Google pushes ahead on Privacy Sandbox | Nielsen touts proprietary plans for cross-site measurement

Privacy Beat

Your weekly privacy news update.

VIEW IN YOUR BROWSER

PLATFORMS AND PRIVACY

Google pushes ahead on “Privacy Sandbox” with quarterly timeline; not embracing competitors’ identity ideas

Google pushed ahead with new disclosures about its plans to impose its own imprint on continuing to target advertising amid new privacy laws and the abandonment of so-called “third-party cookies.” It unveiled a visual timeline, making it clear that it will push on FLoC and other “Privacy Sandbox” moves rather than embrace identity schemes proposing by competing ad-tech companies.

Meanwhile, warnings by Facebook that its ad business would suffer from Apple privacy moves were not evident in its quarterly report of booming ad sales. But Facebook did warn of a growth slowdown in the third quarter. Links explain:

Google unveils timeline for a more ‘responsible’ cookie death clock | Kate Kaye, DigiDay.com | GOOGLE’S TIMELINE
Google’s trust/privacy manager explains “Privacy Sandbox” | Chetna Bindra, Google Blog
Chrome Releases Privacy Sandbox Timeline With CMA Rules; Still Not Supporting ID Alternatives | Amy Corr, AdMonsters.com
Google updates timeline for unpopular Privacy Sandbox, which will kill third-party cookies in Chrome by 2023 | Tim Anderson, TheRegister.com
Privacy proves elusive in Google’s Privacy Sandbox | Thomas Claburn, TheRegister.com
Why Google’s new timeline to “kill cookies” irks ad tech companies | Garett Sloane, AdAge.com
Google appears to hear Schrems — will “blank” AdvertisingID | Tim Anderson, TheRegister.com
Facebook starts rolling out data-protection assessments for apps | David Cohen, AdWeek.com
Despite Apple’s privacy changes, Facebook posts record ad revenue | Joe Wituschek, iMore.com
Google decides to copy Apple Store’s “privacy labels” requirement | Ron Amadeo, ArsTechnica.com

PERSONAL PRIVACY

Few sites are making it easy for visitors to opt out of data collection | Max Willets, DigiDay.com
A priest’s phone location data outed his private life. It could happen to anyone | Heather Kelly, WashingtonPost.com
The Nightmare of Our Snooping Phones | Shira Ovide NYTimes.com
Priest outed via Grindr app highlights rampant data tracking | Associated Press
VENDOR RESEARCH: Didomi survey finds 85% of consumers consider privacy before buying | ABOUT DIDOMI
Audacity audio-editing app rewrites privacy policy “lapse in communication” | Richard Speed, TheRegister.com
Residents Voice Privacy Concerns Over License Plate Reading | Rene Ray De La Cruz, Daily Press via GovTech.com
RESEARCH: Targeted ads isolate and divide us even when they’re not political | Silvia Milano, Oxford University via TheConversation.com

Privacy Beat will be on vacation next week (Aug. 6)

We bring together support you need to approach compliance with CCPA, GDPR if needed, and future privacy legislation as it emerges.

Learn More

NIELSEN AND IDENTITY MANAGEMENT

Nielsen unveils proprietary plans for cross-site measurement of ad views with multiple identifiers

A year after signaling plans to do so, Nielsen announced this week its entry into the identity-management sweepstakes for advertising effectiveness measurement — without using so-called “third-party cookies”. Because of its status as a premium ad-industry measurement firm, Nielsen’s ideas for how to collect user data in a way that respects privacy laws will be much watched.

Nielsen’s news release claims to validate “real consumer behavior” | Nielsen via PRNewswire.com
Nielsen proposes “proprietary” ad system for non-cookie identity tracking | Jack Neff, AdAge.com
Nielsen will use machine learning against its panel data for logged-out digital traffic | Kelsey Sutton, AdWeek.com | RELATED STORY
Nielsen cross-platform approach to use “a range of identifiers” | Research-Live.com
BACKGROUND: Overhaul of Nielsen measurement methodology began a year ago | Sarah Sluis, AdExchanger.com

AD TECH

IAB Tech Lab starting GitHub site for open-source identity efforts like UID2.0 | Karlene Lukovitz, PublishersDaily/MediaPost.com | RELATED STORY
VENDOR VIEW: Data Privacy is forcing brands to get more personal: Is that good? | Tim Glomb, Cheetah Digital via AdWeek.com
ROUNDUP: Ad boom rains billions on Big Tech | Sara Fischer, Axios.com
Facebook’s ads business holds up against Apple’s privacy crackdown | Seb Joseph & Michael Burgi, DigiDay.com
Google advertising revenue rises 69% from last year | Jennifer Elias, CNBC.com | RELATED STORY
NBCUniversal Dusts Off Ad-ID Creative Identifier To Reduce Ad Repetition | Tony Rifilato, AdExchanger.com
VENDOR VIEW: How ad industry can use borrowed time to future-proof first-party data use | Trent Lloyd, Eyeota via DigiDay.com
Expert Roundup: Data-Driven Advertising’s New Playbook | Mike Boland, StreetFightMag.com
Media measurement in the data-privacy era | Pauline Wen, StreetFightMag.com

CALIFORNIA PRIVACY

Is ad industry still trying to avoid having to apply easy consumer browser privacy preference signal across all sites?

