from the incompetent-by-design dept
We’ve noted for years that the adtech sector is a convoluted, unregulated hellscape, where consumer data is bought and sold with nothing remotely close to competent oversight. The end result is just about what you’d expect: a percussive parade of massive scandals in which location, financial, and other sensitive data is bought, sold, leaked, abused, hacked, and spread far and wide with little real recourse.
Despite this, the U.S. still hasn’t passed even a baseline privacy law for the Internet era. And while some folks will insist it’s because it’s too hard, the real reason is because there’s simply too much money being made; and wealth accumulation, if you hadn’t noticed in the United States, trumps all things.
Last week John Oliver did a fantastic bit explaining the (quite intentionally) complicated, ethics-optional mess that is adtech, with a specific focus on data brokers:
Oliver points out just some of the many scandals in the space (like that time Epsilon Data Management knowingly sold the data of 30 million elderly people to criminals who then scammed them repeatedly, or the time widely available cellular consumer location data was abused by stalkers).
But Oliver then does something entertaining: he reveals that his show directly approached data brokers and purchased the online behavior and location data of many people who are likely lawmakers working in or around the Capitol building. Oliver only makes a few vague nods to some of the questionable browsing activity he discovered, while hoping lawmakers are now motivated to do something about it:
“You might want to channel that worry into making sure that I can’t do anything,” he advised. “Sleep well!”
Again, I’d wager he may not have actually found much of anything about any specific lawmaker, but it’s an amusing feint all the same. And we desperately need something to motivate the entirety of DC, because what we’re doing now (inconsistent wrist slaps years after violations, fines that are a tiny fraction of the money made from the abuse — and, oh yeah, here’s some free credit reporting) isn’t working.
Again, if we actually cared about this stuff, it wouldn’t be that difficult to fix.
A fairly basic Internet privacy law, combined with actually funding and staffing regulators at the FTC, would go a long way toward addressing the issue. But we don’t do that. Again, not because it would be all that difficult or expensive (even though adtech is overly complicated by design to try and dodge oversight), but because the cash trough of consumer data monetization is just too lucrative.
Attempting to rein in just the telecom sector or just the airline sector is one thing (and you may have noticed we can’t even do that). But when you target the online consumer data space you’re going up against a massive coalition of industries with bottomless lobbying budgets, including “big tech,” telecom, software, health care, marketing, and more. All of which like things just the way they are: broken and hugely profitable.
What I still think will happen is eventually there will be a data scandal too massive and problematic to ignore, featuring a lot of very powerful and influential people. Likely a scandal that puts human lives at risk in some way. Only then will DC wake up to the perils of letting the adtech market run amok, and even then my faith in DC competently crafting helpful solutions in response remains shaky at best.