Google enters shoals of privacy, discrimination and antitrust; WashPost notes fast uptake on Google-competitive “Zeus”

Privacy Beat

Your weekly privacy news update.



ABOVE FROM: Google’s cookie replacement means nothing has changed | Jacob Donnelly,

Google forges ahead into shoals of privacy, discrimination and antitrust with FLEDGE browser launch in March

Google Inc., forced to navigate its business amid the shoals of privacy, discrimination and antitrust, says it will forge ahead with changing how targetted advertising works — by running in-browser auctions that rely upon telling advertisers which “interest cohort” the user has been assigned.

The result — a thorough disruption of the current privacy-invading programmatic advertising system, which runs auctions on multiple services and spreads user data all over. But to who’s benefit? And who is driving strategy for Google’s changes — its advertising executives or those that run the Chrome browser support organization?

The initiative is now being called “FLEDGE” by Google engineer Michael Kleber as a name for a production test in its Chrome browser releases this spring of an ad-targeting technique Google last year called “FLoC” — short for Federated Learning of Cohorts. 

“When the Privacy Sandbox technology for interest-based advertising (FLoC) was first proposed last year, we started with the idea that groups of people with common interests could replace individual identifiers,” blogged Google Chetna Bindra this week. “Today, we’re releasing new data showing how this innovation can deliver results nearly as effective as cookie-based approaches . . . Chrome intends to make FLoC-based cohorts available for public testing through origin trials with its next release in March and we expect to begin testing FLoC-based cohorts with advertisers in Google Ads in Q2.

An apparently neutral summary of what FLoC does was posted to Twitter by Simon J. Harris, of  The Trade Desk, a large ad-tech firm which would be deeply affected a shift to browser-control of user ad-targeting data and auction control.

Competing skeptics and some tech reporters (see links below) said Bindra-cited new data was merely a simulation of how FLoC would operate based on a white paper, and dismissed the report as PR. The implications for the three shoals:

  • Privacy — FloC may be viewed as supporting privacy because it purports to keep user data processing within the user’s machine — in the browser — rather than scattered across thousands of servers in the current ad-tech ecosystem.
  • Discrimination — The Electronic Frontier Foundation says having the browser control what groups you are assigned to without user oversight is ripe for protected-group discrimination.
  • Antitrust — Because FloC is in the browser, and Google owns the browser used by two-thirds of web users — Chrome — there is the potential, competitors say, for FLoC to drive even more advertising services and revenue to Google than the giant share it already has. A possible solution — force Google to divest the Chrome browser — but to whom?

To be competitive on privacy with Apple and Mozilla’s browser changes, Google has said Chrome will start blocking third-party cookies sometime in 2022.  Public dialogue about what it’s doing to reduce the impact on ad-targetting generally — and within its own business — is playing out in meetings of World Wide Web Consortium (W3C) standards groups, including the Web Advertising Business Group, which is for paying W3C members only,  and the Privacy Community Group, which is public.




Does your organization need customized privacy compliance solutions? ITEGA  can help.

We bring together support you need to approach compliance with CCPA, GDPR if needed, and future privacy legislation as it emerges.

Learn More


WashPost notes fast uptake on Google-competitive  “Zeus” ad network — built on Amazon Web Services

The Washington Post Co.  remarked on Twitter this week about the growing number of newspapers who have joined its Zeus advertising platform.

“Zeus nation 2020,” The Post’s Jarrod Dicker wrote in his Tweet accompanying the map above. “Already 40 more to add in 2021.” He Tweets that the effort could “enable sustainability for all daily newspapers.”

Sara Fischer, writing at, reported this week that Zeus is gearing up to support video advertising.  She says Zeus has signed up over 125 publishers in just over a year.  She wrote that “Zeus gets stronger as more publishers sign on, and collectively optimize their ad performance based on shared insights.”   She quoted Dicker, who is the Post’s VP of commercial technology and development: “It’s all connected through this software. This is the Amazon Web Services element to the product that makes it unique.”

The Post, which is owned by Amazon CEO Jeff Bezos, has been on a major push with a large technology team to provide the backbone of cloud-based services that could help the U.S. newspaper industry to compete with the tech platforms in advertising.  Related to Zeus is the paper’s Arc publishing platform for content, subscriptions and audience segmentation.

“All the attention going to the NYT subscription numbers when WashPo is building the entire infrastructure that the publishing industry will be sitting on,” media consultant Simon Owens, then Tweeted back to Dicker.

Some industry observers privately worry about becoming dependent on an Amazon-related platform, but those who are using it generally give it high marks. This positioning is not refuted by The Post. A Dec. 20 news release on the company’s own website was headlined: “How Jeff Bezos’ Washington Post is taking on Google and Facebook with ‘insanely unique’ ad technology for publishers.





