Assorted Materials
This note announces my departure from Brave to take up two new roles. After a little more than over two years at Brave, I have moved to new roles at the Irish Council for Civil Liberties and the Open Markets Institute. The peculiarities of the GDPR, and Ireland's place in the global economy, mean that regulatory inaction in Ireland has global … Continue reading Farewell Brave.
This note analyses additional granular data from Dutch publisher NPO, and presents lessons for the publishing industry about privacy and revenue based on six months of data from a publishing group that removed 3rd party tracking.
This note shares new data on publisher revenue impact from switching off 3rd party ad tracking.
This note shares new data on publisher revenue impact from switching off 3rd party ad tracking. In January, the Dutch national broadcaster, NPO, switched off 3rd party tracking ad targeting. NPO has an online video audience of 7.1 million per month, and display reach of 5.8 million per month.[1] Revenue impact I have examined Ster’s revenue figures, … Continue reading New data shows publisher revenue impact of cutting 3rd party trackers
Following a court decision on Friday, it is now highly likely that California will introduce legislation that curtails “cross-context behavioral advertising”. A court decision on Friday (19 June 2020) makes it highly likely that Californians will vote on the California Privacy Rights Act (CPRA), the successor to the CCPA. Disclosure: I have contributed to the text … Continue reading California Privacy Rights Act to define and limit “cross-context behavioral advertising”
Procter & Gamble invited Dr Johnny Ryan of Brave to give a (remote) keynote address about how advertisers should adapt to the privacy-first future.The presentation covers the problems with conventional advertising technology, risks to brands and media sustainability, and sets out several alternative models. See the video here. For reasons made clear in this keynote presentation, … Continue reading Johnny Ryan’s privacy keynote for P&G
Senior representatives of advertisers, publishers, and intermediaries discuss two years of the the GDPR in a discussion hosted by Brave. Participants: Dr Johnny Ryan, Chief Policy Officer, Brave;Catherine Armitage, Director of Digital Policy, World Federation of Advertisers;Conor Murray, Director of Regulatory and Public Affairs, EGTA;Mathilde Fiquet, Director General, FEDMA. The discussion covers the impacts of the GDPR so far, and … Continue reading Industry discussion on the GDPR at 2 years old, and future EU regulatory development
New data from Brave show that European governments have not equipped their national authorities to enforce the GDPR. Brave presents Europe’s governments are failing the GDPR, a report on data protection authorities’ (DPAs) capacity to enforce against tech infringements of the GDPR. Two years after the GDPR was first applied, the GDPR is now in danger … Continue reading New data on GDPR enforcement agencies reveal why the GDPR is failing
Brave has filed a formal GDPR complaint against Google for infringing the GDPR “purpose limitation” principle. Enforcement would be tantamount to a functional separation of Google’s business. This morning, Brave filed a formal GDPR complaint against Google for infringing Article 5(1)b of the GDPR, which sets forth the “purpose limitation” principle. Quick facts The GDPR purpose … Continue reading Formal GDPR complaint against Google’s internal data free-for-all
Brave's submission to the UK Competition & Markets Authority shows how to fix the RTB market and end Google's advertising monopoly.
Brave has uncovered widespread surveillance of UK citizens by private companies embedded on UK council websites. "Surveillance on UK council websites", a new report from Brave, reveals the extent of private companies’ surveillance of UK citizens when they seek help for addiction, disability, and poverty from their local government authorities.
This note highlights the inadequacies of Google and IAB proposals to reform RTB, and rebuts the argument for inaction.
The ICO has today announced that it will be taking no substantive action to fix "RTB", the largest data breach ever recorded in the UK. Regulatory ambivalence cannot continue. We are considering all options to put an end to the systemic breach, including direct challenges to the controllers and judicial oversight of the ICO.
Brave warns US Senate & Congress: foreign state actors can use targeted ads to run code on US government computers, exploiting conventional browsers
Ryan's testimony at International Grand Chamber: RTB data breach enables disinformation. Enforcers can be sued.
Brave input to California Privacy Rights and Enforcement Act (CPERA)
Brave has written to the Attorney General of California to highlight a critical omission in the CCPA regulations proposed last week.
Brave has written to EU Member States to urge the prohibition of cookie walls, and the inclusion of privacy by default, in the ePrivacy Regulation.
This note presents a submission from Dr Johnny Ryan of Brave, and Dr Orla Lynskey of the London School of Economics, to the UK Competition & Markets Authority.
This note examines the GDPR requirement that marketers conduct data protection impact assessments (DPIAs) when buying digital media using “real-time bidding” advertising.
Brave presents new RTB evidence, and has uncovered a mechanism by which Google appears to be circumventing its purported GDPR privacy protections.
