Privacy regulation and online advertising

Advertisers use online customer data to target their marketing appeals. This has heightened consumers' privacy concerns, leading governments to pass laws designed to protect consumer privacy by restricting the use of data and by restricting online tracking techniques used by websites. We use the responses of 3.3 million survey takers who had been randomly exposed to 9,596 online display (banner) advertising campaigns to explore how privacy regulation in the European Union (EU) has influenced advertising effectiveness. This privacy regulation restricted advertisers' ability to collect data on Web users in order to target ad campaigns. We find that, on average, display advertising became far less effective at changing stated purchase intent after the EU laws were enacted, relative to display advertising in other countries. The loss in effectiveness was more pronounced for websites that had general content (such as news sites), where non-data-driven targeting is particularly hard to do. The loss of effectiveness was also more pronounced for ads with a smaller presence on the webpage and for ads that did not have additional interactive, video, or audio features

Mapping Digital Media: Online Advertising - Origins, Evolution, and Impact on Privacy

Outlines the evolution, models, and diversity of online advertising; policy issues raised by Internet advertising's characteristics; how the struggle between government regulation and self-regulation will shape policy; and implications for privacy

Industry Self-Regulation of Consumer Data Privacy and Security, 32 J. Marshall J. Info. Tech. & Privacy L. 15 (2015)

Industry self-regulation of consumer data privacy and security has been proposed as a flexible alternative and compliment to traditional government regulation. This study analyzes whether different types of existing industry-led standards improve online privacy and security. This paper examines which types of firms join voluntary standards and whether there is a difference in outcomes between trade association memberships (like the Digital Advertising Alliance) and certification programs (like TRUSTe). Results suggest that more trafficked websites are more likely to adopt standards, and that trade association member-ship does not have an effect on privacy and security performance. This article highlights the need for a valid privacy metric for robust empirical study of data privacy and security

Introduction: contains Cover, Table of Contents, Letter from the Editor, and Masthead

The Richmond Journal of Law and Technology is proud to present the fourth issue of the 2010–2011 academic year. In this issue, we explore privacy law in the context of online social networking, online advertising and tort reform. Additionally, this issue examines mandatory disclosure of trade secrets as a component of offshore oil drilling regulation and evaluates certain criticisms levied against the Anti-Counterfeiting Trade Agreement

Measuring online tracking and privacy risks on Ecuadorian websites

© 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes,creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.Online tracking has become a great enabler of massive surveillance so it is now a critical vector for threatening the privacy of users. Despite the benefits of online tracking for personalized advertising, the complexity of the involved platforms makes it a threat for democracy. In this work, online tracking is measured in Ecuador, a country with a developing adoption of online advertising technologies, having the highest Internet penetration rate in Latin America, but lacking regulation for privacy. By finding out the third party connections triggered through the most popular Ecuadorian websites, the concentration of online tracking is measured in Ecuador. Its impact is also analyzed by studying some particularities in government websites, the usage of advanced mechanisms of tracking, and the adoption of transparency practices in advertising platforms. Our final aim is exposing potential privacy violations.This work was partly supported by the Spanish Ministry ofEconomy and Competitiveness (MINECO) through the project“MAGOS”, ref. TEC2017-84197-C4-3-R. J. Parra-Arnau wassupported by the Spanish government under grant TIN2016-80250-R and by the Catalan government under grant 2017SGR 00705 and is currently the recipient of a Juan de la Ciervapostdoctoral fellowship, IJCI-2016-28239, from the SpanishMinistry of Economy and Competitiveness.Peer ReviewedPostprint (author's final draft

Privacy Policies over Time: Curation and Analysis of a Million-Document Dataset

Automated analysis of privacy policies has proved a fruitful research direction, with developments such as automated policy summarization, question answering systems, and compliance detection. Prior research has been limited to analysis of privacy policies from a single point in time or from short spans of time, as researchers did not have access to a large-scale, longitudinal, curated dataset. To address this gap, we developed a crawler that discovers, downloads, and extracts archived privacy policies from the Internet Archive's Wayback Machine. Using the crawler and following a series of validation and quality control steps, we curated a dataset of 1,071,488 English language privacy policies, spanning over two decades and over 130,000 distinct websites. Our analyses of the data paint a troubling picture of the transparency and accessibility of privacy policies. By comparing the occurrence of tracking-related terminology in our dataset to prior web privacy measurements, we find that privacy policies have consistently failed to disclose the presence of common tracking technologies and third parties. We also find that over the last twenty years privacy policies have become even more difficult to read, doubling in length and increasing a full grade in the median reading level. Our data indicate that self-regulation for first-party websites has stagnated, while self-regulation for third parties has increased but is dominated by online advertising trade associations. Finally, we contribute to the literature on privacy regulation by demonstrating the historic impact of the GDPR on privacy policies.Comment: 16 pages, 13 figures, public datase

Tackling food marketing to children in a digital world: trans-disciplinary perspectives. Children’s rights, evidence of impact, methodological challenges, regulatory options and policy implications for the WHO European Region

There is unequivocal evidence that childhood obesity is influenced by marketing of foods and non-alcoholic beverages high in saturated fat, salt and/or free sugars (HFSS), and a core recommendation of the WHO Commission on Ending Childhood Obesity is to reduce children’s exposure to all such marketing. As a result, WHO has called on Member States to introduce restrictions on marketing of HFSS foods to children, covering all media, including digital, and to close any regulatory loopholes. This publication provides up-to-date information on the marketing of foods and non-alcoholic beverages to children and the changes that have occurred in recent years, focusing in particular on the major shift to digital marketing. It examines trends in media use among children, marketing methods in the new digital media landscape and children’s engagement with such marketing. It also considers the impact on children and their ability to counter marketing as well as the implications for children’s rights and digital privacy. Finally the report discusses the policy implications and some of the recent policy action by WHO European Member States

Mobile Privacy and Business-to-Platform Dependencies: An Analysis of SEC Disclosures

This Article systematically examines the dependence of mobile apps on mobile platforms for the collection and use of personal information through an analysis of Securities and Exchange Commission (SEC) filings of mobile app companies. The Article uses these disclosures to find systematic evidence of how app business models are shaped by the governance of user data by mobile platforms, in order to reflect on the role of platforms in privacy regulation more generally. The analysis of SEC filings documented in the Article produces new and unique insights into the data practices and data-related aspects of the business models of popular mobile apps and shows the value of SEC filings for privacy law and policy research more generally. The discussion of SEC filings and privacy builds on regulatory developments in SEC disclosures and cybersecurity of the last decade. The Article also connects to recent regulatory developments in the U.S. and Europe, including the General Data Protection Regulation, the proposals for a new ePrivacy Regulation and a Regulation of fairness in business-to-platform relations

Online Personal Data Processing and EU Data Protection Reform. CEPS Task Force Report, April 2013

This report sheds light on the fundamental questions and underlying tensions between current policy objectives, compliance strategies and global trends in online personal data processing, assessing the existing and future framework in terms of effective regulation and public policy. Based on the discussions among the members of the CEPS Digital Forum and independent research carried out by the rapporteurs, policy conclusions are derived with the aim of making EU data protection policy more fit for purpose in today’s online technological context. This report constructively engages with the EU data protection framework, but does not provide a textual analysis of the EU data protection reform proposal as such