Assessing the Google “Topics” targeting pivot; why should dominant Chrome browser be in any control position at all?

Observers are trying to assess Google’s intentions with its announcement this week that it is killing off its cohort-based “FLoC” ad-targetting-in-the-browser idea after a lot of criticism — and replacing it with a new proposal with a different approach. But the new idea — “Topics” — still puts Google’s dominant browser “Chrome” at the center of ad targeting.

The Wall Street Journal’s story said “Topics” was the result of privacy-advocates pushback and would “give marketers less granular information about web users . . . . “  The New York Times account called Topics  “potentially a huge shift for the digital advertising industry” which, still, might be no less alarming to advertisers and regulators.

The new idea was all explained from Google’s perspective in a Jan. 25 announcement, a “Get to Know Topics” narrative by Vinay Goel, product director, Google Chrome Privacy Sandbox, and in a detailed GitHub “explainer.”  Instead of a complicated system for putting browser users into anonymized “cohorts”, Topics would have the browser software constantly review all your clicks, periodically assign you three from among at least 300 initial interests and give them to advertisers.

Apparently included is some way to give the user some way of adjusting the three submitted interests. But yet to be decided, perhaps, is whether a “default” setting on the browser would have Topics turned off unless a user specifically “opts-in” — as would probably be required in the European Union, and perhaps also in some U.S. states.

The change will produce more FUD (fear, uncertainty, doubt) in the advertising, publishing and ad-tech industries as to Google’s intentions. Possibilities include (a) Offer a somewhat more privacy-aware user tracking solution to keep ahead of FTC and California privacy scrutiny? (b) Provide a minimalist alternative to killing off the third-party cookie, which absent any other change will hurt Google’s advertising competitors? (c) Appease antitrust regulators?

“A lot of Google’s post-cookie ad system (whicih they brand as “Privacy Sandbox”) is being built because antitrust regulators are watching them,” wrote CafeMedia’s Don Marti in a personal-opinion post to the Harvard-Berkman ProjectVRM listserve. He says Google “would be a lot better off if they kicked Chrome out of the nest as its own open-source org with a nice trust fund and search ad deal . . . . “ Otherwise Marti speculates, Google will end up with an onerous antitrust consent decree.

So-called “relevant” and “interest-based” advertising is based on flawed theories of what motivates purchasing, ProjectVRM founder “Doc” Searls wrote to the same listserve. “The massively ironic fact remains that Google is great at contextual advertising that isn’t personal, and can do fine without trying to personlize everything through unwelcome tracking. Might even do better.”

The most obvious question, from an ITEGA perspective: Why a piece of privately controlled software which provides near-monopoly gatekeeper access to large chunks of the web should be managing privacy and identity rather than a government or public-benefit nonprofit managing a level playing field? Especially when it controls the largest chunk of the web’s advertising ecosystem as well?

Below is a selection of other stories about “Topics”

‘TOPICS’ AND PRIVACY 

• Google proposes a new way to track people around the Web. Again. | Gerrit De Vynck, WashingtonPost.com
• Google kills FLoC, introduces Topics API as its next-gen targeting tech | George Nguyen, SearchEngineLand.com
• Google kills off FLoC, replaces it with Topics API proposal | Frederic Lardinois, TechCrunch.com
• Google’s Topics API for Chrome will serve ads better as it tries to build more ‘private’ browsing | Tech Desk at IndianExpress.com
• Google drops FLoC and proposes new Topics API for replacing third-party cookies | Abner Li, 9to5Mac.com
• Google unveils latest “Privacy Sandbox” initiative — Topics API | Allison Schiff, AdExchanger.com

RELATED: Put a hold the third-party cookie crumble?

A group of German publishers and advertisers is asking European Union regulators to stop Google from deciding which third-party cookies to banish from its Chrome browser in 2023, saying that interposes Google into their relationship with their users.  The plea came in a lawsuit filed last week.   “Publishers must remain in a position where they are allowed to ask their users for consent to process data, without Google capturing this decision,” the group, including Politico Publisher Axel Springer and Germany’s federal association of digital publishers, said in a 108-page complaint to the European Commissioner for Competition Margrethe Vestager. Google’s response to the complaint is well-covered in TechCrunch’s report.

