Back before the whole economy-wide trust collapse really got going, I used to see NFL and NBA games on TV, and some of the most frequently advertised products were for home and yard care. Sherwin-Williams stains. Scotts Products to seed and fertilize your lawn. Replacement windows (I don’t remember the brands). Everything the diligent house and yard maintainer needs.

Today, though. the NFL and NBA are all about the gambling ads. Which is a decision that’s going to come back on them in a decade or so. Because gambling displaces savings. Many of today’s young sports fans, instead of getting on track to save up for a house, are getting into financial trouble that they won’t get out of in time to get a down payment together. The leagues are burning a future well-off audience, ready to be monetized with house-related advertising, in exchange for a quick cash hit from the gambling apps today.

• Even if the mathematical properties of the Attribution proposal make it infeasible to reidentify users using just the attribution data, in the real world this new form of tracking would add user privacy risks—by hiding the process of “stealing attribution” and creating more incentives to collect data in riskier ways.

• The attribution cartel can hide the halo effect of advertising on trusted sites, and drive more ad budgets to search, social, and app store ads.

One of the responses I got to the second one was, well, at least the Attribution proposal is something, and something is better than nothing. I doubted that, since in general you’re better off knowing what you don’t know, so I asked Rick Bruner from Central Control some questions.

Here’s what we came up with: Q&A: Marti & Bruner discuss the problematic W3C proposed measurement standard ‘Attribution Level 1’ — Central Control. And it turns out that the situtation is even worse than what I covered last month.

• Even if fraud operators are unable to exploit the complexity of the Attribution proposal to add more costs, risk and noise (which fraud hackers have been able to do every other time complexity increased)…

• Even if the Big Tech companies somehow decide not to unfairly favor their own products (for the first time ever)…

• Even if the extra processing and resource consumption required for the Attribution proposal’s mathematical goals turns out to be affordable and politically acceptable…

• And even if the design is bug-free and browsers implement it perfectly…

Then the reports that the attribution cartel can produce will still be actively misleading.

For what it’s worth, I don’t think the developers of the Attribution proposal are deliberately putting deception into the design of the system. I’m assuming that the developers are well-intentioned and that the design and code somehow achieve their goals perfectly. But it’s still important to consider the Attribution proposal as it would interact with the Web as it is in the real world, not in isolation.

And yes, I asked if it’s possible to tell (1) a pizza ad that actually sold someone a pizza apart from (2) a pizza ad placed using speech to text, targeting people who are already talking about pizza. Rick’s answer is informative—please read the whole thing.

Update: [attribution] Methodological concerns regarding Attribution Level 1 and causal measurement by Rick Bruner, on the public-patwg mailing list at W3C. (Also The Measurement Problem Inside the W3C Attribution Standard on LinkedIn)

There’s an insider group betting ‘almost exclusively’ on imminent U.S. military actions by Hunter Lazzaro. (Another reason why the best use of prediction markets is inside companies, but you should know that by now.)

I Feel For Those Laid Off by Meta, and Why More Must Go by Kelly Stonelake. I’d like to say this is offered without judgment, but that would not be true. What is true is that I offer it with the same judgment I’ve reserved for myself for staying as long as I did.

AT&T sues California in attempt to shut off old phone network by Jon Brodkin. (This is not just about POTS vs. wireless and fiber. The vintage phone lines have an older, more consumer friendly regulatory model, while the new services are under the most one-sided contracts that AT&T can come up with.)

‘How Deepfakes Tore a High School Apart’ by Nick Heer. (If the attribution cartel gets its way, more ad money gets redirected to the Big Tech app stores, that enable stuff like this, just saying.)

Google is replacing search results with only the AI by David Gerard. (Or not—my fix Google Search setup still works, for now.)

The EU Is Going Through a Trump-Fueled Breakup With Big Tech by Matt Burgess and Vittoria Elliott. Across Europe—as well as in Canada—politicians have been increasingly vocal about ditching US technology since the start of the second Trump administration. The Netherlands, Austria, Belgium, Denmark, and Finland all have ongoing sovereignty efforts, with German officials and regions also prominently pushing the movement. In December, eight countries, including France and Germany, announced they would partner on their efforts.

The ‘warrior ethos’ promises victory — history says it leads to defeat by John Broich. A fascist regime that treats democratic constraints as obstacles is likely to decide inconvenient information is an obstacle too. Because of this, in fascist governments, loyalists rank higher than experts. Fascist systems don’t remove people for being wrong; they remove them for insufficient loyalty. The man who tells the leader what he wants to hear rises.

