A group of privacy-focused tech companies including DuckDuckGo, Vivaldi, and the company that makes Protonmail are calling for a broad ban on targeted, "surveillance-based" advertising.
“Although we recognize that advertising is an important source of revenue for content creators and publishers online, this does not justify the massive commercial surveillance systems set up in attempts to ‘show the right ad to the right people,’” the letter reads.
The letter urges lawmakers in the United States and European Union to enact data protection laws that could protect consumers from the “privacy-hostile” practices that many companies turn to for their advertising. It explains that exploiting users’ privacy for the sake of personalized ads is not necessary for companies to be profitable.
Many of the signatories, including Proton Technologies and DuckDuckGo, already prioritize data protection in their services. Mojeek, an independent search engine, posted in 2006 about its efforts to avoid using “big brother tactics” and collecting personal user data in order to make money. Many of these companies make money by advertising, but the advertising is "contextual" rather than targeted. For a search engine, this means that an advertiser can buy ads that show up when a user searches a specific term. This is different from targeted advertising, which in this example could potentially take into account a user's search history, their demographic and biographic info, their web browsing history, their geographic location, etc.
The letter was written in support of a recent report from the Norwegian Consumer Council that analyzed how companies around the world infringe upon users’ privacy by collecting their data. They commissioned cybersecurity company Mnemonic to analyze how ten popular mobile apps used and collected data.
The study found that the ten apps, including Grindr and period tracker Clue, shared user data with at least 135 third parties involved in advertising or profiling. It also found that Facebook received data from nine of the apps, and Google’s advertising service DoubleClick received data from eight of them.
After its release, the NCC joined over 55 organizations in urging European lawmakers to enact the Digital Services Act which could provide some protection to consumers and set the groundwork for future policies. U.S. lawmakers are also being urged to begin creating comprehensive privacy protections for Americans.
“Other forms of advertising technologies exist, which do not depend on spying on consumers,” the letter reads. “Businesses can thrive without privacy-invasive practices.”