Yesterday: Visit website; Today: ads for that site following me around the web; PRIVACY VIOLATION

By: (plus.google.com) +David Herron; Date: March 30, 2018

Tags: Facebook » Privacy

A meme going around says -- "I spoke aloud yesterday about cialis, and now my Facebook feed is full of ads about Cialis". The reality isn't quite that bad, but yesterday I opened the TransferWise website for one page view, and now Facebook is showing me a TransferWise advertisement. How did Facebook know I visited that website? how did TransferWise know to put advertising in front of me? Isn't this a privacy violation?

Situation: I've heard of TransferWise as a less expensive way to exchange currencies. They've developed an ingenious way around the normal money exchanger networks, and can therefore charge a lower money-changing fee. Jesus may have kicked the moneychangers out of the temple because they charged him a high fee?

Anyway, I've had one tab open in my browser on the TransferWise website for a couple months meaning to read more. Yes, I'm one of those who "hoard tabs". Yesterday I had to restart my browser, which meant all the tabs (including the TransferWise tab) saw one new page view. I did nothing further with the TransferWise website than that.

Today? I'm scrolling down the Facebook news feed and see the advertisement shown above.

Everybody has had this experience. They'll type a search phrase in the search engine, and for the next week they'll be inundated with advertising on that search phrase. Or they make an Amazon search, and suddenly they're getting advertising for that thing. Even on services completely disconnected from that search engine or from Amazon or whatever.

Lots of folks are asking why banner ads follow them from site to site. This can be eerie, somehow the ad companies know your actions and showing you the same advertisement. Are we all being followed around by Google or Facebook or others?

Isn't it a privacy violation? How did the knowledge of action A on one site become advertising following you around the web? How did that get communicated? And isn't there a nefarious use for this? It's one thing that we're inundated with advertising based on websites we've visited, but what if Big Brother is tapping into this information stream?

Retargeting

The key technology is called Retargeting or Remarketing. This is a "form of online advertising that can help you keep your brand in front of bounced traffic after they leave your website."

To degobbledygook that -- Remarketing enables an advertiser to put advertising in front of people who've visited the corresponding website.

Behavioral retargeting[Wikipedia] (also known as behavioral remarketing, or simply, retargeting) is a form of online targeted advertising by which online advertising is targeted to consumers based on their previous Internet actions. Retargeting tags online users by including a pixel within the target webpage or email, which sets a cookie in the user's browser. Once the cookie is set, the advertiser is able to show display ads to that user elsewhere on the internet via an ad exchange.

The implementation uses a 1x1 invisible image (a.k.a. "pixel") that's included in the web page. That 1x1 image comes along with a cookie, and the cookie is refreshed every time the user visits the website. The image is supplied by a service provider, a.k.a. remarketing provider, who is collecting information about website visitors. That information is then used to drive advertising programs.

The idea is - target the advertising on folks who already know about the "brand". If one exposure to a "brand" was not enough, then repeated exposure is sure to cause a sale. In theory. Me? It gives me creepy heeby jeebies.

The information collected is not personal identifying data. All that can be collected this way is an anonymous identifier for the browser. For example the inserted cookie might contain a randomized anonymous string like 7c649fcc-2b46-4270-93b6-d65ba6f1388f. The remarketing provider uses that anonymous identifier to track visitors to the website.

It may be that the remarketing provider has pixels installed on multiple websites. If so, the remarketing provider can begin to collect a profile when the same web browser visits multiple websites. Say a person is comparison shopping for digital cameras and therefore visiting multiple camera manufacturer and camera review websites. The remarketing provider can see this in the profile. An advertiser, say a camera store, can then target their advertising spend on folks who've shown an interest in digital cameras.

Retargeting versus Remarketing

What's the difference between Retargeting and Remarketing? They're not quite the same phrase.

Retargeting focuses on delivering advertising to folks who've previously visited a website. Suppose you visited not just a website, but a particular page on a website, the retargeting can then inundate you with advertising for the product on the page you visited.

Remarketing focuses on "re-engaging" users with e-mail. For example, you might recieve an email because you put a product in a shopping cart then did not follow through with a purchase.

Privacy concerns

Wikipedia has this to say:

In the United States, several organizations, including the Federal Trade Commission, Congress and the media, have expressed privacy[NYTIMES] concerns around the practice of retargeting; however, responsible personalized retargeting providers don’t collect personally identifiable information (PII) on consumers. Providers are blind to a user’s age, sex and other personal information. Instead, providers rely upon data gathered from cookies that are placed on a consumer’s browser by the websites they visit. This information is not shared among publishers, other advertisers or third parties and cannot be linked to a specific user. The United States hasn’t legislated many laws around the practice, and instead relies upon the industry and its overarching organizations, such as the Interactive Advertising Bureau, Network Advertising Initiative and TRUSTe to self-regulate. In October 2010, the IAB announced its Advertising Option Icon, which partner sites will place near banner advertisements that collect non-PII user data.

This statement sounds nice - that remarketing providers are acting legitimately and with integrity. Is it reality?

The technique can connect together actions by users on multiple sites. While it doesn't directly get age/sex/etc with enough data-points one can build up an information profile of folks. With enough data it might be possible to identify specific people.

Consider that part of the received information will be the users IP address. How? When the pixel is retrieved, the software receives the IP address of the browser requesting the pixel. It has to know the IP address because an Internet socket has that data available.

