Sunday, February 28, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Google accused of leaking personal data to thousands of advertisers

September 6, 2019
in Internet Security
Google accused of leaking personal data to thousands of advertisers
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

European Union hits Google with $5 billion fine over Android antitrust practices
Search giant told to change its practices in 90 days.

Brave, the maker of a Chromium-based browser rival to Google Chrome, says it has new proof that Google is leaking personal information to advertisers and violating Europe’s privacy laws around data control and transparency. 

You might also like

These four new hacking groups are targeting critical infrastructure, warns security company

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

Johnny Ryan, Brave’s chief policy and industry relations officer, has submitted his findings to the Irish Data Protection Commission, Google’s lead regulator in Europe. 

In May the DPC opened an investigation into Google’s Authorized Buyers real-time bidding (RTB) ad exchange that connects ad buyers with millions of websites selling their inventory.  

Ryan filed a GDPR complaint in the UK and Ireland over Google’s RTB system in 2018, arguing that Google and ad companies expose personal data during RTB bid requests on sites that use Google’s behavioral advertising. 

As opposed to contextual advertising, higher-value behavioral advertising relies on tracking the behavior of a device across websites using cookies and other means. 

Google’s Authorized Buyers ad system is used on 8.4 million websites, and Ryan estimates that Google is “broadcasting” personal data to hundreds of Google’s ad tech partners that bid for users in Google’s RTB system. 

“One cannot know what these companies then did with it, because Google loses control over my data once it was sent. Its policies are no protection,” said Ryan. 

Ryan’s latest claim centers on Google’s so-called ‘Push Page’ or ‘google_push’, which he characterizes as a user identifier and a workaround to GDPR restrictions. It was made available to RTB bidders in addition to an existing identifier called ‘google_gid’. 

He contends the Push Page allows multiple advertisers to share user profile identities when a person loads a web page. 

Each Push Page is made unique by adding an identifier to the end of a common URL and combined with Google cookies ‘to allow companies to pseudonymously identify the person, according to Ryan. 

“All companies that Google invites to access a Push Page receive the same identifier for the person being profiled. This ‘google_push’ identifier allows them to cross-reference their profiles of the person, and they can then trade profile data with each other,” writes Ryan. 

To test what data Google is sharing with advertisers, Ryan used a clean install of Chrome, which had no logins, cookies or browsing history, and then analyzed network traffic logs on his computer. 

Within one hour of surfing the web, the ‘google_gid’ of Ryan’s browser was used 318 times in network traffic from 10 companies that won an RTB auction. The companies can then use a cooking-matching process to check if the user is someone they’ve previously profiled and then update the user’s profile. 

However, Ryan notes it’s likely Google also shared the identifier with hundreds of companies it lists as EU ad tech partners.

“Like the ‘google_gid’ identifier, the ‘google_push’ identifier was previously given to these companies by Google to identify the Data Subject,” writes Ryan. 

“However, there is an important difference between the two identifiers. The ‘google_gid’ identifier is specific to each company that receives it. This means that these companies are less likely to be able to cross-reference what they learn about the Data Subject from Google with each other. The ‘google_push’ identifier, however, is common to multiple companies who receive it.”

In a statement to ZDNet a Google spokesperson said the company does not serve targeted ads without user consent. 

“We do not serve personalized ads or send bid requests to bidders without user consent. The Irish DPC – as Google’s lead DPA – and the UK ICO are already looking into real-time bidding to assess its compliance with GDPR. We welcome that work and are co-operating in full,” the spokesperson said. 

Nonetheless, UK’s Information Commissioners Office, in a June report on its review of the RTB ecosystem, which also looked at Google’s Authorized Buyers, shared some of Ryan’s concerns about the RTB data supply chain. 

Overall, the ICO found that the “adtech industry appears immature in its understanding of data-protection requirements”. 

It also noted a single RTB request can result in personal data being processed by hundreds of organizations, each with their own privacy policies.  

“Multiple parties receive information about a user, but only one will ‘win’ the auction to serve that user an advert. There are no guarantees or technical controls about the processing of personal data by other parties, eg retention, security etc,” the ICO wrote. 