Google is going to ruin the internet by Katie Notopoulos. (Going to? I had to check the date. The ad “safety” reports show that the ruination is already in progress.)

Massive Crypto ATM Company Bitcoin Depot Is Shutting Down as the Whole Industry Collapses by Bruce Gil. (That’s one end of the scam chain, but taking out the Meta end will probably be harder.)

Who’s behind the Facebook page posting hateful AI slop about the UK? The answer might lie in south Asia by Niamh McIntyre. (If the attribution cartel gets its way, more ad money gets redirected to the Big Tech social media platforms that enable stuff like this, just saying.)

Technoplasmosis: Big Tech Marketing Exposed by Adel Borky. These organizations are not merely participants in the advertising industry; they are its epistemic gatekeepers. By institutionalizing concepts like programmatic targeting, multi-touch attribution, and performance-based media as unquestioned “best practices” they have engineered a paradigm in which their own platform dynamics are mistaken for universal marketing truths.

r/uBlockOrigin handles an ad blocker blocker issue, in about a day. As many open-source projects suffer security and burnout problems it’s encouraging to see one that stays motivated and moves fast.

The Enshittification of History by Charlie Stross. With 20/20 hindsight, what I missed was the now-obvious wave of media ownership consolidation, including corporate social media such as X, Meta, and Google, in the hands of a narrow class of billionaire oligarchs. (Attribution cartel again, once you see them you can’t un-see them.)

The (Uncertain) Future of Media by Brian Jacobs. Money continues to flow out of more ‘traditional’ domestic media forms towards the giant US-based online platforms. Around two-thirds of all UK ad pounds currently make that journey. (And if the attribution cartel continues…all right, I’ll stop)

Advertising’s new ‘safety’ fight by Lara O’Reilly. Cross-industry efforts are taking shape to demand more transparency from tech giants like Google and Meta. Industry groups are pushing for more action around AI ad auction transparency and the responsible use of AI tools in marketing. (This smells like one of those “industry-wide problems” that people just agree not to solve. The problem for marketers, though, is that adding technical complexity to some great evil can dilute a participant’s understanding, but not culpability.)

• The capabilities of “AI agents” keep going up. Software projects will be able to do something like Tim Sehn’s A Week In Gas Town, but for more categories of software, including applications with featureful GUIs.

• Big AI wins copyright and related cases. On the AI-max timeline, politicians agree with Anna of Anna’s Archive that Copyright reform is necessary for national security, and while they’re at it, they nerf a bunch of content-related contracts including licenses, EULAs, and ToSs too. Maybe even patents. IP Maximalism continues to go out of fashion. So far it looks like Bright Data has some powerful friends, and is winning in court.

• Inference and other runtime costs stay reasonable or come down. The usage-based pricing problem turns out to be a nothingburger, the pricing Time Bomb detonation turns out to be just a blip, competition and technological advances drive prices down, all is well for vibe coding budgets. Maybe Ben Thompson’s Inference Shift happens, maybe something else?

All of those would need to happen, but what if they do? On that timeline, things would get interesting in a lot of ways. One of the biggest would be, let’s call it “Vibeshop,” the AI-built clone of Adobe Photoshop—or more like clones plural, since the project could make a variety of builds, each capturing the points in Photoshop’s history when some group of artists really liked it.

In Adobe Has Rid Itself of Its Allies, Nick Heer explains the Creative Cloud product direction, which helps explain why Photoshop is a good target for a vibe clone.

I think Adobe has actually shipped worse products as a result of this strategy — and, for once, I will avoid making it all about bugs, of which there are many. Adobe’s applications are more capable than they ever have been, but they are also often worse for professionals in actual use as a direct result of the company’s software-as-a-service model.

Users have to turn on Quiet Mode to avoid upsells. And Adobe’s ‘Modern’ User Interface Is Just Webpages.

Another reason Photoshop would be a good early target for an automated clone would be all the existing books and training videos that could be turned into test cases. (Remember, this is on the timeline where copyright and licenses get weakened because AI lobbying and/or competition with the PRC.) The Vibeshop “agents” could run a pre-ACC Photoshop in a VM, work through the tutorial, and keep tweaking their own code until results match. (Yes, this is also the timeline where LLM APIs get cheap.)

A company built around Vibeshop could offer the bleeding edge releases for free, plus supported releases of particular setups for artists who are used to having things one way and don’t want to change. And yes, the company that sells subscriptions might not be the same company that runs Photoshop in a VM in a license-violating way, but in a world where Google can make ad revenue from obvious infringing sites, we know that it’s possible to stand up enough insulating layers to make it work.

