Publishings Digital Consumer
Program Areas
-
Microsoft's further expansion into gaming, data gathering, digital marketing must trigger close scrutiny, inc. impacts on gamers, youth Microsoft’s proposed purchase of Activision-Blizzard raises serious red flags, Public Citizen, the Center for Digital Democracy, the Repair Association, the Communications Workers of America, and 11 additional groups said today in a letter to the Federal Trade Commission (FTC). The merger could give Microsoft an unfair amount of market power, threaten data privacy and security, limit consumers’ and independent business’ right to repair game consoles, and lead to union busting and wage suppression, the groups said.“If the FTC clears this merger, Microsoft will become the third largest gaming company in the world,” the letter reads. “The proposed merger fits an alarming pattern of concentration in the gaming industry over the past several years. Microsoft’s expanding role in the gaming market may result in the company using its leverage to raise subscription prices and limit options, among other possible consumer harms.”In January, Microsoft announced its deal to buy game publisher and developer Activision-Blizzard, subject to FTC approval. Activision is a titan of the gaming world, boasting 400 million monthly active users and incredibly popular titles like Call of Duty. Microsoft already is a major player in gaming as a hardware producer, platform provider, and game distributor. Combining the two companies could lessen competition in a market that’s seen a rash of consolidation in recent years.Workers at Activision have mobilized over the past year to shine a light on an abusive workplace culture. Now, as these workers seek to form a union to address their collective interests, the potential takeover by Microsoft threatens to further undermine workers’ rights and suppress wages.Microsoft’s move also has negative implications for data privacy and surveillance advertising. Adding Activision’s roster of game titles opens opportunities for advanced data collection, including the use of AI, influencers, neuromarketing, and other practices now used for its gaming operations.Additionally, the merger could strengthen Microsoft’s power to impinge on consumers’ right to repair their own video game equipment or to have it repaired by a service provider of their choice. Microsoft’s Xbox platform is already notoriously difficult to independently repair.
-
The European Union’s efforts to legislate digital markets, specifically with its Digital Markets Act (DMA), make them fairer and more open, and benefit consumers. See PDF of full letter below. 20220203-letter-digital_markets_act-president-joe-r-biden.pdf
-
Documents 25 years of failures by agency to rein in practices that have eviscerated privacy and consumer protection in the U.S. and globallyThe Center for Digital Democracy (CDD) urges the Federal Trade Commission to develop a comprehensive set of rules to address a problem largely of its own making—the unfettered growth of commercial “surveillance marketing.” We submit this comment based on the nearly 25-year record of CDD and its key consumer-protection and privacy colleagues, providing detailed documentation and analysis of the need for the commission to regulate what is known as behavioral, programmatic and surveillance-based advertising.[1]The systemic and multiple failures of the FTC over the decades to respond meaningfully to the role and nature of online marketing—which has eviscerated the privacy rights of Americans (and consumers worldwide)—have enabled data-driven surveillance to thrive ubiquitously. Nearly every platform, application, device and experience in which Americans engage has been shaped by the commercial spying and manipulation apparatus that the commission has allowed to evolve and expand without constraint. In addition, by long ignoring the impact that the approval of countless mergers and acquisitions involving leading digital marketing companies had on commercial surveillance operations, the commission and Department of Justice have helped foster an online marketplace that is dominated by a few giants. There is no real competition in terms of how Americans are treated in the online surveillance marketing economy. Google, Meta/Facebook, Amazon and their partners set the global standards for how everyone else has to conduct data and digital marketing operations. FTC inaction on commercial surveillance practices has perversely promoted the widespread adoption of these practices. Today, nearly every major company is a big-data-driven information broker, surveillance advertiser, and real-time targeter of consumers.[2]At each critical moment—the expansion of behavioral advertising; the emergence of mobile marketing; the widespread adoption of programmatic, real-time, algorithmic-driven buying and selling of people for targeting ads; the deployment of omnichannel (cross-device) tracking and targeting; and the widespread integration of artificial intelligence and machine learning to deliver enhanced predictive targeting—the failure of the FTC to challenge the online data-driven model sent a message to the commercial surveillance industry, that it faced no serious regulatory or political consequences for its actions. This included regulatory immunity for the host of manipulative elements that are within the foundation of commercial surveillance, such as the deep analysis of a person’s emotions, interests, relationships, location, income, race, and ethnicity. By acting as an “enabler” to the forces that have shaped our online platform and experiences, the commission has done more than harm consumer protection, privacy and competition. It is also responsible for allowing the online platform marketplace to grow in ways that have undermined democracy, at once diminishing civic discourse, enabling efforts to promote voter suppression, and facilitating the communication and spread of hate speech and uncivil acts, among other major harms. FTC—“Eyes Wide Shut”: The commission has been engaged in risk-averse behaviors since the early 1980s, as a reaction to the successful attacks on it by the advertising lobby, which was able to convince Congress that the agency had engaged in regulatory excess when it tried to protect children from the harmful impact of marketing. The legacy of what is known as the “kidvid” episode, which resulted in a significant loss of its rulemaking authority, has permeated the agency’s operations for decades. It unleashed a “don’t ask, don’t tell” approach at the commission when it came to seriously confronting the impact of the digital marketplace on the public. Even when it came to children’s privacy—the one area where advocates had successfully convinced Congress to give the agency rulemaking authority—the agency repeatedly failed to enforce the law (allowing Google’s YouTube, for example, to openly violate COPPA for years, despite hearing repeatedly from advocates that it was doing so). The failure of the FTC to seriously implement its only congressionally mandated data-privacy law also sent a loud message to the data surveillance business that the commission wasn’t to be taken seriously.The commission has never condemned the online surveillance model developed by the digital marketing industry. It had countless opportunities to challenge behavioral ads, mobile and geo-location surveillance, social media profiling, and real-time buying and selling of individual profiles for the purposes of micro-targeted advertising.[3] In this comment, we will briefly highlight how the FTC has been an “enabler” of the unfettered operations of surveillance advertising, despite the many calls by CDD and its allies for the agency to act. The FTC and the Information Superhighway: At the earliest stages of what was then called the “Information Superhighway,” cyberspace, or the “National Information Infrastructure,” the FTC convened multiple “workshops” focused on privacy and related ecommerce issues. Reflecting the priorities of the then-Clinton administration, the commission spent several years imploring marketers to implement a set of “fair information practice” principles.[4]During this time, a number of consumer and privacy advocates urged the commission to call on Congress to regulate online data marketing practices. It was evident even then—especially to those who had tracked the online marketing business during the “dial-up” era, that privacy was not a priority at all for the marketing industry. The self-regulatory system was a total sham.[5]The lone exception to self-regulation was a data privacy law covering children 12 and under, an issue that this NGO’s predecessor group, the Center for Media Education (along with the Consumer Federation of America and the Institute for Public Representation, Georgetown University Law Center) championed—which led to the enactment of the Children’s Online Privacy Protection Act in 1998.[6]By the time the commission finally recommended (in 2000) that Congress enact privacy legislation “to supplement self-regulatory efforts and guarantee basic consumer protections,” the political winds had changed. There would be no further progress from Congress on privacy, given the clout of the big data marketing lobby.[7]Enabling behavioral advertising: In 2006, CDD and U.S. PIRG filed a complaint with the commission calling on it to use its Section 5 power to protect consumer privacy online. Specifically, we asked the commission to conduct an investigation of online advertising practices, focusing on five areas of concern: User Tracking/Web Analytics, Behavioral Targeting, Audience Segmentation, Data Gathering/Mining, and Industry Consolidation. As we explained in our petition, “Collectively, these five areas represented the foundations of an entirely new online environment, one in which engagement gives way to entrapment, in which personalization impinges on privacy.” The complaint discussed in detail all the methods used to track and target consumers, via their personal data, mobile phone use, and much more. It also urged action on the growing consolidation of what is now called the platform or ad-tech industry, explaining thatThe past few years have witnessed an alarming degree of consolidation in the Web analysis, advertising, and Internet data collection industries. The result of these transactions is not only the concentration of power in fewer hands, but also an increased ability, as our complaint has shown, for these companies to use their massive compilations of user data to violate consumer privacy in the U.S. Such consolidation within the core of the online marketing infrastructure also requires the FTC to conduct an anti-trust analysis to determine whether there is undue market power in this sector.[8]Ignoring the structure and consequences of behavioral advertising: In part due to the opposition to the proposed Google acquisition of DoubleClick that CDD, EPIC, U.S. PIRG and its allies in the U.S. and in the EU generated (discussed below), the commission convened several workshops, town halls and other forums focused on privacy and online data marketing. As CDD’s executive director, at the FTC’s 2007 “Ehavioral Advertising: Tracking, Targeting & Technology” event, warned, I just want to underscore that the future of online advertising has profound consequences for the future of our democracy and democracies everywhere. The kind of society we are creating right now for ourselves, and particularly our children, in many ways, is being shaped by the forces of advertising and marketing.... [W]e’ve watched since 2000 the ever-growing sophisticated array of techniques that had been deployed to track our every move, not just on individual websites, but through the development of new approaches called re-targeting where we were becoming digitally shadowed wherever we went, site to site…. [T]he time for fact-finding is over. The Commission is the designated Federal agency which is supposed to safeguard consumer privacy. It must act now to protect Americans from the unfair and deceptive practices that have evolved as part of what the industry calls the digital interactive marketing system.[9]Endorsing the monopolistic “Surveillance Marketplace”: In 2007, EPIC, U.S. PIRG, and CDD filed a complaint opposing plans by Google to acquire DoubleClick. As our initial filing explained, the acquisition, if approved, “will give one company access to more information about the Internet activities of consumers than any other company in the world.” In a supplemental petition, we explained that “the massive quantity of user information collected by Google coupled with DoubleClick’s business model of consumer profiling will enable the merged company to construct extremely intimate portraits of its users’ behavior.” We also identified a major conflict of interest at the commission regarding this deal. Needless to say, it was approved anyway, paving the way for the unprecedented role that Google now plays in our lives, with its domination of the commercial surveillance marketplace.[10] (CDD also raised objections to the Google/AdMob, Facebook/Instagram/WhatsApp, and other big-data-driven mergers that the FTC failed to address, again paving the way for the contemporary commercial surveillance apparatus).[11]Mobile surveillance: In 2009, CDD and U.S. PIRG urged the commission to “to protect consumers from a growing number of deceptive and unfair marketing practices and the resultant threats to consumer privacy that are a part of the rapidly growing U.S. mobile advertising landscape…. [M]obile devices, which know our location and other intimate details of our lives, are being turned into portable behavioral tracking and targeting tools….” The group’s FTC filing cited a Google official who called the mobile phone “the ultimate ad vehicle. It’s the first one ever in the history of the planet that people go to bed with. It’s ubiquitous across the world, across demographics, across age groups. People are giving these things to ever-younger children for safety and communication…. [I]t can know where you’ve been, where you’ve lingered, what store you stopped in, what car dealership you visited. It goes beyond any traditional advertising....” The complaint also discussed the myriad techniques, tactics, mergers and other critical issues to support the commission’s investigation and action.[12]Yet the FTC did nothing, and geolocation-based surveillance marketing has thrived, including via the leading platforms. Nor has the commission challenged cross-device tracking, a component of the surveillance marketing industry that financially benefited from the agency’s inability to protect consumer privacy, as unique identifiers are used to track and target the public.[13]Real-time programmatic, behavioral and algorithmic-based targeting: Also in 2009, CDD and U.S. PIRG submitted to the commission a comment as part of the agency’s “Privacy Roundtable” process, which noted thatToday, consumers online face the rapid growth and ever-increasing sophistication of the various techniques advertisers employ for data collection, profiling, and targeting across all online platforms. The growth of ad and other optimization services for targeting, involving real-time bidding on ad exchanges; the expansion of data collection capabilities from the largest advertising agencies (with the participation of leading digital media content and marketing companies); the increasing capabilities of mobile marketers to target users via enhanced data collection; and a disturbing growth of social media surveillance practices for targeted marketing are just a few of the developments the commission must address. But despite technical innovation and what may appear to be dramatic changes in the online data collection/profiling/targeting market, the commission must recognize that the underlying paradigm threatening consumer privacy online has been constant since the early 1990’s. So-called “one-to-one marketing,” where advertisers collect as much as possible on individual consumers so they can be targeted online, remains the fundamental approach. …Advertisers and marketers have developed an array of sophisticated and ever-evolving data collection and profiling applications, honed from the latest developments in such fields as semantics, artificial intelligence, auction theory, social network analysis, data-mining, and statistical modeling. Behavioral targeting is just one tool in the interactive advertisers’ arsenal.... We are being intensively tracked on many individual websites and across the Internet.