• German publishers ask EU to delay Google’s crush of third-party cookies | Financial Times via  AdExchanger.com
• German Publishers Reportedly Urge EU To Prohibit Google From Blocking Cookies | Wendy Davis, MediaPost.com
• German publishers run crying to E.U. over Google’s plan to remove TP cookies | John Gruber, DaringFireball.net

ANTITRUST

• ROUNDUP: Facebook and Google face big legal challenges | Caitlin Bassett, MindMatters.ai
• Senate Panel Approves Antitrust Bill Restricting Big Tech Platforms | Ryan Tracy, Wall Street Journal via Benton Institute
• Google Urges Judge To Gut Texas-Led Antitrust Lawsuit | Wendy Davis, DigitalNewsDaily/MediaPost.com | GOOGLE’S STATEMENT
• Google antitrust suIt update: Fresh Concern Over Google’s Alleged Ad Auction Rigging | Catherine Perloff, AdWeek.com | AUTHOR’S TWEET
• FTC’s Antitrust Suit Against Facebook Survives Motion to Dismiss | Yo W. Shiina, Constantine Canon law firm

IDENTITY

Later in 2022, you won’t be able to access your IRS data unless you signup with a private id company. How’d that happen?

Two news stories in the last week underscore a policy debate that’s not happening in the United States — should the government or a private company control the “authentication” and login to government services such as the Internal Revenue Service (IRS) or social security?

A relatively short new story published with video to the CBS News site report that the IRS will begin in mid-2022 to require that if you want to access your tax information online you will have to sign up using technology of a private vendor, ID.ME, and existing IRS logins will no longer work. “The IRS says the move is necessary to protect taxpayers from potential identity theft,” CBS reports, adding: “But privacy advocates say it’s invasive and point out that the company behind ID.me has a spotty record in verifying people’s identities.”

A much longer, investigator piece, ran Jan. 20 on Bloomberg News with the headline, “How Did ID.me Get Between You and Your Identity?”  It details the history and funding of ID.me, which under a different name was originally a participant in an Obama-administration effort to create a competitive private marketplace for identity-management of access to federal government programs.

But now ID.me’s relationship with the IRS is exclusive, according to the reporting by Bloomberg’s Shawn Donnan and Dina Bass.

Here’s a rather long, but sentient section of their story, as a fair-use excerpt:

“Which problems the government should tackle on its own, and which are best left to the private sector has long been the subject of a fierce debate in America. It’s a partisan divide seen with President Biden’s attempts to get a new social spending package through Congress. But when technology is involved, there’s often a more united belief that the marketplace is better equipped to deliver a solution—whether it’s transporting supplies to the International Space Station or developing vaccines.

“That idea was reinforced with the Obama administration, when it struggled to roll out effective insurance portals after the Affordable Care Act took effect in 2010, and then the following year with the National Institute of Standards and Technology’s digital identity plan. Jeremy Grant, who oversaw that implementation, says when Obama ceded the task of policing digital identities to the private sector, aware that anything resembling a national identity card would be a hard sell with conservatives, “the thesis was that you could have industry solve this for you.”

“A decade later, though, Grant thinks Washington relinquished too much control to companies like ID.me. He now leads the Better Identity Coalition, which is composed largely of financial-services firms such as JPMorgan Chase, Wells Fargo, and Equifax. It’s pushing legislation in Congress that would require a bigger government role in verifying digital identities, for fear that for-profit contractors such as ID.me may come to dominate the function.”

PERSONAL PRIVACY 

• RESEARCH: Americans as resistance to targeting segments as they are to being targeted individually | Laurie Sullivan, DigitalNewsDaily/MediaPost.com
• HARRIS POLL: Brand overconfidence? People feel they are falling short on privacy | Trishla Ostwal, AdWeek.com
• Seismic changes in consumer privacy attitude subject of industry forum | Alexandra Carter, AdWeek.com
• Nothing Sacred: These Apps Reserve The Right To Sell Your Prayers | Emily Baker-White, BuzzFeedNews.com
• OPINION: “My Dishwasher Wants to Spy on Me!”  | Thom Hartmann, HartmannReport.com
• iOS 15 Patched Security Hole That Could Have Exposed Users’ Private Apple ID Information to Third-Party Apps | Chris Hauk, MacTrast.com
• How to Hide Your IP Address From Trackers in Safari | Tim Hardwick, MacRumors.com

