Home Privacy Are PETs Enough To Mitigate The Privacy Risks Of Device Fingerprinting?
consumer privacy

Are PETs Enough To Mitigate The Privacy Risks Of Device Fingerprinting?

By

SHARE:
device fingerprinting

On February 16, Google is lifting its prohibition on device fingerprinting for companies that use its ad products.

It’s a surprising reversal. In 2019, Google called the method “opaque” and said it would “aggressively block” it to protect user privacy.

So what changed?

According to Google, it’s “refreshing” its platform policies in light of two shifts in the advertising ecosystem: the rise of connected TV and the rise of privacy-enhancing technologies (PETs).

IP addresses are already widely used for ad targeting and measurement on CTV, Google says, and innovations like PETs can help mitigate the related privacy risks.

A PET is any technical method for keeping personal data safe and secure. In the advertising context, that could mean using on-device processing to minimize data transfer or multi-party computation to allow multiple parties in a clean room to analyze personal data without sharing it.

Google has been integrating PETs into its ad products and says it plans to partner with the broader ad industry to “help make PETs more accessible.”

No one disputes that PETs can help protect and secure sensitive data, but are they enough to mitigate the privacy risks of device fingerprinting? We asked the experts:

  • Arielle Garcia, chief operating officer, Check My Ads
  • Julie Rooney, chief privacy officer, OpenX
  • Mateusz Jedrocha, chief product officer, Adlook
  • Daniel Rosenzweig, founder & principal attorney, DBR Data Privacy Solutions
  • Cillian Kieran, CEO & founder, Ethyca

Arielle Garcia, chief operating officer, Check My Ads

Nope. Google references PETs and privacy-preserving technologies by construing the privacy risk of fingerprinting as seemingly limited to the reidentification of individuals by third parties.

What happened to Google saying fingerprinting “subverts user choice and is wrong,” since people can’t clear their fingerprints? The goalposts move to wherever Google needs them to be.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Daily Roundup

Daily News Roundup

Daily Mail Launches A Social Media Agency; AI Eats The Food Blogs’ Lunch

Julie Rooney, chief privacy officer, OpenX

The ad tech industry’s commitment to developing PETs that meaningfully enhance data privacy and security within the ecosystem is real. Major strides have been made in this space in recent years by many industry players.

That said, this change seems likely to give more personal data to more players or at least to lessen restrictions on its use. Even if that is done more safely via PETs, there are always increased risks when more personal data is changing hands or being used in new ways.

Mateusz Jedrocha, chief product officer, Adlook

PETs undoubtedly help ensure data is handled securely. However, the key issue with using IP addresses as identifiers is user autonomy. Can individuals opt out of tracking or delete the data collected about them?

The broader debate centers on user choice and control. This remains the primary challenge, which is separate from the technical safeguards offered by PETs.

Daniel Rosenzweig, founder & principal attorney, DBR Data Privacy Solutions

Generally speaking, yes, I believe PETs mitigate privacy risks and are a good idea to implement when feasible and warranted – although, I also think the devil is in the details.

That said, even when PETs are used, the core responsibility remains unchanged. If an organization processes data in a way that qualifies it as personal data – including data used for device fingerprinting – it should apply the same level of due diligence as for any personal data.

Cillian Kieran, CEO & founder, Ethyca

PETs are like armor on a battlefield. They protect, but they don’t eliminate the fight. And they’re not a silver bullet, particularly when applied to techniques like fingerprinting, which, by design, operate in the shadows of user awareness.

The truth is that fingerprinting is inherently invasive. It tracks people without their knowledge and creates data profiles they never agreed to. PETs can’t solve that fundamental problem because they don’t address consent or transparency.

What PETs can do is make fingerprinting less aggressive by adding a layer of obfuscation and reducing the data’s precision. If PETs are used as a genuine attempt to create a more privacy-conscious framework, they’re valuable. If they’re used to justify the status quo, they won’t fix the underlying trust issues.

The potential is there, but the execution matters.

Answers have been lightly edited and condensed.

Related Stories

Must Read

Technology

How AudienceMix Is Mixing Up The Data Sales Business

AudienceMix, a new curation startup, aims to make it more cost effective to mix and match different audience segments using only the data brands need to execute their campaigns.

Digital Out-Of-Home

Broadsign Acquires Place Exchange As The DOOH Category Hits Its Stride

On Tuesday, digital out-of-home (DOOH) ad tech startup Place Exchange was acquired by Broadsign, another out-of-home SSP.

Social Media

Meta’s Ad Platform Is Going Haywire In Time For The Holidays (Again)

For the uninitiated, “Glitchmas” is our name for what’s become an annual tradition when, from between roughly late October through November, Meta’s ad platform just seems to go bonkers.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
Monopoly Man looks on at the DOJ vs. Google ad tech antitrust trial (comic).
antitrust

Closing Arguments Are Done In The US v. Google Ad Tech Case

The publisher-focused DOJ v. Google ad tech antitrust trial is finished. A judge will now decide the fate of Google’s sell-side ad tech business.

Programmatic

Wall Street Wants To Know What The Programmatic Drama Is About

Competitive tensions and ad tech drama have flared all year. And this drama has rippled out into the investor circle, as evident from a slew of recent ad tech company earnings reports.

Comic: Always Be Paddling
Platforms

Omnicom Allegedly Pivoted A Chunk Of Its Q3 Spend From The Trade Desk To Amazon

Two sources at ad tech platforms that observe programmatic bidding patterns said they’ve seen Omnicom agencies shifting spend from The Trade Desk to Amazon DSP in Q3. The Trade Desk denies any such shift.

Popular

  1. Social Media

    Meta’s Ad Platform Is Going Haywire In Time For The Holidays (Again)

    For the uninitiated, “Glitchmas” is our name for what’s become an annual tradition when, from between roughly late October through November, Meta’s ad platform just seems to go bonkers.

  2. Digital Out-Of-Home

    Broadsign Acquires Place Exchange As The DOOH Category Hits Its Stride

    On Tuesday, digital out-of-home (DOOH) ad tech startup Place Exchange was acquired by Broadsign, another out-of-home SSP.

  3. Technology

    How AudienceMix Is Mixing Up The Data Sales Business

    AudienceMix, a new curation startup, aims to make it more cost effective to mix and match different audience segments using only the data brands need to execute their campaigns.

  4. AdExchanger Content Studio

    Beyond The Magic Button: How Domain Expertise Transforms AI Analytics For Advertising

    As artificial intelligence transforms advertising analytics, many organizations are rushing to adopt AI tools, hoping for a “magic button” that instantly democratizes data access.

  5. Comic: Always Be Paddling
    Platforms

    Omnicom Allegedly Pivoted A Chunk Of Its Q3 Spend From The Trade Desk To Amazon

    Two sources at ad tech platforms that observe programmatic bidding patterns said they’ve seen Omnicom agencies shifting spend from The Trade Desk to Amazon DSP in Q3. The Trade Desk denies any such shift.