Of course, Adobe could always do Vibeshop to themselves, as Sun Microsystems could have done if they acted on Larry McVoy’s Sourceware Operating System Proposal instead of letting Linux eat their lunch. The existence of Vibeshop could turn into a long-term political asset for the company and the industry, too. One reason that firearms manufacturers have a loyal political constituency and IT companies don’t is that in the firearms business, management is smart enough not to periodically alienate the best customers. A customer can walk into a modern gun shop and buy a product that could have come from John M. Browning’s workbench more than a hundred years ago. What would happen if the same were true of software? (More: Learning from Second Amendment defenders)

The New Revolution in Military Affairs by Andriy Zagorodnyuk. Ukraine is championing a distributed, bottom-up innovation model with hundreds of firms and volunteer groups, close integration between frontline units and manufacturers, and research-and-development activity embedded directly in combat formations. Russia, by contrast, pursues a centralized approach…

Open and Closed: The Pursuit of Frontier Models by Stephen O’Grady. At a recent industry event, an AI executive likened the open models chasing their closed frontier counterparts to a pack of wolves…. Whether open will compete with closed, then, is not the interesting question. It always has, it always will. The question to ask is instead: how well? Put another way, will the “pack of wolves” ever catch their prey, and if so, how quickly?

A Speech to Europe 2026 »The European Moment« by Anne Applebaum. (also at What, actually, is European Civilization? but, you know, Substack.)

Influential study touting ChatGPT in education retracted over red flags by Jeremy Hsu. Since its publication, the study has been cited 262 times in other papers published by Springer Nature’s peer-reviewed journals and received a total of 504 citations from both peer-reviewed and non-peer-reviewed sources. It also attracted nearly half a million readers and received enough online attention to rank in the 99th percentile for journal articles in terms of attention score.

You can absolutely have an RSS dependent website in 2026 on matduggan.com. (fwiw, if you really want to get my feed as an email newsletter, use Feedrabbit - RSS and Atom web feed to email service. Just go to their site and paste in the URL of my site, welcome to my newsletter.

Newsmedia is the original everything app by Aram Zucker-Scharff. The model of American news organizations was always to be the home base for everything you did. Local events, business announcements, local news, national news, international wire service news. Ads made sense in that package because they were part of the service, they were also providing you with information about your community and things you wanted to know, just from a different angle.

The Hyperlocal Economics Nobody Wants to Admit by Yoni Greenbaum. (Only 17% of people in the USA have paid for any news product in the past year. What are these small-town news sites doing differently?)

No § 230 Immunity for Meta’s AI-Generated Ads by Eugene Volokh. These averments, taken as true, evidence a fact dispute over whether Meta contribute[d] materially to the alleged illegality of the advertisements. The alleged illegality stems from the advertisements’ content—i.e., the false statements made to Facebook and Instagram users that induced them to click on the ads. Plaintiffs have averred that Meta participated in the construction of the ads by literally generating, using artificial intelligence, the images and text in the advertisements. That degree of participation is not protected by section 230. (prediction: Google and Meta are going to set up the “AI” ad generation tools with a cut-out layer so they can claim the ad is the work of an “agency,” kind of like how Amazon.com uses “delivery partners” to be responsible for van crashes.)

“I would be ashamed to admit that I had risen from the ranks. When I rise it will be with the ranks, and not from the ranks.” — Eugene V. Debs

Now:

“[site name redacted] is unusable without an ad blocker.” — employee of a web advertising company, overheard at [tech event redacted]

The World Wide Web of today is almost two platforms. Back when “Wintel” (that was Microsoft Windows on Intel x86, kids) dominated the market, a Microsoft Excel developer who brought home a copy of Microsoft Excel was getting the same experience as an ordinary MicroWarehouse shopper. People certainly had better and worse PCs, but there was no productive release of Excel for the elite and shitty Excel for the regular customers.

The web, though, is a two-class environment: a tolerable business class version for those with the right tools, and a mess for everyone else. The upper class is harder to define, and to get into, than it looks. About half the people say they have some kind of ad blocker, but in practice the fraction of web traffic that’s affected at all is below that, and the fraction that has full protection including search and YouTube advertising is a lot less. Many of the “ad blockers” that are easiest to find using search engines and browser extension directories provide only partial protection, or are outright adware or worse. Reasonable people disagree on how to measure ad blocking, and it has only gotten harder to measure as the proportion of “AI” scraper bots goes up. A lot of those look realistic, and bots differ in their ad blocking behavior. Some want to load the ads for adfraud, while others just grab the content they need.

