There’s hardly any word you hear more from tech giants like Apple, Facebook and Google than “privacy” these days. However, for ad blocker and privacy-focused browser vendor Ghostery, what they mean when they say privacy isn’t what you mean when you use that word.
“Everyone is redefining privacy to their advantage in many ways,” Ghostery CEO Jean-Paul Schmetz told me recently. TechFirst podcast.
“But obviously, I think privacy should be defined from the user’s perspective, right… that’s the only perspective that counts.”
For example, Apple’s App Tracking Transparency defines privacy as companies not sharing data they’ve collected about you with other companies without your permission… not companies collecting data about you, period. Google’s often delayed removal of the third-party cookie (it just delayed again recently) will prevent cross-site tracking, which is good for privacy, but doesn’t hurt Google at all because Google has a first-party relationship with you. And Facebook’s increasingly detailed privacy settings describe in excruciating detail who (besides Facebook) can see everything about you, but do little to protect you from the big social network you give everything to.
So even with all the talk, talk, talk … we’re still naked in the dark on the web, at least when it comes to our personal data and digital behavior.
“Some data points are leaked for every American 750 times a day, and Europeans are at … 360 times a day,” says Schmetz.
In other words, this behemoth of legislation, GDPR, which has forced more mouse clicks (to accept or reject cookies) than any other law in history, has only succeeded in halving Europe’s exposure to data privacy .
The interesting thing, according to Schmetz, is that all this data collection, done in the name of making ads more relevant and effective, doesn’t really fulfill its purpose.
“I don’t think we’d lose as much to advertising or machine learning if people collected data in a way that didn’t automatically expose their users’ lives,” says Schmetz. “It’s really possible to do it. We’ve proven it many times, you know, academically, etc. it’s possible. It just can’t be done because there’s no reason to be. Neither users nor governments nor anyone else is really pushing in this direction.”
There is evidence that publishers, especially news outlets, can earn more by skipping layers of adtech targeting (each of which takes its share of the revenue) and simply enabling contextual ads that don’t require personal information. The Irish Council for Civil Liberties, for example, quotes a Norwegian news agency that quadrupled revenue for contextual ads over tracking-based ads over 12 months, and a Dutch publisher that increased revenue by 149%.
And Google’s Privacy Sandbox, still in development rather than widespread release, is actually a technology intended to enable this, keeping targeting data on the device so that relevant ads can be shown to the right people without downloading of their data, exposing their data, or compromising their identity.
However, it’s not clear that very specific small brands can adequately use contextual targeting to reach niche audiences… even if publishers are doing better.
Regardless, Schmetz says Google is actually moving to break privacy-enhancing tools by changing the way extensions can work on its Chrome browser.
“They have a lot of different policies, but the one you’re addressing about anti-tracking basically tells us that you can block a request but you can’t modify it,” says Schmetz. “But if you can only block… the site is no longer working. And you can’t remove IDs like we do at Ghostery to say, “Look, the web is working as it’s meant to, it’s just that your IDs aren’t coming through.”
Translation: the Ghostery Chrome extension cannot modify data coming out of the browser that would give a website your personal information. The extension can only block it, which means a website you want to use won’t work.
Understandably, Google has concerns: an extension that can read and modify the data your browser sends and receives could, in the wrong hands, be a great tool for collecting cash from banks or draining crypto from user wallets.
However, Schmetz has a point:
“The truth of the matter is that Google has become a monopoly in browsing, because you know Edge is also based on Chromium,” he says. “Firefox is not as strong as it used to be and gets all its revenue from Google. And Google thought they can now squeeze the extension ecosystem.”
This is something that Europe’s new digital markets law could address, given that Google dominates many areas: search, email, browsers and more. DMA may force divestment, and this is a potential challenge for Google in the coming years. Apple is not immune: by owning the iPhone and iOS and the App Store, it controls what happens on its platform and who can access it.
Big tech in general – Facebook, Amazon, Microsoft as well as Google and Apple – could face similar problems, many of which go back to data.
Data is a wonderful thing, but it has its challenges, says Schmetz.
“The data sets that are being manufactured are a bit like the nuclear waste of the 21st century, aren’t they? Like… nuclear power is great, but it has this waste problem, and the web and machine learning is great, but it has this waste of all this data that’s been collected and really shouldn’t be there.”