Personally I'd love to support more websites through ads if two conditions could be met:
- A way to ensure that ads don't try to harm me by e.g. leading me to websites serving malware or abusing my computer's resources (e.g. miners)
- A way to keep my privacy and control what data is collected about me (and who has access to that data)
Currently I simply can't turn off the ad-blocker even if I wanted as most sites become completely unusable and outright obnoxious by showing large, blinking or content-hiding ads, videos, popups or fake overlays. That's why most people use ad-blockers (IMHO). If ads are decent, relevant and non-obtrusive I personally would be happy to see them.
Also, go to any large website these days (without ad-blocker enabled) and check how many third-party trackers they load. There are many sites that send my data to more than 50 (!) different ad networks and partners, which is just insane.
BAT in Brave is opt-in -- each user consents before anything local happens with data or zero-knowledge/blind-token attestations -- and users can get _gratis_ BAT grants right now using the stable desktop browser (this is coming to mobile in about a month). The anonymous contribution system is the basis for the also-opt-in Brave Ads system, which uses local data only, local machine learning agent, and no cookies or user tracking by any server (even ours). Ads match against a catalog fixed daily or less frequently for a large set of users in a region who speak the same language. Attribution and confirmation use Chaumian blind tokens.
Users get 70% of revenue for opt-in, user-private (in tab), high quality ads at user-configurable frequency. We are working with publishers to provide user-opt-in ads for sites too, 70% revenue to the publisher, 15% to the user. User ad trial is under way right now, ping me if you want to be included. System should be available in Brave 1.0 in a couple of months.
Imho the beauty of your BAT system (the way it is envisioned) is it's independency from the current model of monetizing the web, which is ads, gradually evolving towards direct transmission between publisher and consumer.
Ads in the way they work on the web are just a very inefficient system of transferring this value, and they don't serve the original function of marketing anymore. It turned into a big game of psychological warfare.
The system is so inefficient that it finances almost the complete operation of Alphabet/Google.
As a user I don't know how the system works in the background, and when I read the recent news about Brave attacking Google for GDPR violation it was the first time I read about RTB and the technical aspects in the media. People need to know, so they can decide if they want to feed such a system!
Funding Choices seems to be a part of Google's answer to the growing problem of ad-blockers, but it can also bee seen as Google's answer to competition like Brave/BAT.
I read somewhere that under the umbrella of Funding Choices Google is also experimenting with subscriptions like BAT, but without the token.
I don't know how successful Google is with this, but this might be a tough competition for Brave, they will fight tooth and nails, and they control the Android ecosystem.
BAT is attractive for power users as you ride on the wave of privacy-friendliness which Google can't, but I think the real challenge will be the average user that wants a standardized, seamless cross-platform solution that can be used as the main payment gateway for accessing content, which is increasingly via gated Apps.
With Google controlling so much of the market with Android and Chrome, I wonder how they will react to BAT if it ever becomes successful, as they could theoretically quickly scale any competitive project.
I think the biggest advantage of BAT would be if big players could acknowledge it as a de-facto standard for decentralized transfer of micro-payments and privacy friendly ad networks. For this to happen it would be necessary to be somewhat "Open-Source", i.e. not strictly tied to a singly company controlling much of the tokens. I am thinking in line of an open consortium with different players holding a significant part of the BAT tokens each.
On your last paragraph, we can't standardize the BAT ecosystem until it is proven, and as it consists of more than the ERC20 token -- specifically it includes endpoint software currently developing in Brave, plus an anonymous accounting service alongside the Ethereum blockchain -- it won't be proven via the existence of the token alone.
On a future blockchain with anonymity, high throughput, and low fees (a trilemma?), the BAT ecosystem could be fully decentralized. That blockchain does not exist yet.
So our roadmap divides and conquers (the Mercury, Gemini, and Apollo phases), and we will expand beyond one browser when the system is ready, some time next year in my best guess. In particular (as noted in my other comments here), we need a high-integrity and fraud-resistant open source SDK.
Note that the BAT has diffused since inception to over 69,100 holding Ethereum accounts (https://etherscan.io/token/tokenholderchart/0x0d8775f6484306... -- you can see our User Growth Pool and Bittrex's liquidity pool as the top two accounts). The remaining roadmap work items are about token mechanics not token ownership.
Since Youtube is wildly unprofitable, Alphabet/Google has to be funneling in money generated from other sources. Thus, Youtube is funded by ads, just mostly not from the ads on Youtube.
It is a mistake to think of the BAT ecosystem fraud threat (which exists, for sure) as the same as the threat with remote scripts for ad view or click attribution and confirmation as practiced by ad-tech today. Third party scripts run without any integrity guarantees, so get fooled by fraudbots and cheated by other scripts (see "cookie stacking").
The "plane of adequation" defining truth as correspondence between an ad and its observed effect is browser native code, not Nth party scripts loaded into a DOM stew on page, or extensions and their JS scripts, which have privileges above page scripts but below browser native code.
Therefore the fraud threat to the BAT platform is a botted Brave instance including the BAT SDK. This is why we are planning to use secure remote attestation enclave/zone tech to ensure SDK integrity, and sensor M/L to check all the sensors for proof of humanity.
So for fraudbot users to get money out requires a costly simulation (see AML/KYC/etc. point I made in another reply today). Just hiding ad tabs (without faking identity for KYC/etc.) to waste ad spend would require faking the payable ad actions attested by the SDK, including human-like event streams.
Fraud risk never goes to zero with humans in the loop, but with BAT's native agent code, we keep the cost of fraud way above the low cost of fooling today's ad-tech scripts on page.
Any chance of putting brave on f-droid? Its the only app on my phone that I manually download/update. Totally worth it though :)
Do my ip-address, sites-i-visited, date/time of visit, geo-location ever gets stored in on a server outside (eg outside my phone or my computer I am browsing on)?
IP address is not yet masked for update pings (same as for all self-updating browsers, required for security patching) and for similar pings to check for updated ad/tracker blocklists. If you do not opt into any BAT ecosystem features (contributions or ads, which enables contributions), then your IP address is not otherwise used, but it does show up in our logs. See https://brave.com/privacy/ under "Technical Infrastructure".
(We'd like to do the update ping via Tor since we have Tor tabs already, but this is in the future.)
Many of Brave's users at this early stage are "lead users" (Eric Von Hippel, MIT) and represent off-the-grid prospects because they block assiduously, either in Brave alone or with Brave + uBO or another solid blocker. Lead users are worth much more due to their high usage of search, ecommerce, and paid services. I would not be surprised if our users can make $70/year as we bring the system up in 2019 -- when ad deals will be harder to come by and we'll subsidize revenue from BAT's User Growth Pool -- and climb by 2020 to above .7 * 320 or $224 net user revenue per year.
Let's find out! We aim to find the fair price for human attention after blocking all the fraud, arbitrage, and abuse in the current system, using the BAT ecosystem.
Note that by default, user revenue share flows back monthly and anonymously to each user's top/pinned sites and creators on YouTube, Twitch (and more UGC platforms to come). We expect most users to avoid the bank-like AML/KYC/anti-sanction/anti-fraud checks required to take out their revenue, but legit users are welcome to cash out (our partner Uphold, and more to come, can exchange BAT <=> many fiats and cryptocurrencies/tokens).
If we are right, then most Brave users, with their individual data sets and Brave instances/agents, will in effect replace the corrupt, crowded intermediary space using and abusing remote scripts to target and confirm ads today. After we have the model performing, it's on to other browsers, games, podcast apps, and so on.
I’m guessing the population aware of and interested in ad blocking and the population willing to half ass it in Brave is very slim indeed. I suspect that a majority who have become motivated to use an ad blocker and especially a script blocker have no patience left for any incarnation of advertising, regardless of fractional “rewards” on offer.
Your negativity aside, the test has not been run to completion where it matters, in the market. I keep noping out of YouTube Red or TV or whatever it's called, because Brave blocks all ads there and (with forthcoming work to enable playback controls in various settings including cars) easily beats the pretty-terrible YouTube mobile app.
