Home Privacy Oracle’s Third-Party Tracking Is The Target Of A Privacy Lawsuit

Oracle’s Third-Party Tracking Is The Target Of A Privacy Lawsuit

SHARE:
eyes on stalks

TFW when you brag about the size of your graph on stage at an industry event, then it’s used as evidence against you.

Oracle was hit with a class-action lawsuit on Friday accusing the company of “a deliberate and purposeful surveillance of the general population via their digital and online existence.”

The suit, which was filed in the Northern District of California, quotes from Oracle Chairman and CTO Larry Ellison’s keynote presentation at the company’s 2016 OpenWorld conference, during which he boasted that there are five billion people in Oracle’s ID Graph.

“How many people are on Earth, seven billion? Two billion to go,” Ellison quipped from the stage.

You can read the full complaint here, which focuses on Oracle’s use of third-party trackers to create profiles without consent.

Johnny Ryan, a senior fellow at the Irish Council for Civil Liberties (ICCL), is one of three lead plaintiffs behind the lawsuit. Two US-based privacy rights advocates – Dr. Jennifer Golbeck, a professor of computer science at the University of Maryland, and Michael Katz-Lacabe, director of research at The Center for Human Rights and Privacy – round out the bunch.

This, however, is not Ryan’s first rodeo.

In June of last year, Ryan brought a suit against the IAB Tech Lab in a Hamburg court, accusing it of sharing consumer data without consent via real-time bidding. Specifically, that lawsuit argues the Tech Lab’s audience taxonomy unlawfully segments people without permission based on sensitive personal information, such as health status, religious beliefs and sexual orientation.

Between 2018 and 2020, during his stint as chief policy and industry relations officer at Brave, Ryan also helped file complaints in 16 different European countries alleging that RTB itself is a violation of GDPR.

Because this most recent complaint against Oracle was filed in the US and not Europe, Ryan, Golbeck and Katz-Lacabe are alleging violations of a cocktail of different US laws, including the Federal Electronic Communications Privacy Act and the California Invasion of Privacy Act.

The complaint comes at a time when Oracle’s advertising business hasn’t been thriving. Oracle has been losing market share to its marketing cloud competitors, namely Salesforce, and it recently went through a massive reorg of its Oracle Advertising business, which resulted in a round of layoffs this summer.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Even so, Oracle Advertising netted around $2 billion last year, a person with knowledge of the numbers told Insider.

And, in the view of its most recent complainants at least, that was money made through unlawful privacy violations.

According to the suit, “Oracle does not even maintain a pretense of having directly obtained the consent of the subjects of its surveillance … who have no legal or practical ability to consent to Oracle’s conduct.”

To be fair, Oracle did shut down its AddThis business in Europe after it became clear that trying to get informed consent to use AddThis audience data wasn’t going to work at scale (and that legitimate interest wasn’t going to fly as a legal basis under GDPR).

Oracle acquired AddThis, which is a social bookmarking service, for $200 million back in 2016.

Which is the same year Ellison took to the stage at OpenWorld to exult in Oracle’s data advantage, including its ready access to information on everything from social activity, web browsing and past purchases to real-time physical location and even “knowing how much time you spend in a specific aisle of a specific store.”

“This is scaring the lawyers,” Ellison joked to the audience. “[They’re] shaking their heads and putting their hands over their eyes.”

Oracle did not respond to AdExchanger’s request for comment.

Must Read

Comic: No One To Play With

Google Pulls The Plug On Topics, PAAPI And Other Major Privacy Sandbox APIs (As The CMA Says ‘Cheerio’)

Google’s aborted cookie crackdown ends with a quiet CMA sign-off and a sweeping phaseout of Privacy Sandbox technologies, from the Topics API to PAAPI.

The Trade Desk’s Auction Evolutions Bring High Drama To The Prebid Summit

TTD shared new details about OpenAds features that let publishers see for themselves whether it’s running a fair auction. But tension between TTD and Prebid hung over the event.

Monopoly Man looks on at the DOJ vs. Google ad tech antitrust trial (comic).

How Google Stands In The DOJ’s Ad Tech Antitrust Suit, According To Those Who Tracked The Trial

The remedies phase of the Google antitrust trial concluded last week. And after 11 days in the courtroom, there is a clearer sense of where Judge Leonie Brinkema is focused on, and how that might influence what remedies she put in place.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

The Ad Context Protocol Aims To Make Sense Of Agentic Ad Demand

The AI advertising agents will need their own trade group eventually. For now though, a bunch of companies are forming the Ad Context Protocol, or AdCP.

OUTFRONT Is Using Agencies’ AI Enthusiasm To Spur Wider Programmatic OOH Adoption

The desire for a data-driven reinvention of OOH inspired OUTFRONT to create agentic AI tools for executing and measuring OOH campaigns and comparing OOH to other channels.

Inside PubDesk, The Trade Desk’s New Dashboard That Shows What Buyers Actually Care About

A peek inside PubDesk, The Trade Desk’s new dashboard that gives sellers detailed info on how buyers value their inventory.