Data Policy Evening: AdTech

Privitar HQ
05:45pm – 09:00pm | Tuesday 10th September 2019

Please come along to our next data policy evening on Tuesday the 10th September. The theme for the evening will be ‘Adtech’ and we’re very pleased to be welcoming Dr Michael Veale, one of the attendees of our first ever policy evening, a leading voice in the field, and a key agitator in the unfurling adtech story, providing his reflections on the issue.

What is adtech?

Generally people have been resistant to paying to access content online, and so a lot of websites are funded by selling advertising space on their webpages. As Elizabeth Denham explained in the ICO’s recent update report on adtech:

“When you visit a website, some of the ads you see have been specifically selected for you. As the site was loading, the website publisher auctioned a space on the page you are viewing, and an advertiser bought it because it specifically wants to reach people like you. The process can involve many companies, and happens in milliseconds. Billions of online ads are placed on webpages and apps in this way every day.

The process – known as real time bidding – relies on the potential advertiser seeing information about you. That information can be as basic as the device you’re using to view the webpage, or where in the country you are. But it can have a more detailed picture, including the websites you’ve visited, what your perceived interests are, even what health condition you’ve been searching for information about.”.

What’s the issue?

Back in September 2018 Dr Michael Veale, along with Mr Killock, from the Open Rights group, and supported by Dr Johnny Ryan from Brave, filed a complaint with the ICO, highlighting a range of ways in which they believed the adtech industry was in breach of the GDPR. The ICO followed up in June 2019 with the report quoted above, highlighting the various issues they saw with the industry and requiring the industry to respond before they completed another review in six months’ time.

Why does this matter?

Adtech is an example of a complex industry that many people don’t understand, even though it shares data about them and makes automated decision on the basis of that data. As such it seems to go against several of the core principles of the GDPR. Is it right to allow data I didn’t know was being collected about me to be shared with potentially hundreds of organisations I have no awareness of or interaction with, to show me ads that could potentially harm me? How could that be compliant with GDPR principles of lawfulness, transparency, and security?

As this type of advertising pays for a lot of the online content we consume, changes to how it works could have ramifications for what the web itself looks like, not just affecting the ads we see and what the advertisers see about us, but also what content we see, and how we get to see it.

In Michael’s own words:

“The current adtech ecosystem is clearly not fit for purpose, and is leaky by design and encourages huge data retention and profiling and tracking at scale. Yet changing it might have centralising tendencies, empowering large technology firms such as Google and Facebook, which creates a further set of problems. Where are the best leverage points for a better Web? Browsers or browser engines? Plug-ins? Do-not-track signals? Local modelling and federated learning?

Publishers and advertisers are also struggling, with adtech creaming off as much as 60-70% of the money spent on each add, and suffocating journalism and other media as a result. Might technical interventions rectify this situation too in a way that does not damage privacy?

What skills does a regulator need, and what exact moves should it take to be the most effective at transforming this type of system? Which actors in the advertising industry need to be held to account the most, and which have the most potential to lever the system into a much better state, with significantly limited surveillance infrastructure while avoiding centralised power?

Should we be afraid of hardware/software walled gardens, such as Apple, imposing its own solutions which might respect privacy-as-confidentiality but centralise market and manipulation power into those walled gardens?”

The Agenda

  • 5.45 – 6.30: General discussion and networking over food and drinks
  • 6.30 – 7.00: Reflections on the theme of Adtech from Dr Michael Veale, followed by Q&A
  • 7.00 – 8.00: Debate of selected questions in groups
  • 8.00 – 9.00: Back to open discussion, food, and drinks

The selected questions for debate will be:

  • Is behavioural advertising worth it: for publishers, advertisers or consumers?
  • What realistic role should users have in understanding or exercising rights over Adtech?
  • What might technologies for privacy preserving targeting offer, and how might markets move towards them?

We try to keep the event relatively small to enable group discussions, but if you think there’s someone who would be particularly interested in the topic then please let us know and we’d be happy to invite them.

Please come and join us for an evening of food, drinks, lively debate, and all things data policy.

Ready to learn more?

Our team of data privacy experts are here to answer your questions and discuss how data privacy can fuel your business.