PRIVACY BEAT: Who to believe? Will ‘big business’ be helped or hurt by California privacy ballot initiative — check in 10 days

Privacy Beat

Your weekly privacy news update.


Who to believe? Will ‘big business’ be helped or hurt by California privacy ballot initiative — check in 10 days

With potentially billions of advertising and data-marketing dollars affected, the politics of the California Privacy Rights Act (CPRA) are heating up four months before the initiative is due to hit the state’s November ballot.

Backers say the CPRA, if approved by voters, will represent an important advance in consumer privacy that will augment the now-effective California Consumer Privacy Act (CCPA). It would establish an independent state privacy agency, and more clearly define what is meant by “selling” consumer data.

“We need your help to take back control over our information from thousands of giant corporations,” Californians for Consumer Privacy, which gathered signatures to put the initiative on the ballot says on its website.  “This is about power: the more a company knows about us, the more power it has to shape our daily lives. We believe that power should belong to each of us.”

But on June 29, the 60-year-old Consumer Federation of California (CFC) announced via news release it will oppose the ballot measure. CFC President Richard Holober was quoted as saying the CPRA “initiative would grant big business greater latitude to invade the privacy of consumers and workers than is permitted under current law.” The four-paragraph statement provided no specifics, however.

What’s going on? It’s not at all clear following Privacy Beat’s phone discussions with both Alastair Mactaggart, the prime author of the new initiative, or Richard Holober, the long-time president of the Consumer Federation of California.

Mactaggart, a Bay Area real-estate developer who took up the online privacy issue a few years ago, says he expects he is going to be painted as somehow now weakening online privacy with his CPRA initiative. He said he’s “disappointed” in the federation’s announcement, and what he calls a storyline that “somehow this (the CPRA) would make it impossible to change things into a  more privacy-centric way or format in the future.”

In a telephone discussion, Holober declined to be specific about the provisions of CPRA to which the federation objects. He said he could do so in 10 days, adding, “We are at a certain juncture here [related to campaign politics] and there are certain deadlines which are imminent,” he said, adding: “We are not showing our cards right now.”

Both Holober and Mactaggert said most advocacy groups have not yet announced support or opposition to the CPRA ballot initiative. But Mactaggart has already picked up a key supporter emerged this week with the July 1 endorsement of Mactaggart’s proposal by Common Sense Media and its CEO, James P. Steyer. “ This year, the people of California have a chance to make us the first state with a Privacy Protection Agency to enforce those rights and hold Big Tech accountable,” Steyer said.



Does your organization need customized privacy compliance solutions? ITEGA  can help.

We bring together support you need to approach compliance with CCPA, GDPR if needed, and future privacy legislation as it emerges.

Learn More


Ad-tech panelists agree on uncertainty — and the need for cooperation over response to CCPA, browser signals

Five data-privacy experts traded perspectives on the California Consumer Privacy Act (CCPA) during a Interactive Advertising Bureau (IAB) webinar and the key take-away — there is much uncertainty and a need for cooperation.

“We kind of need a universal definition of ‘sale’ or this is going go the way of Do No Track,” Sundeep Kapur, a lawyer in the privacy-security practice of the DC law firm Paul Hastings, observed during the webinar, “CCPA and User-Enabled Global Privacy Controls.”

Another area of uncertainty — how data users should interpret a digital signal sent by the user’s web-browser software about tracking or the “sale” of data? “How do we establish intent?” asked Aruna Sharma, group VP, attorney and privacy officer at Xandr, the advertising and analytics division of AT&T’s Warner Media. “How do you interpret a signal? It is hard to do that without a framework.” Consumers will be confused if different web services treat signals differently.

“All of this splintering could be avoided if we could agree on some standards,” added Alex Cone, senior director of product management at the IAB Tech Lab.  Otherwise, “the result for the consumer is really crappy.”

Opaque tracking of users across websites is seen as privacy invading in the current regulatory and policy climate, the panel observed. On the other hand, a web in which no identity of any kind can be preserved across websites is potentially not a good consumer experience. “The iron is you have to start tracking spoke things because otherwise how will it work [aross sites],” said Sharma.


RTB inventor says today’s ad-tech is dead, IAB can’t help, and it’s time to help publishers build atop privacy

“Real Time Bidding” (RTB), the advertising-placement technology that works closely with personal data gleaned from privacy-breaking third-party cookies, was co-invented and advanced by Brian O’Kelley, the former founder and CEO of ad-tech firm AppNexus before it was sold to AT&T.

Now O’Kelley, in a June 26 Zoom conversation with Privacy Beat, is saying RTB should be “killed by privacy issues” and ad-tech companies should pivot to helping publishers run “ethical, privacy-centry advertising businesses.”  He says the current system is collapsing and it is not clear yet what will replace it.

