british-regulator

Do Google ad-tech concessions address competitors’ concerns? British antitrust regulator seeks comment by Dec. 17

A little-known British regulatory authority is emerging as a key arbiter of privacy and commerce on the Internet, as it parries with Google over the future of advertising technology. At issue is the way advertisers are able to track and target messages to individual consumers, and Google’s “Privacy Sandbox” initiatives for the Chrome browser. 

Google is trying to become more privacy conscious, and its primary method for doing so involves new technology within the Chrome browser, which it controls and which is used by the vast majority of web consumers. Competitors are worried that could give Google an even stronger market position in advertising than it already has. Into this interplay over privacy and competition steps the United Kingdom’s Competition and Markets Authority (CMA).  

The big news on Friday, Nov. 26 was that Google began to spell out in a blog post how it will mollify the CMA, and the CMA issued a statement explaining its view of the negotiation status.   The CMA seeks public comment on the negotiations by Dec. 17. Competitors will be scrutinizing both documents carefully, looking for ways that Google might continue to find advantage.  

For example, here’s what CafeMedia’s Don Marti wrote on Nov. 16 based on what was public at that time:  “​​The existing Google commitments to CMA would not only fail to limit impactful and hard-to-measure anti-competitive tactics but would also send a clear warning signal to all other participants in the market that these tactics are still available to Google.  Marti’s post raises two points which do not appear to be covered by Google’s newly announced “offer” to the CMA: 

• Google collects user activity as part of its advertising-tech services used by a plurality of publishers to run their ad businesses.  Is Google willing to promise that it would not use those data to improve targeting in its own advertising business?  In Friday’s blog post, Google says: “ We are underscoring our commitment not to use Google first-party personal data to track users for targeting and measurement of ads shown on non-Google websites. Our commitments would also restrict the use of Chrome browsing history and Analytics data to do this on Google or non-Google websites.” The CMA statement also said Google “has offered to . . .  clarify the internal limits on the data that Google can use . . . . “
   
• If the Chrome browser is re-engineered to deny cross-site tracking, who will decide which sites are entitled to be affiliated and thus can share data?  For example, will the Chrome browser be set to allow Google.com to share cross-site user data with its YouTube.com sister company? What about publishers united within a Single Sign On service? 

[Full disclosure: Marti has served as a technical advisor to ITEGA, the sponsor of Privacy Beat, and ITEGA has proposed to govern a federated Single Sign On service for news publishers.]

RELATED LINKS: 

• Google proposes Privacy Sandbox commitments to address UK regulator’s concerns | Maria Deutscher, SiliconAngle.com
• Privacy Sandbox saga continues: UK watchdog extracts more commitments from Google over ad tech | Richard Speed, TheRegister.com | GOOGLE’S STATEMENT | BRITISH REGULATOR’S STATEMENT | RELATED STORY
• Google tries to counter critics of Privacy Sandbox plan | Ben Martin, TheTimes(UK)
• Google makes Privacy Sandbox pledge to UK competition watchdog amid fears over grip on online advertising | Adam Sherwin, iNEWS.UK
• Google agrees with UK’s CMA to deeper oversight of Privacy Sandbox | Natasha Lomas, TechCrunch.com
• Google to develop Privacy Sandbox: This is how it will work | OrissaPost.com

PLATFORMS AND PRIVACY 

• Amazon facing pressure over data privacy ahead of holiday shopping season | Elissa Salamy, Sinclair via KOMONews.com
• OPINION: The Amazon Privacy Nightmare | Micah Sifry, OneZero.Medium.com
• Why Facebook Shutting Down Its Old Facial Recognition System Doesn’t Matter | Emily Baker-White, BuzzFeedNews.com