But I do have some better numbers that I think are starting to show how we are now on a two-class web. Hope to be able to share when FIXME [add site info and link] puts up a page about some user research. The privileged class here doesn’t necessarily match up with the 10% of the people who buy 50% of the stuff in the US economy as a whole, but there’s some overlap.

The inconvenient situation here is that some kind of element hiding and/or other page finagling has gotten to be a necessity. About as much as an email spam filter. Obviously you need to block certain ads, especially Google Search (checks RSS reader for a fresh search ad scam story…here: Search Ads as a Vector for Travel Scams) and you need to block the script that trains Meta’s AI to scam you, but browsers have other reasons to modify the page, too. Den Odell points out that Browsers Treat Big Sites Differently—when a site only tests on Google Chrome, the other browsers have to work around it.

Of course, not all the stuff that’s bad about the web is fixable with tools alone. Pulitzer-winning newsrooms are quietly publishing mountains of gambling slop, and in order to keep a productive experience with search you need to fix it which includes some habit changes as well. If we’re lucky we can get the web to the level of protection that email has—most email users are reasonably well protected, for historical reasons. Email spam filters fortunately squeaked through back before the big enshittification trend. If spam filtering were newly invented today, the same companies that form the web’s attribution cartel would be standardizing on an approach that lets their own spam through.

Some good news. It has been about a week since I put up next steps on tinyMyTerms, in which I added a hella annoying Accept Terms of Service dialog to this site—but made it invisible to anyone with a decent element-hiding ad blocker configuration. And zero complaints so far. Element-hiding ad blockers working, I’m (sniff) so proud of all of you.

We still need an answer to the problem of the two-class web. And making the web more fair by ending the maltreatment of the “underclass” is going to work better than the alternative. I think it’s going to take some humility, recognizing folk privacy practices and bottom-up applied behavioral economics, and working with them. Sometimes just hide the annoying thing is the productive starting point, then you can do the necessary paperwork on top of that. This doesn’t mean abandoning personalized advertising for those who want it—Rewarded Interest is a thing, and works. Eugene Debs again: I would not lead you into the promised land if I could, because if I led you in, some one else would lead you out.

1. reveal info better kept secret

2. reveal secrets people promised to keep

3. waste time and money that could be used productively

4. make misleading contributions to get favorable treatment

5. change the world to get favorable treatment

6. reward participants unequally.

Yes, public prediction markets are so hot right now—see Prediction markets are breaking the news and becoming their own beat by Neel Dhanesha—but the real interesting uses for them are still behind the corporate firewall. Remember Hail Jeffrey Wernick and Corporate Prediction Markets: Evidence from Google, Ford, and Firm X. The main problem with prediction markets is that they’re too often right, and accurately predicting the failure of the wrong executive’s vibe project is an unforgivable offense.

A shareholder would prefer a prediction market to many other corporate information sharing and incentivization mechanisms, but the shareholders sit on top of a tall stack of principal-agent problem, a stack where managers with other priorities are in decision-making roles in the middle. But what if prediction markets were adopted in a more corporate-politics-resistant way? For example, a majority investor or a committee of the board of directors could sign the contracts with the prediction market administrator and oracle (referee), and protect the market from its natural predators. Do the criticisms of prediction markets that Prof. Hanson addresses still apply?

A and B: for most companies, there are going to be some issues that can’t be widely tradeable because too few people know about them. For example, a customer support issue might need to be limited to anyone actually cc-ed on the ticket. This is a good case for integrating corporate prediction markets with existing issue trackers.

C: This might be the best argument for internal prediction markets. Free-form Slack chats are usually something that would be better off in some other application: some threads would be better off as a bug report or support ticket, some in a shared calendar, some as edits to a shared document or Wiki page. A prediction market, for users who already know it, would be a time saver when compared to free-form discussion of the likelihood of a future event.

D: An internal market trader who had been successful for a while might end up building enough of a balance to shift the apparent probability of an event. Better-informed but less well bankrolled employees would be able to buy a position that would become profitable eventually, but in the time before maturity, the event would appear unlikely, making the market misleading as a source of management decision-making information. (For example, a group of new employees identify a flaw in a product and buy YES on “Will [product] be recalled for a safety issue before [date]?” The product manager, a successful trader in the past, buys a large NO position until just looking at the price, the product looks safe.) Two possible ways to address this: have more speculators/peer reviewers in the market, and schedule bonus evaluation dates after prediction market maturity dates.

