Home Privacy Johnny Ryan Exits Brave With Plans To Push Hard For GDPR Enforcement

Johnny Ryan Exits Brave With Plans To Push Hard For GDPR Enforcement

SHARE:
Johnny Ryan testifies before Congress in May 2019.

Johnny Ryan, a professional thorn in the side of big tech and ad tech, left browser company Brave this week to go nuclear on data rights.

He’s now a senior fellow at Open Markets Institute, a think tank focused on antitrust issues, and a senior fellow at the Irish Council for Civil Liberties, a Dublin-based human rights organization which has a long history of campaigning for data rights.

Ryan spent two years as chief policy and industry relations officer at Brave, during which time he helped file complaints in 16 different European countries calling out real-time bidding as a violation of the GDPR.

But, so far, there’s been no enforcement action of “any substance whatsoever,” Ryan said. But in his new roles, he’ll push more aggressively.

“My objective is to obtain total and complete enforcement of data protection law in this industry,” he said. “Our colleagues in ad tech firms, and even some enforcers, seem to think they can hide behind small gestures until this goes away – but this is not going away.”

AdExchanger caught up with Ryan for a few hot takes.

On leaving Brave: “Before Brave, I spent some months trying to get NGOs to act, to no avail. Then I joined Brave and realized that we needed to take action ourselves. We spent two years trying to get enforcement, but the enforcers did not act. It’s clear to me that it’s time to move to the next level, and that’s preparing for litigation.”

On litigating to prompt GDPR enforcement: “If you are an enforcer whose job is to enforce the GDPR, but you prove either unwilling or unable to do so, that inevitably makes you a target for litigation.

“The courts can be slow, but at least you get a decision rather than a slow dribble of inaction. The ICO in the UK has been particularly poor. The Irish Data Protection Commission has yet to produce anything. As a group, the data protection authorities have disappointed.”

On whether he loves it that ad tech companies sorta hate him: “I’m not sure that ad tech companies do. I’ve been on their side of the table, and I remember how it feels to be wedded to the status quo and have somebody who you may think is a privacy zealot throwing stones at your glass house. I’ve worked for a publisher under fire [The Irish Times], and at an ad tech company [PageFair], so I get it. It is hard for ad tech companies not to feel under siege.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

“But these changes are bigger than any individual. They’re real and, as I have told colleagues in the industry year after year, it’s time to properly engage with them.”

On his proudest moments: “Nothing has been achieved yet: Internet users remain subject to exactly the same hazards as two years ago.

“But perhaps there were a few proud moments. One was contributing to a counter-lobbying effort with Ashkan Soltani and others against an amendment from California state Sen. Henry Stern, which would have diluted the CCPA and created an exception for ad tech. We prevailed. The amendment didn’t pass. That felt good.

“Another moment was when I had a drink with Ashkan, Alastair Mactaggart [the man behind the CCPA] and his wife Celine in San Francisco the night they submitted the CPRA [California Privacy Rights and Enforcement Act] for the November ballot. CPRA includes the first legal definition for proposed cross-context behavioral advertising that doesn’t disadvantage publishers for using their first-party data, but does disadvantage all of the people stealing publishers’ lunch. I contributed a little to the text of that law, and I think it will materially improve everybody’s privacy and publishers’ sustainability.

“The third one is seeing the data from NPO, the national broadcaster of the Netherlands. I had talked with them for years about removing third party ad tech. They finally did it in January 2020, and saw a massive revenue increase. This revenue increase happened not only on their big sites, but on sites with much smaller market share too.”

On why contextual just might be the cookie killer we need: “NPO, with their sales house, Ster, increased ad revenue by 37% in August year over year – and the month has only just begun. In July, revenue increased by 25% compared to July last year. What changed? They dumped ad tech and innovated to maximize context. This also suggests that perhaps sales houses and allowing many publishers of different sizes to use a single sales house, is the answer, yet again.

At the W3C right now, Criteo, Google and others are proposing newfangled ways of doing the same old things without cookies. But before you even think about trying to resurrect third-party tracking, one has to consider the example of NPO and others. Publisher trade bodies should be urgently examining this question – and should force this onto the agenda of the IAB and other tracking industry trade bodies.”

Must Read

CleanTap Says It Easily Fooled Programmatic Tech With Spoofed CTV Devices

CleanTap claims that 100% of the invalid traffic it spoofed was accepted into live auctions run by programmatic platforms and was successfully bid on by advertisers.

HUMAN Expands Its IVT Detection Tool Kit With A New Product For Advertisers, Not Platforms

HUMAN has recently started complementing its bid request analysis by analyzing the time between when a bot clicks an ad and when the landing page loads. Now it’s offering the solution to individual advertisers.

Index Exchange Launches A Data Marketplace For Sell-Side Curation

Through Index Exchange’s data vendor marketplace, curators gain access to third-party data sets without needing their own integrations.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Can Publishers Trust The Trade Desk’s New Wrapper?

TTD says OpenAds is not just a reaction to Prebid’s TID change, but a new model for fairer, more transparent ad auctions. So what does the DSP need to do to get publishers to adopt its new auction wrapper?

Scott Spencer’s New Startup Wants To Help Users Monetize Their Online Advertising Data

What happens when an ad tech developer partners with a cybersecurity expert to start a new company? You end up with a consumer product that is both a privacy software service and a programmatic advertising ID.

Former FTC commissioner Alvaro Bedoya speaks to AdExchanger Managing Editor Allison Schiff at Programmatic IO NY 2025.

Advertisers Probably Shouldn’t Target Teens At All, Cautions Former FTC Commissioner

Alvaro Bedoya shared his qualms with digital advertising’s more controversial targeting tactics and how kids use gen AI and social media.