Everyone in privacy + ad tech + internet regs should read the "News media bargaining code" from Australia (accc.gov.au/focus-areas/di…) - aka the "link tax" - it creates new rules for Facebook (& other tech orgs). It's legislation birthed from an antitrust report - it's big crap🧵
I've been following all the antitrust reports about Facebook & Google - I've read all the major reports cover to cover & even helped a little on one. These entities need to be held accountable - Google should be forced to spin off their ad tech, FB banned from new acquisitions.
First, Australia is not proposing a "link tax" - they are proposing deeply nuanced "bargaining" rules for specific types of tech companies (Facebook & Google are targets) and the rules apply to an extremely broad range of "news websites" - they try to "even the playing field" 🥶
There is an alarming trend w/ smart home devices (mostly TVs) who have "App Ecosystems" -- their "smart microphones..." have data associated w/ IP addresses + device-specific IDs & the TVs let apps ingest that consumer audio under **the apps own TOS** vizio.com/en/terms/priva…⚖️
Smart TVs are made w/ a data supply architecture bolted on where the consumer is agreeing to layered Terms of Service...
The TV *Apps* can get *very* valuable data - and consumers are not being properly warned that they need to be *very careful* about which TV apps they install.
Samsung TVs (& many other TVs) run on the Open Source Tizen Platform (docs.tizen.org/platform/what-…)- just like Chromium they use W3c guidelines & API standards- but unlike Google, Samsung & TV makers are hoping regulators don't catch-wise to these non-compliant data flows for ad tech.
Are there any proposals to sandbox the mobile address book via iOS or Android so wild mobile apps like Clubhouse can't "go viral" and then encourage millions of Americans to share their personal user graphs and personally harvested contact information of friends/colleagues? ⚖️🧵
There are odd legal exposure issues related to a For-Profit Business requesting access to a Personal Contact Book from a non-business / person -- here's the flow imo:
Data Controller requests consent + marketing purpose to ingest Contact Address Book from non-covered entity
a Data Controller requesting 100% access to a personal Address Book, has ingested *user data, without consent from the users who the data belongs, to process it*
imo the phone APIs from iOS / Android that ingest + share address books violate Data Controller Frameworks
Congress rarely provides justice or reform. It's a bastion of conflicts & procedural rules.
But for 18 months after a Presidential election, an agenda can be set.
& Congress can't chew gum and walk - they fuck that up bad. We could get 1 trial, or debates on a bunch of issues.
If President Biden had demanded Congress hold a trial, with witnesses and tons of subcommittee hearings, he could have easily done that. And he could have put so much pressure that today could have easily been a different outcome. Now, why didn't Biden put all his chips on this?
A U.S. President has about 18 months after a Presidential Election to get something important done. From 1990's healthcare reform attempts, Bush tax cuts, Obamacare, Trump's tax efforts -- and Biden *could have chosen* to spend his time/political capital on a trial.
Imagine you are in charge of security for the Pentagon web portals - you've got a specific website to control where both external contractors + internal staff access it.
One day, you wake up & a Chrome Extension claims to "support your users" w/ XYZ features you didn't make 🧵
To make matters worse, you've discovered that dozens of your users have installed the extension within days of the extension being released - & you find out that extension developer has been paying the extension store to promote this dangerous extension on search & video sites.
Now, what do you do? Do you initiate an internal meeting to audit the extensions in order to try and break the features that are unsafe? Do you contact the extension store to demand the extension be taken down? Contact the dev? Do you warn your users or disable their accounts?
2) custom audiences cost less than native FB targeting of page interests/likes
3) lookalikes cost less than custom audiences, and less than native FB targeting
4) campaigns bid against each other - hugely popular states like Florida has tons of competition
5) it’s possible to attack the CPM rates by buying ads against XYZ fan page. Take 40 ads accounts you control, bid on only fan pages (Obama/Biden,hrc) & bid very high. Biden’s optimization choices for a campaign could then be used to push his CPM rates in some markets sky-high.
2) *Google tested methods that required an anonymity server because they don't have federated learning built into Chrome.
So Google tested "Centralized cohort building/filtering" vs "Pseudo-on-device cohort building/filtering" - the privacy safe version was 85% of the quality.
3) Differential privacy ≠ K-anonymity / We should focus on K-score to protect users (& merge cohorts) - it's a subtle difference but K-scores are more easily integrated into a "minimum viable cohort size" to be built into an open source anonymity server or federated Learning..
"Helping patients become the masters" - a presentation from Google's new acquisition - the FitBit + Twine Patient Data connection!
Twine video @
This participant upload process used by Fitbit's Twine (now owned by Google) certainly seems like Fitbit has a bunch of patient data that is not HIPPA compliant and should never have been appended to the wearable data.
@Independent * just a reminder -- the UK Independent is a NEWS website, yet they have advertising blocks for Yemen + Saudi Arabia + Houthis etc // this means that those articles do not monetize properly, aka there is a disincentive to cover the war due to advertisers being allowed to block.
**important clarification —- permutive is the first Params but ***did not create the keyword blocklists**** I have confirmed from the permutive team this wasn’t theirs but is injected by another partner in the ecosystem. Will follow up
In May I was commissioned by Brave to help their team audit the Google auctions so they could file details in their GDPR complaint. My pixel auditing background is significant and I’ve built enterprise analytics for nearly 8 years @victorymedium
Before we begin, I keep VERY close tabs on Google systems. I'm a Google Certified Partner, I've taken and passed the Google Analytics certification, and i've been using tools like Google Tag Manager for over 7 years (since basically the start). I'm deep into Google pixels...
Sizmek declared bankruptcy at the stroke of midnight on Friday. Come Monday, will any of their impressions still be showing? They owed $65 million - is that just delayed payments? Will payments flow to keep ads on? This feels like the ad bubble - who else has to close very soon?
When you look at the creditor balance sheet for Sizmek it should scare many folks watching markets- you could probably pick any of those companies and find similar books on their ends. They are all doing shades of auction arbitrage w/ cookie changes in browsers gutting data flow.
The subprime crisis occurred bc too many banks bet on each other and layered risk into assets that stopped being revenue multipliers and just started failing. Cookie consent rates w/ safari/Firefox changes (&chrome coming) are failures crossing that ~7% threshold like subprime...