E: There’s no real bright line between prediction markets and incentivization markets. (Some ways that bug futures markets differ from prediction markets). As long as no employee can take a position where they profit from their own failure (the best argument for integrating prediction markets with issue trackers) for internal corporate markets the incentivization is a feature, not a bug.

F: Companies generally want to do this, and prediction markets can be a fairer way to do it than other incentivization methods—as long as all employees get good training and practice in the market.

One of the areas we worked on was tinyMyTerms: Simple no-code implementation of MyTerms.

Basically the way it works is:

• A site can post a link to terms of service (ToS), in JSON format. (See the link tag in the HTML head on this page.)

• The site adds an annoying consent dialog—tagged with a unique identifer for the ToS used.

• A user can indicate acceptance of a particular ToS by adding that identifier to their ad blocker’s blocklist.

The advantage of doing it this way is that no new code is required, and it works on static sites. (The people who would be doing it are the kind of early adopters who have a good ad blocker already.)

The disadvantage is that there’s no record on file that a specific contract was accepted by a specific user, so this only works for one possible ToS per site.

But if a site does just have one ToS, the level of record-keeping that’s required (in US courts anyway) can be met by a static site. See If You Don’t Keep Good Records, Don’t Be Surprised if Your TOS Formation Fails in Court-White v. PayPal by Prof. Eric Goldman. Basically you need to have an archive of the ToS content and required flow that was in place on a site as of a certain date—then you can show that a visitor to the site must have entered into a contract. (IANAL, ask your lawyer about “ToS formation” for more info.)

Also, this way requires users to have an ad blocker with element hiding functionality. But just like email spammers made it safe to assume that any serious email user is going to have some kind of a spam filter, today’s search engines have made it safe to assume that any serious web user is going to have an ad blocker, or will be getting one any day now after their IT department figures out the security issues. (More: Winners don’t click search ads)

So requiring an ad blocker is a lot easier than many other approaches, such as requiring a dedicated MyTerms extension.

<dialog open
 class="tos-unique-identifier-here"
 id="annoying-consent-dialog">

<button autofocus
 command="close"
 commandfor="annoying-consent-dialog">
     Accept Terms of Service
</button>

When It Comes to Data Privacy, Consumers Must Be in the Driver’s Seat: Attorney General Bonta, Partners Secure $12.75 Million General Motors Privacy Settlement | State of California - Department of Justice - Office of the Attorney General The settlement, which is subject to court approval, includes $12.75 million in civil penalties and strong injunctive terms, including restrictions on its use of consumer driving data and a ban on such data being sold to data brokers.

Digital Advertising is a Casino, Pretending to be a Supermarket by Jacob Sanders. I could share (or you could look this stuff up) that over the past two decades, Meta has been caught inflating video metrics and “potential reach” numerous different ways often times by hundreds of percent; Google has been sued by the DOJ for manipulating its own auctions while running the exchange, the broker, and the bidding sides all simultaneously; programmatic pipelines have been shown to swallow 60%+ of every ad dollar into opaque fees; and industrial-scale fraud rings like Methbot and 3ve have siphoned off billions using fake humans that platforms couldn’t distinguish from real ones; or when Meta’s ad-delivery algorithms were found by the DOJ to illegally discriminate and in violation of the Fair Housing Act.

A Publisher Didn’t Get Its UID2 Setup Right. The Trade Desk Didn’t Notice. What Went Wrong? by Anthony Vargas. They clearly were unable to flag that we made an unintentional mistake, the source said. I’m not confident they would have been able to detect a malicious implementation, either.

Deepfakes are everywhere. The godfather of digital forensics is fighting back | Science | AAAS by Kai Kupferschmidt (this is the source of those example fake photos showing perspective failures)

Turn Off ChatGPT’s New Ad Tracking by Tate Jarrow.

App Store Search Ads and the Slippery Slope from the Think Tap Work blog. iOS App Store search is no longer about relevance. It’s about ad inventory.

Solex Energy plans 5 GW solar cell factory in India by Uma Gupta. The company has recently expanded its technology roadmap through a partnership with Germany’s ISC Konstanz, focused on advancing high-efficiency solar cell technologies.

