Don Marti

Sat 12 Jul 2014 07:28:00 AM PDT

You know what they put on their database marketing companies in Europe?

You know what they put on their database marketing companies in Europe?

What?

Regulation.

Goddamn.

I've seen 'em do it, man. They ------ drown 'em in that ----.

photo of conversation

Massive culture shock alert for this paper by Frederik Zuiderveen Borgesius: Consent to Behavioural Targeting in European Law: What Are the Policy Implications of Insights from Behavioural Economics? (PDF) Yes, in Europe, addressing privacy problems with government regulation is actually a thing. I guess that they have a different approach to Internet regulation in general (how's that right to be forgotten thing working?).

It's different here. In the USA, it's impossible to put the words "privacy" and "regulation" in the same sentence with a straight face. You know that some Lester at the Direct Marketing Association is going to make sure that any privacy regulations turn out to be more like anti-privacy regulations. (Remember how CAN-SPAM turned out?)

Here, instead of hoping for benevolent pro-privacy Eurocrats to protect us from surveillance marketing, we have to take a private sector approach to the problem. Fortunately, the privacy interests of end users coincide with the interests of other parties.

For example, legit publishers might choose to address the audience snatching problem by putting some interesting content behind a reverse tracking wall. (Tune in with privacy tech enabled and get an interview or concert; use an out-of-the-box targeting-enabled browser, and get a privacy tutorial instead.) (This may already be the plan at the New York Times—anyone else noticed a lot of first-party ads there? If Disconnect and Privacy Badger adoption went up, the NYT would be in a good position to handle it.)

The other problem is where regulation can be actively harmful. The more complex the adtech stack between advertiser and audience, the more fraud. Some fraud is inherent in highly intermediated adtech. The win for fraud rings is that adtech fraud isn't even illegal. It's against the terms of service of the ad networks, but that's it.

If we get "tough" anti-fraud laws here, it could result in artificially low costs for adtech intermediaries, along with privacy risks for users subject to anti-fraud tracking. The good news here is that the interests of Big Copyright and Surveillance Marketing are in conflict. Making the world safe from adtech fraud makes it safe for "brand-supported piracy."

Users, brand advertisers, and content creators all have an interest in creating a non-targetable medium, one that works more like magazine ads than like spam or direct mail. Adtech intermediaries and fraud rings are the only winners from the targeting-driven race to the bottom. So it should be possible to beat them without relying on the public sector. After all, regulators, even in Europe, are likely to have more and more difficulty promising strong privacy protections, because they'll be negotiated away in secret "trade" talks with the USA.