This document outlines the real-time bidding process for online advertising. It shows how a user's request for a webpage triggers an auction between demand-side platforms and supply-side platforms via ad exchanges to bid on ad space. This involves the transmission of user data, including identifiers, across various parties. Concerns are raised that this level of data transmission and sharing could compromise users' privacy according to GDPR guidelines. The largest real-time bidding platforms, including Index Exchange, AppNexus and Google, are estimated to process tens to hundreds of billions of bid requests per day, involving vast amounts of user data.

2. @johnnyryan

3. RTB

4. “Demand side” “Supply side”
$ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange

5. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
“Demand side” “Supply side”

6. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Store data
“Demand side” “Supply side”

7. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Request segment
Store data
“Demand side” “Supply side”

8. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Request segment
Deliver segment
Store data
“Demand side” “Supply side”

9. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Request page
Request segment
Deliver segment
Store data
“Demand side” “Supply side”

10. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Serve page
Request page
Request segment
Deliver segment
Store data
“Demand side” “Supply side”

11. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Serve page
Request page
Request segment
Deliver segment
Ad request
Store data
“Demand side” “Supply side”

12. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Serve page
Request page
Request segment
Cookie to SSP
Deliver segment
Ad request
Store data
“Demand side” “Supply side”

13. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Serve page
Request page
Request segment
Request bid
Cookie to SSP
Deliver segment
Ad request
Store data
“Demand side” “Supply side”
(one or many)

14. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Serve page
Request page
Request bid
Request segment
Request bid
Cookie to SSP
Deliver segment
Ad request
Store data
“Demand side” “Supply side”
(one or many)
(10s or 100s or 1000s?)

15. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Serve page
Request page
Request bid
Request segment
Request bid
Cookie to SSP
Deliver ad
Deliver segment
Ad request
Store data
“Demand side” “Supply side”
(one or many)
(10s or 100s or 1000s?)

16. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Serve page
Request page
Request bid
Request segment
Request bid
Cookie to SSP
Deliver ad
Deliver segment
Sync
Ad request
Store data
“Demand side” “Supply side”
(one or many)
(10s or 100s or 1000s?)

17. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Serve page
Request page
Request bid
Request segment
Request bid
Cookie to SSP
Deliver ad
Sync
Deliver segment
Sync
Ad request
Store data
“Demand side” “Supply side”
(one or many)
(10s or 100s or 1000s?)

18. The Daily Bugle

19. The Daily Bugle
ExchangeExchange
Exchange
Exchange

20. The Daily Bugle
ExchangeExchange
Exchange
Exchange
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSPDSP
DSP DSP
DSP

21. The Daily Bugle
ExchangeExchange
Exchange
Exchange
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSPDSP
DSP DSP
DSP
ADVERTISEMENT

22. ?
?
The Daily Bugle
ExchangeExchange
Exchange
Exchange
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSPDSP
DSP DSP
DSP
?
?
?
?
ADVERTISEMENT
?

23. ?
?
The Daily Bugle
ExchangeExchange
Exchange
Exchange
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSPDSP
DSP DSP
DSP
?
?
?
?
ADVERTISEMENT
?

24. ?
?
The Daily Bugle
ExchangeExchange
Exchange
Exchange
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSPDSP
DSP DSP
DSP
?
?
?
?
ADVERTISEMENT
?

25. French regulator caught it with
68 million illegal RTB records.
Example
Vectaury: a small DSP/DMP/
trading desk in France. €3.5M
annual turnover in 2017 (though
subsequently won a €20M
investment).
DSP

28. Is 68 million
just 30%?
Then this small company
was sent personal data
¼ BILLION times via RTB
(in just one year)

29. website.com
This is the current process of
real-time bidding that is used in
online behavioural advertising.
Channel of data leakage
Legend
Money
DATA LEAKAGE
IN ONLINE
ADVERTISING

30. website.com
This is the current process of
real-time bidding that is used in
online behavioural advertising.
Channel of data leakage
Legend
Money
DATA LEAKAGE
IN ONLINE
ADVERTISING

31. Ad server
website.com
Ad server
javascript
Step 1.
User requests
webpageThis is the current process of
real-time bidding that is used in
online behavioural advertising.
Channel of data leakage
Legend
Money
DATA LEAKAGE
IN ONLINE
ADVERTISING

32. Ad server SSP
Step 2.
Ad server
selects an SSP
website.com
Ad server
javascript
SSP
javascript
Step 1.
User requests
webpageThis is the current process of
real-time bidding that is used in
online behavioural advertising.
Channel of data leakage
Legend
Money
DATA LEAKAGE
IN ONLINE
ADVERTISING

33. Ad server SSP
Step 2.
Ad server
selects an SSP
Step 3.
SSP selects an
exchange
website.com
Ad server
javascript
SSP
javascript
Step 1.
User requests
webpage
Ad exchange
This is the current process of
real-time bidding that is used in
online behavioural advertising.
Channel of data leakage
Legend
Money
DATA LEAKAGE
IN ONLINE
ADVERTISING

34. Ad server SSP
Step 2.
Ad server
selects an SSP
Step 3.
SSP selects an
exchange
MARKETERS
website.com
Ad server
javascript
SSP
javascript
Step 1.
User requests
webpage
Ad exchange
Step 4.
Exchange sends
bid requests to
hundreds of
partners
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
This is the current process of
real-time bidding that is used in
online behavioural advertising.
Channel of data leakage
Legend
Money
DATA LEAKAGE
IN ONLINE
ADVERTISING

35. Ad server SSP
Step 2.
Ad server
selects an SSP
Step 3.
SSP selects an
exchange
MARKETERS
website.com
Winningbid
Ad server
javascript
SSP
javascript
Step 1.
User requests
webpage
Ad exchange
Step 4.
Exchange sends
bid requests to
hundreds of
partners
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
This is the current process of
real-time bidding that is used in
online behavioural advertising.
Channel of data leakage
Legend
Money
DATA LEAKAGE
IN ONLINE
ADVERTISING

36. Ad server SSP
Step 2.
Ad server
selects an SSP
Step 3.
SSP selects an
exchange
MARKETERS
website.com
Winningbid
Ad server
javascript
SSP
javascript
DMP
DMP
DMP DMP
DSP
DSP
DSP
DSP
DSP
Step 1.
User requests
webpage
Ad exchange
Step 4.
Exchange sends
bid requests to
hundreds of
partners
Step 5.
Exchange lets
some DMPs/
DSPs to refresh
cookie sync
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
This is the current process of
real-time bidding that is used in
online behavioural advertising.
Channel of data leakage
Legend
Money
DATA LEAKAGE
IN ONLINE
ADVERTISING

37. Ad server SSP
Step 2.
Ad server
selects an SSP
Step 3.
SSP selects an
exchange
MARKETERS
website.com
Winningbid
Ad server
javascript
SSP
javascript
DMP
DMP
DMP DMP
DSP
DSP
DSP
DSP
DSP
DSP
javascript
Step 6.
Exchange serves
winning bid
Winning DSP
Step 1.
User requests
webpage
Ad exchange
Step 4.
Exchange sends
bid requests to
hundreds of
partners
Step 5.
Exchange lets
some DMPs/
DSPs to refresh
cookie sync
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
This is the current process of
real-time bidding that is used in
online behavioural advertising.
Channel of data leakage
Legend
Money
DATA LEAKAGE
IN ONLINE
ADVERTISING

38. Ad server SSP
Step 2.
Ad server
selects an SSP
Step 3.
SSP selects an
exchange
Step 7.
DSP serves
agency creative
MARKETERS
website.com
Winningbid
Ad server
javascript
SSP
javascript
DMP
DMP
DMP DMP
DSP
DSP
DSP
DSP
DSP
DSP
javascript
Ad server
javascript
Step 6.
Exchange serves
winning bid
Agency
ad server
Winning DSP
Step 1.
User requests
webpage
Ad exchange
Step 4.
Exchange sends
bid requests to
hundreds of
partners
Step 5.
Exchange lets
some DMPs/
DSPs to refresh
cookie sync
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
This is the current process of
real-time bidding that is used in
online behavioural advertising.
DATA LEAKAGE
IN ONLINE
ADVERTISING
Channel of data leakage
Legend
Money

39. Ad server SSP
Step 2.
Ad server
selects an SSP
Step 3.
SSP selects an
exchange
Step 7.
DSP serves
agency creative
Step 8.
Assets load
from CDN
MARKETERS
website.com
AD
Winningbid
Ad server
javascript
SSP
javascript
DMP
DMP
DMP DMP
DSP
DSP
DSP
DSP
DSP
DSP
javascript
Ad server
javascript
Step 6.
Exchange serves
winning bid
Agency
ad server
Winning DSP
Step 1.
User requests
webpage
Ad exchange
Step 4.
Exchange sends
bid requests to
hundreds of
partners
Step 5.
Exchange lets
some DMPs/
DSPs to refresh
cookie sync
CDN
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
DSP
This is the current process of
real-time bidding that is used in
online behavioural advertising.
DATA LEAKAGE
IN ONLINE
ADVERTISING
Channel of data leakage
Legend
Money

40. What’s in a
bid request?

41. IAB OpenRTB Google Authorized Buyers

45. The website this specific person is currently viewing
Various ID codes that identify this
specific person, and can tie them to
existing profiles
Distinctive characteristics of this specific person
This specific person’s IP address
Distinctive information about
this specific person’s device
Distinctive information about this specific
person’s device
This young woman’s GPS coordinates!

46. Natural persons may be associated with
online identifiers … such as internet protocol
addresses, cookie identifiers or other
identifiers… This may leave traces which, in
particular when combined with unique
identifiers and other information received by
the servers, may be used to create profiles of
the natural persons and identify them.
GDPR, Recital 30

48. Index Exchange 50 billion
1. “Tour IX’s Amsterdam and Frankfurt Data Centers”, Index Exchange, 2 July 2018 (URL: https://www.indexexchange.com/tour-ix-amsterdam-frankfurt-data-centers/).
2. "OpenX Ad Exchange", OpenX (URL: https://www.openx.com/uk_en/products/ad-exchange/).
3. “Buyers”, Rubicon Project (URL: https://rubiconproject.com/buyers/).
4. "How PubMatic Is Learning Machine Learning", PubMatic, 25 January 2019 (URL: https://pubmatic.com/blog/learning-machine-learning/)
5. "Maximize yield with Oath's publisher offerings", Oath, 3 April 2018 (URL: https://www.oath.com/insights/maximize-yield-with-oath-s-publisher-offerings/)
6. 500 Billion / 29.6 = 18.6 billion impressions per day. Using AppNexus 1:11.5 ratio, this is 214 auctions per day. 500+ impressions figure cited in “Optimize your mobile
strategy”, Smaato (URL: https://www.smaato.com/).
7. “Transacting at a peak of 11.4 billion daily impressions, our marketplace handles more traffic each day than Visa, Nasdaq, and the NYSE combined” at https://
www.appnexus.com/sell. Note that in 2017, AppNexus said in “AppNexus Scales with DriveScale”, 2017 (URL: http://go.drivescale.com/rs/451-ESR-800/images/
DRV_Case_Study_AppNexus-final.v1.pdf) that 10.7 billion "impressions transacted" came as a result of running 123 billion auctions. The impressions transacted to
auctions ratio appears to be roughly 1:11.5. Therefore, the 11.4 daily impressions reported in 2018 equates to 131 billion auctions per day.
8. DoubleClick.Net Usage Statistics (URL: https://trends.builtwith.com/ads/DoubleClick.Net).
Real-time bidding bid requests per day
OpenX 60 billion2
Rubicon Project Unknown, 1 billion people’s devices3
PubMatic 70 billion4
Oath/AOL 90 billion5
AppNexus 131 billion6
Smaato 214 billion7
Google Unknown, live on 8.4 million websites8
1
Index Exchange 50 billion
The biggest

49. Index Exchange 50 billion
1. “Tour IX’s Amsterdam and Frankfurt Data Centers”, Index Exchange, 2 July 2018 (URL: https://www.indexexchange.com/tour-ix-amsterdam-frankfurt-data-centers/).
2. "OpenX Ad Exchange", OpenX (URL: https://www.openx.com/uk_en/products/ad-exchange/).
3. “Buyers”, Rubicon Project (URL: https://rubiconproject.com/buyers/).
4. "How PubMatic Is Learning Machine Learning", PubMatic, 25 January 2019 (URL: https://pubmatic.com/blog/learning-machine-learning/)
5. "Maximize yield with Oath's publisher offerings", Oath, 3 April 2018 (URL: https://www.oath.com/insights/maximize-yield-with-oath-s-publisher-offerings/)
6. 500 Billion / 29.6 = 18.6 billion impressions per day. Using AppNexus 1:11.5 ratio, this is 214 auctions per day. 500+ impressions figure cited in “Optimize your mobile
strategy”, Smaato (URL: https://www.smaato.com/).
7. “Transacting at a peak of 11.4 billion daily impressions, our marketplace handles more traffic each day than Visa, Nasdaq, and the NYSE combined” at https://
www.appnexus.com/sell. Note that in 2017, AppNexus said in “AppNexus Scales with DriveScale”, 2017 (URL: http://go.drivescale.com/rs/451-ESR-800/images/
DRV_Case_Study_AppNexus-final.v1.pdf) that 10.7 billion "impressions transacted" came as a result of running 123 billion auctions. The impressions transacted to
auctions ratio appears to be roughly 1:11.5. Therefore, the 11.4 daily impressions reported in 2018 equates to 131 billion auctions per day.
8. DoubleClick.Net Usage Statistics (URL: https://trends.builtwith.com/ads/DoubleClick.Net).
Real-time bidding bid requests per day
OpenX 60 billion2
Rubicon Project Unknown, 1 billion people’s devices3
PubMatic 70 billion4
Oath/AOL 90 billion5
AppNexus 131 billion6
Smaato 214 billion7
Google Unknown, live on 8.4 million websites8
1
Index Exchange 50 billion
The biggest
Hundreds of billions
of data leaks a day.
(The biggest data breach yet recorded)

50. Everybody you
have ever known

51. OK

53. Security

54. Publishers recognize there is no technical
way to limit the way data is used after the
data is received by a vendor for decisioning/
bidding on/after delivery of an ad…
“
”
there is no technical
way to limit the way data is used after
Surfacing thousands of vendors with broad
rights to use data w/out tailoring those
rights may be too many vendors/permissions
“
”
thousands of vendors
“pubvendors.json v1.0: Transparency & Consent Framework”,
IAB, May 2018

55. The MO may adopt procedures for
periodically reviewing and verifying a
Vendor’s compliance with the Policies.
“Transparency & Consent Framework Policies, 2019-08-21.3”
IAB, August 2019
“
”
may adopt
Management Organisation (the IAB)

56. Buyer will regularly monitor your
compliance with this obligation, and
immediately notify Google in writing if
Buyer can no longer meet … this obligation...
“
”
“
”
must not: (i) use callout data ... to create
user lists or profile users; (ii) associate
callout data ... with third party data...
Buyer will
“Authorized Buyers Programme Guidelines”,
Google, August 2018

57. GDPR, Article 5 (1)
(f) processed in a manner that ensures
appropriate security of the personal data,
including protection against unauthorised or
unlawful processing and against accidental
loss, destruction or damage, using
appropriate technical or organisational
measures (‘integrity and confidentiality’).

58. EU privacy regulators are like “ents”.
Terrifying, once awoken.

59. 4
We list our concerns - that the creation and sharing of personal data profiles
about people, to the scale we’ve seen, feels disproportionate, intrusive and
unfair, particularly when people are often unaware it is happening.
We outline that one visit to a website, prompting one auction among
advertisers, can result in a person’s personal data being seen by hundreds of
organisations, in ways that suggest data protection rules have not been
sufficiently considered.
Our report will be passed to the adtech sector for their response. We are
clear about the areas where we have initial concerns, and we expect to see
change. But we understand this is an extremely complex market involving
many organisations and many technologies. We want to take a measured
and iterative approach, before undertaking a further industry review in six
months’ time.
With that in mind, we’ll continue engaging with the sector, further exploring
the data protection implications of the real time bidding system. We’ll
continue collaborating with Data Protection Authorities in other European
countries too, who are also looking at complaints in this area.
Innovation in technology has the potential to enhance all of our lives. The
internet is central to that, and we understand that advertisements fund much
of what we enjoy online. We understand the need for a system that allows
revenue for publishers and audiences for advertisers. We understand a need
for the process to happen in a heartbeat. Our aim is to prompt changes that
reflect this reality, but also to ensure respect for internet users’ legal rights.
The rules that protect people’s personal data must be followed. Companies
do not need to choose between innovation and privacy.
Elizabeth Denham
Information Commissioner
Information Commissioner’s Office
Update report
into adtech and
real time bidding
20 June 2019

60. 4
We list our concerns - that the creation and sharing of personal data profiles
about people, to the scale we’ve seen, feels disproportionate, intrusive and
unfair, particularly when people are often unaware it is happening.
We outline that one visit to a website, prompting one auction among
advertisers, can result in a person’s personal data being seen by hundreds of
organisations, in ways that suggest data protection rules have not been
sufficiently considered.
Our report will be passed to the adtech sector for their response. We are
clear about the areas where we have initial concerns, and we expect to see
change. But we understand this is an extremely complex market involving
many organisations and many technologies. We want to take a measured
and iterative approach, before undertaking a further industry review in six
months’ time.
With that in mind, we’ll continue engaging with the sector, further exploring
the data protection implications of the real time bidding system. We’ll
continue collaborating with Data Protection Authorities in other European
countries too, who are also looking at complaints in this area.
Innovation in technology has the potential to enhance all of our lives. The
internet is central to that, and we understand that advertisements fund much
of what we enjoy online. We understand the need for a system that allows
revenue for publishers and audiences for advertisers. We understand a need
for the process to happen in a heartbeat. Our aim is to prompt changes that
reflect this reality, but also to ensure respect for internet users’ legal rights.
The rules that protect people’s personal data must be followed. Companies
do not need to choose between innovation and privacy.
Elizabeth Denham
Information Commissioner
Information Commissioner’s Office
Update report
into adtech and
real time bidding
20 June 2019
one visit to a website, prompting one
auction among advertisers, can result in
a person’s personal data being seen by
hundreds of organisations, in ways that
suggest data protection rules have not
been sufficiently considered. page 4

61. 23
4 Summary and conclusions
Overall, in the ICO’s view the adtech industry appears immature in its
understanding of data protection requirements. Whilst the automated
delivery of ad impressions is here to stay, we have general, systemic
concerns around the level of compliance of RTB:
1. Processing of non-special category data is taking place unlawfully at
the point of collection due to the perception that legitimate interests
can be used for placing and/or reading a cookie or other technology
(rather than obtaining the consent PECR requires).
2. Any processing of special category data is taking place unlawfully as
explicit consent is not being collected (and no other condition applies).
In general, processing such data requires more protection as it brings
an increased potential for harm to individuals.
3. Even if an argument could be made for reliance on legitimate interests,
participants within the ecosystem are unable to demonstrate that they
have properly carried out the legitimate interests tests and
implemented appropriate safeguards.
4. There appears to be a lack of understanding of, and potentially
compliance with, the DPIA requirements of data protection law more
broadly (and specifically as regards the ICO’s Article 35(4) list). We
therefore have little confidence that the risks associated with RTB have
been fully assessed and mitigated.
5. Privacy information provided to individuals lacks clarity whilst also
being overly complex. The TCF and Authorized Buyers frameworks are
insufficient to ensure transparency and fair processing of the personal
data in question and therefore also insufficient to provide for free and
informed consent, with attendant implications for PECR compliance.
6. The profiles created about individuals are extremely detailed and are
repeatedly shared among hundreds of organisations for any one bid
request, all without the individuals’ knowledge.
7. Thousands of organisations are processing billions of bid requests in
the UK each week with (at best) inconsistent application of adequate
technical and organisational measures to secure the data in transit and
at rest, and with little or no consideration as to the requirements of
data protection law about international transfers of personal data.
8. There are similar inconsistencies about the application of data
minimisation and retention controls.
9. Individuals have no guarantees about the security of their personal
data within the ecosystem.
4
We list our concerns - that the creation and sharing of personal data profiles
about people, to the scale we’ve seen, feels disproportionate, intrusive and
unfair, particularly when people are often unaware it is happening.
We outline that one visit to a website, prompting one auction among
advertisers, can result in a person’s personal data being seen by hundreds of
organisations, in ways that suggest data protection rules have not been
sufficiently considered.
Our report will be passed to the adtech sector for their response. We are
clear about the areas where we have initial concerns, and we expect to see
change. But we understand this is an extremely complex market involving
many organisations and many technologies. We want to take a measured
and iterative approach, before undertaking a further industry review in six
months’ time.
With that in mind, we’ll continue engaging with the sector, further exploring
the data protection implications of the real time bidding system. We’ll
continue collaborating with Data Protection Authorities in other European
countries too, who are also looking at complaints in this area.
Innovation in technology has the potential to enhance all of our lives. The
internet is central to that, and we understand that advertisements fund much
of what we enjoy online. We understand the need for a system that allows
revenue for publishers and audiences for advertisers. We understand a need
for the process to happen in a heartbeat. Our aim is to prompt changes that
reflect this reality, but also to ensure respect for internet users’ legal rights.
The rules that protect people’s personal data must be followed. Companies
do not need to choose between innovation and privacy.
Elizabeth Denham
Information Commissioner
Information Commissioner’s Office
Update report
into adtech and
real time bidding
20 June 2019The TCF and Authorized Buyers
frameworks are insufficient to ensure
transparency and fair processing of the
personal data in question and therefore
also insufficient to provide for free and
informed consent… page 23

64. suspected infringement

65. CMO

68. PublishersMarketer
$
Shared liability under GDPR Article 82Legend Money Channel of data leakage
Marketer risk from programmatic advertising

69. PublishersSSPsDSPDMPMarketer Ad Exchanges
AAgency
$
Shared liability under GDPR Article 82Legend Money Channel of data leakage
Marketer risk from programmatic advertising

70. Data protection-free zone
PublishersSSPsDSPDMPMarketer Ad Exchanges
AAgency
Personal data widely broadcast in “RTB” bid requests
$
Insurer and
reinsurer risk?
Shared liability under GDPR Article 82Legend Money Channel of data leakage
Marketer risk from programmatic advertising

71. WHAT TO DO

72. Conventional
“Broadcast” Behavioral

73. Conventional
“Broadcast” Behavioral

74. Conventional
“Broadcast” Behavioral
Safe data
“Broadcast” Behavioral

75. • What you are reading, or watching, or listening to.
• Categories of the content.
• Unique pseudonymous ID.
• Unique ID matched to ad buyer’s existing profile of you.
• Your location (can be your exact latitude and longitude).
• Granular description of your device.
• Unique tracking IDs / cookie match.
• Your IP address.*
• Data broker segment ID* when available.
*Depending on the version of “real time bidding” system
Conventional
“Broadcast” Behavioral

76. • What you are reading, or watching, or listening to.
• Categories of the content.
• Your approximate location.
• General description of your device.
• Your approximate IP address.
• Impression ID for buyer transparency.
Person in Cologne (District 1: Köln-Innenstadt) is
reading an article about ad fraud on WSJ’s CMO
roundup. Using Safari on an iPhone X or higher.
Safe data
“Broadcast” Behavioral

77. RTB
MARKET
PROBLEMS

78. How RTB data leakage supports untrustworthy websites
The Daily Bugle

79. How RTB data leakage supports untrustworthy websites
The Daily Bugle
///
Step 1.
User “John” visits
The Daily Bugle

80. How RTB data leakage supports untrustworthy websites
The Daily Bugle
///
Step 1.
User “John” visits
The Daily Bugle
Step 2.
Bid request
broadcasts personal
data about John

81. How RTB data leakage supports untrustworthy websites
The Daily Bugle
///
Step 3.
100s of companies in the ad
auction can now re-identify
John as a Daily Bugle reader
Step 1.
User “John” visits
The Daily Bugle
Step 2.
Bid request
broadcasts personal
data about John
John

82. Step 4.
The Daily Bugle is
paid €1 to show ad
to John
How RTB data leakage supports untrustworthy websites
The Daily Bugle
///
Step 3.
100s of companies in the ad
auction can now re-identify
John as a Daily Bugle reader
Step 1.
User “John” visits
The Daily Bugle
€1 advertisement
Step 2.
Bid request
broadcasts personal
data about John
John

83. Step 4.
The Daily Bugle is
paid €1 to show ad
to John
How RTB data leakage supports untrustworthy websites
The Daily Bugle
Step 5.
Later, John visits a
low quality website
Step 3.
100s of companies in the ad
auction can now re-identify
John as a Daily Bugle reader
Step 1.
User “John” visits
The Daily Bugle
€1 advertisement
De5troyTru5t.com
///
Step 2.
Bid request
broadcasts personal
data about John
John

84. Step 4.
The Daily Bugle is
paid €1 to show ad
to John
How RTB data leakage supports untrustworthy websites
The Daily Bugle
Step 5.
Later, John visits a
low quality website
Step 6.
Bid request
announces John is
here
Step 3.
100s of companies in the ad
auction can now re-identify
John as a Daily Bugle reader
Step 1.
User “John” visits
The Daily Bugle
€1 advertisement
De5troyTru5t.com
///
Step 2.
Bid request
broadcasts personal
data about John
John

85. Step 4.
The Daily Bugle is
paid €1 to show ad
to John
Step 7.
De5troyTru5t.com is paid
€0.01 to show ad to John
How RTB data leakage supports untrustworthy websites
The Daily Bugle
Step 5.
Later, John visits a
low quality website
Step 6.
Bid request
announces John is
here
Step 3.
100s of companies in the ad
auction can now re-identify
John as a Daily Bugle reader
Step 1.
User “John” visits
The Daily Bugle
€1 advertisement
De5troyTru5t.com
€0.01 advertisement
///
Step 2.
Bid request
broadcasts personal
data about John
John

86. Step 4.
The Daily Bugle is
paid €1 to show ad
to John
Step 7.
De5troyTru5t.com is paid
€0.01 to show ad to John
How RTB data leakage supports untrustworthy websites
The Daily Bugle
Step 5.
Later, John visits a
low quality website
Step 6.
Bid request
announces John is
here
Step 3.
100s of companies in the ad
auction can now re-identify
John as a Daily Bugle reader
Step 1.
User “John” visits
The Daily Bugle
€1 advertisement
De5troyTru5t.com
€0.01 advertisement
///
Step 2.
Bid request
broadcasts personal
data about John
Worthy sites lose their unique audience, and feed
a business model for the bottom of the Web.
John

87. The Daily Bugle
How RTB enables to steal from publishers and
advertisers.
fraudsters

88. The Daily Bugle
Step 1.
A bot masquerading
as a human visits
The Daily Bugle ///
Fake
How RTB enables to steal from publishers and
advertisers.
fraudsters

89. The Daily Bugle
Step 1.
A bot masquerading
as a human visits
The Daily Bugle
Step 2.
Bid request
broadcasts personal
data about Bot///
Fake
How RTB enables to steal from publishers and
advertisers.
fraudsters

90. The Daily Bugle
Step 3.
100s of companies in the ad
auction can now re-identify
Bot as a Daily Bugle reader
Step 1.
A bot masquerading
as a human visits
The Daily Bugle
Step 2.
Bid request
broadcasts personal
data about Bot
Bot
///
Fake
How RTB enables to steal from publishers and
advertisers.
fraudsters

91. Step 4.
The Daily Bugle is
paid €1 to show ad
The Daily Bugle
Step 3.
100s of companies in the ad
auction can now re-identify
Bot as a Daily Bugle reader
Step 1.
A bot masquerading
as a human visits
The Daily Bugle
€1 advertisement
Step 2.
Bid request
broadcasts personal
data about Bot
Bot
///
Fake
How RTB enables to steal from publishers and
advertisers.
fraudsters

92. Step 4.
The Daily Bugle is
paid €1 to show ad
The Daily Bugle
Step 5.
Later, an
untrustworthy website
buts bot traffic
Step 3.
100s of companies in the ad
auction can now re-identify
Bot as a Daily Bugle reader
Step 1.
A bot masquerading
as a human visits
The Daily Bugle
€1 advertisement
De5troyTru5t.com
Step 2.
Bid request
broadcasts personal
data about Bot
Bot
///
Fake
///
Fake
How RTB enables to steal from publishers and
advertisers.
fraudsters

93. Step 4.
The Daily Bugle is
paid €1 to show ad
The Daily Bugle
Step 5.
Later, an
untrustworthy website
buts bot traffic
Step 6.
Bid request
announces Bot is
here
Step 3.
100s of companies in the ad
auction can now re-identify
Bot as a Daily Bugle reader
Step 1.
A bot masquerading
as a human visits
The Daily Bugle
€1 advertisement
De5troyTru5t.com
Step 2.
Bid request
broadcasts personal
data about Bot
Bot
///
Fake
///
Fake
How RTB enables to steal from publishers and
advertisers.
fraudsters

94. Step 4.
The Daily Bugle is
paid €1 to show ad
Step 7.
De5troyTru5t.com is paid
€0.01 to show ad to Bot
The Daily Bugle
Step 5.
Later, an
untrustworthy website
buts bot traffic
Step 6.
Bid request
announces Bot is
here
Step 3.
100s of companies in the ad
auction can now re-identify
Bot as a Daily Bugle reader
Step 1.
A bot masquerading
as a human visits
The Daily Bugle
€1 advertisement
De5troyTru5t.com
€0.01 advertisement
Step 2.
Bid request
broadcasts personal
data about Bot
Bot
///
Fake
///
Fake
How RTB enables to steal from publishers and
advertisers.
fraudsters

95. $ ///
VisitorSiteSupply-side
platform (SSP)
Demand-side
platform (DSP)
Data management
platform (DMP)
Marketer Ad Exchange
Serve page
Request page
Request bid
Request segment
Request bid
Cookie to SSP
Deliver ad
Sync
Deliver segment
Sync
Ad request
Store data
“Demand side” “Supply side”
(one or many)
(10s or 100s or 1000s?)
DSPDMP SSP

96. Buyer Seller
Extracts 70-55% of
buyer’s media budget.
Distribution
Marketer
$ DMP DSP Ad Exchange SSP
Site
Unique audience
commodified and
arbitraged.
Untrustworthy sites
business model
enabled.
Bot fraud boosted.
70% figure from the Guardian
and Rubicon case in 2017. 55%
figure from “The Programmatic
Supply Chain: Deconstructing the
Anatomy of a Programmatic
CPM”, IAB, March 2016.
MARKET OVERVIEW (NOW)
PERSONAL DATA IN IAB / GOOGLE RTB
Victims of massive
fraud.
2019 estimates range from $5.7B
(ANA) - $42B (Juniper Research).

97. Extracts much lower %
of buyer’s media budget.
Unique audience
become immune to
commodification and
arbitrage.
No opportunity for
untrustworthy sites.
Bot fraud reduced.
Bot fraud opportunity
reduced.
MARKET OVERVIEW (POST-FIX)
NON-PERSONAL DATA IN IAB / GOOGLE RTB
Marketer
$ DMP DSP Ad Exchange SSP
Site
Buyer SellerDistribution

98. Conventional
“Broadcast” Behavioral
Safe data
“Broadcast” Behavioral

99. Conventional
“Broadcast” Behavioral
“Local” Behavioral
Safe data
“Broadcast” Behavioral

100. Conventional
“Broadcast” Behavioral
“Local” Behavioral
Safe data
“Broadcast” Behavioral
///

101. Conventional
“Broadcast” Behavioral
“Local” Behavioral
Safe data
“Broadcast” Behavioral
///

102. Private profiles.
If you opt-in, the Browser builds a
profile that stays private on the
device. No one (including Brave)
ever gets it.
Machine learning on the device
decides what ad is shown, and
when it is best to show it to you.
“Local” Behavioral
///

104. Browser user visits various websites

105. Today’s ad catalog is sent
to the device.
Browser user visits various websites

106. Today’s ad catalog is sent
to the device.
Brave Browser on the device
selects an ad based on profile
on the device.
70% of ad revenue goes to user.
Browser user visits various websites

107. Today’s ad catalog is sent
to the device.
Brave Browser on the device
selects an ad based on profile
on the device.
70% of ad revenue goes to user.
By default, websites are paid
from the user’s wallet at the end
of the month. (This can not be
attributed to an individual user.)
Browser user visits various websites

108. Conventional
“Broadcast” Behavioral
“Local” Behavioral
Safe data
“Broadcast” Behavioral
///
1 2 3

113. N20
C02

114. Fossil Fuel Renewable Energy
N20
C02
Regulatory incentive
CLEAN INDUSTRY
Regulatory disincentive
DIRTY INDUSTRY

115. Ads (Ethical Data)Ads (Conventional Data)
Regulatory incentive
CLEAN INDUSTRY
Regulatory disincentive
DIRTY INDUSTRY
Personal data Non-personal data
Fossil Fuel Renewable Energy
N20
C02

116. Summary

117. 1. Regulators will force change.
2. Prepare for when the IAB & Google are
forced to reform RTB. It is likely to use
only non-personal data.
3. Experiment with safe adtech.
4. Connect: BRAVE.com/INSIGHT/
johnny@brave.com