Blog

By Jeffrey Chester The COVID-19 pandemic is a profound global public health crisis that requires our upmost attention: to stem its deadly tide and rebuild the global health system so we do not experience such a dire situation in the future. It also demands that we ensure the U.S. has a digital media system that is democratic, accountable, and one that both provides public services and protects privacy. The virus is profoundly accelerating our reliance on digital media worldwide, ushering (link is external) in “a new landscape in terms of how shoppers are buying and how they are behaving online and offline.” Leading platforms—Amazon, Facebook and Google—as well as many major ecommerce and social media sites, video streaming services, gaming apps, and the like—are witnessing a flood of people attempting to research health concerns, order groceries and supplies, view entertainment and engage in communication with friends and family. According to a marketing industry report (link is external), “nearly 90% of consumers have changed their behavior because of COVID-19.” More data (link is external) about our health concerns, kids, financial status, products we buy and more are flowing into the databases of the leading digital media companies. The pandemic will further strengthen their power as they leverage all the additional personal information they are currently capturing as a consequence of the pandemic. This also poses a further threat to the privacy of Americans who are especially dependent on online services if they are to survive. The pandemic is accelerating societal changes (link is external) in our relationship to the Internet. For example, marketers predict that we are witnessing the emergence of an experience they call the “fortress home”—as “consumer psychology shifts into an extreme form of cocooning.” The move to online buying via ecommerce—versus going to a physical store—will become an even more dominant consumer behavior. So, too, will in-home media consumption increase, especially the reliance on streaming (“OTT”) video. Marketers are closely examining all these pandemic-related developments using a global lens—since the digital behaviors of all consumers—from China to the U.S.—have so many commonalities. For example, Nielsen has identified six (link is external) “consumer behavior thresholds” that reveal virus-influenced consumer buying behaviors, such as “quarantined living preparation” and “restricted living.” A host of sites are now regularly reporting how the pandemic impacts the public, and what it means for marketing and major brands. See, for example, Ipsos (link is external), Comscore (link is external), Nielsen (link is external), Kantar (link is external), and the Advertising Research Foundation (ARF (link is external)). In addition to the expanded market power of the giants, there are also growing threats to our privacy from surveillance by both government (link is external) and the commercial sector. Marketers are touting how all the real-time geolocation data that is continuously mined from our mobile devices, wearables (link is external) and “apps” can help public health experts better respond to the virus and similar threats. At a recent (link is external) Advertising Research Foundation townhall on the virus it was noted that “the location-based data that brand stewards have found useful in recent years to deliver right-time/right-place messages has ‘gone from being useful that helps businesses sell a little bit more’ to truly being a community and public-health tool.” Marketers will claim that they have to track all our moves because it’s in the national interest in order to sanction the rapid expansion of geo-surveillance (link is external) in all areas of our lives. They are positioning themselves to be politically rewarded for their work on the pandemic, hoping it will immunize them from the growing criticism about their monopolistic and anti-consumer privacy behaviors. Amazon, Facebook, Google, Snapchat and various “Big Data” digital marketing companies announced (link is external), for example, a COVID-19 initiative with the White House and CDC. Brokered by the Ad Council, it will unleash various data-profiling technologies, influencer marketing, and powerful consumer targeting engines to ensure Americans receive information about the virus. (At the same time, brands are worried about having their content appear alongside information about the coronavirus, adopting new (link is external) “brand safety” tools that can “blacklist” news and other online sites. This means that the funding for journalism and public safety information becomes threatened (link is external) because advertisers wish to place their own interests first.) But the tactics (link is external) now sanctioned by the White House are the exact same ones that must be addressed in any legislation that effectively protects our privacy online. We believe that the leading online companies should not be permitted to excessively enrich themselves during this moment by gathering even more information on the public. They will mine this information for insights that enable them to better understand our private health needs and financial status. They will know more about the online behaviors of our children, grandparents and many others. Congress should enact protections that ensure that the data gathered during this unprecedented public health emergency are limited in how they can be used. It should also examine how the pandemic is furthering the market power of a handful of platforms and ecommerce companies, to ensure there is a fair marketplace accessible to the public. It’s also evident there must be free or inexpensively priced broadband for all. How well we address the role of the large online companies during this period will help determine our ability to respond to future crises, as well as the impact of these companies on our democracy.

Google’s (i.e., Alphabet, Inc.) proposed acquisition of Fitbit, a leading health wearable device company, is just one more piece illustrating how the company is actively engaged in shaping the future of public health. It has assembled a sweeping array of assets in the health field, positioning its advertising system to better take advantage of health information, and is playing a proactive role lobbying to promote significant public policy changes for medical data at the federal level that will have major implications (link is external)for Americans and their health.Google understands that there are tremendous revenues to be made gathering data—from patients, hospitals, medical professionals and consumers interested in “wellness”—through the various services that the company offers. It sees a lucrative future as a powerful presence in our health system able to bill Medicare and other government programs. In reviewing the proposed takeover, regulators should recognize that given today’s “connected” economy, and with Google’s capability and intention to generate monetizeable insights from individuals across product categories (health, shopping, financial services, etc.), the deal should not be examined solely within a narrow framework. While the acquisition directly bolsters Google’s growing clout in what is called the “connected-health” marketplace, the company understands that the move is also designed to maintain its dominance in search, video and other digital marketing applications. It’s also a deal that raises privacy concerns, questions about the future direction of the U.S. health system, and what kinds of safeguards—if any at all—will be in place to protect health consumers and patients. As health venture capital fund Rock Health explained in a recent report, “Google acquired Fitbit in a deal that gives the tech giant access to troves of personal health data and healthcare partnerships, in addition to health tracking software.” Fitbit reports that “28 million active users” worldwide use its wearable device products. For Google, Fitbit brings (link is external) a rich layer of personal data, expertise in fitness (link is external) tracking software, heart-rate sensors, as well as relationships with health-service and employee-benefit providers. Wearable devices can provide a stream (link is external)of ongoing data on our activities, physical condition, geolocation and more. In a presentation to investors made in 2018, Fitbit claimed to be the “number one health and fitness” app in the U.S. for both the Android and Apple app store, and considered itself the “number one “wearable brand globally,” available in 47,000 stores, and had “direct applications for health and wellness categories such as diabetes, heart health, and sleep apnea.” “Driving behavior change” is cited as one of the company’s fundamental capabilities, such as its “use of data…to provide insights and guidance.” Fitbit developed a “platform for innovative data collection” for clinical researchers, designed to help advance (link is external) “the use of wearable devices in research and clinical applications. Fitbit also has relationships with pharmacies, including those that serves people with “complex health conditions.” Fitbit has also “made a number of moves to expand its Health Services division,” such as its 2018 acquisition of Twine Health, a “chronic disease management platform.” In 2018, it also unveiled a “connected health platform that enables payers and health systems to deliver personalized coaching” to individuals. The company’s Fitbit Health Solutions division is working with more than 100 insurance companies in the U.S., and “both government sponsored and private plans” work with the company. Fitbit Premium was launched last year, which “mines consumer data to provide personalized health insights” for health care delivery. According to Business Insider Intelligence, “Fitbit plans to use the Premium service to get into the management of costly chronic conditions like diabetes, sleep apnea, and hypertension.” The company has dozens of leading “enterprises” and “Fortune 500” companies as customers. It also works with thousands of app developers and other third parties (think Google’s dominance in the app marketplace, such as its Play store). Fitbit has conducted research to understand “the relationship between activity and mood” of people, which offers an array of insights that has applications for health and numerous other “vertical” markets. Even