Presentation at CPDP
0 likes240 views
This document outlines the real-time bidding (RTB) process used for online behavioral advertising. It shows how a user's personal data is broadcast to hundreds of companies through each step, from the ad server and supply-side platform (SSP) to the ad exchange and demand-side platforms (DSPs). This allows vast amounts of personal data to be leaked daily, in potential violation of GDPR requirements for appropriate security and purpose limitation of personal data processing.
Presentation at CPDP
- 2. RTB
- 5. The Daily Bugle ExchangeExchange Exchange Exchange DSP DSP DSP DSP DSP DSP DSP DSP DSPDSP DSP DSP DSP
- 6. The Daily Bugle ExchangeExchange Exchange Exchange DSP DSP DSP DSP DSP DSP DSP DSP DSPDSP DSP DSP DSP ADVERTISEMENT
- 7. ? ? The Daily Bugle ExchangeExchange Exchange Exchange DSP DSP DSP DSP DSP DSP DSP DSP DSPDSP DSP DSP DSP ? ? ? ? ADVERTISEMENT ?
- 8. ? ? The Daily Bugle ExchangeExchange Exchange Exchange DSP DSP DSP DSP DSP DSP DSP DSP DSPDSP DSP DSP DSP ? ? ? ? ADVERTISEMENT ?
- 9. CNIL regulator caught it with 68 million illegal RTB records. Example Vectaury: a small DSP/DMP/ trading desk in France. €3.5M annual turnover in 2017 (though subsequently won a €20M investment). DSP
- 12. Is 68 million just 30%? Then this small company was sent personal data ¼ BILLION times via RTB (in just one year)
- 13. website.com This is the current process of real-time bidding that is used in online behavioural advertising. Channel of data leakage Legend Money DATA LEAKAGE IN ONLINE ADVERTISING
- 14. Ad server website.com Ad server javascript Step 1. User requests webpageThis is the current process of real-time bidding that is used in online behavioural advertising. Channel of data leakage Legend Money DATA LEAKAGE IN ONLINE ADVERTISING
- 15. Ad server SSP Step 2. Ad server selects an SSP website.com Ad server javascript SSP javascript Step 1. User requests webpageThis is the current process of real-time bidding that is used in online behavioural advertising. Channel of data leakage Legend Money DATA LEAKAGE IN ONLINE ADVERTISING
- 16. Ad server SSP Step 2. Ad server selects an SSP Step 3. SSP selects an exchange website.com Ad server javascript SSP javascript Step 1. User requests webpage Ad exchange This is the current process of real-time bidding that is used in online behavioural advertising. Channel of data leakage Legend Money DATA LEAKAGE IN ONLINE ADVERTISING
- 17. Ad server SSP Step 2. Ad server selects an SSP Step 3. SSP selects an exchange MARKETERS website.com DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP Ad server javascript SSP javascript Step 1. User requests webpage Ad exchange Step 4. Exchange sends bid requests to hundreds of partners This is the current process of real-time bidding that is used in online behavioural advertising. Channel of data leakage Legend Money DATA LEAKAGE IN ONLINE ADVERTISING
- 18. Ad server SSP Step 2. Ad server selects an SSP Step 3. SSP selects an exchange MARKETERS website.com Winningbid Ad server javascript SSP javascript Step 1. User requests webpage Ad exchange Step 4. Exchange sends bid requests to hundreds of partners DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP This is the current process of real-time bidding that is used in online behavioural advertising. Channel of data leakage Legend Money DATA LEAKAGE IN ONLINE ADVERTISING
- 19. Ad server SSP Step 2. Ad server selects an SSP Step 3. SSP selects an exchange MARKETERS website.com Winningbid Ad server javascript SSP javascript DMP DMP DMP DMP DSP DSP DSP DSP DSP Step 1. User requests webpage Ad exchange Step 4. Exchange sends bid requests to hundreds of partners Step 5. Exchange lets some DMPs/ DSPs to refresh cookie sync DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP This is the current process of real-time bidding that is used in online behavioural advertising. Channel of data leakage Legend Money DATA LEAKAGE IN ONLINE ADVERTISING
- 20. Ad server SSP Step 2. Ad server selects an SSP Step 3. SSP selects an exchange MARKETERS website.com Winningbid Ad server javascript SSP javascript DMP DMP DMP DMP DSP DSP DSP DSP DSP DSP javascript Step 6. Exchange serves winning bid Winning DSP Step 1. User requests webpage Ad exchange Step 4. Exchange sends bid requests to hundreds of partners Step 5. Exchange lets some DMPs/ DSPs to refresh cookie sync DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP This is the current process of real-time bidding that is used in online behavioural advertising. Channel of data leakage Legend Money DATA LEAKAGE IN ONLINE ADVERTISING
