{"id":51019,"date":"2024-04-17T07:29:04","date_gmt":"2024-04-17T11:29:04","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=51019"},"modified":"2024-04-17T07:29:04","modified_gmt":"2024-04-17T11:29:04","slug":"disable-rtb-ad-tracking-law-enforcement-spy-agencies","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/disable-rtb-ad-tracking-law-enforcement-spy-agencies\/51019\/","title":{"rendered":"Advertisers sharing data about you with\u2026 intelligence agencies"},"content":{"rendered":"

The industrial scale of surveillance of internet users is a topic we keep returning to. Every click on a website<\/a>, every scroll in a mobile app, and every word you type into a search bar is tracked by dozens of tech companies<\/a> and advertising firms. And it affects not only phones and computers, but also smart watches, smart TVs and speakers<\/a> \u2014 even cars<\/a>. As it turns out, these motherlodes of information are used not only by advertisers offering vacuum cleaners or travel insurance. Through various intermediary companies, this data is snapped up by security agencies of all stripes: police, intelligence, you name it. See here for the latest investigation into such practices<\/a>, focusing on the Patternz platform and the \u201cadvertising\u201d firm Nuviad. Previously, similar investigations probed Rayzone<\/a>, Near Intelligence<\/a>, and others<\/a>. These companies, their jurisdictions of incorporation, and their client lists vary, but the general formula is always the same: collect and save proprietary information generated by advertising, then resell it to law enforcement agencies worldwide.<\/p>\n

Behind the scenes of contextual advertising<\/h2>\n

We\u2019ve already described in detail how data is collected on web pages and in apps<\/a> \u2014 but not how it gets put to use. In overly simplified terms, behind every banner display or advertising link in today\u2019s online world, there is some lightning-fast, super-complex trading. Advertisers upload their ads and audience requirements to a demand-side platform (DSP), which finds suitable sites or apps to display such advertising. The DSP then takes part in an auction for the types of advertising (banner, video, and so on) to be displayed on these sites and apps. Depending on who views the ads and how well they match the advertiser\u2019s requirements, a particular type of ad may win the auction. This process is known as real-time bidding (RTB). During the bidding, participants receive information about the potential ad consumer: previously collected data on the individual is condensed into a brief description card. Depending on the platform, the composition of this data may vary, but a fairly typical set would be the consumer\u2019s approximate or precise location, the device in use, the OS version, as well as \u201cdemographic and psychographic attributes<\/a>\u201d \u2014 that is, gender, age, family members, hobbies, and other topics of interest to the user<\/a>.<\/p>\n

How RTB data is used for surveillance<\/h2>\n

A 404 Media investigation<\/a> found that the Patternz platform advertised to clients that it processed 90 terabytes<\/strong> of data daily, covering the actions of around five billion user IDs. Note that there are far fewer real users than IDs since each person can have several IDs. Because advertising is global \u2014 so too is the scope of data collection.<\/p>\n

Collecting and analyzing the above data allows precision tracking of:<\/p>\n