The idea of charging for Brave that you lead with occurred to us, but browsers and even non-corrupt ad blockers are free, so it looks like a high hill to climb. Perhaps with the slicker video controls and integration work, but anyway, glad we got past the assertion about "miniscule" revenue to users. In my experience, paying users beats charging them :-D.
When I was at Middleware2017 I saw a poster/demo about this, MoCA+: https://koreauniv.pure.elsevier.com/en/publications/demo-moc...
I guess the problem is the same as with privacy techniques in general. If you ask companies to restrict their access to data, they just tell you no(1), as it might be worth a lot of money or open up new business oportunities they haven't thought about yet.
(1) This is anecdotal from projects of my colleagues in privacy research
What I do mind is seeing ads for stuff I don't care about at all, and if the ads get in the way of what I'm doing.
What I'm definitely not looking for is ads. Actually I try to avoid anything that might remotely look like one, from official websites (obviously) to comparisons of 3D printers that look like they could be biased one way or an other. Because obviously every company selling 3D printers is going to tell you that theirs is the best you could ever find. Even if they don't outright lie they'll put the emphasis on their strong points while conveniently forgetting to mention the drawbacks.
I really think ads are useless from a consumer perspective. I can believe that there was a time where the best way to reach potential buyers was buying an ad in the newspaper but with the ultra-connected society we're in it's just a waste. Make a great product, send it to a bunch of influential bloggers in the market share you target to review and if it's good the word of mouth will do the rest.
In a society where you can find reviews and recommendations for basically anything online, why on earth would I ever want to see ads? If you need to convince your potential customers that they need your product by spamming them, maybe your product is not that useful in the first place.
Of course the dark side of this is that of course marketing has caught on, now we have "native advertising" and people getting paid to pretend that they like something.
Unfortunately the majority of the consumer market revolves around a few common products and so most ads are about shifting revenue between functionally identical brands.
But I do occasionally see ads for relatively obscure stuff that might cause such an "I didn't know that existed." experience for other people. (I'm apparently hard to target.) For example https://news.ycombinator.com/from?site=viva64.com are essentially ads, but they are still interesting to read, and afterwards you might be in the market for a code analysis tool.
One of my favorite examples is Amazon reviews. Once you a time, those were legit and you'd see consumers referencing online reviews for products even if buying the product in a store physically, because it was valuable content.
Now, the reviews are so untrustworthy there are multiple sites that automate going through them to flag BS.
The unfortunate thing is that even after an ad medium becomes ignored by the majority of an audience, there's still an audience that's one to two standard deviations below the norm in suggestability that get preyed upon by advertisers. So it's those people that are the 0.1% clicking on general banner ads and purchasing a product. These are the same people that "call now" for those late night TV marketing commercials.
So the cycle for any ad medium is to get the attention of an audience, abuse it until most people stop paying attention, and then prey on the suggestably handicapped. It's a shitty industry, and quite unfortunate as if everyone could agree to not be awful, the fundamental feedback loop is one intrinsically motivated (find out about crap I'm highly likely to enjoy). But we're talking about a class of organizations (corporations) that can't even self regulate when lives and health are on the line, so that's certainly not going to happen for ads.
If I remember my history correctly, this is how the very first radio sponsorships started as.
I include myself in your description - love seeing relevant ads. There's a sweet spot there between those with high disposable incomes, high open mindedness and high affinity for novelty.
This population is by far the most attractive consumer for advertisers.
And I'm guessing you skip over any HN posts that are about a new product or service you weren't already aware of?
There's a reason word of mouth is the most influential medium for converting to a sale, and it's because a recommendation from a friend is typically not "polluted" by advertisers lacking scruples - so the "pitches" you hear are about things someone who knows you decently well thinks you'll like, and only for products/tv shows/services that the person actually thinks are good.
It's also part of why recommendations motivated by affiliate rewards or MLM sales are seen with such disdain, as it's behavior from a friend that crosses a love for acceptable behavior.
If we only saw ads online for things that matched our interests AND are very good products, we'd have a different attitude about advertising (but that will never happen, as it requires prisoner's dilemma type agreement across too many parties).