prior to the formal takeover of Fitbit by Google, it had developed strong ties to the digital data marketing giant. It has been a Google Cloud client since 2018, using its machine learning prowess to insert Fitbit data into a person’s electronic health record (EHR). In 2018, Fitbit said that it was going to transfer its “data infrastructure” to the Google Cloud platform. It planned to “leverage Google’s healthcare API” to generate “more meaningful insights” on consumers, and “collaborate on the future of wearables.” Fitbit’s data might also assist Google in forging additional “ties with researchers who want to unlock the constant stream of data” its devices collect. When considering how regulators and others should view this—yet again—significant expansion by Google in the digital marketplace—the following issues must be addressed: Google Cloud and its use of artificial intelligence and machine learning in a new data pipeline for health services, including marketing Google’s Cloud service offers “solutions” (link is external) for the healthcare and life sciences industry, by helping to “personalize patient experiences,” “drive data interoperability,” and improve commercialization and operations”—including for “pharma insights and analytics.” Google Cloud (link is external) has developed a specific “API” (application programming interface) that enables health-related companies to process and analyze their data, by using machine learning technologies, for example. The Health Care Cloud API (link is external)also provides a range of other data functionalities (link is external) for clinical and other uses. Google is now working to help create a “new data infrastructure layer via 3 key efforts,” according to a recent report on the market. It is creating “new data pipes for health giants,” pushing the Google Cloud and building “Google’s own healthcare datasets for third parties.” (See, for example, “G Suite (link is external) for Healthcare Businesses” products as well as its “Apigee API Platform,” which works with the Cleveland Clinic, Walgreens, and others). Illustrating the direct connection between the Google Cloud and Google’s digital marketing apparatus is their case study (link is external) of the leading global ad conglomerate, WPP. “Our strong partnership with Google Cloud is key,” said WPP’s CEO, who explained that “their vast experience in advertising and marketing combined with their strength in analytics and AI helps us to deliver powerful and innovative solutions for our clients” (which include (link is external) “369 of the Fortune Global 500, all 30 of the Dow Jones 30 and 71 of the NASDAQ 100”). WPP links the insights and other resources it generates from the Google Cloud to Google’s “Marketing Platform” (link is external) so its clients can “deliver better experiences for their audiences across media and marketing.” Google has made a significant push (link is external) to incorporate the role that machine learning plays with marketing across product categories, including search and YouTube. It is using machine learning to “anticipate needs” of individuals to further its advertising (link is external) business. Fitbit will bring in a significant amount of additional data for Google to leverage in its Cloud services, which impact a number of consumer and commercial markets beyond (link is external) health care. The Fitbit deal also involves Google’s ambitions to become an important force providing healthcare providers access to patient, diagnostic and other information. Currently the market is dominated by others, but Google has plans for this market. For example, it has developed a “potential EHR tool that would empower doctors with the same kind of intuitive and snappy search functionality they've come to expect from Google.” According to Business Insider Intelligence, Google could bundle such applications along with Google Cloud and data analytics support that would help hospitals more easily navigate the move to data heavy (link is external), value-based care (VBC) reimbursement models (link is external).” Google Health already incorporates a wide range of health-related services and investments “Google is already a health company,” according (link is external) to Dr. David Feinberg, the company’s vice president at Google Health. Feinberg explains that they are making strides in organizing and making health data more useful thanks to work being done by Cloud (link is external) and AI (link is external) teams. And looking across the rest of Google’s portfolio of helpful products, we’re already addressing aspects of people’s health. Search helps people answer everyday health questions (link is external), Maps helps get people to the nearest hospital, and other tools and products are addressing issues tangential to health—for instance, literacy (link is external), safer driving (link is external), and air pollution (link is external)…. and in response, Google and Alphabet have invested in efforts that complement their strengths and put users, patients, and care providers first. Look no further than the promising AI research and mobile applications coming from Google and DeepMind Health (link is external), or Verily’s Project Baseline (link is external) that is pushing the boundaries of what we think we know about human health. Among Google Health’s initiatives are “studying the use of artificial intelligence to assist in diagnosing (link is external) cancer, predicting (link is external) patient outcomes, preventing (link is external) blindness…, exploring ways to improve patient care, including tools that are already being used by clinicians…, [and] partnering with doctors, nurses, and other healthcare professionals to help improve the care patients receive.” Through its AI work, Google is developing “deep learning” applications for electronic health records. Google Health is expanding its team, including specifically to take advantage of the wearables market (and has also hired a former FDA commissioner to “lead health strategy”). Google is the leading source of search information on health issues, and health-related ad applications are integrated into its core marketing apparatus A billion health-related questions are asked every day on Google’s search engine, some 70,000 every minute (“around 7 percent of Google’s daily searches”). “Dr. Google,” as the company has been called, is asked about conditions, medication, symptoms, insurance questions and more, say company leaders. Google’s ad teams in the U.S. promote how health marketers can effectively use its ad products, including YouTube, as well as understand how to take advantage of what Google has called “the path to purchase.” In a presentation on “The Role of Digital Marketing in the Healthcare Industry,” Google representatives reported that After conducting various studies and surveys, Google has concluded that consumers consult 12.4 resources prior to a hospital visit. When consumers are battling a specific disease or condition, they want to know everything about it: whether it is contagious, how it started, the side-effects, experiences of others who have had the same condition, etc. When doing this research, they will consult YouTube videos, read patient reviews of specific doctors, read blog articles on healthcare websites, read reviews, side-effects, and uses of particular medicines. They want to know everything! When consuming this information, they will choose the business that has established their online presence, has positive reviews, and provides a great customer experience, both online and offline. Among the data shared with marketers was information that “88% of patients use search to find a treatment center,” “60% of patients use a mobile device,” “60% of patients like to compare and validate information from doctors with their own online research,” “56% of patients search for health-related concerns on YouTube,” “5+ videos are watched when researching hospitals or treatment centers,” and that “2 billion health-related videos are on YouTube.” The “Internet is a Patient/Caregiver’s #1 confidant,” they noted. They also discussed how mobile technologies have triggered “non-linear paths to purchase,” and that mobile devices are “now the main device used for health searches.” “Search and video are vital to the patient journey,” and “healthcare videos represent one of the largest, fastest growing content segments on YouTube today.” Their presentation demonstrated how health marketers can take advantage of Google’s ability to know a person’s location, as well as how other information related to their behaviors and interests can help them “target the right users in the right context.” To understand the impact of all of Google’s marketing capabilities, one also should review the company’s restructured (and ever-evolving) “Marketing Platform.” Google’s Map Product will be able to leverage Fitbit data Google is using data related to health that are gathered by Google Maps, such as when we do searches for needed care services (think ERs, hospitals, pharmacies, etc.). “The most popular mapping app in the U.S…. presents a massive opportunity to connect its huge user base with healthcare services,” explain Business Insider Intelligence. Google has laid the groundwork with its project addressing the country’s opioid epidemic, linking “Google Maps users with recovery treatment centers,” as well as identifying where Naloxone (the reversal drug for opioid overdoes) is available. Last year, Google Maps launched a partnership with CVS “to help consumers more easily find places to drop off expired drugs.” Through its Waze subsidiary, which provides navigation information for drivers, Google sells ads to urgent care centers, which find new patients as a result of map-based, locally tailored advertisements. Google’s impact on the wearable marketplace, including health, wellness and other apps The acquisition of Fitbit will bolster Google’s position in the wearables market, as well as its direct and indirect role providing access to its own and third-party apps. Google Fit, which “enables Android users to pair health-tracking devices with their phone to monitor activity,” already has partnerships with a number of wearable device companies, such as Nike, Adidas and Noom. Business Intelligencer noted in January 2020 that Google Fit was “created to ensure Android devices have a platform to house