Philosophy and Power; Advertising, Targeting, and Tracking; The Real Winners

Posted on Author by Ben Thompson

Good morning,

A quick reminder that tomorrow is the second-to-last Summer Day of the year.

On to the update:

Philosophy and Power

From Protocol:

One of the web’s geekiest corners, the W3C is a mostly-online community where the people who operate the internet — website publishers, browser companies, ad tech firms, privacy advocates, academics and others — come together to hash out how the plumbing of the web works. It’s where top developers from companies like Google pitch proposals for new technical standards, the rest of the community fine-tunes them and, if all goes well, the consortium ends up writing the rules that ensure websites are secure and that they work no matter which browser you’re using or where you’re using it. The W3C’s members do it all by consensus in public GitHub forums and open Zoom meetings with meticulously documented meeting minutes, creating a rare archive on the internet of conversations between some of the world’s most secretive companies as they collaborate on new rules for the web in plain sight.

But lately, that spirit of collaboration has been under intense strain as the W3C has become a key battleground in the war over web privacy. Over the last year, far from the notice of the average consumer or lawmaker, the people who actually make the web run have converged on this niche community of engineers to wrangle over what privacy really means, how the web can be more private in practice and how much power tech giants should have to unilaterally enact this change.

The whole article is worth a read, both in terms of understanding the W3C, but also in terms of understanding what exactly we are debating when we talk about privacy on the web. In this sense I am with James Rosewell, the protagonist of the story:

On one side are engineers who build browsers at Apple, Google, Mozilla, Brave and Microsoft. These companies are frequent competitors that have come to embrace web privacy on drastically different timelines. But they’ve all heard the call of both global regulators and their own users, and are turning to the W3C to develop new privacy-protective standards to replace the tracking techniques businesses have long relied on. On the other side are companies that use cross-site tracking for things like website optimization and advertising, and are fighting for their industry’s very survival. That includes small firms like Rosewell’s, but also giants of the industry, like Facebook.

Rosewell has become one of this side’s most committed foot soldiers since he joined the W3C last April. Where Facebook’s developers can only offer cautious edits to Apple and Google’s privacy proposals, knowing full well that every exchange within the W3C is part of the public record, Rosewell is decidedly less constrained. On any given day, you can find him in groups dedicated to privacy or web advertising, diving into conversations about new standards browsers are considering. Rather than asking technical questions about how to make browsers’ privacy specifications work better, he often asks philosophical ones, like whether anyone really wants their browser making certain privacy decisions for them at all. He’s filled the W3C’s forums with concerns about its underlying procedures, sometimes a dozen at a time, and has called upon the W3C’s leadership to more clearly articulate the values for which the organization stands.

When I say I am with Rosewell, I mean that he is right that the fundamental issues around these debates really are a question of philosophy; technical questions are implementation details. A refusal to acknowledge that doesn’t remove the philosophy, though; it simply means the philosophy of those with the power to change the rules carries the day.

Advertising, Targeting, and Tracking

One of the particularly challenging aspects of this debate is that “privacy” is a great brand name: who doesn’t want privacy? That means, though, that everyone wants to claim privacy as the justification for their preferred outcomes, which is a problem because many of these folks have different goals. There are, for example, three distinct questions about ads themselves:

  • Is advertising good or bad?

    I start here both because I think it is one of the most fundamental questions in this debate, even as it is one of the most overlooked. My sense both from observation and from some of the feedback I get is that a lot of “pro-privacy” folks are just fundamentally opposed to advertising. This constituency will both support just about any privacy initiative, and also be disappointed in the eventual outcome.

  • Are targeted ads good or bad?

    Ads have always had some degree of targeting; even your local billboard was chosen because of its location. Obviously, though, the specificity can vary greatly. One of the factors that drove the explosion in cable channels, for example, was the realization that focusing on a specific type of programming could attract a specific type of audience, making advertising on that channel more attractive to advertisers that wanted to reach that type of audience. Magazines took this concept further than anyone, combining content-specificity with subscriber-level demographic data to attract advertisers.

    Still, everyone who read the same magazine saw the same ads; the level of specificity was at the publication level. The web, though, blew this all up: one of the things that made Google so powerful is that the search engine understood the web at the level of the individual article; search results don’t link to the home page of a website, but to a specific post (this is a classic example of how changing the point of integration in a value chain modularizes complements). The question posed here, then, is less about whether targeting as a concept is good or bad — people that dislike even publication-level targeting probably don’t like ads period — and more whether the increase in specificity is good or bad.

  • Is tracking good or bad?