I see your point, but for me, even this is not true. I don’t need to buy things, yet I am susceptible to advertisements. Ads just convince me to buy things I don’t need. The ads you describe would be even worse. I would prefer instead to never hear about new products or services.
Despite all the billion dollars ML systems with gazillion of factors analyzed on petabytes of data, all we've got is 'hey, you googled for a 10uA accuracy bench multimeter yesterday! now for two weeks we will show you all the $15 multimeters ever existed!'.
Look at this (don't worry, it's short one-page) thread for example of how it might be instead - https://www.eevblog.com/forum/testgear/benchtop-dmm-advise-n... - and what if the message from Tek engineer that closed a deal was actually advertising? He just posted a link to relevant appnote, that's it. What if automatical advertising system showed the same link to the same appnote as an advertising to the same user?
I think this is a interesting model. To as society come to the conclusion that more connection of devices, smarter AI is not the right solution. That what works best is the right amount of connection and AI
Out of curiosity, how familiar are you with how ad systems work? Generally there's a huge inventory of ads, each with different criteria attached to them and metadata about bids. When a request comes in, ads whose criteria are met are selected out and an instant auction takes place. The resulting ads are then shown.
I cannot think of a way that allows for both honoring the ad criteria and keeping personal interests and preferences solely client-side. You can't even take advantage of any form encryption here, as the results of the filtering would allow the server to infer the private data. This means you'd almost certainly have to get all the data to the client to allow querying locally.
OK, fine, that's workable. Then you just track impressions and so on to figure out when advertisers get charged. A potential drawback is that it's very possible that with impression and click data it could be possible to reconstruct most or all of the data a user might wish to protect. And there's no way to get away from this, either - pretty much all online advertising models rely on tracking one of impressions, clicks, and actions.
As for your two conditions:
> - A way to ensure that ads don't try to harm me by e.g. leading me to websites serving malware or abusing my computer's resources (e.g. miners)
Policing the contents of ads can be quite the task. Ensuring the contents of arbitrary external websites is next to impossible. There are no good ways to do this in a fully automated system at scale when someone else controls the other server and can change what content it serves at their discretion.
The best way I can think of to ensure this is to limit access to this hypothetical advertising platform to entities with the expertise and resources to protect themselves and anyone who comes into contact with their servers. Works for me, but being shut out of access to the biggest and best advertising systems might be a problem for many groups.
> - A way to keep my privacy and control what data is collected about me (and who has access to that data)
You know what? I think I know exactly what you want. You want the newspaper model. Collects no data from you, preserving your privacy. Only accepts advertising from partners that can be trusted, ensuring your safety. Doesn't need to closely track impressions, views, or actions.
I think what he is describing is a future where the ONLY criteria ads are selected on is the standard user data set. Basically I open my browser settings, go to its "relevant ads"-section, enter some basic ad targeting info such as my age group, gender, and 2 hobbies.
Then because I entered "fishing" as an interest, I'll see a lot of fishing gear ads. Great!
If I'm NOT willing to enter any targeting info into my browser, or if I enter bogus info (or install a plugin that randomizes the info) then sites will not show me relevant ads.
I don't mind seeing ads for fishing gear if I told the site I'm interested in fishing. That's completely fine. I do mind seeing ads for hotels in San Francisco just hours after I searched a different sites for cheap flights there, or ads for that exact shoe I made an incomplete checkout of in a webhop store last week etc.
In that case, it's going to fail the test of being just as good pretty hard. Being able to target flexibly and based on user actions (or location, or other salient data) is really valuable to advertisers, in a measured-in-units-of-currency sense, and thus to publishers. It means better results from more narrowly targeted ads, and it also means more valuable ads to publishers.
It's perhaps not impossible, but it strikes me as a difficult thing to convince advertisers and publishers alike to take on.
Yeah I don't see the online ad business ever adopting something else because it's "as good", I think that browsers should drive this and ensure sites simply don't get this type of information, so the adoption to something better (for consumers) is driven by necessity.
The adoption of a system like the one I'm describing rests solely on the fact that the current information ads are based on, would dry up for one reason or another. Either because they don't dare use it (regulatory) or because they simply never get the information (technical).