BROWSERS, PLATFORMS AND PRIVACY 

• TWEETSTREAM: How long before Google Chrome is the only browser that sites work with? | Robin Berjon’s thread
• Hobson’s choice? A technical takeout on why browser choice is important — and waning | Alex Russell, Infrequently.org
• Google Faces New Lawsuits Over Alleged ‘Dark Patterns’ in Fight Over Privacy | Connor Smith, Barrons.com
• Four Attorneys General Claim Google Secretly Tracked People | Cecilia Kang, NYTimes.com
• A new lawsuit accuses Google of sneakily tricking people into letting it track their location data | Katie Canales, BusinessInsider.com | COMPLAINT NEWS RELEASE | LAWSUIT DOCUMENT
• Google Seeks Dismissal of Ad Practices Suit | Tripp Mickle & Keach Hagey, WSJ.com
• In the Big Tech Metaverse, is privacy an option? | Paulius Masiliauskas, Entrepreneur.com

AD TECH

Ryan asserts IAB Europe is functionally unable to achieve intention to stop ad-tech personal-data violations of EU law

Perennial privacy crusader Johnny Ryan, of the non-profit IIrish Council for Civil Liberties,  has fired yet another salvo at the ad-tech industry, and particularly the Interactive Advertising Bureau’s European operation. He says there is no practical way for the IAB to audit and stop the exchange of personal information billions of times per day across the “real-time bidding” (RTB) programmatic ad system.  (See Quote of the Week, below, for details). 

IAB Europe can’t audit what 1000+ companies that use its TCF system do with our personal data | Johnny Ryan, Irish Council for Civil Liberties | TWITTER STREAM

“​​A crawler on an end-user device cannot see what happens between companies servers,” Ryan asserts in his review of how he thinks IAB Europe functions.. “It is impossible for IAB Europe to independently monitor the movement of RTB data behind the scenes between companies’ servers. It can not observe what is sent in the bid request, or what companies it was sent to, or who those companies then passed that data on to, and what each company did with it. This ‘server-side’ problem is insoluble, and is the consequence of RTB’s inherent insecurity.”

AD TECH AND PRIVACY 

• ANALYSIS: Even If Targeted Online Advertising Isn’t Banned – Take Note Of Which Way The Wind Is Blowing | Allison Schiff, AdExchanger.com
• VENDOR VIEW: Valid Consent: Building Trust and Demonstrating Compliance | Alex Cash, OneTrust.com via StreetFightMag.com
• As Facebook pushes a replacement for its increasingly weak tracker, advertisers weigh privacy risk and reward | Kate Kaye, DigiDay.com

EU & UK PRIVACY 

• EU Parliament takes first step toward new restrictions on ad targeting | Perry Stein, Quentin Ariès and Cat Zakrzewski, WashingPost.com
• What is the EU Digital Services Act and how will it impact Big Tech? | Sandor Zsiros, EuroNews.com
• European Parliament approves, 530-78, initial proposal to ban some targeted ads | Business-Standard.com | RELATED STORY
• EU Parliament approves Digital Service Act with reference to ad targeting | IAPP Daily Dashboard (with link)
• EU Plan to Fix Internet Privacy: Be More Like Apple? | Morgan Meaker, Wired.co.uk
• Europe’s top privacy regulator, Wojciech Wiewiórowski, calls for ban on political microtargeting | Natasha Lomas, TechCrunch.com | DOCUMENT
• Fines for breaches of EU privacy law spike sevenfold to $1.2 billion in 2021 | Ryan Browne, CNBC.com
• Europe’s Move Against Google Analytics Is Just the Beginning | Matt Burgess, Wired.co.uk

GOOGLE ANALYTICS ILLEGAL IN EU?

• Austrian DPA Finds Use of Google Analytics Outside of EU Constitutes a GDPR Violation | Scott Ikeda, CPOMagazine.com
• Austrian DPA’s Google Analytics decision could have ‘far-reaching implications’ | Jennifer Bryant, IAPP Staff
• Is Google Analytic now illegal in the EU? | Cory Underwood, cunderwood.dev | A GOOGLE ANALYTICS ALTERNATIVE
• After Austria’s decision, will the use of Google analytics no longer be permitted? | Nina Witt & Lars Boer, Plom Rotterdam law firm | RELATED REPORT
• Guernsey data-protection authority removes Google Analytics from its website | via IAPP News Blog
• Analyzing French sanctioning Google and Facebook for not allowing users to easily refuse cookies | Sylvain Naillat, Nomos law firm
• French data authority issues guidance on reuse of personal data by processors | Magalie Dansac Le Clerc, Baker McKenzie law firm

GLOBAL PRIVACY 

• Canadian ad-tech industry prepares approach to privacy | IAPP Dashboard Digest
• Explainer: Privacy reform in Australia as seen by activist group | DigitalRightsWatch.org.au
• Google claims Australian high court ruling would force it to ‘censor’ the internet | I. Bonifacic, Engaget.com
• Sixteen-member committee formed to implement Thailand’s new data-privacy law June 1 | Suchit Leesa-Nguansuksuchit, BangkokPost.com

AD “SURVEILLANCE” DEBATE HEATS UP

Industry piles on criticism of Democrat-filed “surveillance advertising” proposal; what advertising would benefit?