    This is where the zero transaction costs that I discuss in the context of Aggregation Theory come in: it is effectively free on a marginal cost basis to keep track of every page that a user visits, building a far richer understanding of their interests than was every possible when data was only available at the level of the publication, and expensive to collect and reference to boot. That, by extension, meant it was possible to show individual ads to individual users based on that understanding, and here’s the kicker: not only were those ads more effective, but they were also cheaper, both because inventory on the web is effectively infinite (thanks to the zero marginal cost of both creating and distributing content), and also because zero transactional costs applied to the buying and selling of ads as well.

    To put it another way, this question is about the shift from content-based targeting to behavior-based targeting.

The Real Winners

Here is the kicker, though: none of these questions are actually up for debate. The advertising one is obvious: it’s not going anywhere. It’s the same thing with targeted ads: the limitations of the analog world were not due to some sort of societal consensus, but to the limits of technology; as those limits have retreated, targeting has and will continue to be ever more specific. What is perhaps a surprise to many, though, is that tracking isn’t going anywhere either: the question at play is who gets to do it.

Returning to the Protocol article:

To Rosewell, these [philosophical] questions may be the only thing stopping the web from being fully designed and controlled by Apple, Google and Microsoft, three companies that he said already have enough power as it is. “I’m deeply concerned about the future in a world where these companies are just unrestrained,” Rosewell said. “If there isn’t someone presenting a counter argument, then you get group-think and bubble behavior.”

But the engineers and privacy advocates who have long held W3C territory aren’t convinced. They say the W3C is under siege by an insurgency that’s thwarting browsers from developing new and important privacy protections for all web users. “They use cynical terms like: ‘We’re here to protect user choice’ or ‘We’re here to protect the open web’ or, frankly, horseshit like this,” said Pete Snyder, director of privacy at Brave, which makes an anti-tracking browser. “They’re there to slow down privacy protections that the browsers are creating.”

Snyder and others argue these new arrivals, who drape themselves in the flag of competition, are really just concern trolls, capitalizing on fears about Big Tech’s power to cement the position of existing privacy-invasive technologies.

I guess this means that I am a concern troll too, because the missing part of the article is an explicit acknowledgment that when it comes to these decisions might makes right, and might rests with the platforms. In the case of the web that means the browser makers, and in the case of mobile it means the operating system makers. In other words, it means Google and Apple.

Google, given its business model, is obviously not going to abandon tracking; the company is, though, at least trying to build a consensus about what is next. The FLoC initiative, for example, has been focused on the W3C from the beginning, and Google last month, in response to the formal investigation launched by the UK’s Competition and Markets Authority into FLoC, pledged to institute any changes only after “consultation and collaboration” with both industry stakeholders and, specifically, the CMA (which, as Mark Nottingham observed, has huge problems of its own).

Apple, meanwhile, just drops bombs; Facebook engineer and W3C participant Ben Savage noted on Twitter:

ITP = Intelligent Tracking Prevention, which blocks third-party cookies
iOS 14 = App Tracking Transparency
PCM = Private Click Measurement, Apple’s alternative to cookies for ad click attribution measurement
SKAdNetwork = Apple’s alternative to third-party conversion measurement SDK’s for apps

The answer, again, goes to the fact that this is and long has been Google’s business model — people are understandably suspicious. Apple, meanwhile, just wants to sell phones, right? Well, no, and that is why I have focused on Apple’s own ad efforts: it would be one thing if Apple were anti-ads, or anti-targeting, or anti-tracking, but the reality is that Apple is interested in all of those thing, they just want it to be done on their terms, which is another way of saying on their phones. The company is leading a push to shift the entire advertising stack to your device — not unlike FLoC! — which would make Apple (and Google) the only intermediaries for effective targeted advertising.

Perhaps this is the best outcome; it certainly aligns with privacy regulations that distinguish between first-party data and third-party data. It is, though, in pretty fundamental conflict with rhetoric around promoting competition and reducing platform lock-in.

This raises the most scandalous question of all: is this actually a good thing for consumers? The benefits of the Internet’s openness and the consumer surplus that comes from a thriving ad ecosystem are “in the water”, so to speak, while the rhetoric around privacy is suspiciously light on real world harms (go-to examples like Cambridge Analytica have been shown to be dramatically overstated). It seems possible — even likely — that the actual experience of advertising isn’t going to change, even as a complete rework of the plumbing has the primary impact of consolidating profits under the two companies that already control everything; whether that is an acceptable trade-off is a matter of philosophy.

This Daily Update will be available as a podcast later today. To receive it in your podcast player, visit Stratechery.

The Daily Update is intended for a single recipient, but occasional forwarding is totally fine! If you would like to order multiple subscriptions for your team with a group discount (minimum 5), please contact me directly.

Thanks for being a supporter, and have a great day!