January 12, 2021

How Adtech Helped To Radicalize The US

This piece appeared in Campaign Magazine UK one week after the riot at the Capitol in Washington DC

There is nothing ambiguous about the role the marketing and advertising industry has played in the radicalisation of US politics and the horrifying events of recent days. There is a clear line connecting adtech and radicalisation. 

While it has been widely reported and acknowledged that social media has played a significant role in the schism in US society, there is a deeper, more nuanced truth behind the deterioration of our politics. 

The wedge that has been driven into the fabric of US society has been driven in part by information gathered about American citizens by the adtech ecosystem and fed into algorithms that are employed by platforms and online publishers.

The purpose of these algorithms is primarily to keep visitors “inside the corral” of the publisher or the platform. The more time a visitor spends in the corral, the more money the platform can realise from selling ad space. 

To do this, the platforms feed visitors ever more “engaging” content. Experience has taught the algorithms that the more juicy the material, the more likely they are to retain the visitor.

Consequently, the algorithms feed us incrementally more lurid notions of our own predispositions and connect us ever more closely with others who share them. 

In May 2020, the Wall Street Journal reported that after the presidential election of 2016, a team of Facebook executives undertook an internal study to understand how its policies shaped the behaviour of its users. 

The study concluded that algorithms they use “to gain user attention and increase time on the platform” were driving people apart.

According to the report, “64% of all extremist group joins are due to our recommendation tools... Our recommendation systems grow the problem.” 

A slide from the presentation said: “Our algorithms exploit the human brain’s attraction to divisiveness.” If left unchecked, it warned, Facebook would feed users “more and more divisive content in an effort to gain user attention and increase time on the platform”. 

According to the WSJ story, “Facebook is under fire for making the world more divided. Many of its own experts appeared to agree – and to believe Facebook could mitigate many of the problems. The company chose not to.” 

This report revealed the truth that Facebook and friends are more than a “bulletin board” where people express their opinions. It unambiguously describes the way these platforms actively direct people into extremist groups whose purpose is to divide us. 

But there’s more to this story. We need to be honest with ourselves. For years, we have been hiding behind the skirts of Facebook and other online platforms.

While these companies have taken the heat, it has been largely unrecognised by the public that it is for the sole benefit of the advertising and marketing industry that Facebook and others do their squalid work. We are the hidden hand that guides and finances these dangerous practices. 

In light of the murder and mayhem at the Capitol in Washington on 6 January, it has been suggested that some in the Republican Party need to stop pretending they didn’t understand the consequences of standing by quietly while dangerous, irresponsible lies were being promulgated by members of their party.

I would like to suggest that we in the advertising industry are no less guilty of standing by quietly and pretending we don’t understand the consequences – in our case, of our dangerous addiction to adtech and the concomitant destruction it engenders. 

For years, many of us have described adtech as dangerous. It is now time to upgrade that description to disastrous. The leaders of our industry  the ANA, the 4As, IAB, and the chief marketing officers of our biggest advertisers  must face up to what adtech is doing to our society and act immediately and decisively to reform it. 

January 04, 2021

The Inescapable Logic of Ad Fraud

The recent alarming revelations of Russian hacking of 250 US Government agencies, which went undetected by our most sophisticated cybersecurity defenses including the military’s Cyber Command, the National Security Agency, and the Department of Homeland Security must lead us in the marketing business to reevaluate our thinking about ad fraud.

The scope of online ad fraud has been argued about for years by computer scientists, software engineers, cybersecurity analysts, advertising media specialists, and independent researchers.

On one side we have advertising and marketing trade organizations, agencies, and their security consultants who tell us that ad fraud is a minor problem that is being well-defended and, in fact, is shrinking annually

On the other side we have independent researchers who tell us that ad fraud is a massive problem (recently estimated at over $60 billion) that is becoming harder to identify and is growing dangerously.

Both sides provide metrics and data that purport to prove their point. Who should we believe? 

I would like to argue this proposition from a new point of view -- from the point of view of those of us who are not computer scientists and cannot interpret the impenetrable computer code that underlies cyber theft, and with the added knowledge of the recent shocking revelations about undetected hacking.

Rather than a mathematical or data driven argument, I will present a theoretical argument. Instead of data, I will provide logic. 

Let's start with indisputable facts:

   - The online advertising marketplace trades over $300 billion annually via computer systems.

   - Hackers - in particular state sponsored hackers - have recently been shown to have the ability to penetrate some of the most "secure" systems in the world, undetected.

   - Every person, business, or government agency that has ever been hacked had authoritative assurances that it was secure -- until it turned out it wasn't.

   - There are a multitude of ways that criminal actors have discovered for extracting money from the adtech ecosystem.

   - Gaming the programmatic ecosystem (which transacts about 80% of online ad activity) has been shown to be astoundingly simple.

   - There is no international governing authority, and consequently there are no cross-border penalties, for committing online ad fraud.

Now some assertions on my part:

It is folly to believe that hackers who can penetrate systems protected by the US military’s Cyber Command, the National Security Agency, and the Department of Homeland Security without detection could not easily penetrate adtech systems without detection.

There are governments in the world with both very sophisticated technology operations and economies that would massively benefit from the addition of billions of dollars.

Now some logic:

If the Cyber Command, the NSA, and the Department of Homeland Security can be fooled, I don't think it's a stretch to assume that fraud detection software can also be fooled. Consequently, if state sponsored hackers are fiddling the adtech ecosystem, it's likely that ad fraud detection systems aren't seeing it.

It would be amazing if state sponsored cyber criminals didn't view the adtech marketplace as ridiculously easy pickings and even more delicious since there are no consequences for being discovered.

Some conclusions:

If state sponsored penetration of adtech systems exist, the commercial fraud detection companies should be considered seriously overmatched. And, of course, the bold assertions of trade organizations, agencies or marketers are no more reliable than those of the fraud detection companies they rely on.

While we know that criminals and criminal organizations are active in stealing money from the adtech systems, we don't know if governments are. In light of recent revelations, however, it seems highly likely that state sponsored cyber operations would be powerfully attracted to the tens of billions of dollars that the adtech ecosystem is unwittingly dangling in front of them. If so, ad fraud is probably a lot harder to detect and a lot larger than anyone thinks it is.

Let's boil this down to two simple questions...

If you were a bad guy, and you could easily steal billions of dollars with a tiny possibility of detection and no possibility of consequences even if you were detected, why wouldn't you?

If you are a marketer spending substantially on digital advertising, what reason do you have for believing the metrics you're getting?