Google & Other RTB Companies Behind ‘Biggest Data Breach Ever Recorded’

The Irish Council for Civil Liberties (ICCL) is reporting on the scale of Real-Time Bidding data broadcasts in the U.S. and Europe.   

Key insights 

  • RTB is the biggest data breach ever recorded. It tracks and shares what people view online and their real-world location 294 billion times in the U.S. and 197 billion times in Europe every day.
  • On average, a person in the U.S. has their online activity and location exposed 747 times every day by the RTB industry.
  • In Europe, RTB exposes people’s data 376 times a day.
  • Europeans and U.S. Internet users’ private data is sent to firms across the globe, including to Russia and China, without any means of controlling what is then done with the data.
  • The RTB industry generated $117+ billion in the U.S. & Europe in 2021.
Subscribe
Notify of
guest
4 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Dave Cundiff
Dave Cundiff , Vice President
InfoSec Expert
May 17, 2022 1:12 pm

When I see reports of this nature it causes me to stop and consider my online footprint. The breach is concerning but equally concerning is the fact the data is gathered for purchase for anyone willing to pay for it. So, the only difference is there will be the data available for free instead of purchase. Everything the consumer does online is tracked; this is how “free” services pay for themselves. Juggernaut tech companies like Google, Facebook, LinkedIn, Twitter, etc. get to billions of dollars in valuation. The parts of their platforms in use by the general public are not the value, it is the ability of those platforms to track those users, make determinations about how to guide them, and how to manipulate their experience to the benefit of the corporation. It is a Faustian bargain at best, but we should all consider what we do with our online presence and be critical of those convenient moments when it seems like “just what I needed” shows up. Is it really what you needed?

Last edited 1 month ago by Dave Cundiff
John Gunn
John Gunn , CEO
InfoSec Expert
May 17, 2022 1:13 pm

It is highly misleading to label this as a data breach. It is a clear violation of GDPR and would be alarming and upsetting to many consumers if they knew, but it is not a data breach or a hacking attack. Like many evolving technologies (AI and biometrics are others), it has real benefits for consumers but can also be misused in harmful ways. Ultimately, it should always be up to the party being tracked if they want to opt-in.

Last edited 1 month ago by John Gunn
Ron Bradley
InfoSec Expert
May 17, 2022 1:16 pm

The chances are highly likely your experience delving into Real-Time Bidding will be much different than mine. Why?  Because the first thing I do when I sit at a new computer is install ad blockers and anti-tracking plugins. Just to be clear, NOTHING, most of us do on the Internet is anonymous. But there are safeguards we can put in place to protect ourselves.
 
At a recent conference, I was looking over the shoulder of a colleague, and within two seconds I could easily determine he has children and pets based solely on the adds popping up on his screen.  Furthermore, those convenient links to social media platforms embedded into web pages make the job of privacy pirates just that much easier.

You are a commodity. Your data has already been compromised and will always be for sale to the highest bidder. If that makes you uncomfortable, then take simple measures to protect yourself online.

    1. Install battle tested privacy plugins.
    2. Tighten the security and privacy settings on your browsers to the point it becomes annoying, then back them off if necessary.
    3. Use Incognito or Private windows when connecting to sensitive sites.
    4. Make use of a VPN to hide your IP address.
    5. Use password managers, and never reuse passwords on sites such as healthcare and banking.

These suggestions are just a few of the overall layers of the security onion everyone should be conscientious of in today\’s computing environment. You don\’t have to eat the entire elephant today.  But start small and begin with an ad blocker. Don\’t put it off. Your privacy depends on it.

Last edited 1 month ago by Ron Bradley
Garret F. Grajek
InfoSec Expert
May 17, 2022 1:17 pm

Data is the new coal – furnacing the most important world industry – commerce. How this data is collected, stored and reviewed will be the discussion point of our lifetimes. Rest assured – the more progressive states will increase their regulations and guidance around this data – as noted by GDPR in Europe and CCPA/CCPR in California. The key for corporations to know is that the legal entities ready to sue companies that handle RTB data have their knifes out. They must practice identity governance to ensure that the users and services that have access to this data are approved, their approval is documented and any change to access to this data is documented. This all falls under identity governance and is a key component for enterprises who want to stay in business collecting and using RTB data.

Last edited 1 month ago by Garret F. Grajek
Information Security Buzz
4
0
Would love your thoughts, please comment.x
()
x