An ambitious effort by the ad-tech and advertising industries to establish a standard for how privacy and identity work on the open web, bypassing browser software, advanced this week.

The Trade Desk Inc., a big, public ad-tech vendor and operator, said it had submitted to an ad-industry consortium details of its Unified ID 2.0 (UID 2.0) hashed-email identity service. The details were received by the Partnership for Addressable Media (PRAM), which last week put out a call for such submissions.  It is not yet clear what role PRAM intends to play in vetting or recommending UID 2.0. It said it wanted code “contributed” for “collaborative development.”

• Trade Desk submits Unified ID 2.0 code to PRAM for technical review | Allison Schiff, AdExchanger.com | RELATED STORY

• Add SpotX: Independent ad tech and publishers rally behind The Trade Desk Unified ID 2.0 | Ronan Shields, AdWeek.com |  RELATED STORY

Ad-tech is racing to outflank Google and Apple as those two dominant web-browser makers advance plans to bring control of user identity — and thus privacy — within the browser.  That is seen by ad-tech as a body blow to the business of sharing user data for ad targeting.  (See, QUOTE OF THE WEEK, below) Trade Desk says UID 2.0 is an “open-source, encrypted framework that represents an alternative to third-party cookies.”

PRAM says more than 400 companies and trade associations are participating in its work, including leading brands, agencies, ad tech partners and platforms — and a few publishers. The group  has delegated technical specifications and review to the IAB Tech Lab, another trade organization consisting most of ad-tech companies, platforms and a more significant number of publishers.

Also last week, SpotX joined a list of companies saying the would support UID 2.0 by recognizing identities shared in the UID 2.0 format.  The list includes IRIS.TV , The Washington Post, OpenX, Neustar, Mediavine, PubMatic, Magnite, Index Exchange, Nielsen, Criteo and LiveRamp. Several, including Neustar, Critero and LiveRamp have competing identity-sharing offerings.

The industry-trade source AdWeek, which has covered the UID 2.0 and PRAM activities, wrote in August that publishers want independent governance of UID 2.0 and “a say in how it’s run.” Reporter Andrew Bluestein wrote, “a non-biased governing body needs to be formed to police misuse.”

Trade Desk has said its UID 2.0 code will be “open source” and governed by an independent entity. AdWeek reported it was intended to be “non-commercial.” However, it is not clear who the entity will be, or whether Trade Desk would be prepared to relinquish any rights to the code.

In Thursday’s submission announcement, Trade Desk said UID 2.0 will be “managed and operated by independent, objective third parties as soon as the functional areas of the ID are working at scale.”

A UID 2.0 overview document provided by The Trade Desk says “overarching core principles” include that UID2 will be non-proprietary, interoperable and accessible to “all constituents in the advertising ecosystem that abide by a code of conduct . . . . “  It says UID2 will have “independent governance” and will be “operated by an unbiased third party, with a transition expected in mid-2021. The Trade Desk is providing the working code and framework only to get it off the ground.”  It adds, “the related code will be open sourced.”

ITEGA, sponsor of this newsletter, has offered to play a role in the governance of how user identity (and resulting privacy standards) works on the web from its position as a 501(c)3 nonprofit, public-benefit organization. It would be similar to ICANN, the entity that governs domain names on the global web.

MORE AD TECH 

• The Virus, Privacy And Google Are Making Digital Marketing Better | Augustine Fou, Forbes.com
• VENDOR VIEW: Second-party data rising star in Uncertain future? | Lori Walker Gosnell, Neustar
• MARKETER VIEW:  Ad fraud is out of control, and it’s only getting worse | Pete Morgan, Metia Group via BtoBMarketing.net
• LiveRamp CEO Scott Howe On The Great Identity Shakeup Of 2021 | Ryan Joe, AdExchanger.coM

WASHINGTON BEAT 

• Public Citizens urges Biden to protect consumers’ online privacy | Al Jazeera | RELATED STORY 
• What The Biden Presidency Means For Privacy, Consumer Protection And Antitrust | Allison Schiff, AdExchanger.com
• Silicon Valley does the math on a divided Senate | Owen Thomas, San Francisco Chronicle
• CEO’s plea: It’s time for a federal privacy law in the United States | Ameesh Divatia, CEO, Baffle
• Legal expert Kirk Nahra says prospects improve for privacy under Biden | Marianne Kolbasuk McGee, BankInfoSecurity.com
• Biden and Section 230: New administration, same problems for Facebook, Google and Twitter as under Trump | Jessica Guynn, USAToday.com
• Section 230 liability law is likely to be reviewed under Biden | Rachel Lerman, WashPost.com
• Biden’s appointments at FTC, FCC likely signal aggressive regulation of big tech | Tyler Sonnemaker  BusinessInsider.com
• New FTC interim chair Rebecca Kelly Slaughter has a get-tough-on-tech record around privacy, ad-tech | Wendy Davis, DigitalNewsDaily/MediaPost.com