user-generated health data (making it more competitive with Apple products). In 2019, Google acquired the smartwatch technology from Fossil. Fitbit will play a role in Google’s plans for its Fit service, such as providing additional data that can be accessed via third parties and made available to medical providers through patients’ electronic health records. The transaction, said one analyst, “is partly a data play,” and also one intended to keep customers from migrating from its Android platform to Apple’s. It is designed, they suggest, to ensure that Google can benefit from the sales of health-related services during the peak earning years of consumers. The Google Play app store offers access to an array of health and wellness apps that will be impacted by this deal. Antitrust authorities in the EU have already sanctioned Google for the way it has leveraged its Android platform for anti-competitive behavior. Google’s health related investments, including its use of artificial intelligence, and the role of Fitbit data Verily is “where Alphabet is doing the bulk of its healthcare work,” according to a recent report on the role AI plays in Google’s plans to “reinvent the $3 Trillion U.S. healthcare industry.” Verily is “focused on using data to improve healthcare via analytics tools, interventions, research” and other activities, partnering with “existing healthcare institutions to find areas to apply AI.” One of these projects is the “Study Watch, a wearable device that captures biometric data.” Verily has also made significant investments globally as it seeks to expand. DeepMind works on AI research, including how it is applicable to healthcare. Notably, DeepMind is working with the UK’s National Health Service. Another subsidiary, Calico, uses AI as part of its focus to address aging and age-related illnesses. Additionally, “GV” (Google Ventures) makes health-related investments. According to the CB Insights report, “Google’s strategy involves an end-to-end approach to healthcare, including: Data generation — This includes digitizing and ingesting data produced by wearables, imaging, and MRIs among other methods. This data stream is critical to AI-driven anomaly detection; Disease detection — Using AI to detect anomalies in a given dataset that might signal the presence of some disease; and Disease/lifestyle management — These tools help people who have been diagnosed with a disease or are at risk of developing one go about their day-to-day lives and/or make positive lifestyle modifications. Google has also acquired companies that directly further its health business capabilities, such as Apigee, Senosis Health and others. Google’s continuous quest to gather more health data, such as “Project Nightingale,” has already raised concerns. There are now also investigations of Google by the Department of Justice and State Attorney’s-General. The Department of Justice, which is currently reviewing the Google/Fitbit deal, should not approve it without first conducting a thorough review of the company’s health-related business operations, including the impact (including for privacy) that Fitbit data will have on the marketplace. This should be made a part of the current ongoing antitrust investigation into Google by both federal and state regulators. Congress should also call on the DoJ, as well as the FTC, to review this proposed acquisition in light of the changes that digital applications are bringing to health services in the U.S. This deal accompanies lobbying from Google and others that is poised to open the floodgates of health data that can be accessed by patients and an array of commercial and other entities. The Department of Health and Human Services has proposed a rule on data “interoperability” that, while ostensibly designed to help empower health services users to have access to their own data, is also a “Trojan Horse” designed to enable app developers and other commercial entities to harvest that data as an important new profit center. “The Trump Administration has made the unfettered sharing of health data a health IT priority,” explained one recent news report. Are regulators really ready to stop further digital consolidation? The diagnosis is still out! For a complete annotated version, please see attached pdf

A new report (link is external) on how political marketing insiders and platforms such as Facebook view the “ethical” issues raised by the role of digital marketing in elections illustrates why advocates and others concerned about election integrity should make this issue a public-policy priority. We cannot afford to leave it in the hands of “Politech” firms and political campaign professionals, who appear unable to acknowledge the consequences to democracy of their unfettered use of powerful data-driven online-marketing applications. “Digital Political Ethics: Aligning Principles with Practice” reports on a series of conversations and a two-day meeting last October that included representatives of firms (such as Blue State, Targeted Victory, WPA Intelligence, and Revolution Messaging) that work either for Democrats or Republicans, as well as officials from both Facebook and Twitter. The goal of the project was to “identify areas of agreement among key stakeholders concerning ethical principles and best practices in the conduct of digital campaigning in the U.S.” Perhaps it should not be a surprise that this group of people appears to be incapable of critically examining (or even candidly assessing) all of the problems connected with the role of digital marketing in political campaigns. Missing from the report is any real concern about how today’s electoral process takes advantage of the absence of any meaningful privacy safeguards in the U.S. A vast commercial surveillance apparatus that has no bounds has been established. This same system that is used to market goods and services, and which is driven by data-brokers, marketing clouds, (link is external) real-time ad-decision engines, geolocation (link is external) identification and other AI-based (link is external)technologies—along with the clout of leading platforms and publishers—is now also used for political purposes. All of us are tracked and profiled 24/7, including where we go and what we do—with little location privacy anymore. Political insiders and data ad companies such as Facebook, however, are unwilling to confront the problem of this loss of privacy, given how valuable all this personal data is to their business model or political goal. Another concern is that these insiders now view digital marketing as a normative, business-as-usual process—and nothing out of the ordinary. But anyone who knows how the system operates should be deeply concerned about the nontransparent and often far-reaching ways digital marketing is constructed to influence (link is external) our decision-making and behaviors, including at emotional (link is external) and subconscious (link is external) levels. The report demonstrates that campaign officials have largely accepted as reasonable the various invasive and manipulative technologies and techniques that the ad-tech industry has developed over the past decade. Perhaps these officials are simply being pragmatic. But society cannot afford such a cynical position. Today’s political advertising is not yesterday’s TV commercial—nor is it purely an effort to “microtarget” sympathetic market segments. Today’s digital marketing apparatus follows all of us continuously, Democrats, Republicans, and independents alike. The marketing ecosystem (link is external) is finely tuned to learn how we react, transforming itself depending on those reactions, and making decisions about us in milliseconds in order to use—and refine—various tactics to influence us, entirely including new ad formats, each tested and measured to have us think and behave one way or another. And this process is largely invisible to voters, regulators and the news media. But for the insiders, microtargeting helps get the vote out and encourages participation. Nothing much is said about what happened in the 2016 U.S. election, when some political marketers sought to suppress the vote among communities of color, while others engaged is disinformation. Some of these officials now propose that political campaigns should be awarded a digital “right of way” that would guarantee them unfettered access to Facebook, Google and other sites, as well as ensure favorable terms and support. This is partly in response to the recent and much-needed reforms adopted by Twitter (link is external)and Google (link is external)that either eliminate or restrict how political campaigns can use their platforms, which many in the politech industry dislike. Some campaign officials see FCC (link is external) rules regulating TV ads for political ads as an appropriate model to build policies for digital campaigning. That notion should be alarming to those who care about the role that money plays in politics, let alone the nature of today’s politics (as well as those who know the myriad failures of the FCC over the decades). The U.S. needs to develop a public policy for digital data and advertising that places the interests of the voter and democracy before that of political campaigns. Such a policy should include protecting the personal information of voters; limiting deceptive and manipulative ad practices (such as lookalike (link is external) modeling); as well as prohibiting those contemporary ad-tech practices (e.g., algorithmic based real-time programmatic (link is external) ad systems) that can unfairly influence election outcomes. Also missing from the discussion is the impact of the never-ending expansion of “deep-personalization (link is external)” digital marketing applications designed to influence and shift consumer behavior more effectively. The use of biodata, emotion recognition (link is external), and other forms of what’s being called “precision data”—combined with a vast expansion of always-on sensors operating in an Internet of Things world—will provide political groups with even more ways to help transform electoral outcomes. If civil society doesn’t take the lead in reforming this system, powerful insiders who have their own conflicts of interests will be able to shape the future of democratic decision-making in the U.S. We cannot afford to leave it to the insiders to decide what is best for our democracy.

