Personal data safety in the era of real-time bidding
You visit your favorite website. What can go wrong?
How much time does it usually take to load one page? One second? Maybe half a second? One click and you’re where you want to be. Reading the news, seeing the ads.
But have you ever wondered what is happening on the other side?
An interesting fact is while the website is loading, hundreds of actions take place. Simply stated, the site puts on an auction for your attention. Here the big fight starts, where all the ad tech market players are involved. Everyone makes their bid. One of them wins. The technology that allows all these actions is called Real-Time Bidding (RTB).
To be clear, Real-Time Bidding (RTB) is a process where a website visitor’s information is available to possibly hundreds or even thousands of companies who then bid to be the one that shows the user their advert, all of which is done while a website is loading.
Now for the fun part.
How did they get you? The answer is simple — they know more about you than your parents do. They get it from those guys who collect your personal data from most of the apps and sites you use daily*. Where you live, what you do, who you love. Personal data is being permanently bought and sold without your permission.
*Oxford study on Third Party Tracking in the Mobile Ecosystem showed that 90,4% of apps include at least one in-app tracker, and 17.9% more than twenty.
In the end, everyone gets a profit from your stolen personal data except you. Even worse, the world where the personal data ecosystem is broken and OpenRTB becomes one of the biggest threats to your identity.
A recent report by the Information Commissioner’s Office (ICO) found that web advertisers are using personal data without proper user consent. This means that people can be looking at ads based on information even though they haven’t given permission for their data to be used in such a way.
“One visit to a website, prompting one auction among advertisers, can result in a person’s personal data being seen by hundreds of organisations, reliance on contractual agreements to protect how bid request data is shared, secured and deleted, does not seem appropriate given the type of personal data sharing and the number of intermediaries involved” UK Information Commissioner
Billions of bids and even more personal data shares are processed on a daily basis. And according to ICO, there is no way to guarantee that the user has given consent for, or even knows, that all of these advertisers have access to their information. But even that is not the main problem. Besides those who show you the ads, your data is seen by hundreds of invisible companies you’ve never even heard of. The bottom line is that anyone can access and use your personal data to their advantage. It’s like living in a home with no locks. You never know when someone’s going to come in and sit on your grandma’s beloved sofa.
OpenRTB is developed and controlled by IAB. It was launched in 2010, eight years before GDPR was implemented. So do you think it can possibly meet the regulation requirements? Probably not. Moreover, due to the existing protocol, they cannot adapt the oRTB to current standards.
The world is evolving too rapidly. It needs new solutions, which are simple and effective.
OpenRTB is just too complicated for our time. PwC conducted for ISBA, the representative of British advertisers, a study on supply chain transparency. It confirmed that the existing system works inefficiently.
In a Supply Chain Study with the participation of UK’s highest-profile publishers, it was identified that 15 advertisers have 300 different supply chains in order to reach 12 publishers. This complexity contributes to a fairly non-transparent supply chain
It leads to a simple but unwanted conclusion. The existing ecosystem is terribly outdated.
It is completely insecure in terms of access control to personal data. Neither Google nor IAB can offer a suitable alternative, because their systems are built on principles opposite to GDPR. Their new projects, Google Sandbox and IAB.Techlab Rearc, are already nicknamed ‘TBD initiatives’ on the market due to the complete uncertainty in timing and the lack of any specifications.
Users’ rights will be violated as long as OpenRTB is used.
But don’t worry too much.
myGaru offers an up to date safe and effective solution. We don’t even bring our users to OpenRTB. When using the Internet, you will be redirected to the myGaru ecosystem without getting into the ad tech swamp. On the one hand, we allow you to control your advertising preferences. On the other hand, we give advertisers access to secure targeting tools without the ability to identify specific people. myGaru functions like a secured firewall between you and companies aiming to reach your attention.
In addition, we’ve created conditions for you to earn while surfing the Internet. Part of the profit generated from advertisers goes directly to you.
Follow our social media to stay up to date.