STATEHOUSE BEAT

• Oklahoma state senator files “opt-in” privacy bill | Kevin Severin, OKCFox.com
• RELATED STORY
• Virginia And Oklahoma join Washington, New York and Minnesota considering privacy bills | David Stauss, Husch, Blackwell LLP law firm
• Privacy legislation proposed in New York and Minnesota | David Stauss, Husch Blackwell law firm
• NY Assembly reintroduces “opt-in” NY Privacy Law | David Klein, Klein Moynihan Turco law firm
• Cuomo floats privacy legislation as part of NY ‘State of the State’ | Governor’s website
• Washington state privacy act back as SB 5062 | Rick Morgan, Puget Sound Business Journal | RELATED STORY
• Washington Privacy Act Reintroduced – Third Time’s the Charm? | Eric Rosenkoetter, Maurice Wutscher LLP
• What the new Washington Privacy Act says — seven points | Vorys, Sater, Seymour and Pease LLP
• Nearly 22,000 Illinois Walmart workers could get share of $10 million privacy settlement | Lauren Zumbach, Chicago Tribune | RELATED STORY

The “open” Internet isn’t meeting the business or privacy needs of  publishers or advertisers when compared with “walled garden” platforms such as Facebook, but efforts now underway could change that, according to participants in the second of three public webinars organized by the Information Trust Exchange Governing Association.

The series, “Identity, Advertising and the Future of Journalism,” features virtual roundtables of discussants and public viewers. The Jan. 21 session was moderated by Wally Snyder, founder and president of the Institute for Advertising Ethics, and produced with support of the Donald W. Reynolds Journalism Institute and Craig Newmark Philanthropies.  (VIEW ARCHIVED VIDEO) ( Passcode: R*2*ZW0?  )

From the remarks of their executives, it sounded as if advertising technologists believe the only way to compete with Facebook, YouTube and other technology platforms is for publishers to do two seemingly contradictory things — first, give users control over their privacy and use of data and then, be able to “address” them with targeted advertising as efficiently as Facebook claims to do. The current programmatic, real-time-bidding system, doesn’t do either, they said.

“We have to stand up as an advertising industry and acknowledge we messed up,” said Travis Clinger, and executive of data-warehousing and ad-tech company LiveRamp. “We lost the trust of the consumer and we built a horribly inefficient ecosystem. The walled gardens focused on addressability.” He added:  “As an industry we have to lean much more into the consumer privacy changes and be much more transparent ot the consumer.”

READ MORE 

GOOGLE AND CONTENT PAYMENT

• An Australia With No Google? The Bitter Fight Behind a Drastic Threat | Damien Dave, NYTimes.com
• The U.S. asks Australia to reconsider a plan to make Google and Facebook pay for news | Sarah Scire, The Guardian UK |  RELATED STORY
• OPINION:  Tech giant’s Senate testimony shows how far it is prepared to go to resist real regulation | Peter Lewis, The Guardian UK
• Google and French publishers sign copyright news payment deal | The Associated Press
• Google inks agreement in France on paying publishers for news reuse | Natasha Lomas, TechCrunch.com | GOOGLE’S STATEMENT
• OPINION: Can Google and Facebook fix the $108B news industry they helped to break? | Alex Webb, BloombergNews.com

ANTITRUST

• Reuters reports Biden is considering appointing antitrust “czar” | Diane Bartz & Nandita Bose, Reuters PLC
• ABA lawyer panel reviews privacy enforcement environment | Aaron Burstein, Kelley Drye law firm |  MAGAZINE PDF
• Behind the Google-Facebook deal that is the focus of an antitrust suit | Daisuke Wakabayashi & Tiffany Hsu, New York Times

MEDIA MIX 

• More than eight-in-ten Americans get news from digital devices | Elisa Shearer, Pew Research Center
• Local Media Consortium teams with Mather Economics on subscription services | Rob Williams, PublishersDaily/MediaPost.com
• OPINION: Three steps to help treat America’s debilitating information disorder |  Karen Kornbluh & Ellen P. Goodman
• As consumers spend less time with ad-supported media, what impact will publishers feel? | Rob Williams, PublishingInsider/MediaPoste.com

PRIVACY BUSINESS 

• DuckDuckGo search traffic up 62% in 2020 as users seek privacy | Coral Murphy Marcos, USAToday.com
• DuckDuckGo hits search milestone as online privacy war escalates | Chris Davies, SlashGear.com
• U.S. government “NIST Privacy Framework” celebrates first year in existence | NIST.gov
• Toronto/Berlin startup Private AI sees opportunity helping businesses | Hessie Jones, Forbes.com

The idea that consumers might want to have an “authorized agent” who helps manage their privacy and identify preferences was advanced this week in a column by New York Times tech writer Shira Ovide, headlined: “How to Make Data Privacy Real.”  The Jan. 19 column follows a Jan. 7 ITEGA webinar in which the idea was also discussed.