In the aftermath of Google’s settlement with the FTC over its COPPA violations, some independent content producers on YouTube have expressed unhappiness with the decision. They are unclear how to comply with COPPA, and believe their revenue will diminish considerably. Some also worry that Google’s recently announced (link is external) system to meet the FTC settlement—where producers must identify if their content is child-directed—will affect their overall ability to “monetize” their productions even if they aren’t aiming to primarily serve a child audience. These YouTubers have focused their frustration at the FTC and have mobilized to file comments in the current COPPA proceedings (link is external). As Google has rolled out its new requirements, it has abetted a misdirected focus on the FTC and created much confusion and panic among YouTube content producers. Ultimately, their campaign, designed to weaken the lone federal law protecting children’s privacy online, could create even more violations of children’s privacy. While we sympathize with many of the YouTubers’ concerns, we believe their anger and sole focus on the FTC is misplaced. It is Google that is at fault here, and it needs finally to own up and step up. The truth is, it is Google’s YouTube that has violated the 2013 COPPA rule (link is external) pretty much since its inception. The updated rule made it illegal to collect persistent identifiers from children under 13 without parental consent. Google did so while purposefully developing YouTube as the leading site for children. It encouraged content creators to go all in and to be complicit in the fiction that YouTube is only for those whose age is 13 and above. Even though Google knew that this new business model was a violation of the law, it benefitted financially by serving personalized ads to children (and especially by creating the leading online destination for children in the U.S. and worldwide). All the while small, independent YouTube content creators built their livelihood on this illegitimate revenue stream. The corporate content brand channels of Hasbro, Mattel and the like, who do not rely on YT revenue, as well as corporate advertisers, also benefitted handsomely from this arrangement, allowing them to market to children unencumbered by COPPA regulations. But let’s review further how Google is handling the post-settlement world. Google chose to structure its solution to its own COPPA violation in a way that continues to place the burden and consequences of COPPA compliance on independent content creators. Rather than acknowledging wrong-doing and culpability in the plight of content creators who built their livelihoods on the sham that Google had created, Google produced an instructional video (link is external) for content creators that emphasizes the consequences of non-compliance and the potential negative impact on the creators’ monetization ability. It also appeared to have scared those who do not create “for kids” content. Google requires content creators to self-identify their content as “for kids,” and it will use automated algorithms to detect and flag “for kids” content. Google appears to have provided little useful information to content providers on how to comply, and confusion now seems rampant. Some YouTubers also fear (link is external) that the automated flagging of content is a blunt instrument “based on oblique overly broad criteria.” Also, Google declared that content designated as “for kids” will no longer serve personalized ads. The settlement and Google’s implementation are designed to assume the least risk for Google, while maximizing its monetary benefits. Google will start limiting the data it collects on made “for kids” content – something they should have done a long time ago, obviously. As a result, Google said it will no longer show personalized ads. However, the incentives for content creators to self-identify as “for kids” are not great, given that disabling (link is external) behavioral ads “may significantly reduce your channel’s revenue.” Although Google declares that it is “committed to help you with this transition,” it has shown no willingness to reduce its own significant cut of the ad revenue when it comes to children’s content. While incentives for child-directed content creators are high to mis-label their content, and equally high for Google to encourage them in this subterfuge, the consequences for non-compliance now squarely rest with content creators alone. Let’s be clear here. Google should comply with COPPA as soon as possible where content is clearly child- directed. Google has already developed a robust set of safeguards and policies (link is external) on YouTube Kids to protect children from advertising (link is external) for harmful products and from exploitative influencer marketing. It should apply the same protections on all child-directed content, regardless of which YouTube platform kids are using. When CCFC and CDD filed our COPPA complaint in 2018, we focused on how Google was shirking its responsibilities under the law by denying that portions of YouTube were child-directed (and thus governed by COPPA). The channels we cited in our complaint were not gray-area channels that might be child attractive but also draw lots of teen and adult viewers. Our complaint discussed such channels as Little Baby Bum, ChuChu TV Nursery Rhymes and Kids Songs, and Ryan’s Toy Reviews. We did not ask the FTC to investigate or sanction any channel owners, because Google makes the rules on YouTube, particularly with regard to personal data collection and use, and therefore it was the party that chose to violate COPPA. (Many independent content creators concur indirectly when they say that they should not be held accountable under COPPA. They maintain that they actually don’t have access to detailed audience data and do not know if their YouTube audience is under 13 at all. Google structures what data they have access to.) For other content, in the so-called “gray zone,” such as content for general audiences that children under 13 also watch, or content that cannot be easily classified, we need more information about Google’s internal data practices. Do content creators have detailed access to demographic audience data and are thus accountable, or does Google hold on to that data? Should accountability for COPPA compliance be shifted more appropriately to Google? Can advertising restrictions be applied at the user level once a user is identified as likely to be under thirteen regardless of what content they watch? We need Google to open up its internal processes, and we are asking the FTC to develop rules that share accountability appropriately between Google and its content creators. The Google settlement has been a significant victory for children and their parents. For the first time, Google has been forced to take COPPA seriously, a U.S. law that was passed by Congress to express the will of the majority of the electorate. Of course, the FTC is also complicit in this problem as it waited six years to enforce the updated law. They watched Google’s COPPA violations increase over time, allowing a monster to grow. What’s worse, the quality of the kids YouTube content was to most, particularly to parents, more than questionable (link is external), and at times even placed children seriously at risk (link is external). What parents saw in the offering for their children was quantity rather than quality content. Now, however, after six years, the FTC is finally requiring Google and creators to abide by the law. Just like that. Still, this change should not come as a complete surprise to content creators. We sympathize with the independent YT creators and understand their frustration, but they have been complicit in this arrangement as well. The children’s digital entertainment industry has discussed compliance with COPPA for years behind closed doors, and many knew that YouTube was in non-compliance with COPPA. The FTC has failed to address the misinformation that Google is propagating among content creators, its recent guidance (link is external) not withstanding. Moreover, the FTC has allowed Google to settle its COPPA violation by developing a solution that allows Google to abdicate any responsibility with COPPA compliance, while continuing to maximize revenue. It’s time for the FTC to study Google’s data practices and capabilities better, and squarely put the onus on Google to comply with COPPA. As the result of the current COPPA proceedings, rules must be put in place to hold platforms, like YouTube, accountable.

