New Bill Claims To Ban 'Surveillance Advertising,' But Doesn't Actually Do It
from the half-measures dept
This week Representatives Anna Eshoo and Jan Schakowsky, and Senator Cory Booker introduced the Banning Surveillance Advertising Act, which the trio proclaim will dismantle the snoopvertising industry and make everybody immeasurably safer:
“Surveillance advertising is a predatory and invasive practice. The hoarding of people?s personal data not only abuses privacy, but also drives the spread of misinformation, domestic extremism, racial division, and violence,? said Senator Booker. ?With the introduction of the Ban Surveillance Advertising Act, advertisers will be forced to stop exploiting individuals? online behavior for profits and our communities will be safer as a result.”
Except it’s not really clear the bill actually does that.
This bill does claim to prohibit digital advertisers from flinging targeted ads at users based on protected class information like race and sexual orientation. But “broad” location-based targeting would still be allowed as would “contextual advertising,” or ads linked to specific online content being viewed. It also continues to allow a lot of behavior just as long as ad market participants pinky swear they’re doing the right thing:
“Paragraph (1) does not apply to the targeting of the dissemination of an advertisement based on information described in clauses (i) through (iv) of subparagraph (B) of such paragraph that is provided to an advertising facilitator by an advertiser or by a third party on behalf of an adver6 tiser, if the advertising facilitator is provided a written attestation that the advertiser is not in violation of subsection (b) with respect to such information.
So basically, if companies proclaim they’re doing the right thing (which they often won’t be, and over-extended regulators likely won’t be able to consistently confirm), they’ll get a bit of a pass:
Read the bill, though.
Advertisers can still dump your purchases and other activity to FB/G for targeting, as long as they "attest" they aren't revealing "protected class" info about you.
A partial ban at best, and does not address riskiest/least accepted surveillance practices
— Don Marti (@dmarti) January 18, 2022
That’s the real problem here. The entire digital advertising space is such an intentionally complicated mess, even reporters who cover it for a living are often utterly dumbfounded as to what’s actually happening. Some of this is just because internet technology can be complicated, something that’s a challenge for Luddite lawmakers. Some of it is because making it intentionally complicated makes it extremely difficult for even competent regulators to effectively regulate. The idea that a single bill can fix vast problems across an ocean of global industries seems a bit simplistic at this point.
emarketer just put out a v good (v paywalled) report detailing aaaallllllllllll the data that's typically used to target u with ads + where that data comes from + the new horrifying data sources tech co's are planning to start mining next https://t.co/P7exElXlPx pic.twitter.com/1w22cbdWiI
— shoshana wodinsky (she/her) (@swodinsky) August 18, 2021
All policed by U.S. regulators that are so underfunded, understaffed, under-resourced, or just plain corrupt that they can’t even tackle the majority of obvious fraud occurring everyday, much less the elaborate data monetization systems driving the global economy. Which is why we keep seeing a rotating parade of ad and privacy related scandals that take years for policymakers to even identify, much less address. More often than not, these scandals end with adorable wrist slaps long after the fact (see: the tale of Verizon’s “zombie cookie,” or the wireless industry’s recent location data scandals) and fines that are paltry in comparison to the money made off of the offense.
Much like the recent bill to force companies to shorten overlong terms of service, this bill feels like a feel-good venture to fix a very complicated problem with language that doesn’t actually do what it promises to do. There are so many reasons we don’t really effectively police the entire massive data collection realm (from telecom networks and app stores to data brokers), but a major reason is we don’t actually enable and fund our regulators to actually do a job of this (or any real) scope. And the regulators we do have tend to be of the revolving door variety — utterly disinterested in any solution that might topple the money trough for their previous or future employees.
A core underlying component of U.S. dysfunction is corruption. And our regulators are so dysfunctional, under-resourced, and corrupt they can’t even tackle very basic, obvious examples of fraud and monopolization (see the telecom, banking, pharmaceutical, and energy sectors). This idea that they’re going to fix the entire data collection ecosystem (which again includes telecom, data brokers, app makers, the entirety of modern tech, and even the prison industry) without first fixing those problems — much less with a bill filled with loopholes — feels a tad performative and naïve.