WASHINGTON WATCH 

• U.S. lawmakers call for privacy legislation after Reuters report on Amazon lobbying | Chris Kirham & Jeffrey Daskin, Reuters PLC
• FTC Privacy Probe of Amazon Ring Puts Khan’s Agenda in the Spotlight | Josh Sisco, TheInformation.com ($)
• Lawmakers could strip FTC powers in response to Khan’s activist agenda | Claude Marx, mlex/Lexis-Nexis

EU & UK PRIVACY 

Outgoing British privacy regulator says Google’s privacy ideas “not yet fully realized”; tracking “as is” a non-starter

Britain’s outgoing privacy czar, Information Commissioner Elizabeth Denham, says Google has work to do to make good on privacy-protecting innovations in advertising technology, and she says the way consumers are now tracked on the web “is not an acceptable response.”

Elizabeth Denham’s comments are  in a  47-page white paper, “Data protection and privacy expectations for online advertising proposals,” dated Nov. 25. “There is a window of opportunity for proposal developers to reflect on genuinely applying a data protection by design approach,” she writes, adding: “Any proposal that has the effect of maintaining or replicating existing tracking practices . .  .is not an acceptable response to the significant data-protection risks that the commissioner has already described.” (See: QUOTE OF THE WEEK, below, for exempts from Denham’s white paper)

RELATED LINKS: 

• EU Parliament committee adopts targeted ads ban in DMA | IAPP News Blog | COMMITTEE’S STATEMENT | RELATED STORY
• ANALYSIS: In outgoing white paper, UK privacy watchdog warns adtech the end of tracking is near | Natasha Lomas, TechCrunch.com | WHITE PAPER BY ELIZABETH DENHAM | RELATED STORY
• Irish regulator hit with criminal complaint by privacy watchdog Max Schrems’s noyb | Natasha Lomas, TechCrunch.com | SCHREMS BLOG POST
• Italy Slaps Apple, Google With $11 Million Fine For Using User Data Without ‘Explicit’ Consent | Joseph Henry, TechTimes.com | RELATED STORY
• WhatsApp rewrites its Europe privacy policy after a record €225 million GDPR fine | Tom Bateman, EuroNews.com | RELATED STORY
• Issuing GDPR Fines Is One Thing, Collecting Them Is Another; UK ICO Struggling To Enforce Actions as 74% Of Penalties Remain Unpaid | Scott Ikeda, CPOMagazine.com

TRANSFERING DATA FROM EU 

• Confusion about meaning of ‘Schrems II’ impedes global data flows | Lynn Goldstein, IAPP Contributor
• Defining “transfer” of  data outside of Europe grows clearer | Tom Gates, ReedSmith law firm | RELATED ARTICLE
• British ICO consults on new draft international data transfer proposals | Oliver Bray, Reynolds Porter Chamberlain law firm

AD TECH, PRIVACY, TRUST 

• AUDIO: Mozilla building, experimenting with privacy-preserving ad tech | Allison Schiff, AdExchanger.com
• It’s time to rebuilt ad tech based upon trust, Accenture consultant says | Peri Shamsai, Accenture via AdExchanger.com
• Apple iOS14 privacy update impacted advertiser’s QT3 earnings | Lara O’Reilly, BusinessInsider.com ($)
• Why consumer privacy is Google’s advertising ace in the hole | Adam Dorfman, SearchEngineLand.com
• BACKGROUNDER: Are These Emerging Titans Of AdTech Credible Competition To Google And Facebook? | John Kotsier, Fortune.com
• First-Party Vs. Third: It’s Not So Black-And-White | Allison Schiff, AdExchanger.com
• Alternate identifiers now figure in advertising deals for two thirds of publishers | Max Willens, DigiDay.com ($)

Harvard accepts “GoodID” project from Omidyar, to “study possibility of digital identity across a range of domains

“GoodID” — An effort funded primarily by billionaire tech entrepreneur Pierre Omidyar to focus attention on how user identity is shared and transferred across the web will now be managed by a unit of 

Harvard Law School, the Berkman-Klein Center for Internet and Society, the GoodID email blog reported last week. 

