Digital advertising is getting more automated and driven by data. Cookies is the most common user-tracking technology but it is not very efficient and is regulated. In the presentation, I describe methods like supercookies and device fingerprinting and ways how users can get aware of who is tracking them. Made for New York University in Prague.
7. Behavioral targeting refers to..
..a range of technologies and techniques used by online website
publishers and advertisers which allows them to increase the
effectiveness of their campaigns by capturing data generated by
website and landing page visitors.
http://en.wikipedia.org/wiki/Behavioral_targeting
flickr credit: https://www.flickr.com/photos/small_realm/
8. When done without the knowledge of users,
it may be considered a breach of browser security
and illegal by many countries' privacy, data
protection and consumer protection laws.
http://en.wikipedia.org/wiki/Behavioral_targeting
flickr credits: https://www.flickr.com/photos/thefasterdanish/
10. Technology Platforms (will) Rule the
Advertising World: Programmatic Buying
Advertising
space /
Publisher
SSP
Campaign /
Brand
Data Management Platform (DMP)
Advertising Space supply Demand / Buying Advertising space
DSP
See the „Behind the banner“ infografic to see the process.
11. Technology Platforms (will) Rule the
Advertising World: Programmatic Buying
*http://www.forbes.com/2010/04/08/citigroup-mastercard-amazon-technology-data-companies-10-bundle.html
Advertising
space
SSP Kampaň
Data Management Platform (DMP)
Advertising Space supply Demand / Buying Advertising space
DSP
1st Party Data 2nd Party Data 3rd Party Data
Data generated
by clients‘ campaigns
and websites
Data generated
by all campaigns
on platforms
Data purchased
by vendors (AddThis,
AmEx, Visa, Citi*)
13. Data Collection is Mostly Based
on Browser Cookies
1. A piece of data stored in your computer
2. It loads browsers sends it back
3. Serve to remember stateful information or record browsing
activities
4. Esp. 3rd party cookies serve to compile long-term records
of individuals browsing history => Object of regulation by EU
etc.
http://en.wikipedia.org/wiki/HTTP_cookie
14. Cookies and browsing history data can reveal
a lot about users
„Web browsing history is
inextricably linked to personal
information. The pages a user
visits can reveal her location,
interests, purchases,
employment status, sexual
orientation, financial challenges,
medical conditions, and more.
Examining individual page loads
is often adequate to draw many
conclusions about a user;
analyzing patterns of activity
allows yet more inferences.“
(in Mayer and Mitchell, 2012)
Try the Collusion in your own browser.
15. But Cookies are also Very Benefical to the
Internet Economy..
o Comfort: remembering logins, functions of websites,
personalization, recommendations
o Content: people not willing to pay for content and
services, advertising is a proven model
o Measurement: understand visitors behavior to
improve services
o Social networking: Facebook functionalities, Sharing
buttons, Discuss
16. HERE COMES THE EU
TO SAVE THE POOR USERS
FROM BAD COOKIES
AND DANGEROUS
ADVERTISING…
17. Principals of EU Cookie Regulation
https://www.youtube.com/watch?v=gMaaxptSCoI
18. Is it the End of Digital? Nope.
http://adage.com/article/digitalnext/online-privacy-eu-cookie-law-death-digital/234950/
19. But it regulates only browser cookies
(and in a bad way), does EU knows?
21. Other User-tracking Methods: Supercookies
and Device Fingerprinting
Supercookies (a.k.a. flash cookies)
o Regular computer cookies are browser
based. This means you can easily
remove them via browser tools. Super
cookies are more difficult to detect and
remove from your device because they
will not be deleted in the same way.
o ScanScount (advertisers) abuse
of supercookies (read more)
o Google AdID: more user-friendly
and respectful to privacy but can be
connected to your real ID (Gmail,
Google+)
Device fingerprinting
o Based on JavaScript
o Collects data about the device
o In particular, a fingerprint that carries
no more than 15-20 bits of identifying
information will in almost all cases be
sufcient to uniquely identify a
particular browser, given its IP address,
its subnet, or even just its Autonomous
System Number
o Lets try: https://panopticlick.eff.org/
more on google AdID: http://www.digitaltrends.com/opinion/what-is-google-adid-and-how-will-it-replace-
browser-cookies/#!FxMs5
(in Eckersley, 2010)
23. Other User-tracking Methods: Why Are
Supercookies and Device Fingerprinting used?
1. Bypass regulations (read more and more)
2. Regeneration of lost/deleted cookies
(together with IP adress)
3. Multiplatform tracking (read more)
24. How can people protect themselves
1. Awareness:
Privacychoice.org, Collusion, Ghostery
2. Browser Cookies Regulations:
Opt-out, Do Not Track
3. Blocking:
JavaScript, use TorButton, and certain
types of smartphone
26. Finally, the Advertising is not the Harmful One,
but Collects and Uses Data that Can Be
Abused.
o Advertisers won‘t collect your data if you don‘t want to
share them (Evidon example), but will offer benefits in
exchange for data (Google already does it)
o Education of end-users is a key: how to manage my
data and how to prevent its misuse
o Transparency and security of data on data platforms
providers
29. Used and Related Sources
o MAYER, Jonathan R. a John C. MITCHELL. Third-Party Web Tracking: Policy and Technology. 2012 IEEE
Symposium on Security and Privacy. IEEE, 2012, s. 413-427. DOI: 10.1109/SP.2012.47. Dostupné z:
http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=6234427
o ECKERSLEY, Peter. How Unique Is Your Web Browser?. Panopticlick: How unique and trackable is your browser?.
2010. Dostupné z: https://panopticlick.eff.org/browser-uniqueness.pdf
30. Flickr Credits
o Advertising helps me decide by https://www.flickr.com/photos/57053300@N04/
o Data center by https://www.flickr.com/photos/small_realm
o Girl with screen by https://www.flickr.com/photos/thefasterdanish/
o Cookie monster by https://www.flickr.com/photos/bacteriano/
o Cuperman by https://www.flickr.com/photos/jdhancock/