When is Independence Day for the Digital World? 

I’m writing this on USA’s Independence Day 2021. I’ve been thinking a lot about freedom—especially in the digital world. Mainly because it doesn’t exist there (or here, since I’m posting this online).  

For some time, the Me2B Alliance has been working on easy-to-understand educational material to better convey the particular harms visited upon us through the “Invisible Parallel Dataverse”, which is mainly embodied through a vast network of entities artfully calling themselves a “media ecosystem” but which is in fact the massive infrastructure and industry of Digital Advertising.   

The magnitude and complexity of the AdTech machine is a natural deterrent for most of us—“I can’t make sense of that; too complicated, too arcane, too opaque.” Turns out, it’s not at all opaque. The detailed underpinnings that have borne that vast ecosystem have been hiding in plain sight for years, in publicly available protocols and specifications at the IAB Tech Lab. I count myself among the many who didn’t turn their full gaze onto the situation.  

Luckily, with the help of incredibly talented people like our lead data flow tester, Zach Edwards, I’m slowly learning the full magnitude of the situation. And here’s my pithy summary: 

While many things are “free” on the internet, we are anything but free in the digital world.  

What does that mean? 

Let me try to paint a picture of one piece of the problem here: we call it the Invisible Parallel Dataverse. We all careen around the web, driving our fancy browser-mobiles, opening websites, or downloading and installing apps. We are in control of things as we traverse the digital world.  Wrong. It may feel like that, but in reality, there is an Invisible Parallel Dataverse which is constantly watching us, talking about us behind our backs [like THOUSANDS of orgs], trying to get us to buy more, click this, do that, spend more.   

The Invisible Parallel Dataverse is fueled by an equally invisible [to users] infrastructure that is ubiquitous—on every website, in every app—EVERYWHERE. It doesn’t matter what cookie settings you disable/enable.  (In fact, I’m increasingly convinced that cookie settings are a trivial “bone” being thrown to us panting dogs, to pacify and provide a semblance of control.) In reality, advertising technology executes the moment the web page opens, and the minute you open an app—and sometimes the adtech code runs when no ad is presented to the user.   

The browser you’re using constantly sends the latest reports on your behavior to this advertising ecosystem every time you open a new page—cookie, shmookie, data about you is shared externally no matter what.  NOTE: not just when you open a new website or page, but even multiple times on the same page. The browser isn’t being a sneaky bastard here; it’s in many ways “dumb”, it’s blindly executing the HTML and Javascript code that define the contents of the page materializing before your eyes. One or more of the code snippets in that package of page-code is for an Ad, which will send an Ad Request containing some info about you off into the vast hinterland of the AdTech network. This innocuous single message results in: 

• Your latest browsing information being sent to literally thousands of entities within the adtech ecosystem.  Your browsing activity is one of the most intimate snapshots of who you are;  it’s elaborately and specifically detailed by the things you look for online, how much time you spend looking at them, what you click on, what you buy—nevermind coupling that with other information the browser has access to—like on which sites you have accounts/login credentials [we call these “Me2B Marriages”].
• And while some of the data in the Ad Request may not seem “personal”, the real dark magic of the adtech ecosystem is that the vast network of THOUSANDS of entities who receive that first “Ad Request” at the start of the RealTime Bidding (RTB) system masterfully correlate whatever meager (or not so meager) crumbs of data from the Ad Request to you, specifically– your sweet little self, doggedly searching for an air conditioner repair person on a Sunday in August in the remote desert in Nevada even though you’re usually in church at this time–that you.  Also, these profiles can be used for ANY purpose whatsoever, because the adtech technology is ungoverned and unmonitored.   

For now, that is.  

Dr. Johnny Ryan and a group of dedicated lawyers and researchers have been persistently working to expose the realities of AdTech, first at Brave, and now at the Irish Council for Civil Liberties (ICCL).  

His latest effort at the ICCL will once again take to the courts – Hamburg, Germany this time – to convince the authorities that this RTB adtech infrastructure systematically and at vast scale violates GDPR.  

Truth is, this RTB machinery violates human freedom itself.  

The ICCL website has some excellent materials to explain the case, and it accurately describes RTB as the world’s biggest data breach. Well, nearly accurately–I offer this refinement: 

“The world’s biggest ongoing, ceaseless data breach.” 

On this day of celebrating hard-fought and won freedoms in the United States, the Me2B Alliance picks up the mantle to continue the fight for freedom in the Digital World. We assert our support of the ICCL and their pivotal case against RTB.  How this intention will manifest remains to be defined, but watch this space. Or better yet, come join us and help create that future. 

What a Me Should Do  

This isn’t comprehensive, but first of all, we recommend using either an ad-blocking browser like Mozilla’s Firefox, and install an ad-blocking browser extension, like the Electronic Frontier Foundation’s Privacy Badger or AdBlock Plus. 

Secondly, enable all privacy settings on your mobile phone. 

And finally, please consider supporting the work at the ICCL to make sure that this landmark GDPR case succeeds, paving the way for freedom in the digital world.