Most parents can tell you the most popular website for kids is YouTube. But for years, while Google made millions luring children to YouTube, vacuuming up their sensitive information, and using it to target them with ads, Google told the Big Lie: “YouTube is not for kids. It says so right in our terms of service.” That has now changed, thanks to the advocacy of Campaign for a Commercial-Free Childhood (CCFC) and the Center for Digital Democracy (CDD) and the support of a coalition of advocacy groups. Google deliberately developed YouTube as the leading site for children with programming and marketing strategies designed to appeal directly to kids. But it ignored the only federal law addressing commercial privacy online—the Children’s Online Privacy Protection Act (COPPA). Their behavior sent a message that a corporation as powerful and well-connected corporation as Google is above the law—even laws designed to protect young people. CCFC, CDD, and our attorneys at the Institute for Public Representation (link is external) (IPR) at Georgetown University Law Center, with a broad coalition of consumer, privacy, public health and child rights groups, began filing complaints at the Federal Trade Commission (FTC) in 2015 concerning Google’s child-directed practices on YouTube and the YouTube Kids app. We kept up the pressure on the FTC, with the help of Congress and the news media. After we filed a complaint (link is external) in April 2018 describing YouTube’s ongoing violations of COPPA, the FTC, under the leadership of Chairman Joe Simons, finally decided to take action. The result was the FTC’s September decision (link is external)—which in many ways is both historic and a major step in the direction of protecting children online. Google was fined $170 million for its violations of children’s privacy, a record amount for a COPPA-connected financial sanction. The FTC’s action also implemented important new policies (link is external) protecting children, most of which will go into effect by January 2020: Children will no longer be targeted with data-driven marketing and advertising on YouTube programming targeted to kids: This is the most important safeguard. Google will no longer conduct personalized “behavioral” marketing on YouTube programming that targets children. In other words, they will stop the insidious practice of using kids’ sensitive information in order to target them with ads tailored for their eyes. Google will require video producers and distributors to self-identify that their content is aimed at kids; and will also employ its own technology to identify videos that target young audiences. Google will substantially curtail the data they collect from children watching YouTube videos. Since the main YouTube site has no age gate, they will limit data collection and tracking of viewers’ identities for anyone watching child-directed content there to only the data “needed to support the operation of the service.”. The same limitation will apply to videos on YouTube Kids. Google is taking steps to drive kids from the main YouTube site to YouTube Kids, where parental consent is required. Google launched the YouTube Kids app in 2015. But the app never rivaled the main YouTube platform’s hold on children, and was plagued with a number of problems, such as inadequate screening of harmful content. As a result of the FTC investigation, Google has launched a YouTube Kids website, and when kids watch children’s content on the main YouTube site they get a pop-up suggesting they visit YouTube Kids. Google says it will more effectively curate different programming that will appeal to kids aged 4 through 12. This is a positive development because, while a number of concerns remain about YouTube Kids, children are better off using the Kids site rather than the Wild West of the main YouTube platform. Google created a $100 million fund for “quality kids, family and educational content.” CCFC and CDD had proposed this, and we are gratified Google acknowledged it bears responsibility to support programing that enriches the lives of children. This is to be a three-year program to spur “the creation of thoughtful, original children’s content.” Google has made changes to make YouTube a “safer platform for children:” The company is proactively promoting “quality” children’s programming on YouTube by revising the algorithm used to make recommendations. It is also not permitting comments and notifications on child-directed content. Google has told CCFC and CDD it will make these changes regarding data collection and targeted marketing worldwide. Other questions remain to be answered. How will it treat programming classified as “family viewing”—exempt it from the new data targeting safeguards? (It should not be permitted to do so.) Will the new $100 million production fund commit to supporting child-directed non-commercial content (instead of serving as a venture for Google to expand its marketing to kids)? Will Google ensure that its other child-directed commercial activities—such as its Play Store—also reflect the new safeguards the company has adopted for YouTube? Google also permits the targeting of young people via “influencers,” including videos where toys and other products are unboxed. When such videos are child-directed, Google should put an end to them. CCFC, CDD and our allies intend to play a proactive role holding Google, its programmers, advertisers and the FTC accountable to make sure that these new policies are implemented effectively. Our work in bringing about this change and the work we will do to make other companies follow suit is part of our commitment to ensuring that young people around the world grow up in a media environment that respects and promotes their health, privacy, and well-being.

The Center for Digital Democracy provides the following recommendations for comprehensive baseline Federal privacy legislation. We are building on our expertise addressing digital marketplace developments for more than two decades, including work leading to the enactment of the 1998 Children’s Online Privacy Protection Act--the only federal online privacy law in the United States. Our recommendations are also informed by our long-standing trans-Atlantic work with consumer and privacy advocates in Europe, as well as the General Data Protection Regulation. We are alarmed by the increasingly intrusive and pervasive nature of commercial surveillance, which has the effect of controlling consumers’ and citizens’ behaviors, thoughts, and attitudes, and which sorts and tracks us as “winners” and “losers.” Today’s commercial practices have grown over the past decades unencumbered by regulatory constraints, and increasingly threaten the American ideals of self-determination, fairness, justice and equal opportunity. It is now time to address these developments: to grant basic rights to individuals and groups regarding data about them and how those data are used; to put limits on certain commercial data practices; and to strengthen our government to step in and protect our individual and common interests vis-à-vis powerful commercial entities. We call on legislators to consider the following principles: 1. Privacy protections should be broad: Set the scope of baseline legislation broadly and do not preempt stronger legislation Pervasive commercial surveillance practices know no limits, so legislation aiming to curtail negative practices should - address the full digital data life-cycle (collection, use, sharing, storage, on- and off-line) and cover all private entities’ public and private data processing, including nonprofits; - include all data derived from individuals, including personal information, inferred information, as well as aggregate and de-identified data; - apply all Fair Information Practice Principles (FIPPs) as a comprehensive baseline, including the principles of collection and use limitation, purpose specification, access and correction rights, accountability, data quality, and confidentiality/security; and require fairness in all data practices. - allow existing stronger federal legislation to prevail and let states continue to advance innovative legislation. 