U.S. Senators Ask Digital-Ad Auctioneers to Name Foreign Clients Amid National-Security Concerns
April 02 2021 - 6:12PM
Dow Jones News
By Patience Haggin
A bipartisan group of lawmakers is asking questions about the
inner workings of digital advertising amid worries the industry's
user-targeting capabilities could pose a threat to national
security.
When anyone loads a webpage, a digital-ad auction occurs in
seconds to determine which personalized ads the person will see.
During that auction, the user's personal data -- including
location, browsing history and demographic details -- may be sent
to hundreds of companies bidding on the ad slots. The barriers to
join these auctions are low, and any company participating in the
auction can access user information without having to bid.
On Friday, a group of U.S. senators led by Senate Finance
Committee Chairman Ron Wyden (D., Ore.) sent a letter to the
largest companies running these auctions -- AT&T Inc., Index
Exchange Inc., Alphabet Inc.'s Google, Magnite Inc., OpenX Software
Ltd., PubMatic Inc., Twitter Inc. and Verizon Communications Inc.
-- asking them what steps they take to make sure companies joining
the auctions do so for the sole purpose of buying ad slots.
They also asked the companies to provide the names of all
foreign clients who had access to user data through auctions over
the past three years.
"As Congress debates potential federal privacy legislation, we
must understand the serious national security risks posed by the
unrestricted sale of Americans' data to foreign companies and
governments," the senators said in the letter, a copy of which was
reviewed by The Wall Street Journal. Beyond Sen. Wyden, the letter
was signed by Sens. Kirsten Gillibrand (D., N.Y.), Sherrod Brown
(D. Ohio), Bill Cassidy (R., La.), Mark Warner (D., Va.) and
Elizabeth Warren (D., Mass.).
The information gathered during the ad-auction process -- known
in the industry as "bidstream" data -- can be packaged by data
brokers, which resell it to companies and governments. Even though
all user information available through these auctions is
anonymized, it is possible to identify specific individuals by
cross-referencing it with other data.
Political campaigns, for instance, have successfully paired
location data with voter files to advertise to individuals who have
attended certain rallies.
Federal agencies have purchased this personal data and used it
to track down suspects without seeking warrants. The nation's
Defense Intelligence Agency, the Department of Homeland Security
and the Internal Revenue Service have used this data -- without a
warrant -- to monitor the locations of individuals through their
mobile devices.
"The United States is not the only government with the means and
interest in acquiring Americans' personal data," the senators wrote
in the letter. "This information would be a goldmine for foreign
intelligence services that could exploit it to inform and
supercharge hacking, blackmail, and influence campaigns."
Several U.S. government agencies have warned that foreign actors
could use data gathered from these auctions to spy on users who
work for the military and intelligence community. Last year, the
National Security Agency advised military and
intelligence-community personnel to disable location-sharing
services and turn off advertising permissions on their mobile
devices.
Many companies accessing user data during auctions do so under
contractual agreement that they won't use the data for any purpose
other than bidding on and delivering the ad. In the letter, the
senators asked the ad-auction companies how they enforce those
contractual restrictions, and requested a list of all companies to
whom they had provided data in the past three years who weren't
under such restrictions.
In addition, the lawmakers requested a list of every
foreign-headquartered or foreign-majority-owned company to whom the
ad-auction operators had provided bidstream data in the past three
years. They asked the eight companies to answer their questions by
May 4.
In a statement Friday, an Index Exchange spokeswoman said the
company voluntarily abides by high industry standards. "We look
forward to our active involvement in this important process with
the US Senate as we continue to evaluate the requests for
information outlined," the spokeswoman said.
"PubMatic has been at the forefront of consumer privacy and
transparency initiatives and is committed to the promotion of
integrity in the digital advertising ecosystem," a spokesman for
the company said.
An AT&T spokesman said, "We received the letter and will
respond as requested, but we have thorough processes in place to
protect the data referenced in the letter."
A Google spokeswoman said the company never sells people's
personal information. "And all ad buyers using our systems are
subject to stringent policies and standards, including restrictions
on the use and retention of information they receive," she
said.
A Twitter spokeswoman said the company had received the letter
and intended to respond.
Magnite and Verizon didn't respond to requests for comment.
OpenX didn't provide comment.
Write to Patience Haggin at patience.haggin@wsj.com
(END) Dow Jones Newswires
April 02, 2021 17:57 ET (21:57 GMT)
Copyright (c) 2021 Dow Jones & Company, Inc.
AT&T (NYSE:T)
Historical Stock Chart
From Mar 2024 to Apr 2024
AT&T (NYSE:T)
Historical Stock Chart
From Apr 2023 to Apr 2024