“I think privacy is not orthogonal to advertising,” says O’Kelley. “I think we just made it that way. Let’s come up with a privacy world for advertising…where we don’t need individual identity and we build standards around that. We need to be able to count, we need a counting standard.”

His comments amplify what he said in 2019 congressional testimony. O’Kelley is now living in Italy and working on a startup aiming to improve the global supply chain for raw materials and “thinking about how factories work and about sustainability.”

It’s time to in-effect “declare bankruptcy” for the system that delivers programmatic advertising as well as the way journalism has been funded in recent history.  “You can’t compromise on this,” he says. “Just stop.”  Points O’Kelley made in the discussion with Privacy Beat:

  • Publishers “sold their soul” to ad tech for revenue and they should now withdraw from using real-time bidding systems, creating ad-placement scarcity and “get control of their audience back.” He continues: “We don’t need all this ad tech. That’s what I’ve told publishers to do and they all look at me like I’m absolutely crazy.”

  • The Interactive Advertising Bureau (IAB) can’t be relied upon to solve challenges involving advertising, data and privacy because its membership is conflicted, putting IAB “in a difficult position.”  It would require IAB members, including Google, “to want to blow up their own business model, which they are not going to do.”

  • It’s time to do away with newspapers that print Associated Press copy and instead focus solely on local information, he says, adding: “That model can work with advertising, I think.”  But he says he is “bearish” on how to solve the problem of getting essential news to people who can’t afford to pay for it. “We are now having inequality of wealth but also inequality of knowledge,” he says. “To get the real news, high-quality journalism requires subscribers.”



Like what you see? Then recommend to a friend.

Subscribe to Privacy Beat

New York Times details exit from most third-party data advertising; pledges transparency; ‘not a black box’

The New York Times provides new details on its intention to abandon the use of third-party cookies and data in its advertising business — not just because it is a privacy-aware move supported by Times readers, but because leadership believes it will ultimately drive revenues and profits.

“We want to be transparent and we are privacy focused [and] we don’t want to be another platform black box,” Jay Glogovsky, senior director of revenue analytics and operations, said during  a webinar discussion with two executives of ad-tech company LiveIntent.  “We plan on no longer supporting third-party targetable data for our advertising business in 2021.”

Glogovsky says The Times spent many months surveying thousands of their own readers and users and the key insight, he says, is that most of them said they would willingly share information about their interests with The Times. “The results were very positive and said clearly, yes, we will give you information about ourselves voluntarily to have a better ad and product experience,” Glogovsky said in June 30 webinar now archived.

He said The Times felt it had a responsibility to the news industry generally, given its technology and marketing resources and quality journalism, to take the lead in pivoting to a more “first-party” direction relationship with advertisers and Times readers.  He said it might be hard for smaller organizations to do so.  “If you have data and it is worth the effort, you have got to commit, you can’ take a one foot in and one foot out approach,” he said.

The Times has now built the capability to target content based upon the emotional reactions of readers and began July 1 to test it with a 45-segment list of attributes. The Times will still sell and accept quality programmatic advertising that is privacy complaint, said Glogovsky, because it is highly profitable, but wants to makes sure that Times direct-sold advertising “is still the optimal channel.”







In white paper, Public Knowledge’s Harold Feld proposes “customer network information statute”

“Over the last few years, the conversation around digital platforms has shifted from “is there a need for regulation” to “what regulation do we need.” As noted in The Case for the Digital Platform Act, it took 20 years from the first tentative efforts to regulate radio and telephone service until the creation of the Communications Act of 1934. While we would hope that Congress will move considerably more quickly to create a comprehensive regulator for this increasingly important sector of the economy, we anticipate that it will not happen all at once…The proposed draft platform Customer Proprietary Network Information statute is a simple and straightforward measure designed to address a well-documented concern in the digital platform space. This approach has a history of success in telecommunications networks. Properly adapted, it should work as either a stand-alone statute or as part of a broader set of policies designed to promote competition. The impact of the COVID-19 pandemic shifting increasing amounts of shopping online, and the rising concern that a handful of platforms are increasingly aggressive in their efforts to undermine competition, makes this proposal both extremely timely and important to implement.”

– Excerpt from the white paper “Mind Your Own Business: Protecting Proprietary Third-Party Information from Digital Platforms,” (July 6, 2020) by Harold Feld of Public Knowledge.


Privacy Beat is a weekly email update from the Information Trust Exchange Governing Association in service to its mission. Links and brief reports are compiled, summarized or analyzed by Bill Densmore and Eva Tucker.  Submit links and ideas for coverage to

Share Share

Tweet Tweet

Share Share

Forward Forward




Copyright © 2020 Information Trust Exchange Governing Association, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp