Before the advent of broadband internet and the browser cookie, advertisements were annoying, sexist and filled with misleading scientific claims—but they weren’t invasive like they are today.

“Personalized” ads, as the industry prefers to call them, perpetuate a system of surveillance capitalism, where big ad tech companies and data brokers aggregate personal information on every traceable consumer, from publicly available census data to more intimate details like financial records and online activities, in order to serve us with highly targeted ads.

While their personal data has become a commodity, consumers still have pitifully limited insight into how companies are obtaining their data and what they’re doing with it. In 2016, an occasional YouTuber who goes only by the name “Neville” conducted an experiment to test the widespread suspicion that Facebook is listening to us through our smartphones and smart speakers. Over the course of several days, he and his wife talked pointedly about cat food while keeping their smartphones close by. A few days later, they began to see ads for cat food pop up on their Facebook feeds even though they hadn’t owned a cat in over a decade. The internet is awash with other similar examples of guerilla social experiments. 

Fortunately, this conspiracy theory that Big Brother is always watching—and listening—has been debunked, but it’s only because companies already have so much of our personal data that eavesdropping on our private conversations would be pointless. In fact, it would just make for noisy data that’s expensive to parse. Instead, those eerily on-point ads that materialize shortly after you have a completely offline, IRL conversation with someone about such-and-such come from your location data, browsing history and tracking pixels being linked with the same data profiles of the people you encounter. 

Increasingly sophisticated techniques in data science have allowed advertisers to peer into every corner of our lives. “There are things like fingerprinting, which is where you look at lots of disparate pieces of information, but when you put it altogether it forms a unique identifier,” said Peter Mason, cofounder of Illuma Technology, a company that offers privacy-friendly audience targeting solutions. “And that information can literally be as unique as a fingerprint.”

What Is Contextual Advertising?

Many of us regard surveillance capitalism as a sometimes-creepy-but-ultimately-harmless byproduct of modern life, trading our data privacy for the ability to use services like Google, Facebook and Instagram without paying for them. Besides, as the industry rhetoric goes, consumers want to see personalized ads; it’s a win-win for the advertisers and their audiences. 

That would be true if behavioral advertising were the only way for advertisers to serve targeted ads. Before consumer profiling took over as the predominant advertising model—driven largely by the advent of third-party cookies that track our behavior across the internet—contextual advertising was the method used to show us ads based on the content we were browsing on the internet. There was no need to collect personally identifiable information or read someone’s private messages.

Contextual advertising meant placing ads on web pages based on the content of those pages. For example, while reading the Books section of The New York Times website, you might see an ad for reading glasses. “What we do is challenge this notion of what makes a person relevant,” said Mason, whose company has quietly championed contextual advertising since 2015. “We don’t need to know anything about you historically. All we need to know is you’re in the same kind of contextual moment as another person who bought the product.”

Thanks to the enactment of privacy laws like GDPR and the California Consumer Privacy Act coinciding with a growing social awareness of online data privacy, the market seems to be slowly trending back towards contextual advertising. 

According to Google, searches for “online privacy” grew by more than 50% globally in 2020 compared to the previous year. Meanwhile, a survey by DuckDuckGo, an “alternative” search engine that doesn’t track user’s personal information, showed that 24% of U.S. adults had taken significant actions to try to protect their online privacy, such as installing browser extensions to block web trackers. 

The race to make ads more “personal”—yet more respectful 

Big tech is beginning to take notice of the change. Since mid-2019, Google’s Chrome team has been working to develop the Privacy Sandbox to enhance online privacy, working with stakeholders in publishing, advertising and web infrastructure. 

Here are some other major movements in the industry that tell us about the future of data privacy and contextual advertising.

1. Google announces the end of third-party cookies on its Chrome browser

In January, Google announced that it would end support for third-party cookies on its Chrome browser before 2022. A third-party cookie is a script or tag that is placed on a website by a domain other than the one you are currently on. By adding their tags to a webpage, advertisers can track a user (and their device) across many of the websites they visit (known as cross-site tracking), and display the same ads across different websites (a practice known as ad retargeting).

Ad retargeting explains why, after casually Googling ‘Nike sneakers’ ads for that item will trail you across the internet. Many people view this as an invasion of privacy—and sometimes, the consequences are devastating. Gillian Brockell, a video editor for The Washington Post, wrote about the pain of seeing recurring ads for baby products on her social media feed shortly after her child was stillborn.

“You’re making a lot of assumptions about people [when it comes to ad retargeting]—namely that they’re going to be in the right mindset to buy,” said Mason. 

Other browsers like Safari and Firefox introduced restrictions on third-party cookies several years ago, while the most recent version of Microsoft Edge offers features for users to block trackers. But with Chrome being the world’s most popular web browser by far, cornering an estimated 88% share of the global market, these attempts at greater online privacy made ripples instead of waves—until recently. 

“One of the really fascinating things about Chrome’s ability to independently remove the cookie is that they have the lion’s share of browsing data, so they don’t need the cookie,” said Nigel Newton, a former adviser to the Interactive Advertising Bureau in Canada. “They are devising other ways to create targeted advertising.” 

Mark Adams, a cybersecurity professional and subject matter expert who helped develop the curriculum for Springboard’s Cyber Security Career Track, agrees that Google’s decision to remove the cookie stems more from self interest than a real concern for internet privacy. 

“Google is pretending to address users’ privacy concerns, when in fact it is attempting to consolidate its power and control over the ad targeting process,” Adams said. “This is why Google is exposing itself even more to anti-trust lawsuits.”