I was under the impression that the past years of rapidly evolving DNT, third party cookie blocking, widespread use of adblockers (even in phones) etc was already rapidly drying up the amount of information available to track users? Perhaps I'm overly optimistic?
In practice, not everyone keeps up on their patches, meaning they tend to be vulnerable to known tracking methods. Total ad blocking prevalence is not as high as one might guess: https://digiday.com/media/ad-blocking-charts/
Additionally, neither Apple nor Google is incentivized to make it easy to block ads on their devices. The only people I know who have done so are ones who have gone to non-trivial lengths to accomplish this.
Sadly, I think you may be excessively optimistic.
Pretty much AdBlock could do that.
It let's you opt out of serverside-profiled and unprofiled ads, and opt-in into relevant ones profiled on client side.
They had a product for Windows computers that provided a caching, prefetching web proxy. The deal with it was that if you let it show you adds occasionally (I think it was whenever you launched your browser to your homepage or once a day if you visits to your homepage were less frequent) you could download all of the company's other Windows programs and use them free as long as your browser was configured to go through the proxy. These were programs that normally were sold on floppy or CD-ROM for $20-40 each.
The way the ad delivery worked is that the proxy would download ads, which consisted of an HTML page and some additional data. When you went to your homepage the proxy would serve up one of the ads instead, with a link inserted to take you to your real homepage.
There was a Forth-like language built into the proxy. The additional data for an add could include code written in this language, which would be run when the proxy was choosing an ad to show. The code had access to various things the proxy knew about the local system and user. It did not have any access to the internet. The code would decide how strongly the ad would like to be shown at this time.
The only thing that went back to the internet in regard to ads, as far as I remember, was counts of how many times each ad was shown. (Not that it would have mattered much if more went back. As far as I know the proxy didn't really know much about you other than the physical characteristics of your computer and your internet connection. I don't think they had gotten to the point of trying to infer interests from browsing habits).
This particular approach would probably not be feasible today. They only had a handful of ads available at any one time, with the inventory changing slowly by today's standards. It did not take much resources, even for modem users, to download the entire ad inventory and keep it up to date.
Can you imagine trying to put Google's entire ad inventory on every PC, and keep it up to date, so that the client can choose the ad entirely locally?
The entire Google ad supply does not need to be downloaded, just a relatively brief catalog (which compresses well) of live edge URLs and metadata (keywords, essentially), updated as new deals for a given region with large enough user base come online, and old deals expire.
And it looks like Mozilla is trying it again, though this is from a few months ago. What happened to it?
1. To really leverage the personal data, you need to run it through a model and correlate it with ad inventory. Those are two things you don’t tend to want to deliver to an insecure client. Then you need to collect data on how those ads performed to update the model.
2. For all that, it’s still more convenient to manage GDPR opt-in. Don’t underestimate the convenience of centralized management.
Mozilla did this for Firefox, except a step better: the client pulled the same set of ads from the server regardless of the user preferences, but decided (client-side) what to display, so the server could never even infer behavior about the client from the requests.
Unfortunately, people didn't care, and they complained that this was an intrusion of privacy regardless, so they dropped it.
It turns out, there just really isn't market for privacy-focused advertising. People who care about privacy generally dislike advertising in all forms and block it, without regards to whether the advertising actually is an invasion of privacy or not.
It reports click through so this isn't true.
> there just really isn't market for privacy-focused advertising
My impression was that people just didn't understand it and Mozilla's communication about it was poor. That doesn't mean that there's not a market.
Correct me if I'm wrong, but isn't that the idea behind Brave? Blocks ads and (assuming you opt-in) replaces them with less obnoxious ads chosen by the client?
But it's irrelevant to 99% of the viewers, and it's impossible to tell them from the 1%: among other things, because the viewers are not keen to share too much data about themselves.
I think we should see ads as the (annoying) cost of commercially-produced free content. I wish a micropayment solution would take off to allow for easy and reliable paid opt-out on multiple sites I might visit. (I already have Youtube Red, and it's great.)
I'm pretty sure iAd works like this no? Also it wouldn't be massive advantage, you'd be serving less relevant ads (so losing out to competitors) and you can still track which ads a device requests.