Russian Sources: Ukraine Is Fielding New AI-Capable Drones That Can’t Be Detected or Jammed by Stefan Korshak. There has been a qualitative change in [unmanned aerial vehicles] at the front; in essence, Ukraine has introduced a new generation [drone], which is creating serious logistics challenges…these drones operate day and night, and are inaudible (except in the final seconds, when they’re diving, as in the video). They are undetectable by conventional detectors and are protected from electronic warfare. They are extremely high-quality, mass-produced military-grade. And there’s a theory that they’re controlled not by human operators, but by AI.

Are GPC Signals Anti-Competitive? by Alan Chapell. (In the W3C Privacy Principles, we did our best to make it clear that different contexts with common ownership should be treated fairly with contexts with different ownership. So far, California law needs some work in this area.)

It’s open season for refusing AI by Brian Merchant. It’s not just data centers, either. It’s a trend I’ve noticed over the last few weeks: Across the AI economy, workers and consumers have taken to refusing the technology in direct and robust ways.

“because fuck you”: why consumer choice is being stripped away and how the tech industry profits from it The tech industry has perfected the practice of presenting decisions without justifications. Not without explanations — they always have explanations, carefully worded explanations, explanations that have been through legal and comms and probably a focus group. What they don’t have are justifications. An explanation tells you what they decided. A justification tells you why it actually makes sense. The gap between those two things is where because fuck you lives.

More: Links for 16 May 2026

Who: People in California who want to protect privacy

What: Alameda DROP Day

Where: Alameda Free Library main branch, 1550 Oak St., Alameda, California

When: Friday July 24, 2026. 10am-4pm

Why: Protect yourself from data brokers and get helpful privacy tips

Starting on August 1, 2026, all data brokers registered in the state of California will be required to remove your personal information—if you sign up for the new Delete Request and Opt-out Platform (DROP) operated by the state.

We will help you get started with DROP, and help you out with any other privacy questions. If you have already signed up for DROP, you are welcome to attend, to learn more about privacy and help others.

We will be available 10am-4pm, but signing up for DROP only takes a few minutes. Arrive as early as you want and stay as late as you want.

More info on DROP at the CalPrivacy site: “DROP gives you more control over your data. You can tell data brokers to delete and not sell your personal information.”

So maybe tracking-based advertising is what’s bad?

Tracking has a bunch of negative externalities, but the tracking is there in order to enable personalization, and the reasons we have personalization are

• to enable intermediaries to run higher-paying ads in lower-cost contexts

• to run a higher percentage of fraudulent ads without some enforcer (such as a regulator or the owner of a real brand being copied) finding out

• to enable platforms to deniably serve advertisers who want to discriminate illegally

So maybe personalized advertising is the problem?

But why do platforms choose to run so many fraudulent ads in the first place?

Because, in an auction market, adding bidders tends to drive up the price. And the operator of an auction market can capture all of the increased price, but pays none of the losses from fraud. That could be a Section 230 thing. In a legal environment where some liability is passed through to companies that touch an ad, the more fraud/less fraud decision would get harder. But in today’s environment, all the incentives are there to run more fraud.

What if the underlying problem is the auction? And auction-based advertising is the problem?

If platforms didn’t run the real-time auction, and set rates in advance, then they could still raise rates over time. So there would be a kind of slow-motion version of the effect where a higher number of fraudulent buyers act to drive up the ad rates.

But without the auction, in any given time interval, the legit advertiser’s rate doesn’t automatically go up the instant a fraudulent advertiser gets on.

We do have a market design problem here. Fraud is on the way up and the best-informed players in the market have an incentive to increase it. Just getting rid of real-time auctions doesn’t solve the whole thing. Somehow the expected value to a platform for delivering a fraudulent ad needs to go negative. This is why we need more diverse approaches to state privacy laws. Laws that protect legitimate advertisers would tend to produce better outcomes for customers, too—including improvements in the kinds of problems that get lumped together as “privacy violations.” More: a privacy law shortcut

The office printer market is different. And it’s not just the big printers. If you’re buying a whole bunch of small printers at once, for bankers, sales reps, or service advisors to have at their desks, you probably have more options. And any shenanigans, malarkey, or other growth hacking on one of those printers means lost time for the employee who’s supposed to use it, and for the IT person who has to come fix it or switch it out. And time is money.

Sometimes the best home printer is a used, reconditioned office printer, but that’s another story. (Recommendations for shops that recondition these welcome, I want to add to my business recommendations page.)

With browsers, there aren’t really home and office products. The same codebase gets shipped for both individual and business users. And that presents a problem for the business users, since the home version is enshittified. It’s not just the Google Chrome silently installs a 4 GB AI model on your device without consent thing. Right now all the major browsers are working on an attribution cartel that would report to advertisers that, for example, this guy’s “content” is a more effective context for advertising than any legit site, while also facilitating ad fraud and providing more motivation to do it. (What Happens When The Attribution Cartel Meets Advertising’s Halo Effect? The Hidden Dangers Of Privacy-Preserving Attribution – And A Smarter Solution)

So the mainstream browsers make it possible to, in effect, run a “pro” or “office” version by giving the system administrator the tools to turn the enshittification off. If you’re an IT manager and you want to not have Google Chrome download however many copies of that 4 GB “foundational GenAI model” then you can put the right files in the right place to turn off GenAILocalFoundationalModelSettings. There should also be a setting for the attribution cartel stuff—there was for the earlier “Privacy Sandbox” in-browser ad features, and you can even turn off third-party cookies.

You don’t have to be a corporate IT manager to use enterprise management features in the browser. Anyone with a little command-line knowledge on Linux or Mac OS should be able to do it on those platforms, and it looks a little different on Microsoft Windows, but hopefully the Windows Registry stuff should be pretty straightforward for anyone with Windows admin skills.

Anyway, the more that browsers enshittify, the greater the wins from learning and using the enterprise management features. It’s the return of the power user. I have been using the enterprise management features for Firefox and for Google Chrome for a while—turning off browser ad features from the command line—and it should be possible to do something similar for Mac OS. That way someone with homebrew could just

    brew install browserdeenshittification

and it would just do the right thing. If somebody makes this kind of package or tool for other platforms, please let me know and I’ll link here. More: The two-class platform

The trade offer is on the table.

• The quid: Big Tech is being asked to fund a pro-oligopoly party to get enough of their people into Congress to actually pass legislation

• The quo: That larger majority in Congress will burn some of its political capital to squash the state privacy laws, which are one of the few bipartisan, popular political trends in an otherwise bitterly divided USA

Even companies and organizations that normally come out against privacy bills, and for bills that would weaken protection, are staying well away from this “bill”. For example, the Association of National Advertisers, which makes Federal preemption one of their big issues, doesn’t even have this “bill” on their Federal Legislative Tracking page.

The “SECURE Data Act” is an offer from the Republican Party to Big Tech, not a bill that’s going to pass. But it is a good guide to what politicians think Big Tech wants, and what some politicians are prepared to offer. But not only is Federal preemption a terrible idea, this bill has its own problems even compared to previous attempts to do something similar. In A Disastrous Federal Privacy Bill, Daniel J. Solove explains some of the problems.

• Copies the parts of CCPA that we know don’t work

• Meaningless language on data minimization

• Registration for data brokers but minimal regulation

• Relies on (already understaffed) FTC and state AGs for enforcement

• Broad preemption

Eric Null at CDT covers many of the same points in Congress’s New Privacy Bill Is Built on Empty Promises. And,

Unsurprisingly, and unfortunately, this draft also lacks meaningful civil rights protections, which were central to prior iterations of bipartisan federal privacy bills (namely the American Data Privacy and Protection Act of 2022 and the American Privacy Rights Act of 2024). We know that data is used in discriminatory ways, and that current law is insufficient to address this issue.

I was on the Monopoly Report podcast, and Alan Chapell named a paradox after me.

The first is what I’m going to call the Marti Paradox. And yes, I coined that on the pod. You heard it here first, folks. Don’s observation that the most engaged, most valuable customers are often the same people who’ve taken the most deliberate steps to make themselves less measurable by conventional ad tech, which means that if you’re an advertiser that is optimizing purely for trackability, you may be underweighting your best customers.

This might be a general case of another effect I have observed for a while, which is that information and market habits of future mainstream audiences are closer to the habits of today’s early adopter nerds than they are to the predictions that marketers make based on today’s metrics and research.

• In the early 1990s, marketers predicted “interactive TV” but then we got the web.

• Sanford Wallace predicted that mainstream email users would want email to work more like direct postal mail. Instead, mainstream email norms ended up matching the implied rules coded into early spam filters (which were written by atypical early adopter nerds).

• The “Slashdot effect” on open source sites in the late 1990s and early 2000s was a small-scale preview of social media’s impact on mainstream web sites later.

I’m still figuring out what to do about the paradox, and have a couple of projects in progress. More on those later. For now, here are some links to some things that came up on the podcast.