2. Individual privacy should be safeguarded: Give individuals rights to control the information about them - Building on FIPPs, individuals ought to have basic rights, including the right to + transparency and explanation + access + object and restrict + use privacy-enhancing technologies, including encryption + redress and compensation 3. Equitable, fair and just uses of data should be advanced: Place limits on certain data uses and safeguard equitable, fair and just outcomes Relying on “privacy self-management”—with the burden of responsibility placed solely on individuals alone to advance and protect their autonomy and self-determination—is not sufficient. Without one’s knowledge or participation, classifying and predictive data analytics may still draw inferences about individuals, resulting in injurious privacy violations—even if those harms are not immediately apparent. Importantly, these covert practices may result in pernicious forms of profiling and discrimination, harmful not just to the individual, but to groups and communities, particularly those with already diminished life chances, and society at large. Certain data practices may also unfairly influence the behavior of online users, such as children. Legislation should therefore address the impact of data practices and the distribution of harm by - placing limits on collecting, using and sharing sensitive personal information (such as data about ethnic or racial origin, political opinions/union membership, data concerning health, sex life or sexual orientation, genetic data, or biometric data) or data that reveals sensitive personal information, especially when using these data for profiling; - otherwise limiting the use of consumer scoring and other data practices, including in advertising, that have the effect of disproportionally and negatively affecting people’s life chances, related to, for example, housing, employment, finance, education, health and healthcare; - placing limits on manipulative marketing practices; - requiring particular safeguards when processing data relating to children and teens, especially with regard to marketing and profiling. 4. Privacy legislation should bring about real changes in corporate practices: Set limits and legal obligations for those managing data and require accountability Currently companies face very few limitations regarding their data practices. The presumption of “anything goes” has to end. Legislation should ensure that entities collecting, using, sharing data - can only do so for specific and appropriate purposes defined in advance, and subject to rules established by law and informed by data subjects’ freely given, specific, informed and unambiguous consent; for the execution of a contract, or as required by law; and without “pay-for-privacy provisions” or “take-it-or leave it” terms of service. - notify users in a timely fashion of data transfers and data breaches, and make consumers whole after a privacy violation or data breach; - cannot limit consumers’ right to redress with arbitration clauses; - are transparent and accountable, and adopt technical and organizational measures, including + provide for transparency, especially algorithmic transparency, + conduct impact assessments for high-risk processing considering the impact on individuals, groups, communities and society at large, + implement Privacy by Design and by Default, + assign resources and staff, including a Data Protection Officer, + implement appropriate oversight over third-party service providers/data processors, + conduct regular audits - are only allowed to transfer data to other countries/international organizations with essentially equivalent data protections in place. 5. Privacy protection should be consequential and aim to level the playing field: Give government at all levels significant and meaningful enforcement authority to protect privacy interests and give individuals legal remedies Without independent and flexible rulemaking data-protection authority, the Federal Trade Commission has been an ineffective agency for data protection. An agency with expertise and resources is needed to enforce company obligations. Ongoing research is required to anticipate and prepare for additionally warranted interventions to ensure a fair marketplace and a public sphere that strengthens our democratic institutions. Legislation should provide - for a strong, dedicated privacy agency with adequate resources, rulemaking authority and the ability to sanction non-compliance with meaningful penalties; - for independent authority for State Attorneys General; - for statutory damages and a private right of action; - for the federal agency to establish an office of technology impact assessment that would consider privacy, ethical, social, political, and economic impacts of high-risk data processing and other technologies; it would oversee and advise companies on their impact-assessment obligations.

A digital “great awakening” has occurred with unprecedented global attention given to the commercial surveillance (link is external) business model at the core of our collective digital experience. Since the earliest days of the commercial Internet in the 1990s, the online medium has been deliberately shaped (link is external) to primarily serve the interests of marketing. Advertisers have poured in many billions of dollars since then to make sure that our platforms, applications and devices all serve the primary need of gathering our information so it could be used for data-driven marketing. Internet industry trade groups have developed the technical standards (link is external) so that data collection is embedded in new services—such as mobile geo-location applications. Marketers developed new technologies, such as programmatic (link is external) advertising, that enabled lightning-fast decisions about individuals based on their data. Leading ad platforms, especially Google and Facebook, fought against privacy legislation for the U.S. Policymakers from both major parties protected them from regulation, including on privacy and antitrust. U.S. companies tried to derail (link is external) the new EU privacy law that starts on May 24—known as the General Data Protection Regulation (GDPR)—but failed to stop it. Europeans—who understand the threat to personal and political freedom when unaccountable institutions control our information—are now on the privacy front lines. The road to privacy and digital rights for America is likely first to pass through the European (link is external) Union. The Facebook/Cambridge Analytica scandal (and kudos (link is external) to The Observer newspaper for its dogged journalism on all this) is, however, not unique. It is emblematic of the way that digital marketing works every day—all over the world. Huge amounts of our information is scooped (link is external) up, from scores of sources, quickly analyzed, and used to send us more personalized marketing and content. Powerful automated (link is external) applications help marketers identify who we and then engage us at deeper emotional and subconscious (link is external) levels. Facebook, Google and others are continually pushing the boundaries of digital advertising, deploying Artificial Intelligence, Virtual Reality (link is external), Neuromarketing and other techniques. They are laying the foundation for the “Internet of Things” world that will be soon upon us, where we will be further tracked and targeted wherever we go and whatever we do. But it’s the global “Fortune” type companies that will really decide what happens with the online privacy of people all over the world. Google and Facebook basically work for the P&Gs (link is external), Coca-Cola’s (link is external), Honda’s and Bank America’s—the leading advertisers. It’s the advertisers who are really in charge of the Internet, and they have created (link is external) for their own companies a kind of mirror image (link is external) to what Google and Facebook have helped unleash. Fortune-size companies are now also in the data business, (link is external) collecting information on consumers via all their devices; they have created in-house consumer data mining and targeting services; and they deploy advanced digital marketing techniques to directly reach us. Over the last year, major advertisers have forced Facebook (link is external) and Google (link is external) to become more accountable to their needs and interests—rather than to the public interest. What they call the need for “brand safety” online—assurances their ads are not undermined by being placed to hate speech or other content harmful to their brands—is really about seizing greater control over their own digital futures. They deeply dislike (link is external) the clout that both Google and Facebook have today over the digital advertising system. We are at a critical moment in the brief history of the Internet and digital media. There is greater awareness of what is at stake—including the future of the democratic electoral process—if we don’t develop the regulations and policies that ensure privacy, promote individual autonomy, and place limits on the now-unchecked corporate power of digital marketers. It’s time to expand the focus of the debate about Facebook and Google to include those who have been paying for all of this consumer surveillance—namely advertisers and the advertising industry. They need to be held accountable if we are to see a global digital medium that puts people—not profits—first.