> The ICO also said that, while "GDPR does not specifically ban opt-out boxes," that method of communication is "essentially that same as pre-ticked boxes, which are banned"
If this is correct, using the product as shown on the screenshot (and as used by several websites) is in violation of the GDPR.
I wonder if Google will pick up your legal defense costs if you get sued for using their product.
(Edit: I tried to find answers to these questions, but apparently the only way is contacting my Google representative, which I don't have)
Anecdotally, a third of these cookie dialogs are violating those principles, either preselecting all third party advertisers, or claiming all 60+ third parties are necessary for the functionality of the site so Allow or Go Away. Or having only one OK/Agree button.
It's not just little guys. Slate.com for example:
Slate’s Use of Your Data
Slate for example, says, "You may choose whether to receive interest-based advertising by submitting opt-outs..."
The justification appears to be "EU doesn't tell us what to do":
"Please note that the Services are directed towards users who reside in the United States. By using the Services, you consent to the collection, storage, processing, and transfer of your information in and to the United States, or other countries and territories, pursuant to the laws of the United States. Some of these countries may not offer the same level of privacy protection as your own."
"Slate tracks when EU readers grant consent for Slate to collect and process data through the use of an identifying cookie on your browser. The browser through which you are currently viewing Slate does not currently have such an identifying cookie. If you are an EU reader this means that Slate is not collecting or processing data from your current browser session."
// I am currently reading from EU -- a good time to clear your cookies.
If you consider financial needs underpinning the site operation, it's technically true - without the 60+ 3rd parties, they could run out of funds to host the site, after which the site would not function at all.
It's just as easy to opt-in as to opt-out. Just tap the checkmark or the X and then Save your preferences.
Vendors could arrange the relationship in such a way as to be joint controllers instead of processors if they wanted to. Most companies seem to want to avoid this set-up if possible.
(7) ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
(8) ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
Generally speaking, site X is the data controller and the third party JS providers are the data processors. GDPR applies to both, with the controller being the party primarily responsible for ensuring compliance.
But in 2017 it was shut down for a few months, and relaunched as a program which would omit all ads from the target site if the site was a partner, and the user has marked that site in their account. The amount charged for each pageview is set by the site . Only a handful of websites are supported, although most are news sites -- local papers or TV channels.
This new Funding Choices program aims to greatly expand the list of sites that use Contributor by offering a managed solution that solves a better-than-before subset of two pain points at once: regulatory compliance and monetization.
 https://hn.algolia.com/?query=niftich%20google%20contributor...  https://support.google.com/contributor/answer/7359560
If/when it hits a critical mass of users, suddenly it will become a lot easier to justify the cost of implementation.
Hopefully tools like this can help get some sites to implement contributor or something like it so paying for access can get a foothold and become a viable option.
That's the same reason why you wouldn't want to ask an alcoholic to guard a warehouse full of vodka at night, as you'd probably find a few empty bottles the next day. Same thing with an advertising company, even if they claim to respect your privacy, nothing guarantees they're not secretly looking at it anyway (and using it to adjust their ad tracking in a way that's undetectable from the outside, as to not be sued for it). It's even worse, because at least with alcohol you can count the bottles and find the empty ones. With data collection, if they're careful, you have no way to know whether your privacy has been violated.
Maybe I'm naieve, but I feel building automated law breaking systems is not something corporations do. I have no doubt individuals within corporations break laws whenever they feel like they can get away with it, but leaving trails like checked-in source code, and operating services that other services depend on, that just sounds like too much of a liability to me..
Did you already forget the VW diesel scandal? That was exactly that - a huge corporation systematically breaking the law with lots of people even in the highest ranks aware of and supporting it.
Exxon, Royal Caribbean, Rockwell International, Warner-
Lambert, Teledyne, and United Technologies each pled
guilty to more than one crime during the 1990s.
Five banks (Citigroup, JPMorgan Chase, Barclays, Royal
Bank of Scotland and UBS) had to pay a total of $2.5
billion to the Justice Department and $1.8 billion to
the Federal Reserve in connection with charges that they
conspired to manipulate foreign exchange markets.