“Starting in 2022, the Berkman Klein Center will steward #GoodID,” wrote Robert Karanja, responsible-tech director at Omidyar Network, adding, “we agreed that #GoodID will now move to an academic institution to grow and evolve.”  The change was also detailed in an Omidyar news release and on the Berkman Klein website.

Launched in 2019, the #GoodID channels and the larger Good ID movement have served as a catalyst for ideas, solutions, policy and tech for government-issued IDs, data trails and the ethics surrounding decentralized identity systems, the blog report says. 

“Berkman Klein is committed to studying the possibilities of digital identity across a range of domains and geographies,” Berkman Managing Director Lis Sylvan says on the center’s website.  “We’re excited to share our work and engage with and learn from the communities that have been drawn to ideas and debates around #GoodID.”

PERSONAL PRIVACY 

• Microphone-enabled smart devices are a huge privacy concern, but most of us aren’t aware of it | Tibi Puiu, ZMEScience.com
• Firefox Relay: Mozilla’s privacy-focused email platform | Jack Wallen, TechRepublic.com
• Black Friday: These Webshops Gather Your Personal Information | David Janssen, VPNOverview.com
• How to Stop Your Phone From Tracking You? Switch Off These Trackers Right Now | Joseph Henry, TechTimes.com
• Spam texts, calls, and emails are out of control. Here’s how to fix it | Erika Rawes, DigitalTrends.com
• How to make your iPhone and iPad as private as possible | Heather Kelly, WashingtonPost.com

GLOBAL PRIVACY & IDENTITY

• Digital ID Tech is Moving Fast. #GoodID Will Ensure it Doesn’t Break Things | Robert Karanja, Omidyar Network | RELATED STORY
• Apple sues Israeli spyware firm NSO Group for surveillance of users | Stephanie Kirchgaessner, TheGuardian.com
• China’s new privacy law leaves U.S. behind | Ashley Gold, Axios.com
• Explained | Does India’s data protection Bill have safeguards on privacy? | P.J. George, TheHindu.com | RELATED STORY
• OPINION: In India, isn’t right to privacy a fundamental right? | R. Srinivasan, TheHunduBusinessLine.com
• Prominent judge says Indian data protection bill is Orwellian, loaded in favor of government | Swathi Moorthy & Chandra R. Srikanth, MoneyControl.com

NEWS, TECH AND LAW 

• How Twitter Blue does subscriptions differently | AdExchanger.com
• Federal appeals panel says a Tweet could be a form of malice | Wendy Davis, MediaPost.com
• Australian tycoon to help small publishers strike deals with Google, Facebook | Byron Kaye and Renju Jose, Reuters PLC
• The Hedge Fund Takeover of Local News Is Neither Inevitable Nor Unstoppable | Steve Waldman, WashingtonMonthly.com
• MasterCard setting precedents on recurring-charge disclosures | Ellen T. Berg et al., Venable LLP law firm

PRIVACY BUSINESS 

• Privacy and Data Protection Laws Stimulate the Technology Market and Growth of New Startups in the Sector | Gabrieler Stahler, CPOMagazine.com
• SURVEY: Privacy Rules Top The List Of Digital Challenges In 2022 | Nina Lentini, MediaPost.com

UPCOMING EVENTS

• VENDOR WEBINAR: Identity Resolution in the Cookieless World | Nov. 29, Telium.com vs. EMarketer.com
• WEBINAR: Understanding Digital Data Flows: Beyond the Basics of Online Advertising | Nov. 30, Future of Privacy Forum
• WEBINAR: Understanding Information Governance, Data Privacy, and Data Breach Exposure | Dec. 1, HaystackID.com (vendor)
• WEBINAR: European Data Protection & Privacy Conference | Dec. 2, Forum Europe
• WEBINAR: Addressability Solutions Roadshow | Dec. 8, IAB Tech Lab 
• LIST: Omidyar Good ID project lists upcoming identity gathering