[14]The filing called for action to address the buying and selling of individuals via online ad exchanges and giants such as Google; identified many other leading companies and practices; and explained how all of this was affecting mobile-device and social media users. It documented how self-regulation had been a failure, and how the “self-learning of contemporary interactive ad systems” threaten privacy and consumer welfare. Again, the FTC ignored these issues, enabling today’s programmatic (surveillance marketing) system to evolve unchallenged. Surveillance marketing of health behaviors, including through social media: In 2010, CDD and allied consumer and privacy groups filed a petition on the role that behavioral advertising, as well as manipulative ad tactics such as “neuromarketing,” play in the promotion of health and medical products. Google, Microsoft, and others were the subjects of this complaint. As we explained,A far-reaching complex of health marketers has unleashed an arsenal of techniques to track and profile consumers, including so-called medical “condition targeting,” to eavesdrop on their online discussions via social media data mining; to collect data on their actions through behavioral targeting; to use viral and so-called “word-of-mouth” techniques online to drive interest in prescriptions, over-the counter drugs, and health remedies; and to influence their subconscious perceptions via pharma-focused “neuromarketing…. Digital marketing raises many distinct consumer protection and privacy issues, including an overall lack of transparency, accountability and personal control, which consumers should have over data collection and the various interactive applications used to track, target, and influence them online (including on mobile devices). The use of these technologies by pharmaceutical, health product, and medical information providers that directly affect the public health and welfare of consumers requires immediate action.[15]As before, the FTC did nothing. Failures with Google and Facebook consent-decree enforcement: EPIC, CDD and allied consumer and privacy organizations, which helped bring cases against Google and Facebook, repeatedly told high-level commission staff and commissioners that these entities were routinely violating their respective consent decrees.[16] The failure of the commission to enforce its own decrees—reflecting the inability of the agency to analyze contemporary digital data and online marketing practices—permitted these companies, and the industry as a whole, to expand their surveillance capabilities still further.Neglecting communities of color: CDD also has repeatedly urged the commission to investigate and address how racial and ethnic data are used to target individuals and groups. For years, such data have been used to subject these communities to unfair treatment through predatory online marketing and other harmful practices. At best, the agency has given lip-service to these issues in the past, but has yet to take any meaningful action.[17]Failing our children, COPPA enforcement, and teens: CDD (along with Fair Play and Common Sense Media) is also filing comments in this docket on these issues. But we want to underscore that despite our repeated calls for action, the commission has never done anything to protect adolescents. Consequently, when someone turns 13 in the U.S., they are swept into the commercial surveillance marketing system that negatively affects every adult in the U.S.[18]Where we are today: Every day brings advances in the capabilities of commercial surveillance, led by the giant entities that dominate the marketplace, along with their affiliates. As we noted earlier, AI and machine-learning-based data analytic and targeting operations are routine for the commercial surveillance apparatus. And now the industry is poised to add what is known as “emotional intelligence,” a sophisticated new enhancement to ascertain and “understand how people feel in order to make AI more emotionally aware. There will be a shift from passive and grey interaction with AI, to an understanding of not only the cognitive, but also the emotive, channels of human interaction.”[19] Surveillance applications are also shaping the Internet of Things, the metaverse, and “over-the-top” streaming video as well.[20]We urge the commission to act on this petition, as well as calls by civil rights, consumer and privacy groups that it engage in a comprehensive rulemaking that will help promote competition, data protection, fairness and civil rights online. [1] We especially want to single out two individuals whose leadership role in all these years has been so critical, including with the FTC. Marc Rotenberg, who created and led the Electronic Privacy Information Center for decades, has been at the forefront of these and other key digital democracy issues since the earliest days of the internet. Ed Mierzwinski, now senior director, Federal Consumer Program, U.S. PIRG, understood that the same commercial forces that had undermined consumer rights in the “analog” world was doing so online as well. [2] So-called consumer data platforms and similar technologies permeate the corporate environment. See, for example, Mariah Cooper, “PepsiCo Launches Data Practice to Help Food and Beverage Retailers Grow,” Campaign, 9 Sept. 2021, /article/pepsico-launches-data-practice-to-help-food-and-beverage-retailers-grow/472436; Josh Wolf, “Where Does a Customer Data Platform Fit in With My AWS Data Lake?” AWS Blog, 13 May 2021, /blogs/apn/where-does-a-customer-data-platform-fit-in-with-my-aws-data-lake/; Wavicle Data Solutions, “Global QSR Uses Micro-segmentation to Improve Customer Engagement and Sales,” Dec. 2020, /wp-content/uploads/2020/12/Quick_Service_Restaurant_Customer_360_032421.pdf. [3] Federal Trade Commission, “Privacy in the Electronic Age,” The Privacy & American Business Conference, Washington, D.C., 1 Nov. 1995, /public-statements/1995/11/privacy-electronic-age.[4] Federal Trade Commission, “Staff Report: Public Workshop on Consumer Privacy on the Global Information Infrastructure” Dec. 1996, /reports/staff-report-public-workshop-consumer-privacy-global-information-infrastructure; Federal Trade Commission, About Privacy: Protecting the Consumer on the Global Information Infrastructure,” 8 Dec. 1998, /public-statements/1998/12/about-privacy-protecting-consumer-global-information-infrastructure; “Privacy in the Electronic Age.” See also Jeff Chester’s comments in U.S. Department of Commerce and Federal Trade Commission, “Public Workshop on Online Profiling, Washington, D C, 8 Nov. 1999, /sites/default/files/documents/public_events/online-profiling-public-workshop/online.pdf. [5] See especially the digital marketing industry fundamental paradigm laid out in Don Peppers and Martha Rogers, The One to One Future (New York: Crown Business, 1993); see also, Jeff Chester, Digital Destiny: New Media and the Future of Democracy (New York: The New Press, 2008). [6] See, for example, Federal Trade Commission, “Privacy Online: A Report to Congress,” June 1998. /sites/default/files/documents/reports/privacy-online-report-congress/priv-23a.pdf; Federal Trade Commission, “FTC Staff Sets Forth Principles For Online Information Collection From Children” 16 July 1997, /news-events/press-releases/1997/07/ftc-staff-sets-forth-principles-online-information-collection. To better understand the campaign developed to enact COPPA, including the industry pushback on teens, see Kathryn C. Montgomery, Generation Digital: Politics, Commerce, and Childhood in the Age of the Internet (Cambridge, MA: 2007). CDD pressed to have “cookies” and other identifiers included as personal information under COPPA. Jeff Chester, “Leading Consumer, Privacy, Child Advocacy & Public Health Groups Call on FTC for Stronger Children's Privacy Safeguards Under COPPA,” Center for Digital Democracy, 25 Sept. 2012, /content/leading-consumer-privacy-child-advocacy-public-health-groups-call-ftc-stronger-childrens. [7] See, for example, Marc Rotenberg, letter to Sen. Jay Rockefeller, Chairman of the Senate Committee of Commerce, Science and Transportation, et al, 5 May 2010, /wp-content/uploads/privacy/facebook/EPIC_FB_FTC_Complaint_Letter.pdf.[8] Jeff Chester and Ed Mierzwinski, “Complaint and Request for Inquiry and Injunctive Relief Concerning Unfair and Deceptive Online Marketing Practices,” Federal Trade Commission, 1 Nov.2006, /sites/default/files/FTCadprivacy_0_0.pdf. CDD and U.S. PIRG filed a supplemental petition a year letter, which included an analysis of advances in behavioral marketing, including through the DoubleClick Advertising Exchange, among others. While the commission staff and commissioners made various proposals, there was no real attempt to address the surveillance ad system. See, for example, , “A Preliminary FTC Staff Report on Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers,” Dec. 2010, /reports/preliminary-ftc-staff-report-protecting-consumer-privacy-era-rapid-change-proposed-framework.[9] Federal Trade Commission, “Ehavaorial Advertising: Tracking, Targeting & Technology,” meeting transcript, 1 Nov. 2007, pp. 35-36, /sites/default/files/documents/public_events/ehavioral-advertising-tracking-targeting-and-technology/71101wor.pdf. See also, Chester’s comment that “A very sophisticated commercial surveillance system has been put in place,” in Louise Story, “F.T.C. to Review Online Ads and Privacy,” New York Times, 1 Nov. 2007, /2007/11/01/technology/01Privacy.html. [10] Jeff Chester, “CDD, EPIC, USPIRG Opposition to Google/Doubleclick ‘Big Data’ Merger,” Center for Digital Democracy, 11 Sept. 2019, /article/cdd-epic-uspirg-opposition-googledoubleclick-big-data-merger; Roy Mark, “FTC Chair’s Impartiality Questioned,” eWeek, 13 Dec. 2007, /news/ftc-chair-s-impartiality-questioned/; “Conflict of Interest in Google-Doubleclick Merger Review,” EPIC.org, /documents/epic-v-federal-trade-commission/. [11] Tom Krazit, “Consumer Groups Urge Block of Google-AdMob Deal,” CNET, 28 Dec. 2009, /news/consumer-groups-urge-block-of-google-admob-deal/; Jeff Chester, “EPIC and CDD file ‘Unfair and Deceptive’ Practices Complaint at FTC on Facebook/WhatsApp Deal: WhatsApp Users Were Promised Privacy/Now They Will Have Facebook,” Center for Digital Democracy, 6 Mar. 2014, /content/epic-and-cdd-file-unfair-and-deceptive-practices-complaint-ftc-facebookwhatsapp-deal; Jeff Chester, “Big Data Gets Bigger: Consumer and Privacy Groups Call on FTC to Play Greater Role in Data Mergers/Investigation and Public Workshop Needed,” Center for Digital Democracy, 6 Feb. 2015, /content/big-data-gets-bigger-consumer-and-privacy-groups-call-ftc-play-greater-role-data-mergers.[12] “Consumer Groups Petition Federal Trade Commission to Protect Consumers from Mobile Marketing Practices Harmful to Privacy: Complaint Documents the Migration of Data Tracking, Profiling and Targeting to Mobile Phone Devices,” Center for Digital Democracy, 13 Jan. 2009, /mobile-marketing-harmful.[13] Center for Digital Democracy, “Ten Questions that the Federal Trade Commission Should Answer on Cross Device Online Tracking of Individuals,” /system/files/documents/public_comments/2015/11/00061-99851.pdf. For a current example of such tracking, see, for example, LiveRamp, “Measurement: Omnichannel Identity Linking,” /our-platform/cross-channel-measurement/omnichannel-identity-linking/. [14] Center for Digital Democracy and U.S. PIRG, “Cookie Wars, Real-Time Targeting, and Proprietary Self Learning Algorithms: Why the FTC Must Act Swiftly to Protect Consumer Privacy,” FTC Privacy Roundtables – Comment, Project No. P095416, 4 Nov. 2009, /sites/default/files/documents/public_comments/privacy-roundtables-comment-project-no.p095416-544506-00013/544506-00013.pdf. [15] Center for Digital Democracy, U.S. PIRG, Consumer Watchdog, and the World Privacy Forum, “Complaint, Request for Investigation, Public Disclosure, Injunction, and Other Relief: Google, Microsoft, QualityHealth, WebMD, Yahoo, AOL, HealthCentral, Healthline, Everyday Health, and Others Named Below,” FTC filing, 23 Nov. 2010, /sites/default/files/public/2015/101123publiccmptdigitaldemocracy.pdf. This complaint was one of several where CDD also placed a spotlight on social media marketing—another area in which the commission has repeatedly failed. For example, the complaint noted that “new surveillance tools have been developed to monitor conversations among social network users to identify what is being said about a particular issue or product. Marketers then work to insert brand-related messages into the social dialogue, often by identifying and targeting individuals considered brand ‘loyalists’ or ‘influencers….’ Increasingly, advertisers are using Facebook’s marketing apparatus—which is largely invisible to its users—…to … connect to the social communications of a very large pool of consumers.” [16] See, for example, Center for Digital Democracy, “Facebook’s Misleading Data and Marketing Policies and Practices,” Oct. 2013, /sites/default/files/field/public-files/2019/ftcfacebookdatapracticesfinal1013.pdf.[17] See for example, Jeff Chester, “Digital Target Marketing to African Americans, Hispanics and Asian Americans: A New Report,” Center for Digital Democracy,18 Feb. 2013, /content/digital-target-marketing-african-americans-hispanics-and-asian-americans-new-report; Center for Digital Democracy, “In the Matter of ‘Privacy and Security Implications of the Internet of Things,” FTC public workshop filing, 1 June 2013, /sites/default/files/documents/public_comments/2013/07/00006-86145.pdf; Jeff Chester, Kathryn Montgomery, and Lori Dorfman, “Alcohol Marketing in the Digital Age,” May 2010, /sites/default/files/documents/public_comments/alcohol-reports-project-no.p114503-00014%C2%A0/00014-58260.pdf.[18] “Children's Online Privacy.” C-Span, 17 Oct. 2018, /video/?453170-1/childrens-online-privacy; Center for Digital Democracy, “Digital Youth,” /projects/focus/digital-youth.[19] Yasmin Borain, “Marketing Trends for 2022: Technology, Artificial Intelligence and Internet of Things,” WARC, Nov. 2021, /content/article/warc-exclusive/marketing-trends-for-2022-technology-artificial-intelligence-and-internet-of-things/141212 (subscription required).[20] Hannah Murphy, “Facebook Patents Reveal How It Intends to Cash in on Metaverse: Meta Hopes to Use Tiny Human Expressions to Create Virtual World of Personalised Ads,” Financial Times, 17 Jan. 2022, /content/76d40aac-034e-4e0b-95eb-c5d34146f647 (subscription required).surveillanceadvertisingftccdd012622b.pdf
-
Congresswomen Anna G. Eshoo (D-CA) and Jan Schakowsky (D-IL) and Senator Cory Booker (D-NJ) Introduce Bill to Ban Surveillance AdvertisingWashington, DC 1-18-2022“Identifying, tracking, discriminating, sorting, targeting, and manipulating online users lies at the heart of all that is toxic about today’s digital world. Surveillance advertising drives discrimination and compounds inequities, it destroys democratic institutions and rights, strengthens monopoly power of Big Tech platforms, and is harmful to children, teens, families, and communities. If enacted, the Banning Surveillance Advertising Act would put a stop to surveillance advertising and would be an important first step in building a digital world that is less toxic to our democracy, economy, and collective well-being,” said Katharina Kopp, Ph.D., Director of Policy for the Center for Digital Democracy.Click here for statements of support.Click here for bill text.Click here for a section-by-section summary.Click here for additional background.