In 2008 and 2009, a salmonella outbreak killed nine
people across the U.S. and sickened hundreds more. The
source of the contamination was traced back to the
Peanut Corporation of America (PCA), a Virginia company
run out of its CEO’s garage. The salmonella outbreak
turned out not to be a tragic accident, but rather the
direct result of PCA’s and CEO Stewart Parnell’s
decision to intentionally ship contaminated products. In
2014, Parnell was convicted for his role in the crime.
to quote vincent vega re: the keying of his car, it would be worth having them do it, just to catch them doing it.
$30 billion is not small fines, add to that that it isn't over yet. It's already more than what BP paid for their oil spill, and the oil spill is thousand times worse in terms of its environmental effect.
At least in this article it's the biggest fine for any corporate crime levied.
There are very few fines that have been higher. Hyundai only paid $100 million for their emission scandal one year before, with not much fanfare:
1. Virtualbox VM restored to a snapshot after each usage (browser completely clean, never uses my main Google accounts here)
2. Firefox on main machine with clear all cookies set, ublock origin. Rarely logs into my main Google account, if I do, always in incognito.
3. pfsense with block lists for Google & Microsoft
4. Mobile with Disconnect tracking blocker (mobile wide) plus Firefox focus & Firefox set to clear all history on exit.
Still Google manages to track me. Whenever I see those recommendations in YouTube, I feel like Google is mocking me - "ha ha do whatever you want, you can never hide from us".
Even with JS on TB tries to reduce impact of such history based attacks.
Pretty targeted and obviously possible to fuzz.
They did and will do that again because they know whenever they get caught they have to pay several million dollars at most after years of such violations and then they can be on their way to rinse and repeat with something else like that.
Furthermore, in hierarchical structures people only care what those above them think. "Illegality" of the feature is something for lawyers, not them. At best they rely on morals, but even that is screwed by perks, incentives, the environment they work in, peer pressure, management, corporate propaganda, etc. Generally in such structures you can make people do anything, even kill other people and be ready to get killed.
By the law, opt-out is the default.
They are proposing an industrialized solution for new and old businesses to transition to EU regulations more easily. Trust Google or not, but in the meantime, they are proposing new services to answer businesses and legals needs.
This analogy falls flat, because unlike an alcoholic which can be satiated at some point, FAANG can never be satiated. More information is always good. Thus taking data from both warehouses is better than restricting yourself to only one.
Secondly it also falls flat because your paying users is often the more juicy targets (from an advertising point of view), since they are already well enough off to pay for ad-free internet services, thus also well enough off to target for more lucrative advertising.
Getting back to the analogy, it is like an alcoholic guards two warehouses, one stocked with free budweiser beer, and the other stocked with the finest scotch, and hoping he wont take a swig from the scotch.
A lot of (primarily US-based) sites now say things like "We need to track you to keep running, consent or click this link to enter a maze of poorly documented ways you can try to opt out, if you decline then goodbye".
Some even let you opt out of tracking (taking several minutes to 'process' this opt out), and then tell you they can't serve you a site that doesn't track you.
I'm OK with those - I don't go there any more.
> With Funding Choices you can automatically identify ad blocking visitors and ask them to disable their ad blocker especially for your site — or give them an alternative way to fund your content via Contributor.
> Contributor lets users buy an ad removal pass for your site, helping you monetize your site's content again.
Great! Now, can I have that for Google? I'd gladly pay in exchange for the added privacy.
People may subscribe for big newspapers and such, but they won't subscribe to a lot of smaller blogs, for example, on various blogging platforms, which do provide value, but they are not big enough to warrant a subscription.
Ads solve this case and I haven't heard any viable alternative for them for small players.
Meanwhile my forum now costs more money than it brings in. It's been giving teens a place to write collaborative fiction for over 10 years now.
Seems a bit sad that we'll eventually just be left with the sites big enough to live without ads. We're in the middle of a great centralization which you'd think most of HN would be wary of.
Instead I see the opposite, people basically welcoming it with a bloodlust in their eyes. What they don't realize is that their favorite examples of ad-dependent websites cast around HN like The Verge will be the last to die.