Internet service provider (ISP) giants, which dominant how Americans gain access to broadband Internet, cable TV, streaming video, and other telecommunications services, are aggressively expanding their capabilities to gather and use personal data. Leading ISPs AT&T, Comcast and Verizon are taking full advantage of all information flowing from PC’s, mobile phones, set-top boxes, and other devices. ISP giants are using “Big Data” analytics, artificial intelligence, and an array of cutting-edge technologies to identify who we are, what we do and how best to target us with marketing and advertising. They are also working closely with data brokers to gain access to even more personal information. AT&T, Comcast and Verizon, for example, work with Acxiom’s LiveRamp (link is external) subsidiary to build robust profiles that help them identify us regardless of what devices we may be using at the moment. ISPs envision a future in which we are continuously connected to their vast digital media networks for nearly everything we do. Through their monopolistic control over key broadband, cable TV, and satellite networks, ISPs are able to closely monitor what we do online—including both in and out of home, school or work. Marketers are told by ISPs that they can use their data and networks to “micro-target” an individual on all their “screens,” including for financial, health, retail and even political advertising. They are also positioning themselves to play an important role as our society is further transformed by digital technology, such as with so-called “smart homes,” (link is external) “connected cars,” the Internet of Things (link is external), and high-speed “5G (link is external)” networks. Last year, the Republican majority in Congress and the Trump administration eliminated (link is external) what have been the only federal consumer privacy protections afforded to all Americans—safeguards enacted in October 2016 by the Federal Communications Commission (FCC) that required ISPs to engage in responsible data practices. ISPs saw that important FCC data-protection safeguard as a formidable obstacle to their plans to “monetize” consumer data. With Network Neutrality—a critical requirement to ensure an open and democratic Internet—also ended by the same FCC, phone and cable ISPs have vanquished federal protections for fair treatment of consumers online—including with their data. Unless states weigh in with safeguards, AT&T, Comcast, Verizon and other major ISPs will pose—despite their denials—a major threat to consumer privacy. With ISPs especially touting their prowess to capitalize on a consumer’s location, states have an especially important role to play protecting the public from “hyper-local targeting” and other geo-marketing practices. Here are just some recent developments on ISP consumer data and digital marketing practices. AT&T, according to the Trump administration’s Department of Justice filing (link is external) opposing its acquisition of Time Warner, is “the country’s largest distributor of traditional subscription television; the second largest wireless telephone company, third largest home internet provider; one of the largest providers of landline telephone service; and also the country’s largest Multichannel Video Programming Distributor (MVPD), with more than 25 million subscribers.” Its control over broadband, satellite, and mobile telecommunications services is a key reason why AT&T tells marketers that it has “More Scale, More Targeted, More Screens…advanced TV and multi-screen solutions for your brand.” Last February, trade publication DigiDay leaked AT&T’s “pitch deck (link is external)—highlighting what it called its “digital video advantage.” That advantage includes “the ability to access the hottest content on TV and across platforms; the ability to reach the multi-platform viewing audience in a single buy; premium and non-skippable inventory” (ads a consumer can’t avoid). AT&T’s DirecTV is positioned by the pitch deck as an effective competitor to streaming video services offered by Amazon, Netflix and YouTube. Through several data advertising platform partners, AT&T offers real-time ad targeting of individuals who view streaming video and other online content. The pitch deck breaks down AT&T’s DirecTV audience, in order to help advertisers more effectively reach Hispanics, African Americans and households with children. Its 2017 “Media kit” explained how the company helps advertisers reach individuals on all their devices, giving marketers the ability to “serve ads to the same target audience on TV and digital devices across tens of billions of impressions.” AT&T especially highlights its deep relationship (link is external) with consumer data providers, including Equifax, Experian, Crossix, Neustar, and Nielsen Catalina. These allies help AT&T target its subscribers with ads promoting loans and other financial services. AT&T Adworks has recently opened (link is external) a “new state-of-the-art-media lab”—an “interactive space designed to inspire marketers…[that] shows the future of media consumption and how marketers can most efficiently reach their targets across any platform.” Designed to reflect how digital media reflects “the consumer’s life,” the lab enables advertisers to “interact” by using “data visualization tools” to see how individuals can be targeted through streaming video, Internet of Things devices, on mobile phones and even via data-enriched outdoor advertising. Comcast: The cable TV colossus, which also operates Universal Studios, NBC, and several digital advertising and technology firms, is committed to better leveraging “Big Data.” Comcast sees itself at the “center (link is external) of the household building connections between users, devices, products, and services.” Comcast is developing capabilities to take better advantage of the insights generated (link is external) by its “systems capable of processing billions of events per day.” This includes identifying actionable data, including in “real time,” generated from its video and Internet platforms. Through its “identity strategy,” (link is external) Comcast plans to deliver a “transformative customer experience” that will market to us online “throughout the customer lifecycle.” To help accomplish this, Comcast is building out its “Big Data” capabilities at the “enterprise level,” including for “event processing, analytics,” storing our information in the cloud, and various forms of digital “testing and optimization.” Comcast’s “Applied Artificial Intelligence (AI)” group (link is external) is working to create “intelligent applications that [can] impact millions of people on a daily basis.” Among its projects involving “machine learning” are ways to “build (link is external) virtual assistants that interact with millions of customers in natural language and automatically find solutions to their needs.” It’s part of a much larger “Technology and Product” research infrastructure at Comcast that has offices in Silicon Valley, Philadelphia, Denver, Chicago and Washington, DC. Comcast is also deploying “blockchain” insights platform technology, which it calls BlockGraph (link is external), to help develop more detailed digital dossiers on consumers so they can be targeted for advertising and other services. Comcast’s “FreeWheel” (link is external) subsidiary, with offices in Paris and other global locations, is an advertising, data management and digital rights management technology company. FreeWheel helps video and digital media companies deploy what it calls a “unified ad management platform.” That system allows clients to engage in “intelligent ad decisioning (link is external) across all devices, environments, and data sets….” FreeWheel’s customers, which for the U.S. market include AT&T’s DirectTV, Fox, Time Warner and Viacom, can use its technologies to “unify audiences across desktop, mobile, OTT (so-called Over-the-Top streaming video), and [cable TV] set-top boxes [to] profitably monetize their content.” Comcast’s growing expansion (link is external) in data-driven marketing—operated by both its Advanced Advertising Group and Spotlight service—involves FreeWheel and other acquisitions, including Visible World and Strata. Strata (link is external), for example, is now partnering with “Choozle,” a Big Data-oriented advertising system that helps marketers target a consumer on social, mobile, video and other platforms. The Comcast’s Strata and Choozle (link is external) alliance “will allow thousands of advertising agencies to access detailed consumer data to execute digital advertising campaigns as conveniently as they would buy local TV advertising.” Comcast’s NBCUniversal division has also deepened its use of data-driven techniques to target its viewers. NBCU has its own “advanced advertising” platform (link is external)—Audience Studio—and is promising marketers that its “Total Audience Delivery” will help target (link is external) a consumer on “digital, linear, mobile and out-of-home viewing.” Its “data-based” profiling of its viewers includes information provided by “set top data from Comcast” and other sources. NBCU’s “Audience Studio Targeted Digital,” for example, enables advertisers to reach “digital (link is external) audiences” who view its portfolio of “entertainment, lifestyle, news, sports and Hispanic” content. Comcast’s NBCU urges advertisers to provide them their own (first-party) information on consumers so it can be merged with the TV network’s data. The result, claims NBCU, is that marketers will reach their “objectives through precision targeting at unequaled scale.” What NBCU means is that the same kinds of sophisticated capabilities that Comcast relies on to reach its broadband consumers are also available through its TV subsidiary. Verizon: To further its plans to harvest consumer information to bolster its “differentiated data” ad-targeting capabilities, Verizon has created a new division called “Oath.” (link is external) Incorporating “50 media and technology brands that engage more than a billion people around the world, the Oath portfolio includes HuffPost, Yahoo Sports, AOL, Tumblr, Yahoo Finance, Yahoo Mail” and other properties. Oath operates a real-time data targeting apparatus called One (link is external). It also owns a leading digital video ad company called BrightRoll (link is external) that delivers targeted marketing in real time to streaming video. The result of Verizon’s investments, it explains, is the “most advanced and open advertising technology” system (link is external) that “spans across mobile, video, search, native and programmatic ads.” Verizon’s Oath promises its clients it delivers “people based marketing (link is external).” People-based marketing is a marketing industry euphemism for using our personal data to identify us online. In the case of Verizon’s Oath, that includes our “location, passions and interest from social (media), purchase intent from search and advertising engagement, cross device identity from users mapped across devices, favorite content from web, app and Smart TV data, on and offline purchases and recent store visits from mobile geolocation data.” Oath explains that its “suite (link is external) of advertising technology lets you activate this data to find and message consumers all along their journey.” Verizon acquired AOL after that company had made its own considerable acquisitions of data targeting companies, including those that access mobile (link is external) data from apps. Consequently, Verizon can claim that “Oath has the industry’s largest mobile demand portfolio to help you monetize across every device…,” including in real-time. This is just a brief snapshot of leading ISP data and digital marketing practices today. ISPs’ unfettered control over broadband communications enable them to eavesdrop on the communications and behaviors of millions of individuals and households. Without consumer safeguards, they will further mushroom into even more formidable—and unaccountable—gatekeepers over our information and privacy.

