The Behavioral Advertising Business Model Can Harm Individuals

Though the behavioral advertising business model may provide some benefits to consumers, it is a myth that the ad-supported products and services are entirely “free”—users pay by giving up their privacy and submitting themselves to potential privacy harm. As Maréchal said, “The cornerstone of this business model is non-consensual data collection at a massive scale. That, in and of itself, is a privacy violation, and it’s really a testament to how embedded these business models are into our society, and how readily we’ve accepted Silicon Valley’s narrative that many people don’t see that as a harm.”¹ And as Rejouis pointed out, “the exchange isn’t mutual. [Companies are using] algorithms [to collect] data in undetected ways,” using proxies to infer information about users that they do not directly provide companies.² Gray added that the large tech companies

need that data more for their current business models than they need to show you the ad. Because … [that] data is then used to maybe not show you an ad, but to show so many millions of other people an ad, and every pipeline they can get to feed into the big data machine that helps them determine what is going to be the most manipulative content to show you so that you click on the ad.³

Thus, the true price of these services is exposure to increased privacy risks.

The behavioral advertising business model contributes to a number of additional harms. First, any collected data is vulnerable to breaches if the company stores it, and as mentioned above, companies often collect a lot of data even when it is not necessary. One Gartner executive disclosed that over 70 percent of data collected and retained by companies remains “dark,” or unused, but nonetheless is kept for the possibility that they might eventually be able to monetize it.⁴ The data that companies collect can be stolen, and these breaches can lead to significant consumer harms, particularly if the data is financial or health related.⁵

Second, the non-consensual, secondary use of data for purposes beyond those for which it was collected can harm users. While OTI’s prior panel on civil rights and privacy addressed secondary use of data with regard to discrimination,⁶ it remains an issue in other areas as well, including when companies sell data to data brokers, which then sell it to other organizations that use that data to inform decisions about employment or credit. For instance, in Spokeo, Inc. v. Robins, plaintiff Thomas Robins argued that his employment prospects had been harmed by data broker Spokeo’s listing of factually inaccurate information. Spokeo’s database misrepresented Robins by stating that he “was in his 50s, … married, … employed in a professional or technical field, and … has children” and “that he has a graduate degree, that his economic health is ‘Very Strong[,]’ and that his wealth level [is in] the ‘Top 10%.’”⁷ This inaccurate data made Robins seem “overqualified for jobs he might have gained, expectant of a higher salary than employers would be willing to pay, and less mobile because of family responsibilities.”⁸ Any potential employer consulting the Spokeo database on Robins would have had incorrect information about him, which could have led the potential employer to unfairly reject his application. Thus, by encouraging vast data collection (whether accurate or not), the behavioral advertising business model creates further risks of unanticipated and potentially harmful secondary uses.

Third, even the appearance of companies tracking and following users around the internet can be viewed as harmful. In fact, “[a] wide variety of studies show that people find online ads intrusive, [and] annoying. … These unsolicited, even somewhat aggressive (and occasionally offensive) ads are unwanted interruptions.”⁹ Other surveys have shown that people find behavioral advertising “too aggressive” and “creepy.”¹⁰ Consumers may even be more likely to engage with ads if the advertiser is not using “creepy” tactics.¹¹ These descriptors show that users experience a privacy harm even if they cannot identify it with precision. Much like in the physical world, consumers want and expect a certain amount of privacy, yet behavioral advertising violates those expectations.

Citations

Natasha Duarte, Megan Gray, Keir Lamont, Nathalie Maréchal, Gabrielle Rejouis, and Lee Tien, “Paying for Our Privacy,” (Panel, Washington, DC, July 16, 2019), source.
“Paying for Our Privacy,” (Panel, Washington, DC, July 16, 2019).
“Paying for Our Privacy,” (Panel, Washington, DC, July 16, 2019).
Allen St. John, “Stopping the Data Breach Epidemic,” Consumer Reports, December 21, 2018, .
For one example of the extent to which consumers can be harmed financially by data breaches, see the recent Federal Trade Commission (FTC) settlement with Equifax over a significant data breach, in which the FTC required Equifax to pay out a maximum of $20,000 per person for damages related to unauthorized charges on an account, fees incurred as a result of the breach, and time spent dealing with breach-related issues, among other things. “Equifax Data Breach Settlement,” Federal Trade Commission, July 2019, .
Becky Chao, Eric Null, Brandi Collins-Dexter, and Claire Park, Centering Civil Rights in the Privacy Debate, (Washington, DC: �鶹��ý, 2019), source.
Spokeo v. Robins, 578 U.S. ___ (2015), Case No. 13-1339 slip op., dissent (Ginsburg, J.) at 1-2.
Spokeo v. Robins, 578 U.S. ___ (2015), Case No. 13-1339 slip op., dissent (Ginsburg, J.) at 1-2.
Tim Fisher, “Online Ads: Why They Follow You Around the Web,” Lifewire, July 22, 2019, .
Ross Benes, “Five Charts: Why Users Are Fed Up with Digital Ads,” eMarketer, October 16, 2018, .
Louise Matsakis, “Online Ad Targeting Does Work–As Long As It’s Not Creepy,” Wired, May 11, 2018, .

�鶹��ý

Education & Work

Democratic Futures

Global Security

Technology & Democracy

Thriving Families

Trending Topics

Real Skills, Real Income: Why Youth Apprenticeship Is Resonating Now

Future-Proofing U.S. Nuclear Policy: Forecasting Outcomes of the Nuclear-Armed Sea-Launched Cruise Missile

Debunking Myths on Student Parent Data Collection

The App Store Accountability Act Poses Serious Concerns for Privacy, Security, and Free Expression

Redrawing School Boundaries for Fairer Funding

Reframing Fusion Voting as a Practical, Powerful Reform Strategy

Harnessing Terrorism Data to Reshape U.S. National Security Policy

Establishing a National Housing Loss Rate

�鶹��ý Fellows

A New Fellowship to Foster Journalism Around Education, Economic Development, and the Future of Work

Lexington’s First Civic Assembly

How Did Philadelphia Become a World Cup City?

No Place to Land: Housing Insecurity Among Caregiving College Students

Paying for Our Privacy: What Online Business Models Should Be Off-Limits?

Table of Contents