As it has done in the past, the U.S. advertising industry continues to put pressure on California privacy regulators. The latest is a letter to Attorney General Rob Bona, reported by MediaPost’s Wendy Davis, that asks Bona to back off his interpretation of the Global Privacy Control (GPC) browser extension. Bona’s office says a consumer’s expression once with the GPC flag has to be respected by all data extractors. Advertisers beg to differ. This is in the face of advice from law firms to get over it and start respecting with GPC signaling. How long before litigation begins over this? And what if the ad-tech and ad industries lose?

Ad Industry Urges California To Retract ‘Global Privacy Control’ Mandate | Wendy Davis, DigitalNewsDaily/MediaPost.com
Companies advised to begin complying with Global Privacy Control | Heather A. Antoine & Jeremy Beutler, Stubbs Alderton & Markiles, LLP
In some California privacy cases, analytics trackers are in the crosshairs — and violators could be charged by the cookie | Kate Kaye, DigiDay.com | RELATED STORY
SUMMARY: California Attorney General Mandates CCPA-Covered Businesses Honor the Global Privacy Control | Eddie Holman & Tracey Shapiro, Wilson Sonsini law firm

STATEHOUSE BEAT

Colorado’s new law ups need to prepare for privacy compliance | Calvin Marshall Jr., Chambliss, Bahner law firm | RELATED STORY
“Dark patterns” capture interest of state regulators | Catherine Zhu, Reuters PLC

ANTITRUST

In battle for privacy, antitrust watchdogs throw their hat in the ring | Mark Scott, Politico.com
State AGs Will Appeal Loss in Antitrust Case Against Facebook | Josh Sisco, TheInformation.com | RELATED STORY
Facebook early VC says Biden must play hardball with platforms | Roger McNamee via Wired.com
RESEARCH: Voters Support Enacting Stronger Consumer Protections Online, Antitrust Action for Big Tech Companies | Adam Conner et al., Center for American Progress
Big Tech is both for and against regulations | Marietje Schaake, Financial Times via Benton Institute
The F.T.C. asks for an extension to refile its Facebook antitrust suit | Cecilia Kang, NYTimes.com

FTC AND PRIVACY

Corporate America Is Building Its Own Surveillance State. Will the FTC Stop It? | Dell Cameron, GizModo.com
FTC seeks ad tech and social media experts as it shifts its approach to investigating data abuses | Kate Kaye, DigiDay.com
FTC’s Slaughter Suggests Agency Will Scrutinize Behavioral Advertising | Wendy Davis, DigitalNewsDaily/MediaPost.com
At FTC, Lina Khan has Facebook and Google rattled | Laura Hautala & Marguerite Reardon, CNET.com

VACATION! Privacy Beat will not publish on Aug. 6

Subscribe to Privacy Beat

BIOMETRIC PRIVACY

Labor, justice, privacy group names Amazon biometric devices in FTC appeal

A coalition of 48 labor, economic justice and privacy advocates — Athena — is asking the U.S. Federal Trade Commission to crack down on so-called corporate data surveillance, and its first project is to oppose Amazon’s collection of biometric data via its in-home devices.

Forty-eight consumer groups seek FTC curb of Amazon’s biometric surveillance | Edward Ongweso Jr., Vice.com | TEXT: ATHENA LETTER TO FTC | WHAT IS ATHENA?
RELATED: Corporate America Is Building Its Own Surveillance State. Will the FTC Stop It? | Dell Cameron, BusinessInsider.com
India’s national DNA data law seen to harm minorities and hurt privacy | Rina Chandran, Reuters PLC
China’s top court sets limits for private-sector facial recognition | Eva Dou, WashingtonPost.com
As Facial Recognition Technology Surges, Organizations Face Privacy and Cybersecurity Concerns, and Fraud | Joseph J. Lazzarotti et al.., Jackson Lewis PC law firm
A Canadian privacy commissioner finds Babylon health app not compliant with privacy laws | Lisa Johnson, Edmonton Journal