Google’s alternative to third-party cookies is an approach to ad targeting that seeks to cluster groups of people with common interests rather than using individual identifiers. The search engine giant refers to the technology as FLoC, short for Federated Learning of Cohorts. 

Consolidating web visitors into user groups consists of using a machine learning algorithm to find ‘lookalikes’ that exhibit similar browsing behavior to someone who just bought a product or signed up for something. In this case, however, the grouping is based purely on content consumption (the sites you visit and the content of those sites) instead of personally identifiable information. This approach is somewhat similar to contextual advertising.

“This is going to shrink your ability to do behavioral targeting massively, so it’s a seismic shift in the industry,” said Mason. “Chrome’s announcement is definitely what’s driving the shift back towards contextual advertising.” 

While third party cookies are on the way out, first party cookies will remain. These are cookies a website embeds within its own domain to see what pages users are visiting, how much time they’re spending on a particular page and what items they add to their cart. However, this data is not shared with any outside organizations and is used for internal lead generation purposes only. 

ios sharing update

2. Apple’s latest iOS update allows iPhone users to opt out of data sharing 

Apple made a historic announcement in June 2020 that its next software update, the iOS 14, would require developers to ask permission to track iOS users for ad targeting. Previously, all user permissions were enabled by default, unless the user opted out. 

The feature, which is called AppTrackingTransparency, requires developers to ask for permission first or risk suspension or removal from the app store. This means that Facebook, which stands to lose the most as a result of this development, can no longer track user movements outside of Facebook-owned apps like Messenger, Instagram and Whatsapp without their consent. Other examples of tracking include sharing device location data or email lists with a data broker.

Newton points out that unlike Google and Facebook, Apple isn’t an adtech company, so it can afford to impose such restrictions and emerge looking like a martyr without worrying about alienating advertisers.

“There’s a lot of self interest in all of this,” he said. “Besides, Apple is one of the most preferred devices for mobile advertising because of the average higher income bracket of Apple device owners.”

Apple initially planned to launch the iOS 14 last fall, but the tech giant delayed its implementation to 2021 to give developers more time to comply.

3. The Interactive Advertising Bureau (IAB) launches a Privacy Lab to scale privacy protections globally

IAB Europe, an association for the digital marketing and advertising ecosystem, announced a new service called the Privacy Lab to support its national chapters with developing privacy and data protection standards for their local markets. The goal is to identify local requirements for consumer rights and incorporate them into technology frameworks, while also protecting businesses that need the advertising revenue. 

“It’s about maintaining commercial objectives as more stringent privacy controls come into play,” Newton explained. “The notion of the Privacy Lab is also to ensure that audiences are treated respectfully and offered simple solutions to control their privacy, not overtly complex ones.” 

An example is publishers giving their readers more clearly defined choices about how their data is used. Currently, when a website visitor tries to opt out of cookies, they’re given a laundry list of items they need to uncheck, or else a dense page of legalese. In other words, the experience of opting out of data tracking isn’t yet user-friendly or transparent. 

On the flipside, Newton said the Privacy Lab’s role is also to educate users that opting out of all advertising isn’t an option if they want to continue using a service for free. Publishers and other content producers that don’t impose paywalls depend on ad revenue to sustain their operations; the only other alternative would be to depend entirely on donations like Wikipedia.

“The Privacy Lab is trying to move towards ensuring that everybody understands that this is a commercial exchange,” he explained. “A transaction must occur when you view an article for free instead of paying for a subscription.”

How Long Before Contextual Advertising Is Once Again the Norm?

While these positive developments show a sustained effort towards ensuring greater data privacy, Mason thinks there’s still a long way to go, and that contextual advertising has a big role to play in this movement. 

“I think there is a real desire to maintain the status quo,” he said. “There are a lot of companies that have a lot of technical infrastructure built around this concept of knowing everything about people.” 

Before the California Consumer Privacy Act passed in January 2020, a law similar to Europe’s GDPR, lobbyists for Google and other tech companies sought exemptions for digital advertising that would allow them to continue collecting user data for targeted advertising—“and in some cases, the right to do so even if users opt out,” according to the Los Angeles Times. However, a recent survey of around two dozen publishers found that the CCPA has had no impact on ad revenue since it went into effect. 

In fact, ad retargeting can have an adverse impact on a consumer’s intent to purchase if they encounter the same ad too many times. InSkin Media’s consumer survey found that if an ad is shown five times, it becomes “annoying and intrusive” and when shown 10 times, the dominant reaction is anger. Ultimately, only 10% of consumers make a purchase, while 55% are put off buying altogether. 

“I think in the future if you’re working with data, everything has to come back to the user and their comfort,” said Mason. “You have to put a box around it and say ‘I’m only going to work with data in a way that’s fully transparent and honest with users about how this will benefit them and what it’s used for.’ There won’t be any gray areas.”

Is cybersecurity the right career for you?

According to Cybersecurity Ventures, the cybersecurity industry is expected to have 3.5 million high-paying, unfilled jobs this year. With Springboard’s comprehensive Cyber Security Career Track, you’ll work 1:1 with an industry-mentor to learn key aspects of information technology, security software, security auditing, and finding and fixing malicious code. Learning units include subject-expert approved resources, application-based mini-projects, hands-on labs, and career-search related coursework.

The course will culminate in a multi-part capstone project that you can highlight on your resume for prospective employers or use to demonstrate your technical knowledge in your job interview. The learning materials will also help prepare you to pass the globally-recognized CompTIA Security+  certification so you stand out when applying for cybersecurity roles.

Learn more about Springboard’s Cyber Security Career Track here.