What Happens When The Attribution Cartel Meets Advertising’s Halo Effect? by me, on AdExchanger

Don Marti columns at the Reynolds Journalism Institute

Research report on the value of privacy practices FIXME

Have you filed your compliance taxes? (Big Tech shifts the costs and risks of compliance onto smaller companies)

The First Principle of Honest Advertising Measurement Is Independence from the Media at Central Control

The Attribution Cartel at Central Control

The Hidden Dangers Of Privacy-Preserving Attribution – And A Smarter Solution by me, on AdExchanger

Towards Developing an Understanding of Consumers’ Perceived Privacy Violations in Online Advertising by Kinshuk Jerath, Klaus M. Miller, and D. Daniel Sokol. Importantly, consumer perceptions of privacy violations may not align with technical definitions, suggesting that operational investments in privacy technologies may fail without consumer validation.

FTC PrivacyCon transcript So keeping your data safer on your device seems to help in terms of consumer perceptions, but it doesn’t make any difference whether the firm is targeting the consumer at the individual or group level in the perceived privacy perceptions.

Google “Privacy Sandbox” timeline

Why People Push Boundaries & How to Protect Your Peace (General advice that applies to when your web browser keeps testing boundaries by adding advertising features)

The surveillance economy is more like the commodification economy

Winners don’t click search ads (FBI warning on fraud and malware)

IAB Sweden Expels Meta: Warns Advertisers About Fraud, Brand Safety

Microsoft’s commitment to GDPR, privacy and putting customers in control of their own data by Julie Brill

Antitrust and competition guidance - 2017 version at W3C

Antitrust and competition policy - 2024 version at W3C

Marketers for an Open Web calls on UK Competition and Market Authority to block Google’s ‘Privacy Sandbox’

Investigation into Google’s ‘Privacy Sandbox’ browser changes from the Competition and Markets Authority in the UK

Attribution Data Matching Protocol (ADMaP) from IAB Tech Lab

Reducing Friction in the Exercise of Privacy Rights CalPrivacy is exploring whether regulatory changes to reduce friction in the exercise of privacy rights are necessary. The Agency is gathering information and seeking input from stakeholders about this topic.

Facebook (Still) Letting Housing Advertisers Exclude Users by Race (So-called “privacy-enhancing” tracking technologies would make it easier for large platforms to avoid this kind of investigation)

One of the points that has come up in defense of the attribution cartel is, well, at least it’s better than nothing. If some people choose not to consent to turn off non-cartel tracking, but are subjected to cartel tracking because the cartel claims the right to do it without consent, then the attribution cartel is in a position to use information on some activity that wouldn’t otherwise be tracked.

But is it, really? An attribution system that’s designed to back up whatever ad placement decisions “Performance Max” and the other Big Tech algorithms make—even when that ends up supporting the lawful but awful content that tends to drag down brands—could be actively harmful.

Rick Bruner, CEO of Central Control, writes,

Budgets flow toward whatever gets credited. If dominant platforms shape the crediting system, then legitimate media companies can be systematically undervalued even when they create awareness, trust, brand preference, or future demand. Quality journalism, premium entertainment, audio, television, and independent publishing all risk losing revenue to environments that are simply easier for the platforms to count.

And I found another example of this kind of craving for bogus data: Half of AI health answers are wrong even though they sound convincing by Carsten Eickhoff. The chatbot habit is catching on with many people, even for medical advice. When you ask a chatbot about something you know, or can look up, you often get wrong answers. But the feeling of having a conversation about an issue, for those who can get that feeling from a chatbot, can be valuable, too.

It’s safer and more reliable to seek medical info at the public library, where the person in the loop is bound by the code of the librarian, not the inexorable imperatives of the trust collapse bubble. But the chatbot is right there and provides that conversational experience, at least for some. Going to the librarian takes more effort, and a librarian won’t provide medical opinions or affirm your medical opinions, just recommend legit sources.

For measuring advertising, the more correct but less convenient alternative is the kind of scientifically designed research, independent of media owners, that Central Control does. Central Control offers Experiments as a Service—and doesn’t depend on the kinds of individualzed tracking or “privacy-enhancing” obfuscation methods that feed into Big Tech centralization.

Because getting the right answer is a little less convenient—research has to be independent, not just another screen on the Big Tech ad portal—then real ad measurement will turn out to be something that marketers can build skills in. The attribution cartel vision is something like economic central planning, where a de-skilled marketer simply dumps data and money to Big Tech. Alternatives to the attribution cartel tend to push decision-making out to the edges, free market style.

More later.