Most of Ovide’s column is about the California Privacy Rights Act (CPRA), adopted by the state’s voters in November and starting to take effect this year.  She recites the rights it provides for California residents to control how companies collect or use personal data.

“But the California law also envisioned the possibility of ‘authorized agents’ that would exercise data rights on our behalf,” Ovide writes, adding: “Instead of you filling out 100 forms to ask 100 companies to delete your data, you would pick a privacy assistant to do it for you.”

She cites a test underway by Consumer Reports to do just that.

“The most intriguing idea is that the privacy assistant might just be a web browser where you check a box once and each site you visit then gets an automated notice to prohibit the personal information collected there from being shared or sold,” she concludes. “Think of it as a version of the telemarketer ‘Do Not Call’ list.   Such an approach is already in code.  It’s called Global Privacy Control.

In the IETGA webinar, Richard Whitt — president of the Glia Foundation and a Mozilla fellow who spent more than a decade as a strategy executive at Google Inc. — suggested publishers consider an additional business model besides advertising and subscriptions, operating as “information fiduciaries” to help their  users with identity, privacy and finding information.

The idea of an “information fiduciary” was first popularized following a 2014 blog post and 2015 journal article by Yale Law School Prof. Jack M. Balkin. The Information Valet Project at the Reynolds Journalism Institute at the University of Missouri has also explored the idea of an “information valet.” starting in 2008.

CALIFORNIA PRIVACY 

• California’s CPRA puts privacy rights in spotlight (includes chart) |  Mark Smith, BloombergLaw.com | VIEW CHART
• Seven privacy groups urge advocates be appointed to CPRA enforcement agency board | Maureen Mahoney, ConsumerReports.org | LETTER SENT
• California Privacy Rights Act: A Move Closer to GDPR? Part II | Alicia Baiardo & Alicia Baiard0, McGuire Woods law firm
• Is a service provider (CCPA) really the same thing as a processor (GDPR)? | David Zetoony, Greenberg Traurig law firm
• CCPA requires oversight over data vendors | Rich Vestuto, Duff & Phelps
• Six Compliance Tips for California Privacy Rights Act (CPRA) | Don Nicastro, CMSWire.com
• VENDOR VIEW:  Seven key changes to California privacy law in CPRA | Andrew Burt, Navex Global

PERSONAL PRIVACY

• Internal Facebook Memo Tells Employees to Do Better on Privacy | Alex Kantrowitz, OneZero/Medium.com
• Austrian court, in Schrems case,  finds Facebook’s terms of service gives consent to ad targeting | Robert Bateman, Digital Privacy News
• Examine Spotify: How Companies Use Personalization to Leverage Our Surrendering of Data | Asa Hiken, Digital Privacy News
• AUDIO: Talking about “identity” and anonymity with Brendan Riordan-Butterworth | Rob Beeler, BeelerCast
• A wrap up on the WhatsApp privacy debacle: Planned all along? | Soshana Wodinsky, Gizmodo.com
• WhatsApp Fueled A Global Misinformation Crisis. Now, It’s Stuck In One | Pranav Dixit, BuzzFeedNews.com
• Tencent has been caught spying on your web browsing history with QQ Messenger | Caleb Chen, Privacy News Online

APPLE-GOOGLE-FACEBOOK  PRIVACY LABELS

• Facebook may take 7% revenue hit from Apple privacy changes | Eric Benjamin Seufert, MobileDevMemo.com
• Here’s What Google Didn’t Say in Its Promises About Our Privacy | Soshana Wodinksy, Gizmodo.com
• There’s still no sign of privacy labels on most of Google’s iOS apps. Why? | Juli Clover, MacRumors.com | RELATED STORY
• Google still isn’t complying with major new iPhone privacy rules, but why? | Chris Smith, TrustedReviews.com
• Apple’s iOS app “privacy nutrition labels” — what you need to know | Melanie Weir, Business Insider

COVID-19 AND PRIVACY 

• Poor privacy safeguards may be hindering COVID-19 testing | Kaylana Mueller-Hsia and Laura Hecht-Felella, Brennan Center for Justice
• Privacy fears grow over Singapore virus tracking | Nor Arlene Tan, ArabNewscom