Publishers are probably costing their audience more in battery life and bandwidth than they are ever making from the ad they are showing.
If that was the case piracy would be legal, software trails wouldn't be legal. Windows license or photoshop trial up? Well I downloaded, your server fulfilled the request. I have legal rights to it now.
Oh, this art? I am selling it. Well I saw it on the internet, my computer downloaded, their servers fulfilled it. If they didn't want to hand over the rights they should've blocked me from viewing it.
That kind of argument is an argument I expect in a non-tech site with people making excuses. You know that isn't a solid argument you made at all.
The way the internet works doesn't create a vector that allows that. If they did implement that you'd need a multiple round trip check, the site would be slammed for being slow to respond cause it have to download a script, check if your blocking, report back then start the downloading process for the site. Just not feasible.
Those smaller sites would lose to bigger sites that can get away with slower response times or ignore pre-checking anyways.
Piracy is someone intentionally breaking a known license contract. Software trials require contracts first. Either upon download or installation. You agree to a license before you use Windows. Those agreements are binding. The web also has systems in place for similar contract negotiation. If you don't use that, it's kinda on you. Some users will choose to use your content in the way you intended, others won't, and you have no recourse.
> You know that isn't a solid argument you made at all.
Unfortunately for you, it's already held up under law. There's a reason the big players are trying for new solutions than attempting to ban users from blocking them.
> If they did implement that you'd need a multiple round trip check, the site would be slammed for being slow to respond cause it have to download a script, check if your blocking, report back then start the downloading process for the site. Just not feasible.
We already have that. Quite seriously. HTTP has the structure for authorisation, and the process for handling it if you're not. Not using that structure, is a choice that leaves you vulnerable.
When someone publishes something on the web it is free by definition, and by law.
Publishers can chose to not make the content available, but it seems up to now relying on ads and moral shaming is a more profitable way.
Given the security issues involved with ads as a vector, general abusiveness, and poor programming leading to memory leaks and insane waste blocking by default is wise.
Even big ad networks have been caught hosting outright viruses from lack of vetting. There is no right to a business model and they have no right to access client systems.
The entire debate around copyright and online monetisation is trapped in "entitlement" of publishers in the METHOD of extracting value. Have you ever considered that maybe it's not that people don't want to support you financially, but that you're methods are wrong?
So maybe subscriptions don't work, but let's take pirates as an example. Multiple studies have proven that pirates spend more money on the things they pirate than non-pirates. So in actuality piratisation is increasing the amount of money publishers are making since the act of piracy it self actually represents no cost to the publisher.
There are also ads which pay per impression. CPM ads.
There are notable exceptions to this for bloggers who can get hundreds of thousands of views on a regular basis - but most people are lucky to get a thousand unique views.
No personal swipes on HN, please. Your comment would be fine without that bit.
I was, until recently, a paying subscriber to the NYT, and there is no difference in the ads and tracking crap they pull. So I call shenanigans on that.
* Ad blocker detection and a way to ask for funding? Seems nice. We will get a view on the actual market value of the content. As the Internet started out free and hand plenty of content, I assume content producers will get a rude messages about their actual value here.
* A good base platform for the GDPR is also nice. A big player like Google cant flaunt the law too much, and browser plug ins have one big target to block, verify or modify
Some extras to make the ad ecosystem sane again:
* Micro-payments. You could get to choose between an ad, a micro-payment, or no content.
* Content producer vetting and taking responsibility for their ad's. Todays ads are bottom feeders. If, say, a car site would get an image from e.g. a car company, and place ads on their own site, you get a better ad for the customer, no privacy violation, and more respect and use for the ad vendor. This is the stack oveerflow/jobs model.
* A header element like X-Interested-in. Use your browser to set a free-form value, and let the ad vendors get some input to give better ads , while you are completely anonymous to them.
And if this became a trend, it'd be really obvious in their ROI and they would stop funding the content provider.
Fine, but there are only two sites that support it, so it's fairly useless. Maybe Funding Choices will make it more useful.
1.7.x is in a long term support, while 1.6.x stopped being supported since July. The version they're running has at least three vulnerabilities: https://snyk.io/test/npm/angular/1.6.0