The latest — and toughest — Democrat-led effort to respond to privacy concerns with web advertising drew instant criticism from the advertising, ad-tech and general business sectors, all but ensuring the “Banning Surveillance Advertising Act,” will likely become merely a vessel for hearings and negotiations. In their statement filing the bill, Sen. Cory Booker, D-N.J., declared: “Surveillance advertising is a predatory and invasive practice.”  Backing the bill were 13 named privacy groups, and seven academics prominent in privacy policy circles.  | TEXT OF BILL | BACKGROUNDER ON BILL

• REACTION: Ad industry decries massive impact threatened by Eshoo, Booker bill | Kendra Clark, TheDrum.com
• Proposed Ban On Behavioral Targeting Draws Opposition From IAB, Others | Wendy Davis DigitalNewsDaily/MediaPost.com
• ANALYSIS: New Democrat Bill Seeks to Ban Many Forms of Targeted Advertising | Alysa Hutnik, Jessica Rich & Alexander Schneider, Kelley Drye & Warren LLP

Criticism focused on claims that a major change in the way advertising is handled on the web would cost jobs and revenues.  But one observer, CafeMedia’s Don Marti, wrote in a personal blog: “A surveillance ad ban won’t make people buy less stuff, but in the absence of surveillance ads, different gatekeepers will be more important.”  He said obvious winners would be purveyors of advertising based on search-engine optimization strategies, affiliate programs, search advertising and content marketing.

WASHINGTON WATCH

• Efforts to Rein In Big Tech May Be Running Out of Time | Cecilia Kang & David McCabe, NYTimes.com
• Finding a middle ground on “private right of action” privacy logjam | Paula Bruening, Casentino Strategies, via IAPP
• FTC expected to act on “surveillance” and deceptive behavior during 2022 | Jessica Rich, Kelley Drye law firm
•  BACKGROUND: Cataloging federal privacy bills and status | Christian Auty et al., Bryan Cave Leighton & Paisner
• Privacy policy predictions offered for 2022: More state and federal actions | Kelley Drye law firm
• Top privacy issues in 2022: States, FTC, platform moves, GDPR transfer, incremental Congress | Kelley Drye law firm

STATEHOUSE BEAT 

• Comprehensive privacy bills introduced in Mississippi, Vermont, action in Virginia, Kentucky and Maine | U.S. Privacy Digest via IAPP
• BUSINESS-BACKED RESEARCH: The Looming Cost of a Patchwork of State Privacy Laws | Information Technology and Information Council via Benton Institute | FULL REPORT
• How to comply with California privacy laws — a primer | Mary Costigan et al., Jackson Lewis PC | RELATED PRIVACY COMPLIANCE ADVICE
• State privacy law update: Action in 10 states followed | David Stauss, Husch Blackwell LLP
• Reading comments on CPRA — ad industry doesn’t like GPC signal compliance | Allison Schiff, AdExchanger.com
• AUDIO: A discussion about Consumer Report’s role in state privacy debates | David Stauss, Husch Blackwell law firm

PRIVACY BUSINESS 

• Privacy Tech Startup Caden Launches With $3.4 Million In Pre-Seed Funding |. Allison Schiff, AdExchanger.com

JOURNALISM

• Media leaders wonder about subscription “wealth gap” from paywalls | BusinessInsider.com
• What do readers want? The Atlantic has their five-point list | Emily Goligoski,TheAtlantic via NiemanLab.org
• Sixteen future-minded thinkers predict where journalism will be in 15 years | Politico.com
• A plea by a one-time outside to rebuild authority of journalism institutions | John Harris, Politico.com

UPCOMING EVENTS

• WEBINAR: Privacy Priorities for 2022: Legal and Tech Developments to Track and Tackle | Jan. 26, Kelley Drye law firm
• WEBINAR: Patchwork Penalty: The Hidden Toll of State Privacy Laws | Jan. 27, Info Tech & Innovation Foundation
• CONFERENCE/VIRTUAL: Annual Leadership Meeting (ALM), Feb. 7-10, New York City, Interactive Advertising Bureau
• IAPP Global Privacy Summit 2022 | April 12-13, Washington, D.C. | (discount offer)
• LIST: Omidyar Good ID project lists upcoming identity gathering