20 Jul 2018
Browser privacy improvements and anti-fraud
(Update 18 Aug 2018: Fix an error to be consistent with the source quoted.)
(I work for Mozilla. None of this is secret. None of this is official Mozilla policy. Not speaking for Mozilla here.)
The good news is that interesting competition
among web browsers is back, not just because of ongoing performance
improvements in Firefox, but also because of Apple Safari’s good work on
protecting users from some kinds of cross-site tracking by default. Now
the challenge for other browsers is to learn from the Safari work and
build on it, to even more accurately implement the user’s preferences on
sharing their personal information. According to research
by Tini Sevak at YouGov, 36% of users are more likely to engage
with adverts that are tailored to them
, while 55% are creeped
out
by personalized ads. The browser has to get its data sharing
settings right for the individual user, while minimizing the manual
settings and decision fatigue that the user has to go through.
A short-term problem for sites, though, is that the current price for highly tracked ad impressions facilitated by cross-site tracking is still way above the price of impressions delivered to users who choose to protect themselves. Tim Peterson, on Digiday, covers the natural experiment of GDPR consenters and non-consenters:
If an exchange or SSP declines to sign the agreement, it is limited to only selling non-personalized ads through DBM. Those generic ads generate less revenue for publishers than personalized ads that are targeted to specific audiences based on data collected about them. Some publishers that are heavily reliant on DBM have seen their revenues decline by 70-80 percent since GDPR took effect because they were limited to non-personalized ads, said another ad tech exec.
In the medium to long term, better browser privacy settings will give an advantage to high-reputation sites for two reasons:
ads on high-value content have signaling value
users are more likely to share information with a site they trust
But in the short term, what can browsers do to help address the market dislocation from the user data crunch?
One possibility is to take advantage of an important side effect of browser privacy improvements: better anti-fraud data.
Today, unprotected browsers and fraudbots are hard to tell apart. Both maintain a single “cookie jar” across trusted and untrusted sites. For fraudbots, cross-site trackability is not a bug as it is for a human user’s browser—it’s a feature. A fraudbot can only produce valuable ad impressions on a fraud site if it is somehow trackable from a legit site.
As browser users start to upgrade to nightly releases that include more protection, though, a trustworthy site’s real users will start to look more and more different from fraudbots. Low-reputation and fraud sites claiming to offer the same audience will have a harder and harder time trying to sell impressions to agencies that can see it’s not the same people. This does require better integration with anti-fraud tools, so it’s something sites and anti-fraud vendors can do in parallel with the brower release process.
Can the anti-fraud advantages of browser privacy improvements completely swamp out the market effects of reducing cross-site trackability? Depends on how much adfraud there is. We don’t know.