Do Google ad-tech concessions address competitor concerns?British antitrust regulator asks comment by Dec. 17

Privacy Beat

Your weekly privacy news update.



Do Google ad-tech concessions address competitors’ concerns? British antitrust regulator seeks comment by Dec. 17

A little-known British regulatory authority is emerging as a key arbiter of privacy and commerce on the Internet, as it parries with Google over the future of advertising technology. At issue is the way advertisers are able to track and target messages to individual consumers, and Google’s “Privacy Sandbox” initiatives for the Chrome browser. 

Google is trying to become more privacy conscious, and its primary method for doing so involves new technology within the Chrome browser, which it controls and which is used by the vast majority of web consumers. Competitors are worried that could give Google an even stronger market position in advertising than it already has. Into this interplay over privacy and competition steps the United Kingdom’s Competition and Markets Authority (CMA).  

The big news on Friday, Nov. 26 was that Google began to spell out in a blog post how it will mollify the CMA, and the CMA issued a statement explaining its view of the negotiation status.   The CMA seeks public comment on the negotiations by Dec. 17. Competitors will be scrutinizing both documents carefully, looking for ways that Google might continue to find advantage.  

For example, here’s what CafeMedia’s Don Marti wrote on Nov. 16 based on what was public at that time:  “​​The existing Google commitments to CMA would not only fail to limit impactful and hard-to-measure anti-competitive tactics but would also send a clear warning signal to all other participants in the market that these tactics are still available to Google.  Marti’s post raises two points which do not appear to be covered by Google’s newly announced “offer” to the CMA: 

  • Google collects user activity as part of its advertising-tech services used by a plurality of publishers to run their ad businesses.  Is Google willing to promise that it would not use those data to improve targeting in its own advertising business?  In Friday’s blog post, Google says: “ We are underscoring our commitment not to use Google first-party personal data to track users for targeting and measurement of ads shown on non-Google websites. Our commitments would also restrict the use of Chrome browsing history and Analytics data to do this on Google or non-Google websites.” The CMA statement also said Google “has offered to . . .  clarify the internal limits on the data that Google can use . . . . “
  • If the Chrome browser is re-engineered to deny cross-site tracking, who will decide which sites are entitled to be affiliated and thus can share data?  For example, will the Chrome browser be set to allow to share cross-site user data with its sister company? What about publishers united within a Single Sign On service? 

[Full disclosure: Marti has served as a technical advisor to ITEGA, the sponsor of Privacy Beat, and ITEGA has proposed to govern a federated Single Sign On service for news publishers.]




Does your organization need customized privacy compliance solutions? ITEGA  can help.

We bring together support you need to approach compliance with CCPA, GDPR if needed, and future privacy legislation as it emerges.

Learn More


Outgoing British privacy regulator says Google’s privacy ideas “not yet fully realized”; tracking “as is” a non-starter

Britain’s outgoing privacy czar, Information Commissioner Elizabeth Denham, says Google has work to do to make good on privacy-protecting innovations in advertising technology, and she says the way consumers are now tracked on the web “is not an acceptable response.”

Elizabeth Denham’s comments are  in a  47-page white paper, “Data protection and privacy expectations for online advertising proposals,” dated Nov. 25. “There is a window of opportunity for proposal developers to reflect on genuinely applying a data protection by design approach,” she writes, adding: “Any proposal that has the effect of maintaining or replicating existing tracking practices . .  .is not an acceptable response to the significant data-protection risks that the commissioner has already described.” (See: QUOTE OF THE WEEK, below, for exempts from Denham’s white paper)




Harvard accepts “GoodID” project from Omidyar, to “study possibility of digital identity across a range of domains

“GoodID” — An effort funded primarily by billionaire tech entrepreneur Pierre Omidyar to focus attention on how user identity is shared and transferred across the web will now be managed by a unit of 

Harvard Law School, the Berkman-Klein Center for Internet and Society, the GoodID email blog reported last week. 

“Starting in 2022, the Berkman Klein Center will steward #GoodID,” wrote Robert Karanja, responsible-tech director at Omidyar Network, adding, “we agreed that #GoodID will now move to an academic institution to grow and evolve.”  The change was also detailed in an Omidyar news release and on the Berkman Klein website.

Launched in 2019, the #GoodID channels and the larger Good ID movement have served as a catalyst for ideas, solutions, policy and tech for government-issued IDs, data trails and the ethics surrounding decentralized identity systems, the blog report says. 

“Berkman Klein is committed to studying the possibilities of digital identity across a range of domains and geographies,” Berkman Managing Director Lis Sylvan says on the center’s website.  “We’re excited to share our work and engage with and learn from the communities that have been drawn to ideas and debates around #GoodID.”






Like what you see? Then recommend to a friend.

Subscribe to Privacy Beat


In 47 pages, Denham summarize the major privacy and business issues facing advertising technology on the web 

  • Below are excerpts from a 47-page white paper report by Elizabeth Denham, outgoing head of the Information Commissioners Office in Great Britain, entitled: “Data protection and privacy expectations for online advertising proposals.”  The report is a comprehensive, readable, highlighted and bullet-pointed summary of the major technology and social issues concerning the “tracking” of Internet users for commercial purposes. 

“Online advertising enables advertisers to reach individuals with their products and brands, while helping organisations to generate income to fund their online services. It supports a large ecosystem of advertising technology (adtech) providers, publishers, and advertisers . . .  

“Behind it stands a complex web of data processing involving the profiling, tracking, auctioning, and sharing of personal data. The reliance on personal data means data protection law has an important role to play in building trust and confidence, and in protecting the public from personal data misuse . . . Technologies used in online advertising, and the way they are deployed, have the potential to be highly privacy intrusive . . . . 

“Since 2019, industry has developed several initiatives that seek to address the risks adtech poses and shift towards less intrusive tracking and profiling practices. These include proposals from Google and other market participants to phase out the use of “third party cookies” (TPCs) and other forms of cross-site tracking and replace them with alternatives.

“ . . . The proposals from both Google and other market participants are not yet fully realised. New initiatives must address the risks that adtech poses and take account of data protection requirements from the outset. Any proposal that has the effect of maintaining or replicating existing tracking practices (such as those described in the 2019 Report) is not an acceptable response to the significant data protection risks that the Commissioner has already described . . . The Commissioner is leading initiatives to:

  • create a more transparent, user-centric approach that empowers individuals; and

  • addresses the power imbalance that exists between them and key market participants.

“User choice, consent, control and accountability must be meaningful. First and foremost, they must be shaped around compliance with the law and consideration of individuals’ interests, rights and freedoms . . . the Commissioner welcomes efforts that propose to:

  • move away from the current methods of online tracking and profiling practices;

  • improve transparency for individuals and organisations;

  • reduce existing frictions in the online experience;

  • provide individuals with meaningful control and choice over the processing of device information and personal data;

  • ensure valid consent is obtained where required; and

  • ensure there is demonstrable accountability across the supply chain.

“ . . . The Commissioner welcomes proposals to remove the use of technologies that lead to intrusive and unaccountable processing of personal data and device information, which increases the risks of harm to individuals.

“ . . .Participants should note that continued use of intrusive online tracking practices is not the right way to develop solutions. Anything that essentially results in a continuation of existing practices will not meaningfully change the status quo.”


Privacy Beat is a weekly email update from the Information Trust Exchange Governing Association in service to its mission. Links and brief reports are compiled, summarized or analyzed by Bill Densmore and Eva Tucker.  Submit links and ideas for coverage to

Share Share

Tweet Tweet

Share Share

Forward Forward




Copyright © 2021 Information Trust Exchange Governing Association, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp