12 Nov 2023

personalization risks

Based on some of the feedback to the Draft W3C Privacy Principles it is starting to look like some of the problems that get lumped together as privacy problems are actually personalization problems. Personalization can occur when a person gets different content or ads from another person in the same context, and is technically possible without any other party knowing what the person got.

If the Web were somehow able to get perfect privacy-preserving personalization—for ads, content, or both—some of the problems inherent to personalization would remain.

Unlawful discrimination Personalization can facilitate showing and hiding opportunities, such as jobs or housing, based on a user’s membership in a legally protected group of people. And the more obfuscated the personalization/discrimination gets, the harder it is for news sites to report on it and for regulators to take action. Privacy-preserving personalization could make illegal discrimination could become prohibitively difficult to detect, or get a conviction on, if a regulatory agency with a budget in the millions of dollars has to solve a tricky machine learning explainability problem devised by a company with a budget in the billions.

Hiding fraud A personalization system can be used by deceptive sellers to avoid making their ads or content known to people who are likely to take some kind of action against deception.

Content market race to the bottom effects This is a well-known problem in adtech, where an audience can be indentified on a high-value site and monetized on a lower-value that is not reported to the advertiser. Not mainly a web publishing problem—it’s mostly a problem for users who don’t get as much ad-supported content as their ads would otherwise pay for.

The mix of fraud and race to the bottom effects is sites that source traffic deceptively—they’re a little of both.

#