Doubleclick probed as regulators take aim at programmatic

Industry Contributor 26 May 2019 - 3 min read

Doubleclick probed as regulators take aim at programmatic

By Paul McIntyre - Executive Editor

Market Voice 3 min read

How to use generative AI beyond efficiency: Just talk to it for half an hour every week – OK Tomorrow founder Nilesh Ashra

By Nine | Partner Content

OK Tomorrow founder Nilesh Ashra is convinced AI can unlock the creative floodgates, and has some cracking examples covering customer, product and HR. But media and marketing appear to be running headlong for efficiency.

Market Voice 3 min read

Advanced Audiences: Nielsen makes synthetic, first-party data play as CMOs prioritise customer lifetime value, optimise marketing technology investments, and navigate changes in privacy laws

By Nielsen | Partner Content

Audience measurement company, Nielsen, is becoming a first-party marketing company, working directly with brands to build privacy-compliant customer segments – panel data that is synthetically overlaid with brands’ customer data platform (CDP) data.

Tags: GDPR, Google, Doubleclick, data, RTB, DMPs, consent, privacy, advertising, digital

Google’s Doubleclick is being formally investigated by Ireland’s data watchdog over alleged GDPR breaches. The probe was triggered by Dr Johnny Ryan, chief policy officer at private web browser company, Brave. The group suggests the scale of data leakage by Google and other ad tech companies involved in real time bidding is greater than Facebook/Cambridge Analytica – and the complaint has been lodged with several more European regulators (Brave).

Key allegations:

That Doubleclick breaches GDPR by “broadcast[ing] personal data about visitors … to 2,000+ companies, hundreds of billions of times a day”.
The data broadcast can enable highly detailed profiling
“There is no control over what happens to the data once broadcast [and it] appears to be by far the largest leakage of personal data ever recorded”
“A change is coming that goes beyond just Google. We need to reform online advertising to protect privacy, and to protect advertisers and publishers from legal risk under the GDPR.” - Johnny Ryan, Brave
UK Information Commissioner’s Office also probing industry: “We are currently concentrating on the ecosystem of programmatic advertising and real-time bidding (RTB)” – (via The Register)

The investigation is potentially bigger than Google and could determine the future of real-time bidding. That is, if regulators agree with the claims and take action. Ryan is trying to force change, and has amassed a detailed dossier of evidence that suggests all RTB exchanges are non-GDPR compliant by their nature. As well as using it to file complaints with multiple European data regulators, Ryan’s been walking U.S. senators through the ins and outs of RTB, and arguing his case with intelligence and eloquence. Much of it boils down to consent, and how people that use the internet can knowingly consent to such widespread collection of data, and subsequent profiling, “by companies they have never even heard of”.

Within the dossier, Ryan notes the IAB’s own position on real-time bidding and GDPR, highlighting key lines: “As it is technically impossible for the user to have prior information about every data controller involved in a real-time bidding (RTB) scenario, programmatic trading, the area of fastest growth in digital advertising spend, would seem, at least prima facie, to be incompatible with consent under GDPR.” The document goes on to state that without consent under the EU’s definitions, there is no legal basis “for such [data] processing to take place or for media to monetise their content in this way”.

Regulators tend not to hurry when it comes to making big decisions. Ryan acknowledges that it may “take years for GDPR to take effect”, but already, he suggests, “things are looking very bleak” for Google and others. Ryan, by the way, advocates contextual targeting as the solution.