« HTTPS with nginx, using Lets Encrypt, proxying to Gogs and Jenkins back-end services NVIDIA Boosts World’s Leading Deep Learning Computing Platform, Bringing 10x Performance Gain in Six Months »
2016 Election Acer C720 Ad block AkashaCMS Amazon Amazon Kindle Amazon Web Services America Amiga and Jon Pertwee Android Anti-Fascism AntiVirus Software Apple Apple Hardware History Apple iPhone Apple iPhone Hardware April 1st Arduino ARM Compilation Artificial Intelligence Astronomy Astrophotography Asynchronous Programming Authoritarianism Automated Social Posting AWS DynamoDB AWS Lambda Ayo.JS Bells Law Big Brother Big Finish Bitcoin Mining Black Holes Blade Runner Blockchain Blogger Blogging Books Botnets Cassette Tapes Cellphones China China Manufacturing Christopher Eccleston Chrome Chrome Apps Chromebook Chromebox ChromeOS CIA CitiCards Citizen Journalism Civil Liberties Clinton Cluster Computing Command Line Tools Comment Systems Computer Accessories Computer Hardware Computer Repair Computers Cross Compilation Crouton Cryptocurrency Curiosity Rover Currencies Cyber Security Cybermen Daleks Darth Vader Data backup Data Storage Database Database Backup Databases David Tenant DDoS Botnet Detect Adblocker Developers Editors Digital Photography Diskless Booting Disqus DIY DIY Repair DNP3 Do it yourself Docker Docker MAMP Docker Swarm Doctor Who Doctor Who Paradox Doctor Who Review Drobo Drupal Drupal Themes DVD E-Books E-Readers Early Computers Election Hacks Electric Bicycles Electric Vehicles Electron Emdebian Encabulators Energy Efficiency Enterprise Node EPUB ESP8266 Ethical Curation Eurovision Event Driven Asynchronous Express Face Recognition Facebook Fake News Fedora VirtualBox File transfer without iTunes FireFly Flickr Fraud Freedom of Speech Front-end Development Gallifrey git Github GitKraken Gitlab GMAIL Google Google Chrome Google Gnome Google+ Government Spying Great Britain Heat Loss Hibernate Hoax Science Home Automation HTTP Security HTTPS Human ID I2C Protocol Image Analysis Image Conversion Image Processing ImageMagick In-memory Computing InfluxDB Infrared Thermometers Insulation Internet Internet Advertising Internet Law Internet of Things Internet Policy Internet Privacy iOS Devices iPad iPhone iPhone hacking Iron Man iTunes Java JavaScript JavaScript Injection JDBC John Simms Journalism Joyent Kaspersky Labs Kindle Kindle Marketplace Lets Encrypt LibreOffice Linux Linux Hints Linux Single Board Computers Logging Mac Mini Mac OS Mac OS X Machine Learning Machine Readable ID macOS MacOS X setup Make Money Online March For Our Lives MariaDB Mars Mass Violence Matt Lucas MEADS Anti-Missile Mercurial MERN Stack Michele Gomez Micro Apartments Microsoft Military AI Military Hardware Minification Minimized CSS Minimized HTML Minimized JavaScript Missy Mobile Applications Mobile Computers MODBUS Mondas Monetary System MongoDB Mongoose Monty Python MQTT Music Player Music Streaming MySQL NanoPi Nardole NASA Net Neutrality Network Attached Storage Node Web Development Node.js Node.js Database Node.js Testing Node.JS Web Development Node.x North Korea npm NVIDIA NY Times Online advertising Online Community Online Fraud Online Journalism Online Photography Online Video Open Media Vault Open Source Open Source Governance Open Source Licenses Open Source Software OpenAPI OpenVPN Palmtop PDA Patrick Troughton Paywalls Personal Flight Peter Capaldi Phishing Photography PHP Plex Plex Media Server Political Protest Postal Service Power Control Privacy Production use Public Violence Raspberry Pi Raspberry Pi 3 Raspberry Pi Zero ReactJS Recaptcha Recycling Refurbished Computers Remote Desktop Removable Storage Republicans Retro Computing Retro-Technology Reviews RFID Right to Repair River Song Robotics Rocket Ships RSS News Readers rsync Russia Russia Troll Factory Russian Hacking Rust SCADA Scheme Science Fiction SD Cards Search Engine Ranking Season 1 Season 10 Season 11 Security Security Cameras Server-side JavaScript Serverless Framework Servers Shell Scripts Silence Simsimi Skype SmugMug Social Media Social Media Warfare Social Network Management Social Networks Software Development Space Flight Space Ship Reuse Space Ships SpaceX Spear Phishing Spring Spring Boot Spy Satellites SQLite3 SSD Drives SSD upgrade SSH SSH Key SSL Stand For Truth Strange Parts Swagger Synchronizing Files Telescopes Terrorism The Cybermen The Daleks The Master Time-Series Database Tom Baker Torchwood Total Information Awareness Trump Trump Administration Trump Campaign Twitter Ubuntu Udemy UDOO US Department of Defense Virtual Private Networks VirtualBox VLC VNC VOIP Vue.js Web Applications Web Developer Resources Web Development Web Development Tools Web Marketing Webpack Website Advertising Weeping Angels WhatsApp William Hartnell Window Insulation Windows Windows Alternatives Wordpress World Wide Web Yahoo YouTube YouTube Monetization