- 21. Ad server SSP Step 2. Ad server selects an SSP Step 3. SSP selects an exchange Step 7. DSP serves agency creative MARKETERS website.com Winningbid Ad server javascript SSP javascript DMP DMP DMP DMP DSP DSP DSP DSP DSP DSP javascript Ad server javascript Step 6. Exchange serves winning bid Agency ad server Winning DSP Step 1. User requests webpage Ad exchange Step 4. Exchange sends bid requests to hundreds of partners Step 5. Exchange lets some DMPs/ DSPs to refresh cookie sync DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP This is the current process of real-time bidding that is used in online behavioural advertising. Channel of data leakage Legend Money DATA LEAKAGE IN ONLINE ADVERTISING
- 22. Ad server SSP Step 2. Ad server selects an SSP Step 3. SSP selects an exchange Step 7. DSP serves agency creative Step 8. Assets load from CDN MARKETERS website.com AD Winningbid Ad server javascript SSP javascript DMP DMP DMP DMP DSP DSP DSP DSP DSP DSP javascript Ad server javascript Step 6. Exchange serves winning bid Agency ad server Winning DSP Step 1. User requests webpage Ad exchange Step 4. Exchange sends bid requests to hundreds of partners Step 5. Exchange lets some DMPs/ DSPs to refresh cookie sync CDN DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP This is the current process of real-time bidding that is used in online behavioural advertising. DATA LEAKAGE IN ONLINE ADVERTISING Channel of data leakage Legend Money
- 23. Ad server SSP Step 2. Ad server selects an SSP Step 3. SSP selects an exchange Step 7. DSP serves agency creative Step 8. Assets load from CDN Step 9. Agency ad server loads verification vendor MARKETERS website.com AD Winningbid Ad server javascript SSP javascript DMP DMP DMP DMP DSP DSP DSP DSP DSP DSP javascript Ad server javascript Step 6. Exchange serves winning bid Verification javascript Agency ad server Verification vendor Winning DSP Step 1. User requests webpage Ad exchange Step 4. Exchange sends bid requests to hundreds of partners Step 5. Exchange lets some DMPs/ DSPs to refresh cookie sync CDN DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP DSP This is the current process of real-time bidding that is used in online behavioural advertising. DATA LEAKAGE IN ONLINE ADVERTISING Channel of data leakage Legend Money
- 24. What’s in a bid request?
- 25. IAB OpenRTB Google Authorized Buyers
- 27. 595 different data types. Here’s a (tiny) example, from IAB technical docs…
- 29. The website this specific person is currently viewing
- 30. The website this specific person is currently viewing Various ID codes that identify this specific person, and can tie them to existing profiles
- 31. The website this specific person is currently viewing Various ID codes that identify this specific person, and can tie them to existing profiles Distinctive characteristics of this specific person
- 32. The website this specific person is currently viewing Various ID codes that identify this specific person, and can tie them to existing profiles Distinctive characteristics of this specific person Distinctive information about this specific person’s device
- 33. The website this specific person is currently viewing Various ID codes that identify this specific person, and can tie them to existing profiles Distinctive characteristics of this specific person This specific person’s IP address Distinctive information about this specific person’s device
- 34. The website this specific person is currently viewing Various ID codes that identify this specific person, and can tie them to existing profiles Distinctive characteristics of this specific person This specific person’s IP address Distinctive information about this specific person’s device Distinctive information about this specific person’s device
- 35. The website this specific person is currently viewing Various ID codes that identify this specific person, and can tie them to existing profiles Distinctive characteristics of this specific person This specific person’s IP address Distinctive information about this specific person’s device Distinctive information about this specific person’s device This young woman’s GPS coordinates!
