable.
Again, if you think the fine you got is too heavy you can escalate this to the courts (even EU courts).
There is also no incentive for the regulatory agency to impose such fines if the business cannot pay them. In that case they would get less or even nothing as the business collapses and it has not been the modus operandi in any EU regulatory body I know or experienced.
If they aren't reasonable than the EU courts will make them reasonable or the EU will add additional paragraphs to the GDPR to prevent excessive fines. Simple as that.
Much like the cookie law or CAN-SPAM?
It covers the personal data of EU citizens. Similar laws exist going the other way. Betfair can't (or couldn't) give accounts to US citizens. IIRC, various poker sites had to close US citizens' accounts. The US even arrested a CEO of a UK company who was only changing planes on his way home to Costa Rica: https://en.wikipedia.org/wiki/David_Carruthers#Arrest_during...
>anything else is an attempt to assert extraterritorial jurisdiction.
Good. The EU should grasp the nettle and fulfil it's role as the leading global hegemony.
You're both correct and incorrect. It covers the personal data of EU citizens. However, not all sites are actually subject to the GDPR at all. EU traffic to these sites is considered incidental and no GDPR protections apply, even to EU residents, on those sites that are outside of GDPR jurisdiction. There are legal tests build into the GDPR (which I detailed in my original comment above) that determine this.
We've have had European and African citizens who've signed up. And that was more than enough for us to discuss "How do we make our stuff comply with the GDPR?". If we ever considered in starting up in Europe, us ignoring the GDPR is tantamount to writing them off before even thinking of them.
We also do things the right way. Deletion requests aren't treated as "ignore kthxbai", but all data is zeroed out then nightly purged from the DB. And I really think, with how current society is slowly turning against orgs like facebook, the way we're approaching this is one avenue of right ways.
There is always the chance that your own government will enforce EU rulings against you but at that point either your own government thinks GPDR should be enforced or you're in a very weak country and are going to have to capitulate to the EUs power anyway, much like small Latin American countries were forced to follow US policies
If a noncompliant company is going through due diligence prior to being acquired, they be legally obligated to disclose that judgement? Even if they didn't, how hard would it be for an associate at a law firm to check public records about the company?
The other side of that is that you can tell foreign governments to fuck off if you aren't dealing with them at all. The only time the foreign governments matter is if they are a superpower able to bend your own country to it's will, and that point you are basically a colony anyway so there's not much you can do
Alibaba for example likely has no plans to concern itself with GDPR compliance in its domestic Chinese operations. They obviously will segment and comply with GDPR as it pertains to the EU operations / EU customers.
This is just like most laws, when you're a tourist in a foreign country you have to follow the local laws, not the ones from your passport country.
Would help me out! I'm trying to put together a one-pager for my team.
Your company is service provider based outside the EU. It provides services to customers outside the EU. Its clients can use its services when they travel to other countries, including within the EU. Provided your company doesn't specifically target its services at individuals in the EU, it is not subject to the rules of the GDPR.
The standard should be: “do you have a physical nexus in the EU.” That’s it.
They advertised through sponsoring podcasts or Youtube channels, which is the sort of traditional advertising that's being contrasted to tracking-based adtech.
Facebook, Twitter, Snapchat - they only exist courtesy of their adtech.
Can you imagine how difficult it would be for Twitter to sustain itself with a paid model? There's such an extreme imbalance between the people that post regularly and are power users, vs people that just occasionally consume. The median user that reads a few tweets per day - at best - is never going to pay $60 or $100 per year for that product. Even if you have five million power users on there paying $100 per year, Twitter instantly goes bankrupt, they could never charge enough.
Also, I think what the article is suggesting is that brands don't typically get built on the back of advertising _initially_. All three of those started without it and added it in later once they were highly entrenched to try to monetize.
I still don't think it was a very good point in the article, though.
Where are the ads in snapchat? Or is the money made from selling people's information on to ad tech people?
The Google consent interface greets site visitors with a request to use data to tailor advertising, with equally prominent “no” and “yes” buttons. If a reader declines to be tracked, he or she sees a notice saying the ads will be less relevant and asking to “agree” or go back to the previous page.
Google can't get it right. Their ads suck, and their Youtube suggestions aren't much better. Amazon can't get suggestions right in their own store.
The whole ad industry is a joke. Most people I know do not watch TV anymore, not because of the content, but because of ads. I enjoy reading magazines, but I don't bother anymore because they got full of ads. Now I read books instead. Most Youtubers either have some kind of sponsoring directly in the video, or a Patreon because Youtube ads are clearly awful and ineffective.
I think Patreon and Netflix et al. proves quite nicely that enough people are willing to pay for quality content without ads. For the companies who want to market stuff, I don't have a solution (otherwise I'd be rich), but I do know I'll go to great lengths to avoid seeing your shitty ads.
You, I, and everyone else on this site don't represent the average user. Personally whenever I Google something out of curiosity as a one-off thing (e.g. "lyrics to Rasputin by Boney M" or "0-60 of a Golf GTI") I switch to in-cognito, just because I've noticed that Google isn't currently tracking stuff like that by IP. This way I don't get recommended Boney M videos in YouTube or adverts for cars I don't actually have an interest in elsewhere. And that's on top of uBlock, Disconnect, Privacy Badger, and a Pi-Hole on my home network. But I work in cyber security and I am in no way a "normal" internet user. Same with TV, I'm a cord-cutter with Plex running on a VPS: meanwhile everybody I know who doesn't work in tech just watches TV normally.
Pretty much everyone on this site saying "advertising doesn't work" is right that it probably isn't as effective for them because they've been taking counter-measures for years, but millions (possibly billions) of normal internet users do click on ads, or have their purchases influenced by ads.