“In essence, once data is out of the hands of one party, essentially that party has no way to guarantee that the data will remain subject to appropriate protection and controls.” 

More on Google and privacy issues

  • Google antitrust: Are over 30 states about to join big probe into how Google behaves?
  • Google and YouTube part with $170 million to settle alleged violations of kids’ privacy
  • Are Amazon, Google about to feel full force of US antitrust scrutiny?
  • Google hit with €1.49 billion antitrust fine by Europe over online advertising  
  • Android antitrust: Google hit with giant €4.34 billion fine by Europe
  • Google intends to appeal €50 million European GDPR fine
  • GDPR: Google hit with €50 million fine by French data protection watchdog
  • Android shake-up: Google agrees to promote rivals to its Chrome and search
  • Google files appeal of $5 billion EU fine
  • GDPR fines levied so far: The lessons businesses can learn TechRepublic
  • Credit: Zdnet

    Previous Post

    Object Detection using Deep Learning: Faster R-CNN,YOLO,SSD

    Next Post

    Set Up and Optimize Your Listing

    Related Posts

    These four new hacking groups are targeting critical infrastructure, warns security company
    Internet Security

    These four new hacking groups are targeting critical infrastructure, warns security company

    February 28, 2021
    Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill
    Internet Security

    Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

    February 28, 2021
    TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
    Internet Security

    TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

    February 28, 2021
    Cybercrime groups are selling their hacking skills. Some countries are buying
    Internet Security

    Cybercrime groups are selling their hacking skills. Some countries are buying

    February 28, 2021
    Why would you ever trust Amazon’s Alexa after this?
    Internet Security

    Why would you ever trust Amazon’s Alexa after this?

    February 28, 2021
    Next Post
    Set Up and Optimize Your Listing

    Set Up and Optimize Your Listing

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    Recommended

    Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

    Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

    January 6, 2019
    Microsoft, Google Use Artificial Intelligence to Fight Hackers

    Microsoft, Google Use Artificial Intelligence to Fight Hackers

    January 6, 2019

    Categories

    • Artificial Intelligence
    • Big Data
    • Blockchain
    • Crypto News
    • Data Science
    • Digital Marketing
    • Internet Privacy
    • Internet Security
    • Learn to Code
    • Machine Learning
    • Marketing Technology
    • Neural Networks
    • Technology Companies

    Don't miss it

    These four new hacking groups are targeting critical infrastructure, warns security company
    Internet Security

    These four new hacking groups are targeting critical infrastructure, warns security company

    February 28, 2021
    The Time-Series Ecosystem – Data Science Central
    Data Science

    The Time-Series Ecosystem – Data Science Central

    February 28, 2021
    Accurate classification of COVID‐19 patients with different severity via machine learning – Sun – 2021 – Clinical and Translational Medicine
    Machine Learning

    Accurate classification of COVID‐19 patients with different severity via machine learning – Sun – 2021 – Clinical and Translational Medicine

    February 28, 2021
    Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill
    Internet Security

    Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

    February 28, 2021
    Top Master’s Programs In Machine Learning In The US
    Machine Learning

    Top Master’s Programs In Machine Learning In The US

    February 28, 2021
    TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
    Internet Security

    TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

    February 28, 2021
    NikolaNews

    NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

    What’s New Here?

    • These four new hacking groups are targeting critical infrastructure, warns security company February 28, 2021
    • The Time-Series Ecosystem – Data Science Central February 28, 2021
    • Accurate classification of COVID‐19 patients with different severity via machine learning – Sun – 2021 – Clinical and Translational Medicine February 28, 2021
    • Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill February 28, 2021

    Subscribe to get more!

    © 2019 NikolaNews.com - Global Tech Updates

    No Result
    View All Result
    • AI Development
      • Artificial Intelligence
      • Machine Learning
      • Neural Networks
      • Learn to Code
    • Data
      • Blockchain
      • Big Data
      • Data Science
    • IT Security
      • Internet Privacy
      • Internet Security
    • Marketing
      • Digital Marketing
      • Marketing Technology
    • Technology Companies
    • Crypto News

    © 2019 NikolaNews.com - Global Tech Updates