Computational politics—the application of digital targeted-marketing technologies to election campaigns in the US and elsewhere—are now raising the same concerns for democratic discourse and governance that they have long raised for consumer privacy and welfare in the commercial marketplace. This paper examines the digital strategies and technologies of today’s political operations, explaining how they were employed during the most recent US election cycle, and exploring the implications of their continued use in the civic context.---For the full journal, please visit https://policyreview.info/node/773/pdf (link is external) .

Learn about NCC Digital Media: the primary source for reaching consumers across all screens, helping brands target consumers across all screens. --- For more information, visit http://bit.ly/2gUeYq2 (link is external)

Seven independent ad tech companies debuted a programmatic consortium on Thursday that pools their supply- and demand-side cookie IDs into one shared identity asset. The consortium is helmed by AppNexus, MediaMath and LiveRamp, which provides the data matching. Other launch partners include Index Exchange, Rocket Fuel, LiveIntent and OpenX. And it’s a shot across the bow of Facebook and Google, which suck in a majority of digital ad dollars. “The big giants have had an advantage over the open internet in that they have their own deterministic identities for users that allows more precise targeting and cross-device matching,” said AppNexus product VP Patrick McCarthy. Ad tech platforms like AppNexus, Index Exchange and OpenX have the combined online reach marketers want, McCarthy said, but an advertiser must match its data against each platform independently and use LiveRamp to create one-to-one matches. “A universal cookie ID eliminates all the user syncing that goes on between platforms and the lower match rate that necessarily goes with it,” he said. While Google and Facebook have users who contribute deterministic data, the newly formed ad tech consortium can apply first-party data from advertisers and logged-in data from publishers. Marketers and supply sources who are a part of the consortium will access for free the shared cookie pool. LiveRamp’s cross-device graph IdentityLink can be extended to the campaigns, but LiveRamp is still considering commercial terms for ad buyers who want to add a cross-device matching component, company CMO Jeff Smith told AdExchanger. The lack of a unique identifier to date has been one of the biggest factors in fueling concerns around transparency, fairness and control in the digital advertising ecosystem For now, though, any marketer who wants to take advantage of the consortium’s cross-device offering must be a LiveRamp IdentityLink customer. Smith is acutely aware that LiveRamp gains a new business funnel, noting that onboarding potential consortium partners is “definitely is a benefit for us.” “And hopefully the broader benefit is if everyone standardizes around a common identity, the value and efficiency of their marketing will go up,” he added. While the DSPs and SSPs in the consortium may not view it as a new business play, “there certainly will be benefits” that could lead to budget and supply-source consolidation, said MediaMath product VP Philipp Tsipman. For instance, a European video supplier working with MediaMath on a campaign could match its viewers one-to-one with MediaMath’s cookie pool. If that relationship were to occur through the consortium, the match rates would be higher and the profiles would be more robust, since suppliers across the web are contributing data as well. AppNexus’s McCarthy said the system doesn’t cut off buyers from suppliers that don’t use the consortium, but “they will get better matching and better results, so it could naturally funnel more budgets to suppliers that participate.” The market needs “a unique identifier that is neutral,” said OpenX CEO Tim Cadogan in a statement about joining the consortium. “The lack of a unique identifier to date has been one of the biggest factors in fueling concerns around transparency, fairness and control in the digital advertising ecosystem.” --- For the full article, please visit http://bit.ly/2fLZtAB (link is external)

Released on September 22, 2017 at a political microtargeting conference held in Amsterdam, in response to the recent announcement by Facebook and Mark Zuckerberg on changes to how they conduct political ad campaigns. Dear Mark, Your statements on Facebook’s new policies for political advertising were issued as we started a global symposium on micro-targeting in Amsterdam (https://www.ivir.nl/amsterdam-symposium-on-political-micro-targeting/ (link is external)). We are a group of leading international academic experts and civil society representatives from the fields of law, communication, political science and economics who are conducting research on political targeting. Fairness, equality and democratic oversight are key in democratic societies. We appreciate the initiative you have taken and strongly encourage further dialogue and action. Moving this forward we strongly believe that the principles of transparency and disclosure are essential. Facebook should share publicly the full range of paid political contents, disclose the sponsoring actors, and identify the categories of target audiences. This should be done globally as this is an issue that affects elections worldwide. We encourage you and other platforms and actors to join this dialogue to contribute principles for transparency and disclosure. Transparency is a first step in the right direction. Digital political advertising operates in a dynamic tension between data and humans, commerce and politics, power and participation. Some of these tensions can be resolved by transparency, others not. The way forward is to engage with governments, regulators, election monitoring bodies, civil society and academics to develop public policies and guidelines for ensuring fairness, equality, and democratic oversight in digital political campaigns. Can we count on you? Natali Helberger Institute for Information Law (IViR), University of Amsterdam Claes de Vreese Amsterdam School of Communication Research (ASCoR), University of Amsterdam Balazs Bodo Institute for Information Law (IViR), University of Amsterdam Mauricio Moura George Washington University Max von Grafenstein Alexander von Humboldt Institute for Internet and Society, Berlin Jessica Schmeiss Alexander von Humboldt Institute for Internet and Society Sabrina Sassi Universite Laval Tom Dobber Amsterdam School of Communication Research (ASCoR), University of Amsterdam Jeff Chester Center for Digital Democracy, Washington, DC Kathryn Montgomery American University, Washington, DC André Haller Institut für Kommmunikationswissenschaft, Universität Bamberg Damian Tambini Department of Media and Communications, London School of Economics and Political Science Simon Krischinski Johannes Gutenberg Universität Mains Daniel Kreiss School of Media and Journalism, University of North Carolina at Chapel Hill