I do agree with Patreon and Netflix, they're fantastic business models. Add Spotify to the mix too: although the renumeration they give to artists is laughable, it's a fantastic platform which has gotten me to actually pay for music for the first time in about a decade.
If you go through all that trouble, why don't you simply turn off personalized ads? https://adssettings.google.com/
Depends what you mean by "working". Like I said, companies always want to market their stuff. Online ads just need to be better value than print, TV, or radio - a low bar. Also, attention is a zero-sum game, if you don't target online you're missing out on a huge slice. An especially important slice of younger people.
> I honestly think this is very, very user dependent.
Of course. And as engineers, we're painfully aware how important attention/concentration is, and value that higher than most. I think content creators are similarly cognizant of that though. On podcasts, you're much more likely to hear "I don't watch TV".
Sure, in the short term, nothing is going to change. My parents probably won't stop watching TV, although Netflix usability is pretty good, even for them. But in the long term? And it isn't like TV is cheap. In America, cable packages are expensive, although the big media conglomerates are pushing some shitty deals to get people to keep buying them. In Europe, it's often worse. Decent, country-focused TV is usually free. But if you want to watch Game of Thrones, you're basically going to have to pirate it.
And even on shorter timescales, you can see changes. For example, I've followed some creators from Youtube to Twitch and find myself using it more, even if I'm not a fan of the UI or watching streams in particular. So it isn't even the same use-case, but the more time I spend on Twitch, the less time Youtube gets. Or podcasts. Youtube is still useful for discovery, but many people switch away from Youtube for consuming podcasts they follow.
In any case, on average people are more aware of how valuable attention is - a trend I think is increasing.
I was googling a lot about a certain piece of software (config, how to set this and that up with other things to work together, etc.) and that resulted in me getting ads for it from there on.
I mean yes, the targeting 'worked' - it's a software that interested me at the time, I even own a copy already. Targeted ad money well spent..?
The surgery was successful but the patient died.
Case in point: I book a hotel for next weekend in Sapporo and they won't stop pestering me with ads for hotels on said weekend in Sapporo.
Hello! I just booked a hotel and don't need another one!
What seems even more seedy is their emails:
Hello CaptainZapp; Prices just went down in Sapporo!
Which, first, is a lie. I know that because I was in Japan during golden week. And prices are very high and certainly don't get any lower for those days.
Secondly it seems fundamentally unfair towards the hotels that (have to) sign up with them.
Ads make sense to me in the age of information scarcity. But now if I need a thing, searching always turns up what I want. If I need to figure out what kind of thing to buy, I can read review at places like The Wirecutter. If I want to keep up with what's new in a field, I can follow experts via Twitter, mailing lists, etc. And if I have a problem I don't know how to solve I can talk to friends or use social media.
Please do give me random ads; they're easier for me to entirely ignore.
Right, because we're all perfectly rational robots with full control of all of our emotions and impulses, and the advertisers totally don't employ cutting-edge research in psychology to manipulate us.
Even if I never fall for it, the stuff that's most "relevant" from the advertiser perspective is to me the stuff I have to do the most mental work to ignore. The more irrelevant it is, the less I notice it at all.
After I opted out, I started seeing awful ads: mostly semi-naked bodies of people claiming to lose weight or bald heads.
Of course it's easy for Google to just say that this is what their economically optimized algorythm selects for a perfect stranger, because those are the only advertisers that risk spending ad money on someone they know nothing about.
Long story short: it's a sort of bribe already and you cannot prove it is happening.
So the middlemen get cut out, and advertisers deal with Google and Facebook directly.
The author thinks big brands are everything and can't see how letting smaller players sell to customers could help the economy. He uses an arbitrary standard of privacy to argue on the behalf of the largest household brands. I think he's missing the forest for the trees.
The parts of advertising meant to demonstrate "Hey, we're a quality company that can afford this prestigious advertising slot, therefore the reliability of our products is assured" has been eaten by frictionless digital review platforms. Of course, advertising and branding serve other purposes as well, and will always be some part of the purchasing decision. But social software and AI will likely continue getting better at matching consumers with products over time.
Meanwhile as ICO reporting, only on average 50 companies/sites have been investigated and punished, per year.
Most likely with GDPR being so damn popular, they will be overloaded on day one. Heck, I personally have 5 different emailers I never provided my email to, that I just wait for the end of May to report! Do I believe each will be prosecuted and extracted out of $25MM in penalties ? Nope.
In general it's easy to believe negative press about hated entities (for example, see liberal credulity about Trump's vulnerability in the US). I don't see the argument passing the bar for evidende, whether or not I want to believe it.
edit: the argument that adtech stinks is not evidence in support of the article's thesis. crappiness is not a predictor of a bubble, and the author makes no attempt to connect the idea that ad tech stinks (which is stated ad nauseum) with the claim that the GDPR will bring about a global sea change for adtech)
Just like targeting search ads to be relevant to the search?
It's also difficult to conceive enough advertisers on the demand side for many niches. In this scenario targeted advertisement would fill in for the lack of demand
You can read and understand the whole thing in about 30m, as a lay-person.
For e.g when a customer demands a chargeback through their bank, Stripe notes down the IP address of every transaction. It is important to note this IP address and check if the user created an account using the same IP address. How are SAAS companies to provide sufficient usage proof when it comes to defend chargebacks?
"The processing of personal data strictly necessary for the purposes of preventing fraud also constitutes a legitimate interest of the data controller concerned."
"Legitimate interest" is one of the legal bases for processing personal data under the new regulation.