- 37. 50 billion Real-time bidding bid requests per day Index Exchange
- 38. Index Exchange 50 billion 1. “Tour IX’s Amsterdam and Frankfurt Data Centers”, Index Exchange, 2 July 2018 (URL: https://www.indexexchange.com/tour-ix-amsterdam-frankfurt-data-centers/). 2. "OpenX Ad Exchange", OpenX (URL: https://www.openx.com/uk_en/products/ad-exchange/). 3. “Buyers”, Rubicon Project (URL: https://rubiconproject.com/buyers/). 4. "How PubMatic Is Learning Machine Learning", PubMatic, 25 January 2019 (URL: https://pubmatic.com/blog/learning-machine-learning/) 5. "Maximize yield with Oath's publisher offerings", Oath, 3 April 2018 (URL: https://www.oath.com/insights/maximize-yield-with-oath-s-publisher-offerings/) 6. 500 Billion / 29.6 = 18.6 billion impressions per day. Using AppNexus 1:11.5 ratio, this is 214 auctions per day. 500+ impressions figure cited in “Optimize your mobile strategy”, Smaato (URL: https://www.smaato.com/). 7. “Transacting at a peak of 11.4 billion daily impressions, our marketplace handles more traffic each day than Visa, Nasdaq, and the NYSE combined” at https:// www.appnexus.com/sell. Note that in 2017, AppNexus said in “AppNexus Scales with DriveScale”, 2017 (URL: http://go.drivescale.com/rs/451-ESR-800/images/ DRV_Case_Study_AppNexus-final.v1.pdf) that 10.7 billion "impressions transacted" came as a result of running 123 billion auctions. The impressions transacted to auctions ratio appears to be roughly 1:11.5. Therefore, the 11.4 daily impressions reported in 2018 equates to 131 billion auctions per day. 8. DoubleClick.Net Usage Statistics (URL: https://trends.builtwith.com/ads/DoubleClick.Net). Real-time bidding bid requests per day OpenX 60 billion2 Rubicon Project Unknown, 1 billion people’s devices3 PubMatic 70 billion4 Oath/AOL 90 billion5 AppNexus 131 billion6 Smaato 214 billion7 Google Unknown, live on 8.4 million websites8 1 Index Exchange 50 billion The biggest
- 39. Hundreds of billions of data leaks a day. (The biggest data breach yet recorded)
- 40. Everybody you have ever known
- 41. OK
- 43. SECURITY
- 44. Surfacing thousands of vendors with broad rights to use data w/out tailoring those rights may be too many vendors/permissions “ ” thousands of vendors “pubvendors.json v1.0: Transparency & Consent Framework”, IAB, May 2018
- 45. Publishers recognize there is no technical way to limit the way data is used after the data is received by a vendor for decisioning/ bidding on/after delivery of an ad… “ ” there is no technical way to limit the way data is used after Surfacing thousands of vendors with broad rights to use data w/out tailoring those rights may be too many vendors/permissions “ ” thousands of vendors “pubvendors.json v1.0: Transparency & Consent Framework”, IAB, May 2018
- 46. The MO may adopt procedures for periodically reviewing and verifying a Vendor’s compliance with the Policies. “Transparency & Consent Framework Policies, 2019-08-21.3” IAB, August 2019 “ ” may adopt Management Organisation (the IAB)
- 47. IAB UK and IAB Europe have initiated a joint workstream (subject to TCF governance processes) to develop additional commitments in relation to data security for future integration into the TCF policies. “IAB UK response to the ICO’s ‘Update report into adtech and real time bidding’” IAB UK, December 2019 “ ” joint streamwork
- 48. “Authorized Buyers Programme Guidelines”, Google, August 2018 “ ” must not: (i) use callout data ... to create user lists or profile users; (ii) associate callout data ... with third party data...
