Over the past few months things have seemed different on the web. We’ve begun to widely ask questions we haven’t publicly considered about the role of data collection in our connected lives. Part of the trigger for this is a result of the ongoing fallout from the Cambridge Analytica scandal, where data collected from users about their own profiles and those of their friends was used in an attempt to target political ads. Crucially, much of this data was collected or distributed without clear user consent. In the face of governmental and user outcry, Facebook’s CEO Mark Zuckerburg was called before congress to testify about the scandal, and took out a full-page ad in multiple British and American newspapers to apologize to the company’s users.
As well, many tech companies have begun to update their services to comply with the European Union’s General Data Protection Regulation (GDPR), which took effect at the end of last week. GDPR is a comprehensive regulation aimed enforcing high levels of user data privacy and anonymization for all services that store the data of European citizens. GDPR is a milestone piece of legislation, and will no doubt help to keep user data confidential and anonymous. It marks one of the first times a governement has applied concrete regulations to the use of user data in a general way. It is, however, likely not enough. In order to meaningfully address the incentives that lead to the Cambridge Analytica scandal and that drive Facebook and other companies like Google and Amazon to aggressively collect user data, we must also ban targeted advertising.
A ban on targeted advertising is an essential part of a two-pronged approach to consumer data protection, focusing on both the collection and use of data by tech companies. From the beginning of modern web applications, bulk collection of data has been intimately connected to targeted advertising. Most notably, Gmail, Google’s email service, made money by scanning the email of users and serving targeted advertisements based on it. While Google has since ended the practice, the model has remained influential. Facebook’s business is almost entirely based on monetizing the social networks of users, often in disturbing ways. Beyond the Cambridge Analytica scandal, Facebook has recently come under scrutiny for harvesting the call and SMS histories of users through its Messenger application on Android without clear limits on the uses of that data. While regulations like GDPR are critically important to protect already-collected user data, an outright ban on targeted advertising would go a long way towards stopping the most egregious aspects of that collection in the first place.
Further, though, a ban on targeted advertising would increase competition in technology. Current web services are monolithic, centralizing user data and using it to sell advertisements and make money. In this framework, there is little substitute for the sheer volume of data that has been amassed by companies like Facebook, Google, and Amazon. Companies that lack that pool of data have little opportunity to become profitable through traditional means, and often either fail or are bought by a larger company. A competitive landscape that so clearly rewards size and consolidation is not likely to act in the interest of consumers, and should be discouraged. A ban on targeted advertising would help to solve that.
In many ways, the internet is becoming a mature technology. With that maturity comes a necessity for regulation in order to ensure it remains a fair, competitive, and responsible platform. A ban on targeted advertising would adress a host of pervasive issues on the web, from indiscriminate user data collection to anticompetitive practices by established players. The federal government has this authority. It’s what it used to regulate the telephone industry, ban cigarette ads, and make a variety of other interventions into the economy. It’s time to use it to regulate targeted advertising in the same way.