This article originally appeared in Information Security Buzz on June 6, 2019.
A surprising report from college researchers show that personalized ads are barely more successful than regulars ads. However, it is what those ads drop on the websites that could get publishers in trouble.
Expert Comments:
Chris Olson, CEO at The Media Trust:
“An ad exchange’s third-party cookies are not the only technologies that hoover up information on website visitors. Other such technologies include first and third-party webpage javascripts, which can harvest visitors’ OS version, device type, geolocation, device IP, and more. In other words, the data ecosystem that has spun off of the digital ecosystem is more pervasive, more complex, and more relentless than most people think. In fact, very few website operators know what code—third party or otherwise—runs on their site and what that code does. Chances are, even their information security teams don’t know. And, if you operate a website, these other technologies can put you on the wrong side of current and forthcoming data privacy laws like the General Data Protection Act (GDPR), California’s Consumer Privacy Act, and New York’s, SHIELD Act, which could outdo CCPA in stringency. In other words, simply running contextual ads won’t ensure a publisher’s compliance with these laws. The key to avoiding costly legal and regulatory penalties and PR nightmares is knowing who’s doing what to your site visitors.”