- 49. Buyer will regularly monitor your compliance with this obligation, and immediately notify Google in writing if Buyer can no longer meet … this obligation... “ ” “ ” must not: (i) use callout data ... to create user lists or profile users; (ii) associate callout data ... with third party data... Buyer will “Authorized Buyers Programme Guidelines”, Google, August 2018 DSP
- 50. GDPR, Article 5 (1) (f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
- 52. RTB broadcast, among thousands of companies Cause: Failure to enforce Article 5(1)f SECURITY
- 53. RTB broadcast, among thousands of companies Data free-for-all inside Google, a single company Cause: Failure to enforce Article 5(1)f Cause: Failure to enforce Article 5(1)b (“purpose limitation”) and also Article 9(2) requirement for “explicit consent” for special category data, and Article 7(3) “ease of withdrawal” External Internal SECURITY PURPOSE LIMITATION, BUNDLING, OFFENSIVE LEVERAGING & SELF-DEALING
- 56. N20 C02
- 57. N20 C02 Regulatory incentive CLEAN INDUSTRY Regulatory disincentive DIRTY INDUSTRY
- 58. + N20 C02 Regulatory incentive CLEAN INDUSTRY Regulatory disincentive DIRTY INDUSTRY
- 59. Ads (Personal Data) + Regulatory incentive CLEAN INDUSTRY Regulatory disincentive DIRTY INDUSTRY N20 C02 Ads (Data) + Ads (Personal Data) // The Daily Bugle
- 60. Models
- 62. Conventional “Broadcast” Behavioral Reduced data “Broadcast” Behavioral?
- 63. • What you are reading, or watching, or listening to. • Categories of the content. • Unique pseudonymous ID. • Unique ID matched to ad buyer’s existing profile of you. • Your location (can be your exact latitude and longitude). • Granular description of your device. • Unique tracking IDs / cookie match. • Highly specific timestamp. • Your IP address.* • Data broker segment ID* when available. *Depending on the version of “real time bidding” system Conventional “Broadcast” Behavioral
- 64. • What you are reading, or watching, or listening to. • Categories of the content. • Your approximate location. • General description of your device. • Your approximate IP address. • Approximate time stamp. Person in Dublin (South Dublin) is reading an article about data law on IrishTimes.com. Using Safari on an iPhone X or higher. Reduced data “Broadcast” Behavioral?
- 65. Conventional “Broadcast” Behavioral Reduced data “Broadcast” Behavioral?
- 66. Conventional “Broadcast” Behavioral Reduced data “Broadcast” Behavioral? 1 2 “Local” Behavioral 3 OFF
- 67. Conventional “Broadcast” Behavioral “Local” Behavioral Reduced data “Broadcast” Behavioral? /// 1 2 3 ON
- 68. Google display Facebook display Brave .46% .9% 12% "Brave reaches 8 million monthly active users and delivers nearly 400 privacy-preserving ad campaigns", Brave, 16 October 2019 (URL: https://brave.com/brave-reaches-8-million-monthly-active-users-and-delivers-nearly-400-privacy-preserving-ad-campaigns/); "Average display advertising clickthrough rates", Smart Insights, 10 September 2019 (URL: https://www.smartinsights.com/internet-advertising/internet-advertising-analytics/display-advertising-clickthrough-rates/); "Average click-through rate: average CTR calculator", WordStream (URL: https://www.wordstream.com/average-ctr); "Facebook Ad Benchmarks for your industry", WordStream, 27 August 2019 (URL: https://www.wordstream.com/blog/ws/2017/02/28/facebook-advertising-benchmarks). Google search 1.91% ough RateAverage Click Thr
- 69. 1. RTB broadcasts personal data widely. 2. There is no security. It is a huge and continuous data breach. 3. ‘Purpose limitation’ is Google kryptonite. Enforce the internal & external to allow a functioning market. 4. 16 months on, time to enforce.