-
Blog
The Big Data Merger Gold Rush to Control Your “Identity” Information
Will the DoJ ensure that both competition and consumer protection in data markets are addressed?
There is a digital data “gold rush” fever sweeping the data and marketing industry, as the quest to find ways to use data to determine a person’s “identity” for online marketing becomes paramount. This is triggered, in part, by the moves made by Google and others to replace “cookies” and other online identifiers with new, allegedly pro-privacy data-profiling methods to get the same results. We’ve addressed this privacy charade in other posts. In order to better position themselves in a world where knowing who we are and what we do is a highly valuable global currency, there are an increasing number of mergers and acquisitions in the digital marketing and advertising sector.For example, last week data-broker giant TransUnion announced it is buying identity data company Neustar for $3.1 billion dollars, to further expand its “powerful digital identity capabilities.” This is the latest in TransUnion’s buying spree to acquire data services companies that give it even more information on the U.S. public, including what we do on streaming media, via its 2020 takeovers of connected and streaming video data company Tru Optik (link is external) and the data-management-focused Signal. (link is external)In reviewing some of the business practices touted by TransUnion and Neustar, it’s striking that so little has changed in the decades CDD has been sounding the alarm about the impacts data-driven online marketing services have on society. These include the ever-growing privacy threats, as well as the machine-driven sorting of people and the manipulation of our behaviors. So far, nothing has derailed the commercial Big Data marketing.With this deal, TransUnion is obtaining a treasure trove of data assets and capabilities. For Neustar, “identity is an actionable understanding of who or what is on the other end of every interaction and transaction.” Neustar’s “OneID system provides a single lens on the consumer across their dynamic omnichannel journey.” This involves: (link is external) data management services featuring the collection, identification, tagging, tracking, analyzing, verification, correcting and sorting of business data pertaining to the identities, locations and personal information of and about consumers, including individuals, households, places, businesses, business entities, organizations, enterprises, schools, governments, points of interest, business practice characteristics, movements and behaviors of and about consumers via media devices, computers, mobile phones, tablets and internet connected devices.Neustar keeps close track of people, saying that it knows that “the average person has approximately 15 distinct identifiers with an average of 8 connected devices” (and notes that an average household has more than 45 such distinct identifiers). Neustar has an especially close business partnership with Facebook, (link is external) which enables marketers to better analyze how their ads translate into sales made on and spurred by that platform. Its “Customer Scoring and Segmentation” system enables advertisers to identify and classify targets so they can “reach the right customer with the right message in the right markets.” Neustar has a robust data-driven ad-targeting system called AdAdvisor, which reaches 220 million adults in “virtually every household in the U.S.” AdAdvisor (link is external) “uses past behavior to predict likelihood of future behavior” and involves “thousands of data points available for online targeting” (including the use of “2 billion records a month from authoritative offline sources”). Its “Propensity Audiences” service helps marketers predict the behaviors of people, incorporating such information (link is external) as “customer-level purchase data for more than 230 million US consumers; weekly in-store transaction data from over 4,500 retailers; actual catalog purchases by more than 18 million households”; and “credit information and household-level demographics, used to build profiles of the buying power, disposable income and access to credit a given household has available.” Neustar offers its customers the ability to reach “propensity audiences” in order to target such product categories as alcohol, automotive, education, entertainment, grocery, life events, personal finance, and more. For example, companies can target people who have used their debit or credit cards, by the amount of insurance they have on their homes or cars, by the “level of investable assets,” including whether they have a pension or other retirement funds. One also can discover people who buy a certain kitty litter or candy bar—the list of AdAdvisor possibilities is far-reaching.Another AdAdvisor application, “ElementOne,” (link is external) comprises 172 segments that can be “leveraged in real time for both online and offline audience targeting.” The targeting categories should be familiar to anyone who is concerned about how groups of people are characterized by data-brokers and others. For example, one can select “Segment 058—high income rural younger renters with and without children—or “Segment 115—middle income city older home owners without children; or any Segment from 151-172 to reach “low income” Americans who are renters, homeowners, have or don’t have kids, live in rural or urban areas, and the like.Marketers can also use AdAdvisor to determine the geolocation behaviors of their targets, through partnerships that provide Neustar with “10 billion daily location signals from 250+ million opted-in consumers.” In other words, Neustar knows whether you walked into that liquor store, grocery chain, hotel, entertainment venue, or shop. It also has data on what you view on TV, streaming video, and gaming. And it’s not just consumers who Neustar tracks and targets. Companies can access its “HealthLink Dimensions Doctor Data to target 1.7 million healthcare professionals who work in more than 400 specialties, including acute care, family practice, pediatrics, cardiovascular surgery.”TransUnion is already a global data and digital marketing powerhouse, with operations in 30 countries, 8,000 clients that include 60 of the Fortune 100. What is calls its “TruAudience Marketing Solutions (link is external)” is built on a foundation of “insight into 98% of U.S. adults and more than 127 million homes, including 80 million connected homes.” Its “TruAudience Identity” product provides “a three-dimensional, omnichannel view of individuals, devices and households… [enabling] precise, scalable identity across offline, digital and streaming environments.” It offers marketers and others a method to secure what it terms is an “identity resolution,” (link is external) which is defined as “the process of matching identifiers across devices and touchpoints to a single profile [that] helps build a cohesive, omnichannel view of a consumer….”TransUnion, known historically as one of the Big Three credit bureaus, has pivoted to become a key source for data and applications for digital marketing. It isn’t the only company expanding what is called an “ID Graf (link is external)”—the ways all our data are gathered for profiling. However, given its already vast storehouse of information on Americans, it should not be allowed to devour another major data-focused marketing enterprise.Since this merger is now before the U.S. Department of Justice—as opposed to the Federal Trade Commission—there isn’t a strong likelihood that in addition to examining the competitive implications of the deal, there will also be a focus on what this really means for people, in terms of further loss of privacy, their autonomy and their potential vulnerability to manipulative and stealthy marketing applications that classify and segment us in a myriad of invisible ways. Additionally, the use of such data systems to identify communities of color and other groups that confront historic and current obstacles to their well-being should also be analyzed by any competition regulator.In July, the Biden Administration issued (link is external) an Executive Order on competition that called for a more robust regime to deal with mergers such as TransUnion and Neustar. According to that order, “It is also the policy of my Administration to enforce the antitrust laws to meet the challenges posed by new industries and technologies, including the rise of the dominant Internet platforms, especially as they stem from serial mergers, the acquisition of nascent competitors, the aggregation of data, unfair competition in attention markets, the surveillance of users, and the presence of network effects.”We hope the DOJ will live up to this call to address mergers such as this one, and other data-driven deals that are a key reason why these kind of buyouts happen with regularity. There should also be a way for the FTC—especially under the leadership of Chair Lina Khan—to play an important role evaluating this and similar transactions. There’s more at stake than competition in the data-broker or digital advertising markets. Who controls our information and how that information is used are the fundamental questions that will determine our freedom and our economic opportunities. As the Big Data marketplace undergoes a key transition, developing effective policies to protect public privacy and corporate competition is precisely why this moment is so vitally important. -
Blog
Who is Really “Pushing” Your Online Shopping Cart as You Buy Groceries? It’s Big Data, Machine Learning and Lots of Cash from Advertisers
The FTC and States Should Investigate “Grocery Tech”
Online grocery shopping became a pandemic response necessity for those who could afford it, with revenues to exceed $100 billion (link is external) in 2021. Leading supermarket chains such as Kroger, big box stores like Walmart, online specialist companies such as Instacart, and the ubiquitous Amazon, have all experienced greater demand from the public to have groceries ordered and then quickly delivered or available for pick up. The pandemic has spurred “record” (link is external) downloads of grocery shopping apps from Instacart, Walmart Grocery and Target, among others. Consequently, this marketplace is now rapidly expanding its data collection and digital marketing operations, to generate significant revenues from advertisers and food and beverage brand sponsors.So it’s not a surprise that Instacart’s new (link is external) CEO comes from Facebook (link is external), and the company has also just hired that social network’s former head of advertising. Walmart, Kroger, Amazon and others are also further adding (link is external) adtech and data marketing experts. There has been a spate of announcements involving new grocery-focused alliances to improve the role digital data play in marketing and sales, including by Albertson’s (involving Google (link is external)) (link is external) and Hy-Vee (link is external) (also with Google). Albertson’s (link is external) (which includes the Safeway, Vons and Jewel-Osco divisions) deal with Google is designed to include “shoppable digital maps to make it easier for consumers to find and purchase products online; AI-powered conversation commerce” technologies for shopping, and “predictive grocery list building….” Similarly, Hy-Vee’s work with the Google Cloud will help enable “predictive (link is external) shopping carts,” among other services. (Hy-Vee is also one of the supermarket chains participating in the USDA’s online SNAP (link is external) pilot project, raising questions regarding how its alliance with Google will impact the privacy and well-being of people enrolled in SNAP).All the data that is flowing into these companies, how it is being analyzed, its use by advertisers and product sponsors, and how it impacts the products we see and purchase, should all be subject to scrutiny from consumer protection and privacy regulators.A good example is Instacart. Its Instacart (link is external) Advertising service allows brands to pay to become “featured products” and more (link is external). Featured Product ads are a form of paid search advertising. As Instacart tells its clients, if a consumer is searching (link is external)for “chocolate ice cream” or just “ice cream,” and you have bought such ads, “your product can appear as one of the first products in the search result.” And even after “consumers place an order, we’ll make some suggestions for last-minute additions to the order that the consumer might be interested in. Among these suggestions, the system can include Featured Product ads.”But it’s all the data and connections to their consuming customers that is the real “secret sauce” for Instacart’s ad-targeting and influence operations. The company knows what’s in and out of everyone’s shopping carts, explaining that “Instacart tracks (link is external) the source or ‘path to cart’ for all items purchased through Instacart marketplace, differentiating between three main groups—items bought from search results, browsing departments, aisles, and other discovery areas of Instacart, or from a list of previous purchases, which we call ‘buy it again.’” As it explains, the “Instacart Ads solution (link is external)” offers “a full suite of advertising products that animate the entire customer journey—from search through purchase.” These include opportunities for marketers to become part of “the ‘buy it again’ lists where consumers are shown a list of products that they have bought on previous orders. These can act as reminders of meals or recipes they’ve made before and items they tend to stock up on. Our brand partners can leverage Instacart Ads products to appear on ‘buy it again’ lists so they stay top of mind with their customers and aid in retaining valuable customers.”The company’s advertising blog discusses its use of what is increasingly the most valuable information a company can have—known as “first-party” data, where (allegedly) a consumer has given their consent to have all their information used. Instacart explains (link is external) this data “encompasses intent and purchase signals… from users signed up to an online grocery app,” and that it can be leveraged by its brand and advertising clients. The online ordering company explains that its “rich and diverse data sources” include “access to millions of orders over time from over 600 retail partners, across 45,000 stores, involving millions of households…. [A] tremendously valuable data set…this data is updated every night….” Instacart analyzes this trove of data, including point-of-sale, transaction log and out-of-stock information, to help it zero in on a key goal—to enable its advertisers to better understand and take advantage of what it terms “basket affinities.” In a webinar, Instacart defined (link is external) that concept:Basket affinities helps Instacart, and its brand partners, to create consumer ‘types’, discover product interactions, understand mission-dominant baskets, and identify trigger products — ultimately building a picture of how brands are bought online that we then share with our partners to build a better plan to acquire and retain valuable consumers. The term ‘basket affinity’ covers examining the one-to-one, group-to-group, or many-to-many relationships between products, as well as identifying consumer shopping missions and consumer profiles. [We note that Instacart says it “aggregates and anonymizes” this information. However, given its ability to target individuals, we will rely on regulators to determine how well such personal information is actually handled].Instacart also touts its ability to track the actual impact of advertising on its site, noting that it is a “closed loop” service “where ads are served to consumers in the same ‘space’ any resulting sales occur.” In a blog post (link is external) on how it empowers its advertiser partners, the company notes that Our advertising products provide options that can put their products in front of consumers on every ‘discovery surface’ on the platform to catch their eye when they are in this mode. Plus, our data shows that the majority of add to carts from these discovery surfaces are the first time the consumer has added that item to their cart — meaning it’s a great place for brands to acquire new customers.As with other major data (link is external)-driven digital marketers, Instacart has many grocery tech and ecommerce specialist partners, who provide brands and advertisers with a myriad of ways to promote, sell and otherwise “optimize” their products on its platform (such as Perpetua, (link is external) Tinuiti, (link is external) Skai (link is external) and Commerce IQ, (link is external) to only name several).The dramatic and recent growth of what’s called grocery tech is shaping the way consumers buy products and what prices they may pay. With companies such as Amazon, (link is external) Kroger, (link is external) Walmart, (link is external) Albertson’s (link is external) and Instacart now in essence Big Data-driven digital advertising companies, the public is being subjected to various practices that warrant regulatory scrutiny, oversight and public policy. We call on the Federal Trade Commission and state regulators to act. Among the key questions are how, if at all, are racial, ethnic and income data being used to target a consumer; are health data, including the buying of drugs and over-the-counter medications, being leveraged; and what measurement and performance information is being made available to partners and advertisers? We don’t want to have to “drop” our privacy and autonomy when we shop in the 21st Century. -
Blog
Surveillance Marketing Industry Claims Future of an “Open Internet” Requires Massive Data Gathering
New ways to take advantage of your “identity” raise privacy, consumer-protection and competition issues
The Trade Desk is a leading (link is external) AdTech company, providing data-driven digital advertising services (link is external) to major brands and agencies. It is also playing an outsized role responding to the initiative led by Google (link is external) to create new, allegedly “privacy-friendly” approaches to ad targeting, which include ending the use of what are called “third-party” cookies. These cookies enable the identification and tracking of individuals, and have been an essential building block for surveillance advertising since the dawn (link is external) of the commercial Internet. As we explained in a previous post about the so-called race to “end” the use of cookies, the online marketing industry is engaged in a full-throated effort to redefine how our privacy is conceptualized and privately governed. Pressure from regulators (such as the EU’s GDPR) and growing concerns about privacy from consumers are among the reasons why this is happening now. But the real motivation, in my view, is that the most powerful online ad companies and global brands (such as Google, Amazon and the Trade Desk) don’t need these antiquated cookies anymore. They have so much of our information that they collect directly, and also available from countless partners (such as global brands). Additionally, they now have many new ways to determine who we are—our “identity”—including through the use of AI, machine learning and data clouds (link is external). “Unified ID 2.0” is what The Trade Desk calls its approach to harvesting our identity information for advertising. Like Google, they claim to be respectful of data protection principles. Some of the most powerful companies in the U.S. are supporting the Unified ID standard, including Walmart, Washington Post, P&G, Comcast, CBS, Home Depot, Oracle, and Nielsen. But more than our privacy is at stake as data marketing giants fight over how best to reap the financial rewards (link is external) of what is predicted eventually to become a trillion dollar global ad marketplace. This debate is increasingly focused on the very future of the Internet itself, including how it is structured and governed. Only by ensuring that advertisers can continue to successfully operate powerful data-gathering and ad-targeting systems, argues Trade Desk CEO Jeff Green, can the “Open (link is external) Internet” be preserved. His argument, of course, is a digital déjà vu version of what media moguls have said in the U.S. dating back to commercial radio in the 1930’s. Only with a full-blown, ad-supported (and regulation-free) electronic media system, whether it was broadcast radio, broadcast TV, or cable TV, could the U.S. be assured it would enjoy a democratic and robust communications environment. (I was in the room at the Department of Commerce back in the middle 1990’s when advertisers were actually worried that the Internet would be largely ad-free; the representative from P&G leaned over to tell me that they never would let that happen—and he was right.) Internet operations are highly influenced to serve the needs of advertisers, who have reworked its architecture to ensure we are all commercially surveilled. For decades, the online ad industry has continually expanded ways to monetize our behaviors, emotions, location and much more. (link is external) Last week, The Trade Desk unveiled its latest iteration using Unified ID 2.0—called Solimar (see video (link is external) here). Solimar uses “an artificial intelligence tool called Koa (link is external), which makes suggestions” to help ensure effective marketing campaigns. Reflecting the serial partnerships that operate to provide marketers with a gold mine of information on any individual, The Trade Desk has a “Koa Identity (link is external) Alliance,” a “cross-device graph that incorporates leading and emerging ID solutions such as LiveRamp Identity Link, Oracle Cross Device, Tapad (link is external) Device Graph, and Adbrain Device Graf.” This system, they say, creates an effective way for marketers to develop a data portrait of individual consumers. It’s useful to hear what companies such as The Trade Desk say as we evaluate claims that “big data” consumer surveillance operations are essential for a democratically structured Internet. In its most recent Annual Report (link is external), the company explains that “Through our self-service, cloud-based platform, ad buyers can create, manage, and optimize more expressive data-driven digital advertising campaigns across ad formats and channels, including display, video, audio, in-app, native and social, on a multitude of devices, such as computers, mobile devices, and connected TV (‘CTV’)…. We use the massive data captured by our platform to build predictive models around user characteristics, such as demographic, purchase intent or interest data. Data from our platform is continually fed back into these models, which enables them to improve over time as the use of our platform increases.” And here’s how The Trade Desk’s Koa’s process is described in the trade publication Campaign (link is external) Asia: …clients can specify their target customer in the form of first-party or third-party data, which will serve as a seed audience that Koa will model from to provide recommendations. A data section provides multiple options for brands to upload first-party data including pixels, app data, and IP addresses directly into the platform, or import data from a third-party DMP or CDP. If a client chooses to onboard CRM data in the form of email addresses, these will automatically be converted into UID2s. Once converted, the platform will scan the UID2s to evaluate how many are ‘active UID2s’, which refers to how many of these users have been active across the programmatic universe in the past week. If the client chooses to act on those UID2s, they will be passed into the programmatic ecosystem to match with the publisher side, building the UID2 ecosystem in tandem. For advertisers that don't have first-party data… an audiences tab allows advertisers to tap into a marketplace of second- and third-party data so they can still use interest segments, purchase intent segments and demographics. In other words, these systems have a ton of information about you. They can easily get even more data and engage in the kinds of surveillance advertising that regulators (link is external) and consumer (link is external) advocates around the world are demanding be stopped. There are now dozens of competing “identity solutions”—including those from Google, Amazon (link is external), data brokers (link is external), telephone (link is external) companies, etc. (See visual at bottom of page here (link is external)). The stakes here are significant—how will the Internet evolve in terms of privacy, and will its core “DNA” be ever-growing forms of surveillance and manipulation? How do we decide the most privacy-protective ways to ensure meaningful monetization of online content—and must funding for such programming only be advertising-based? In what ways are some of these identity proposals a way for powerful platforms such as Google to further expand its monopolistic control of the ad market? These and other questions require a thoughtful regulator in the U.S. to help sort this out and make recommendations to ensure that the public truly benefits. That’s why it’s time for the U.S. Federal Trade Commission to step in. The FTC should analyze these advertising-focused identity efforts; assess their risks and the benefits; address how to govern the collection and use of data where a person has supposedly given permission to a brand or store to use it (known as “first-party” data). A key question, given today’s technologies, is whether meaningful personal consent for data collection is even possible in a world driven by sophisticated and real-time AI systems that personalize content and ads? The commission should also investigate the role of data-mining clouds and other so-called “clean” rooms where privacy is said to prevail despite their compilation of personal information for targeted advertising. The time for private, special interests (and conflicted) actors to determine the future of the Internet, and how our privacy is to be treated, is over. -
Press Release
Against surveillance-based advertising
CDD joins an international coalition of more than 50 NGOs and scholars in a call for a surveillance-based advertising ban in its Digital Services Act and for the U.S. to enact a federal digital privacy and civil rights law
International coalition calls for action against surveillance-based advertising Every day, consumers are exposed to extensive commercial surveillance online. This leads to manipulation, fraud, discrimination and privacy violations. Information about what we like, our purchases, mental and physical health, sexual orientation, location and political views are collected, combined and used under the guise of targeting advertising. In a new report, the Norwegian Consumer Council (NCC) sheds light on the negative consequences that this commercial surveillance has on consumers and society. Together with [XXX] organizations and experts, NCC is asking authorities on both sides of the Atlantic to consider a ban. In Europe, the upcoming Digital Services Act can lay the legal framework to do so. In the US, legislators should seize the opportunity to enact comprehensive privacy legislation that protects consumers. - The collection and combination of information about us not only violates our right to privacy, but renders us vulnerable to manipulation, discrimination and fraud. This harms individuals and society as a whole, says the director of digital policy in the NCC, Finn Myrstad. In a Norwegian population survey conducted by YouGov on behalf of the NCC, consumers clearly state that they do not want commercial surveillance. Just one out of ten respondents were positive to commercial actors collecting personal information about them online, while only one out of five thought that ads based on personal information is acceptable. - Most of us do not want to be spied on online, or receive ads based on tracking and profiling. These results mirror similar surveys from Europe and the United States, and should be a powerful signal to policymakers looking at how to better regulate the internet, Myrstad says. Policymakers and civil society organisations on both sides of the Atlantic are increasingly standing up against these invasive practices. For example, The European Parliament and the European Data Protection Supervisor (EDPS) have already called for phasing out and banning surveillance-based advertising. A coalition of consumer and civil rights organizations in the United States has called for a similar ban. Significant consequences The NCC report ’Time to ban surveillance-based advertising’ exposes a variety of harmful consequences that surveillance-based advertising can have on individuals and on society: 1. Manipulation Companies with comprehensive and intimate knowledge about us can shape their messages in attempts to reach us when we are susceptible, for example to influence elections or to advertise weight loss products, unhealthy food or gambling. 2. Discrimination The opacity and automation of surveillance-based advertising systems increase the risk of discrimination, for example by excluding consumers based on income, gender, race, ethnicity or sexual orientation, location, or by making certain consumers pay more for products or services. 3. Misinformation The lack of control over where ads are shown can promote and finance false or malicious content. This also poses significant challenges to publishers and advertisers regarding revenue, reputational damage, and opaque supply chains. 4. Undermining competition The surveillance business model favours companies that collect and process information across different services and platforms. This makes it difficult for smaller actors to compete, and negatively impacts companies that respect consumers’ fundamental rights. 5. Security risks When thousands of companies collect and process enormous amounts of personal data, the risk of identity theft, fraud and blackmail increases. NATO has described this data collection as a national security risk. 6. Privacy violations The collection and use of personal data is happening with little or no control, both by large companies and by companies that are unknown to most consumers. Consumers have no way to know what data is collected, who the information is shared with, and how it may be used. - It is very difficult to justfy the negative consequences of this system. A ban will contribute to a healthier marketplace that helps protect individuals and society, Myrstad comments. Good alternatives In the report, the NCC points to alternative digital advertising models that do not depend on the surveillance of consumers, and that provide advertisers and publishers more oversight and control over where ads are displayed and which ads are being shown. - It is possible to sell advertising space without basing it on intimate details about consumers. Solutions already exist to show ads in relevant contexts, or where consumers self-report what ads they want to see, Myrstad says. - A ban on surveillance-based advertising would also pave the way for a more transparent advertising marketplace, diminishing the need to share large parts of ad revenue with third parties such as data brokers. A level playing field would contribute to giving advertisers and content providers more control, and keep a larger share of the revenue. The coordinated push behind the report and letter illustrates the growing determination of consumer, digital rights, human rights and other civil society groups to end the widespread business model of spying on the public. -
The Center for Digital Democracy and 23 other leading civil society groups sent a letter to President Biden today asking his Administration to ensure that any new transatlantic data transfer deal is coupled with the enactment of U.S. laws that reform government surveillance practices and provide comprehensive privacy protections.
-
Contact: Jeff Chester, CDD (jeff@democraticmedia.org (link sends e-mail); 202-494-7100) David Monahan, CCFC (david@commercialfreechildhood.org (link sends e-mail);) Advocates Ask FTC to Protect Youth From Manipulative “Dark Patterns” Online BOSTON, MA and WASHINGTON, DC — May 28, 2021—Two leading advocacy groups protecting children from predatory practices online filed comments today asking the FTC to create strong safeguards to ensure that internet “dark patterns” don’t undermine children’s well-being and privacy. Campaign for a Commercial-Free Childhood (CCFC) and the Center for Digital Democracy (CDD) cited leading authorities on the impacts of internet use on child development in their comments prepared by the Communications & Technology Law Clinic at Georgetown University Law Center. These comments follow testimony given by representatives of both groups last month at a FTC workshop spearheaded by FTC Acting Chair Rebecca Slaughter. CCFC and CDD say tech companies are preying upon vulnerable kids, capitalizing on their fear of missing out, desire to be popular, and inability to understand the value of misleading e-currencies, as well as putting them on an endless treadmill on their digital devices. They urged the FTC to take swift and strong action to protect children from the harms of dark patterns. Key takeaways include: - A range of practices, often called “dark patterns” are pervasive in the digital marketplace, manipulate children, are deceptive and unfair and violate Section 5 of the FTC Act. They take advantage of a young person’s psycho-social development, such as the need to engage with peers. - The groups explained the ways children are vulnerable to manipulation and other harms from “dark patterns,” including that they have “immature and developing executive functioning,” which leads to impulse behaviors. - The FTC should prohibit the use of dark pattern practices in the children’s marketplace; issue guidance to companies to ensure they do not develop or deploy such applications, and include new protections under their Children’s Online Privacy Protection Act (COPPA) rulemaking authority to better regulate them. The commission must bring enforcement actions against the developers using child-directed dark patterns. - The FTC should prohibit the use of micro-transactions in apps serving children, including the buying of virtual currency to participate in game playing. - The FTC should adopt a definition of dark patterns to include all “nudges” designed to use a range of behavioral techniques to foster desired responses from users. The groups’ filing was in response to the FTC’s call for comments (link is external) on the use of digital “dark patterns” — deceptive and unfair user interface designs — on websites and mobile apps. Comment of Jeff Chester, executive Director of the Center for Digital Democracy: “Dark Patterns” are being used in the design of child-directed services to manipulate them to spend more time and money on games and other applications, as well as give up more of their data. It’s time the FTC acted to protect young people from being unfairly treated by online companies. The commission should issue rules that prohibit the use of these stealth tactics that target kids and bring legal action against the companies promoting their use. Comment of Josh Golin, executive Director of the Campaign for a Commercial-Free Childhood: In their rush to monetize children, app and game developers are using dark patterns that take advantage of children’s developmental vulnerabilities. The FTC has all the tools it needs to stop unethical, harmful, and illegal conduct. Doing so would be a huge step forward towards creating a healthy media environment for children. Comment of Michael Rosenbloom, Staff Attorney & Clinical Teaching Fellow, Communications and Technology Law Clinic, Georgetown University Law Center: Software and game companies are using dark patterns to pressure children into playing more and paying more. Today, many apps and games that children play use dark patterns like arbitrary virtual currencies, encouragement from in-game characters, and ticking countdown timers, to get children to spend more time and money on microtransactions. These dark patterns harm children and violate Section 5 of the FTC Act, and we urge the FTC to act to stop these practices. ###