Image above supplied by the office of the California attorney general

California AG’s office signals in Tweet it will enforce compliance with blanked opt-outs under CCPA

It looks like the companies that collect private consumer data on the web will be facing a new challenge — Global Privacy Control (GPC).  California’s attorney general is sending a clear signal that it will enforce the browser plug in that allows a user to select “do not share my data” across all web services they visit, instead of having to do so manually at each separate visit.

The signal came in a Tweet this week from the account of “Attorney General Becerra.” Becerra is awaiting confirmation to serve as U.S. Secretary of Health & Human Services.  “We’re heartened to see how CCPA has spurred data-privacy innovation like Global Privacy Control.” Subsequent Tweets said GPC is already enabled on 60 million web browsers released by DuckDuckGO, Brave and Mozilla-Firefox (not net on Chrome or Safari, however).

The Becerra office Twitter account notes that the California Consumer Privacy Act “requires businesses to treat a user-generated global privacy control as a legally valid consumer request to opt out of the sale of their data.”  It continues in the same Tweet: “CCP opened the door to develop a technical standard, like the GPC, which satisfies this legal requirement and protects privacy.”





Like what you see? Then recommend to a friend.

Subscribe to Privacy Beat

Groups urge focus on FTC to address civil rights, privacy and discrimination by tech companies

Fourteen lobbying groups are asking Congress to pay attention to potential civil rights and privacy abuses among technology companies and the government itself, requesting strong oversight over the U.S. Federal Trade Commission as enforcer.

An overview of the 14 groups’ 42-page report was posted by CDT’s Alexandra Reeve Givens. It includes a link to the full report.

The groups, led by the Center for Democracy and Technology (CDT), want to see oversight hearings on “privacy harms, algorithmic accountability, and historically marginalized communities to explore the ways in which today’s inadequate protections can uniquely harm people of color and other marginalized communities.”

In another recommendation to Congress, the groups say it is essential to pass “a comprehensive national privacy law. The lack of regulation of commercial data practices leaves everyone vulnerable to abusive practices, but historically marginalized communities and communities of color are even more at risk.”

Preparation for oversight hearings should come with subpoena power to enable gathering from tech companies information related to targeting of predatory advertising and algorithmic accountability “including their procedures for ensuring compliance with civil-rights laws.”

The 14 groups are the Brennan Center for Justice, Center for Democracy and Technology, Center on Privacy and Technology at Georgetown Law, Demand Progress Education Fund, The Leadership Conference on Civil and Human Rights, The Leadership Conference Education Fund, Movement Alliance Project, NAACP Legal, Defense and Education Fund, National Hispanic Media Coalition, New America’s Open, Technology Institute, Public Knowledge, Ranking Digital Rights, UnidosUS and Upturn.




PARTICIPATE:  Identity, Advertising and Future of Journalism | Thurs., Feb. 4


Ex-FTC privacy enforcer says it’s way past time for federal law to ban harmful data use, discrimination and limit purposes

“[W]e have learned from experience, and as commerce has developed, that overreliance on “notice-and-choice” to protect privacy places an enormous and impossible burden on consumers to read the privacy policies of hundreds, even thousands, of companies that collect their data, and then make privacy choices for each of them . . . This is why recent legislative proposals have included more substantive provisions that would protect consumers regardless of notice-and-choice—for example, a ban on clearly harmful uses of data, such as racial and gender discrimination; a “duty of loyalty” companies would owe to consumers; and strict limits on the purposes for which data could be collected, used, or shared with third parties.

“[T]he world would be very different if Congress had passed such a law in 2000 . . . Such a law would also have provided the basis for subsequent amendments (whether by Congress or through FTC rulemaking) to address developments and lessons learned, including the many new business models and technologies that have emerged over the years, the need to advance beyond “notice and choice” as the primary means to protect privacy, and the relationship between consumer data and market power.

“Instead, the intervening years have brought us massive data breaches, virtually unlimited data collection online and in our public spaces, huge platforms that know everything about us and dominate the marketplace, and algorithmic predictions that create risk of bias and loss of opportunity. Consumers feel unprotected, and businesses are confused about their obligations. The FTC, despite years of effort to protect privacy using the general-purpose Federal Trade Commission Act passed in 1914, lacks sufficient authority and resources to hold companies fully accountable.

“Congress is now in a strong position to finally tackle and resolve the most difficult issues always left for “later”– including whether to preempt state privacy laws and permit private rights of action. Compromise and creativity will be essential, with the understanding that the final law must affirm baseline privacy as a core U.S. value, and provide the strong consumer protections and corporate accountability that are missing in the marketplace today.  After over 20 years, it’s time.”


Privacy Beat is a weekly email update from the Information Trust Exchange Governing Association in service to its mission. Links and brief reports are compiled, summarized or analyzed by Bill Densmore and Eva Tucker.  Submit links and ideas for coverage to

Share Share

Tweet Tweet

Share Share

Forward Forward




Copyright © 2021 Information Trust Exchange Governing Association, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp