Apple ATT (iOS 14.5, April 2021). 15-25% opt-in.
-$10B Meta revenue in 2022 (CFO David Wehner)
But it sure looks to me like personalized ads are a paper tiger. I mean it seems like 30% of the ads I see on Facebook and YouTube are just transparent scams that they could serve me without any profiling. For instance for a week I have been in heavy rotation of an ad on Facebook which obviously looks like a crude attempt to imitate a notification in the Facebook API. After I click on it the page starts playing sound and tries to scare me that my computer has been hacked and I have to take some action. I reported the ad to Facebook but it shouldn't have stayed up a whole week, for all I know somebody is still seeing it.
It's so rare that I see an ad that is targeted to me at all so what gives? Am I really so unmarketable to? It's not like i don't buy cameras, food, clothes, video games, and all sorts of things. But all i see is retargeted ads for stuff I already bought.
The fact that some people receive badly targeted ads isn't a prove for the surveillance system not working.
The question regarding ads is how well targeted campaigns are being paid for. But the ad space is relatively harmless.
It becomes relevant when not talking about ads, but surpression of citizens by state actors. If the data is being used to identified potential targets for some measures. These measures can involve drawing election districts, deciding where to build the sewage plant or library or where search for people to deport and how to influence them in political campaigns. Some margin of error has varying impact there, but it can help a lot to reduce manual selection by a lot.
I used to report scams to facebook, but they deny my claim and say the ads are fine. Seems like fake AI videos of celebrities/politicians asking you to invest in alt-coins is A-OK in facebooks... book.
10% of meta earnings last year were from scammers using their AI on meta users through ads. It doesn't make sense that they are allowing it, except it is making them billions. So what if millions of americans lose everything? Shareholder algo bots like the way it looks
I once watched a news report about the then tail end of the Ceaușescu regime. One of the indicators of the level of oppression they described was that they had video cameras mounted on street lamps.
You watched some propaganda slop, since there is no evidence that the Romanian regime used video cameras on street lamps in the 1980's.
Why would they need to invest such insane amounts of money to acquire such tech (video cameras, lol, on street lamps) when they had a thriving population of curtain twitchers and snitches?
I agree with you, and if you frequent tech circles you'd be under impression that the masses prioritize lack of surveillance and privacy. In my experience with IRL acquaintances, although anecdotal, exactly 0% of people I have spoken to where it's come up in conversation care at all about privacy or surveillance in general with the old "nothing to hide" fallacy.
Most folks do care, they just don't understand. When you stop with the high level topics like "surveillance" and start in on the practical impacts like:
- They charge you more if they know you want something (ex - dynamic pricing).
- They try to get you addicted (gambling, vapes, social media)
- They feed you lies (curated social bubbles)
- They manipulate elections (targeted campaigns and ads, targeted social policies)
Etc... most people do actually care, they just struggle to relate the words the industry uses with the real impacts.
Folks tend to think of privacy like someone opening the bathroom door on them (and this gets immediate pushback... see all the articles about the Roomba cameras). But the surveillance we're under now is more subtle and insidious, less visceral. Harder for folks to understand without concrete impacts.
----
The reason so many tech people care is because lots of them get to watch the sausage being made, and they understand.
I know its won't solve everything but couldn't we teach digital hygiene at school and its importance. For myself I remember in English at high school being taught how different methods of advertising worked and that stuck with me.
That's my experience as well. However, I suspect a lot of it is not really understanding the situation, and not wanting to be bothered learning about it. In other words, I think it's possible those preferences could be changed with the right kind cultural or legal shifts. Even in my lifetime, I look at how massively public attitudes have changed around smoking, wearing seatbelts, and recycling, to take 3 examples. Each of those seemed equally immovable at one time.
Technologists seem to lack professional integrity. This blasé blame-the-victim attitude is completely normalized but I don’t think it makes sense if you zoom out far enough.
There are many exceptions and initiatives like truly altruistic OSS projects which aim to empower users. But by and large what we have ended up with is a divide between the tech-empowered and in-the-knows (surveillance etc.) contrasted with people who just want to access their photos on their phone and their computer.
The everyman being enlightened to all the abstract BS in IT is untenable. But programmers aren’t stepping up to collectively protect all of us.
That's almost never the sole or core differentiator though. And getting customers to all coordinate and care is much more difficult than getting a couple CEOs to just decide to surveil.
> advertising is how folks make money on the web, the surveillance state will persist.
It is more pernicious. Those in the state who want to surveil will enlist those who want the obscene revenue from pervasive advertising. Working together, their lawyers will claim that "you never had any privacy or freedom anyway, so stop wriggling."
At least the solution is obvious, even if the path to an ad-free web is not. And it's a solution that also has the advantage of being a solid public good.
Yes, I hosted a website for about two years. Paid for it from my own pocket. Had some fun, learned a few things.
There is this disgusting belief in modern society that everything one does needs to generate money, otherwise it's not worth doing. Were we always like this?
i manage to do so using money i make elsewhere. the information i put on the internet is either of benefit to people or a matter of vanity. i don't afford special concern to people who want to use the internet for profit.
No, but surveillance is profitable outside of advertising, and advertising provides a perfect cover for surveillance: It's hard to make things that can separate third-party content from surveillance from third-party content for advertising, or for UI JS libraries for that matter
I'm tired of the feigned helplessness. Well gee this is the only way things can be. Internet doesn't work without surveillance! Guess you don't want the internet! /s
Ads and surveillance are not inseparable. We don't need to accept surveillance as the price for a functional internet.
I don't think we disagree on anything about that, but it does take some recognition of the problem that advertising isn't just lending political, but also technical cover to surveillance
Google and Meta are gigantic surveillance companies. It's their imperative that you keep allowing it. On top of that, most state actors love the idea of more surveillance.
Then you have huge portions of the population that simply don't care or don't know better and aren't going to start directly paying for anything.
Mass surveillance has been the only thing where capitalists and communists wholeheartedly agreed to go all in. It has been pushed into law at every opportunity, done in grey areas when possible, and secretly when illegal.
When Apple first released App Tracking Transparency, I immediately used it to block the trackers and I have not even thought about it since because it is so simple and useful.
What a contrast to modern websites which require all sorts of weird clicking gymnastics to disable similar tracking.
Its amusing that Apple itself is one of the biggest ad companies that exists, fed entirely from their own users private data. Yet by simply pointing the finger away from themselves and helping their customers block other ad companies efforts, they seem to have gained complete trust of all their users and most dont even know how much Apple are making in ad revenue from their own data.
Yes, that is very true. Unfortunately, without a true non-Apple or non-Google OS, the ATT toggle is likely about as good as you can get. And it does stop the apps themselves getting raw access to your data, which is not something to sniff at.
Why do you trust Apple with your private data? Unless you enable ADP, iCloud backups are only encrypted at rest and not end-to-end. So, Apple, law enforcement, etc. can just read your iMessage or WhatsApp messages if needed. Did you enable ADP? Well good luck convincing everyone you communicate with to enable it as well, or their backups will still have all your chats without E2E encryption.
WhatsApp pulls a similar trick on Android. It's E2E encrypted, but by default backups (done to Google Drive) are not. I think most users never enable encrypted backups.
I wouldn't be surprised if there is a deal with law enforcement, where Apple and Meta can do and advertise E2E chats, but the defaults (which most users do not change) are such that law enforcement can still access them. But yeah, Apple and Google were part of PRISM too, so no big surprise I guess?
If you truly care about privacy, either completely disable iCloud backups or get a GrapheneOS phone. Also use Signal, because they exclude themselves from phone backups by default. So either chats are not backed up or they are backed up through Signal's own E2E backup service.
Use signal and disable notification previews… Apple saves even cleared notification text previews on device, which the feds just used in a recent case…
The article you cite refutes your claim, explicitly bringing up the lack of access to user data.
I frankly don’t care if the App Store has advertisements. I would care if my data is (1) available to Apple to read by virtue of not being e2e encrypted, and (2) used to train models and target those advertisements.
> I would care if my data is (1) available to Apple to read by virtue of not being e2e encrypted, and (2) used to train models and target those advertisements.
Here we go:
Apple fined $8.5M for illegally collecting iPhone owners' data for ads (gizmodo.com)
When Apple first released App Tracking Transparency, I immediately used it to block the trackers
There seems to be a common misconception that this blocks trackers, which is not the case. Use a DNS-based ad/tracker blocker and watch the logs and you'll see that many apps happily track you. As far as I understand, ATT blocks is cross-app/website tracking. If you deny, the app does not get access to the Identifier for Advertisers, meaning that tracking services cannot use a single identifier that is used across apps. While this initially had a large financial impact (see the article), trackers have probably developed other ways to correlate data from apps/websites now.
The real solution would be for Apple/Google to offer an option to completely disable in-app trackers and if an app would violate it, boot them from the App Store.
Of course, they would never do that because they make a lot of money from targeted advertising with their own ad networks, so either they would have to block themselves or get in hot water with regulators.
Put differently, Apple and Google are not your friend here.
Ironically Google couldn't disable third-party cookies even if they wanted to; it's seen as anti-competitive to other tracking networks and was blocked by the courts.
Really? Do you have a link? That sounds very interesting and very frustrating.
Regardless, because of such things I'm guessing the only ways to disable such tracking in the foreseeable future will still be 3rd party non-affiliated DNS/extensions or browsers such as Brave and Safari (to some extent).
I haven't looked at arkenfox. But I went to the cover your tracks tool by EFF yesterday and it was still able to uniquely fingerprint my computer, even with Firefox strict privacy and unlock origin.
I think unless you run stock mullvad/Tor browser, you're leaking who you are. Sad but true. I wish canvas and webgl fingerprinting were disabled/crippled by default.
The law had good intention but bad implementation. Also the law takes so long to change. Once it became obvious that companies would bypass it by having clicking gymnastics they needed to quickly update the law saying that it should only take one click to opt out.
Yeah, the banners/popups aren't required by gdpr, they're the "malicious compliance" solution site owners came up with because they don't want to comply with the limitations, and make it as difficult as possible for the user not to let them.
Whenever I read your articles, I get distracted by the space invaders and just play that instead. Maybe this is a problem with me being a bit ADHD, but I feel like I am not the only one
I just played for a couple of minutes and didn't even finish the article. Also suffering from ADHD but in my defense space invaders is pretty good with mouse controls.
WHATWG wants to co-mingle document rendering with javascript (this is the real reason they are removing XSLT and not proposing a replacement, it skirts this enforcement) so that when you try to disable javascript or block tracking it breaks the document rendering, leaving the only option to leave Javascript enabled and ad blockers off. Other protocols gemini, gopher etc don’t have the same issues because they’re already excluding Javascript.
What is really needed is a hard fork of major browsers by a grass roots community to advance HTML standards to include partial template rendering solutions without the reliance on Javascript.
Of course this is a startup forum so the response is just going to be wittled down to observations about economic value. However if users start to change/fight then the economics will too.
It wouldn't be that weird a thought for me that, preferably a group of, nation states cough up some serious money and give this a real start, beginning, and end in the form of a stable release. This already happens with major science and space projects, with budgets of billions. A browser is not simply a bunch'a software, having a modular open browser is a major deal and benefit to society at this point. Perhaps arguably more valuable than pumping yet more energy in a particle accelerator and other of mankind's pet projects in search for the unknown unknowns and deal with more pressing known knowns first.
I wanted to read, but my cursor was a hungry monster
and so I chased after things to eat. After I played
this for a while I had to close the tab. I think if
you have something to say, having a cursor with an
animation is a bad idea. It distracts from the content.
My opinion (probably an unpopular one) is that tracking for advertising is merely the excuse to justify widespread surveillance. I don't think all the advertising revenue that is purported to be in play stacks up. I personally do not think advertising directs my purchasing. I don't think it directs others either.
I get that this is Google's business, but perhaps a large amount of their 'business' is actually from the government system (directly or indirectly) - they merely have to pretend to be running an advertising business.
I'm saying that the whole point of advertising was surveillance from the beginning.
I tend to agree but fear that people will value 'safety' over personal freedom. If these acts prevent x crimes, allow people to walk the streets, etc then people will think 'nothing to hide, nothing to fear'. We as a society will have to accept more deaths and crimes by not implementing total surveillance. Its going to be hard to convince people of that if governments can demonstrate the benefits.
Show me where these have done any good at stopping crime. Seriously. The prism program director testified infront of congress that they didn't stop any attacks and wouldn't be able to because it was a needle in a hay stack
Sorry to nitpick but tracking and surveillance are not the same thing. Go back to the last century for a second, before all this 21st-century tech came along. Just because your cell phone and towers would be able to track what rough region (let's call it "site") you were visiting, that doesn't mean they were surveilling you.
Surveillance implies things about bith intended usage and actual usage, etc. that -- simply put -- do not need to hold when you're tracking something. If the argument is genuinely that cookies have genuinely been used to place us under surveillance rather than mere tracking -- I have nothing inherently against it, but you need to support it with evidence. Simply pointing to the fact that they track some fact or metric that indirectly relates to you is not sufficient evidence of that.
And to be clear, I'm not saying I like tracking or we should be fine with it. I hate it too. But it's also a turnoff seeing people smearing one thing as another, and I don't think it's a great strategy to help win support for your cause.
The difference is the intention. A corporation maybe tracking. The same data, once given to the governance surveillance teams, is then used to surveil. Same info and mechanisms.
"Sorry to nitpick but tracking and surveillance are not the same thing. Go back to the last century for a second, before all this 21st-century tech came along. Just because your cell phone and towers would be able to track what rough region (let's call it "site") you were visiting, that doesn't mean they were surveilling you."
Buddy, that's exactly how they are blowing people up with drones these days
We did not - going to a website nowadays is akin to booting your grandma’s windows 95 PC - popups everywhere, banzai buddy, 20 toolbars, just utterly virus laden filth. The web is a place that used to have amazing views but it’s now only filled with billboards. Someday a new set of internets will come up and they’ll be good - it’s not expensive to make things good, it just needs to not be borne of utter libertarian zero-social-contract profit seeking.
Hell, I was shopping for furniture yesterday, and I swear all the popups even with ad blockers were there to prevent me from buying things. It doesn’t seem to be helpful for the stated goal.
Well, ever since the ads i see on iPhone Safari are utterly irrelevant bullshit because tracking there is crippled. Was 1996 88x31 banners world that just advertised random stuff, better than what we have today? They gave websites less money taking more space and annoyed users more.
Comparing digital ads to the Stasi is just peak Western snowflake behavior, I'm sorry.
There are many imaginary arguments about harm in the article, with precisely zero actual examples or cases. Data brokers, buy data, stalk somebody. Can you share at least something? No, it's all just hand waving. Because none of these people can offer any. The fact that the author still thinks Cambridge Analytica meant something says a lot as well. This was a scandal out of nothing.
I, for one, am extremely grateful that, as I was growing up with not much money, I was still able to access more or less the same Internet as people in the US. I don't care about a black-box algorithm looking at my habits to figure out that I love backpacks and microbrand watches, especially if it enables free platforms for me.
Stasi didn't watch you to sell your crap online, you know. They had much worse motives.
If anything, we're now going backward because of the enormous marginal costs of inference. With AI, people aren't on the same page (even a $20 subscription is a lot of money in many countries).
Do you think if the Stasi, or someone like them, ever come into power, they'll just ignore all this extra surveillance we've built for free?
Not really a hypothetical - look at China and Russia, or Saudi Arabia [1]. I'll let others make the case to add the US and European countries to that list - not because I don't believe they belong on the list, but just because I'm too lazy to meet the higher bar of evidence that goes with going against groupthink.
It's so rare that I see an ad that is targeted to me at all so what gives? Am I really so unmarketable to? It's not like i don't buy cameras, food, clothes, video games, and all sorts of things. But all i see is retargeted ads for stuff I already bought.
Facebook provides users with virtual crack. User pays for the high with attention. This attention is sold off to the highest bidder.
The contents of the ad is irrelevant, the data harvested is used to make the crack ever more potent.
The question regarding ads is how well targeted campaigns are being paid for. But the ad space is relatively harmless.
It becomes relevant when not talking about ads, but surpression of citizens by state actors. If the data is being used to identified potential targets for some measures. These measures can involve drawing election districts, deciding where to build the sewage plant or library or where search for people to deport and how to influence them in political campaigns. Some margin of error has varying impact there, but it can help a lot to reduce manual selection by a lot.
It's infuriating.
IMO, nothing exposes the folly behind targeted ads as much as this.
Why would they need to invest such insane amounts of money to acquire such tech (video cameras, lol, on street lamps) when they had a thriving population of curtain twitchers and snitches?
If customers cared, the additional income from being someone who didn't surveil could outstrip the income stream from surveilling.
Most folks do care, they just don't understand. When you stop with the high level topics like "surveillance" and start in on the practical impacts like:
- They charge you more if they know you want something (ex - dynamic pricing).
- They try to get you addicted (gambling, vapes, social media)
- They feed you lies (curated social bubbles)
- They manipulate elections (targeted campaigns and ads, targeted social policies)
Etc... most people do actually care, they just struggle to relate the words the industry uses with the real impacts.
Folks tend to think of privacy like someone opening the bathroom door on them (and this gets immediate pushback... see all the articles about the Roomba cameras). But the surveillance we're under now is more subtle and insidious, less visceral. Harder for folks to understand without concrete impacts.
----
The reason so many tech people care is because lots of them get to watch the sausage being made, and they understand.
https://news.ycombinator.com/item?id=46757509
There are many exceptions and initiatives like truly altruistic OSS projects which aim to empower users. But by and large what we have ended up with is a divide between the tech-empowered and in-the-knows (surveillance etc.) contrasted with people who just want to access their photos on their phone and their computer.
The everyman being enlightened to all the abstract BS in IT is untenable. But programmers aren’t stepping up to collectively protect all of us.
It is more pernicious. Those in the state who want to surveil will enlist those who want the obscene revenue from pervasive advertising. Working together, their lawyers will claim that "you never had any privacy or freedom anyway, so stop wriggling."
Have you bought a domain before or anything online before?
There is this disgusting belief in modern society that everything one does needs to generate money, otherwise it's not worth doing. Were we always like this?
Should everyone be in a loss when they run a website?
Ads and surveillance are not inseparable. We don't need to accept surveillance as the price for a functional internet.
Of whom?
Google and Meta are gigantic surveillance companies. It's their imperative that you keep allowing it. On top of that, most state actors love the idea of more surveillance.
Then you have huge portions of the population that simply don't care or don't know better and aren't going to start directly paying for anything.
It's evident proof that information is power.
What a contrast to modern websites which require all sorts of weird clicking gymnastics to disable similar tracking.
https://appleinsider.com/articles/22/11/14/apples-4b-ad-busi...
WhatsApp pulls a similar trick on Android. It's E2E encrypted, but by default backups (done to Google Drive) are not. I think most users never enable encrypted backups.
I wouldn't be surprised if there is a deal with law enforcement, where Apple and Meta can do and advertise E2E chats, but the defaults (which most users do not change) are such that law enforcement can still access them. But yeah, Apple and Google were part of PRISM too, so no big surprise I guess?
If you truly care about privacy, either completely disable iCloud backups or get a GrapheneOS phone. Also use Signal, because they exclude themselves from phone backups by default. So either chats are not backed up or they are backed up through Signal's own E2E backup service.
I frankly don’t care if the App Store has advertisements. I would care if my data is (1) available to Apple to read by virtue of not being e2e encrypted, and (2) used to train models and target those advertisements.
Here we go:
Apple fined $8.5M for illegally collecting iPhone owners' data for ads (gizmodo.com)
https://news.ycombinator.com/item?id=34299433
Keeping your data from Apple is harder than expected (aalto.fi)
https://news.ycombinator.com/item?id=39927657
Apple silently uploads your passwords and keeps them (lapcatsoftware.com)
https://news.ycombinator.com/item?id=42014588
Watchdog ponders why Apple doesn't apply its strict app tracking rules to itself (theregister.com)
https://news.ycombinator.com/item?id=43047952
Apple memory holed its broken promise for an OCSP opt-out (lapcatsoftware.com)
https://news.ycombinator.com/item?id=41184153
Google collects 20 times more telemetry from Android devices than Apple from iOS (therecord.media) [but Apple still collects a lot!]
https://news.ycombinator.com/item?id=26639261
There seems to be a common misconception that this blocks trackers, which is not the case. Use a DNS-based ad/tracker blocker and watch the logs and you'll see that many apps happily track you. As far as I understand, ATT blocks is cross-app/website tracking. If you deny, the app does not get access to the Identifier for Advertisers, meaning that tracking services cannot use a single identifier that is used across apps. While this initially had a large financial impact (see the article), trackers have probably developed other ways to correlate data from apps/websites now.
The real solution would be for Apple/Google to offer an option to completely disable in-app trackers and if an app would violate it, boot them from the App Store.
Of course, they would never do that because they make a lot of money from targeted advertising with their own ad networks, so either they would have to block themselves or get in hot water with regulators.
Put differently, Apple and Google are not your friend here.
Regardless, because of such things I'm guessing the only ways to disable such tracking in the foreseeable future will still be 3rd party non-affiliated DNS/extensions or browsers such as Brave and Safari (to some extent).
Disclosure: I worked on Privacy Sandbox.
I think unless you run stock mullvad/Tor browser, you're leaking who you are. Sad but true. I wish canvas and webgl fingerprinting were disabled/crippled by default.
Instead of the default opt-in hidden in the terms and conditions nobody reads.
On top of that it literally defines opt-out as the default state
As for browsers, imagine if world's largest advertising and tracking company that incidentally builds world's dominant browser and dominates all web standards would implement this as a browser switch instead of inventing new ways of tricking you into surveillance? https://x.com/dmitriid/status/1908951546869498085 and https://x.com/dmitriid/status/1664682689591377923
Most sites dont even need those popups, but its easier to just shove one on your site than try to understand the specific situations which do need it.
- C.S. Lewis
Wait, what article?
What is really needed is a hard fork of major browsers by a grass roots community to advance HTML standards to include partial template rendering solutions without the reliance on Javascript.
Of course this is a startup forum so the response is just going to be wittled down to observations about economic value. However if users start to change/fight then the economics will too.
It doesn't take serious money. It takes a constant stream of "sub-serious" money, stable for a long time.
A large city could pay for that project. It doesn't take a group of nations, what it takes is non-standard politics.
Works fine here Version 147.0.7727.101 (Official Build) (64-bit) (.102 is the Mac version)
Edit: Based on a comment below, you may have cookies disabled.
I get that this is Google's business, but perhaps a large amount of their 'business' is actually from the government system (directly or indirectly) - they merely have to pretend to be running an advertising business.
I'm saying that the whole point of advertising was surveillance from the beginning.
It's whether or not warrantless searches are admissible; and they generally arent.
Warrant processes and issuance should not be secret nor generic enough to allow for "blanket" hoovering of Personally Identifiable Information.
Surveillance implies things about bith intended usage and actual usage, etc. that -- simply put -- do not need to hold when you're tracking something. If the argument is genuinely that cookies have genuinely been used to place us under surveillance rather than mere tracking -- I have nothing inherently against it, but you need to support it with evidence. Simply pointing to the fact that they track some fact or metric that indirectly relates to you is not sufficient evidence of that.
And to be clear, I'm not saying I like tracking or we should be fine with it. I hate it too. But it's also a turnoff seeing people smearing one thing as another, and I don't think it's a great strategy to help win support for your cause.
Buddy, that's exactly how they are blowing people up with drones these days
And... your point is what? Tracking can't be used to kill people? Anything that kills people is by definition "surveillance"?
Hell, I was shopping for furniture yesterday, and I swear all the popups even with ad blockers were there to prevent me from buying things. It doesn’t seem to be helpful for the stated goal.
There are many imaginary arguments about harm in the article, with precisely zero actual examples or cases. Data brokers, buy data, stalk somebody. Can you share at least something? No, it's all just hand waving. Because none of these people can offer any. The fact that the author still thinks Cambridge Analytica meant something says a lot as well. This was a scandal out of nothing.
I, for one, am extremely grateful that, as I was growing up with not much money, I was still able to access more or less the same Internet as people in the US. I don't care about a black-box algorithm looking at my habits to figure out that I love backpacks and microbrand watches, especially if it enables free platforms for me.
Stasi didn't watch you to sell your crap online, you know. They had much worse motives.
If anything, we're now going backward because of the enormous marginal costs of inference. With AI, people aren't on the same page (even a $20 subscription is a lot of money in many countries).
Not really a hypothetical - look at China and Russia, or Saudi Arabia [1]. I'll let others make the case to add the US and European countries to that list - not because I don't believe they belong on the list, but just because I'm too lazy to meet the higher bar of evidence that goes with going against groupthink.
[1] https://en.wikipedia.org/wiki/Saudi_infiltration_of_Twitter#...