[et_pb_section fb_built="1" fullwidth="on" _builder_version="3.22" use_background_color_gradient="on" background_color_gradient_start="#00010c" background_color_gradient_end="#353535" background_color_gradient_direction="14deg" custom_padding="0px|0px|40px|0px"][et_pb_fullwidth_post_title comments="off" featured_image="off" text_color="light" admin_label="Fullwidth Post Title" _builder_version="4.0.11" title_font="Poppins|500|||||||" title_text_align="center" title_font_size="46px" meta_font="Muli||||||||" meta_text_align="center" meta_text_color="rgba(255,255,255,0.8)" meta_font_size="18px" text_orientation="center" max_width="80%" max_width_tablet="" max_width_phone="" max_width_last_edited="on|phone" module_alignment="center" custom_padding="|||" title_font_size_tablet="" title_font_size_phone="32px" title_font_size_last_edited="on|desktop"][/et_pb_fullwidth_post_title][/et_pb_section][et_pb_section fb_built="1" custom_padding_last_edited="on|phone" admin_label="section" _builder_version="3.22" background_color="#fafafc" custom_padding="60px|4vw|0px|4vw" custom_padding_tablet="" custom_padding_phone="|0px||0px"][et_pb_row column_structure="1_4,3_4" custom_padding_last_edited="on|desktop" _builder_version="3.25" background_size="initial" background_position="top_left" background_repeat="repeat" custom_padding="0px|||" custom_padding_tablet="" custom_padding_phone="|0px||0px" custom_width_px="700px"][et_pb_column type="1_4" _builder_version="3.25" background_position="top_left" custom_padding="|||" … Continue reading Brave、GoogleによるGDPR回避を明らかに
Dr Johnny Ryan responds to a statement from IAB Europe regarding its failure to answer the Irish Data Protection Commission. Four months on, both I and the Data Protection Commission are still waiting for the first explanation of how “IAB Europe is confident that the way it obtains consent for the use of cookies on its website complies with the requirements of the law”.
IAB Europe fails to answer questions from Irish Data Protection Commission arising from formal GDPR complaint by Brave's Dr Ryan against IAB Europe's "forced consent" and consent walls.
This note summarizes the ICO report on real-time bidding, which vindicates the GDPR complaints initiated by Brave, and points toward the solution.
DCN's CEO, Jason Kint, says removing personal data from bid requests might disadvantage adtech companies, but the sky won’t fall for publishers.
Brave answers Senators Whitehouse, Booker, Graham and Leahy’s questions for the record from the US Senate Judiciary Committee hearing on privacy and anti-trust.
Today, Ireland’s Data Protection Commission (DPC) has announced a major GDPR probe into “suspected infringement” by Google’s DoubleClick/Authorized Buyers advertising business. The probe was triggered by a formal complaint from Dr Johnny Ryan, Chief Policy Officer at Brave, the private web browser.
Dr Johnny Ryan's testimony at the US Senate Judiciary Committee hearing on “Understanding the Digital Advertising Ecosystem and the Impact of Data Privacy and Competition Policy”.
GDPR complaints about Real-Time Bidding (RTB) in the online advertising industry were filed today with Data Protection Authorities in Spain, the Netherlands, Belgium, and Luxembourg. The complaints detail the vast scale of personal data leakage by Google and other major companies in the “Ad Tech” industry.
Brave has written to the California Department of Justice to highlight potential loopholes in the California Consumer Protection Act (CCPA).
A formal complaint has been filed with the Irish Data Protection Commissioner against IAB Europe, the tracking industry’s primary lobbying organization.
The cover story of The Economist this week includes a diagram of the "data protection-free zone" at the heart of the online advertising auction system.
Brave has written to the California Department of Justice to highlight potential loopholes in the California Consumer Protection Act (CCPA).
New evidence to regulators: IAB documents reveal that it knew that real-time bidding would be “incompatible with consent under GDPR”.
Brave and co-complainants in Poland, Ireland, and the UK submit new evidence about massive adtech leakage of highly intimate data.
Big tech companies "cross-use" user data from one part of their business to prop up others. This hurts innovation & choice. The FTC must investigate. Plus, the GDPR is emerging as a defacto international standard. Whether this helps or harms United States firms will be determined by whether the United States enacts and actively enforces robust federal privacy laws.
Investigation needed to stop anticompetitive practices that hurt publishers, restrict innovation, and limit consumer choice.
Brave and a coalition of more than 30 businesses and organizations urges European Governments to break the deadlock on the ePrivacy Regulation in an open letter.
French regulator's decision against Vectaury confirms that IAB “Transparency & Consent Framework” does not obtain valid consent, and illustrates how even tiny adtech companies can unlawfully gather millions of people’s personal data from the online advertising “real time bidding system” (RTB).
Dr Johnny Ryan FRHistS 