Google And Ad Tech Body Are Still Not Protecting Our Data

Fortunately, we are now living in an era where data protection laws are taken seriously as Google yet again falls into legal trouble along with IAB Tech Lab, for developing technical standards that target the interests of a person related to health, sexuality, politics and ethnicity.

The complaint was first registered last year by Brave, a private web browser, regarding how the ad tech industry and Google are breaching the data protection laws. They even submitted evidence to the British and Irish data protection authorities stating that sensitive categories such as “mental health”, “infertility”, “Asians and diaspora” and “lesbian, gay, bisexual and transgender” are slowly making their way into online advertising.

Google and the IAB Tech Lab together replied that the category of an ad depends upon the content on a web page instead of any personal data gathered through an individual's actions on the internet. In fact, Google also claims that its policies are very strict against any such advertiser who would even try to target individuals with sensitive personal information.

However, if we look at the kind of design that the whole industry is operating on currently, breaches are bound to happen.

Whenever a user visits any website which is a part of ad auctions, it broadcasts your personal data openly to hundreds of companies or brands who then bid according to categories in order to show you their ads. This automatically puts the personal data at risk.

A detailed explanation of the process also further indicates that businesses using Google’s Authorised Buyers ad exchange can offer to buy ads that would then specifically appear on websites having the content of “pregnancy and maternity” or “depression” etc. On the other hand, Advertisers using the IAB Tech Lab categories too can choose their targets from “blood disorders”, “digestive disorders” or “Buddhism” etc.

Europe’s General Data Protection Regulation, which is currently investigating numerous complaints, has a no tolerance rule for any company belonging to the online advertisement economy when it comes to protecting the sensitive information of a user. Google even affirmed them about their compliance with GDPR for all of its services but nothing related to the content categories of ads has been reviewed as of yet.

Content categories are developed with encrypted identifiers which primarily includes information of the user’s location, device type, or zip code.

For the short term, these companies should take responsibility of all the personal data that they pass or receive via the bid-stream which should also be in accordance with the jurisdiction.

However, IAB and Google will also have to revamp the whole design of their advertising business in order to overcome this challenge.

Google And Ad Tech Body Are Still Not Protecting Our Data
Photo: Getty Images
Previous Post Next Post