WASHINGTON WATCH

Common Cause says Comcast, ATT, Verizon etc. spent $235M on lobbying over two years | Jon Brodkin, ArsTechnica.com
GOP Bill Attempts to Inject Life Into Stalled Internet Privacy Talks | David Uberti, WSJ.com | SENATORS’ STATEMENT
SCOTUS TransUnion: “No Concrete Harm, No Standing” To Sue in Federal Court? | Andrew Murphy, Taft law firm
ANALYSIS: Adverse SCOTUS TransUnion class-action suit may not be as tough on privacy as first thought | Daniel T. Rockey, Bryan Cave law firm
daniel.rockey@bclplaw.com
Section 230: How it shields social media, and why Congress wants changes | Marguerite Reardon, CNet.com
Section 230 critics are forgetting about the First Amendment | Mathew Ingram, Columbia Journalism Review

AMAZON AND EU PRIVACY

Amazon fined a record $887M for violating EU privacy rules | Grace Dean, BusinessInsider.com | RELATED STORY
EU $887M fine levied on July 16 but not disclosed until July 30 Amazon 10Q | Richard Lawler, TheVerge.com
With Amazon fine, Luxembourg emerges as Europe’s unlikely privacy champion | Vincent Manancourt, Politico.EU
WhatsApp privacy case must be decided in a month, EU watchdog says | Foo Yun Chee, Reuters PLC
Lawyer takes “musical” approach to assessing GDPR’s three-year impact | Emma Burnett, CMS Legal (law firm)

GLOBAL PRIVACY

Access Now and 100 groups call for reigning in “Pegasus”/NGO surveillance | AccessNow.org | RELATED STORY
OPINION: Democratic governments must do more to stop Pegasus data surveillance | Martin Ivans, Bloomberg.com
A deep dive into Canadians’ privacy concerns | Christina Catenacci, IAPP Privacy Advisor
Odyssey of international data transfer challenges continues | Veronika Wolfbauer, schonherr law firm
China’s GDPR is coming: Are you ready? | Ken Dai & Jet Deng, Danton’s law firm | RELATED STORY
Russia fines Google for violating data storage law | Daria Litvinova, Associated Press
Canadian province gathering public comment on privacy regs | Alberta website

UPCOMING EVENTS

WEBINAR: The New Frontier: Privacy, Big Data, and Antitrust | July 27, IAPP
WEBINAR: State of Data Town Hall: Identity / Addressability | Aug. 11, Interactive Advertising Bureau
CONFERENCE: Vail Publishers Forum — Privacy, Identity, First-Party Data | Aug. 22-25, AdMonsters.com
WEBINAR: Audience Connect: Balancing privacy, personalization and safety | Sept. 15, IAB
SYMPOSIUM: “Applications of Contextual Integrity”, Sept. 30-Oct. 1, Privacy.io
WEBINAR: “Yes We Trust Summit”, Oct. 7, Didomi.io

QUOTE OF THE WEEK

With myths about consent, anonymity and self-regulation, it’s time to find privacy solutions that work, Berjon argues

The following is an excerpt from a personal blog post by Robin Berjon, who’s “day job” is to be in charge of data governance at The New York Times. He has a background developing standards for the World Wide Web Consortium and writes frequently (and personally) on identity, privacy and advertising. In this July 21 blog post, Berjon talks about privacy and consent, myths about anonymizing data and industry self-regulation. He then concludes:

“The way I see it, we have a pretty straightforward choice. We can keep loudly blustering that doing more of exactly what we’ve done for the past two decades will somehow magically lead to different outcomes, or we can actually bite the bullet, whether we like it or not, and find solutions that actually work.

“Detractors often depict privacy work as being “ideological.” If believing that people shouldn’t live in fear of their tech betraying them is ideological, I’ll take it. But there’s a purely profits-driven consideration if that’s what you want: people don’t want to be recognised across contexts, and trying to force that to happen is an arms race against users which you’ll eventually lose.

“I know that these are not easy changes. We have yet to scale a business model that does not rely on advertising (subscriptions are highly reliant on it), and much of advertising has, for a while, been privacy-hostile. Changing that is a big reinvention. But we need to reform data and advertising, despite the complexity and the risk, because it’s the only discernible path forward that has any sustainability to it.

“So with this in mind, I’d like to suggest that we stop wasting time revisiting the failed strategies of a broken system, and instead invest in making it work. There’s no path forward listening to privacy denialists and not much in the way of facts to back them up — so let’s stop pretending bullshit should have a seat at the table.”

ABOUT PRIVACY BEAT

Privacy Beat is a weekly email update from the Information Trust Exchange Governing Association in service to its mission. Links and brief reports are compiled, summarized or analyzed by Bill Densmore and Eva Tucker. Submit links and ideas for coverage to newsletter@itega.org.

Forward

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.