Data, Privacy , Policies on Social Media

Question 1

What is “Data-Based Advertising?”

Answer 1

• Uses data to optimize its audience and creative messaging.
• Shows ads to people on websites, regardless of the context of the website.
• The alternate is the outmoded “Contextual Advertising,” which was placing your ad on websites whose audiences will likely be interested in your ad.

Question 2

What is Contextual Advertising?

Answer 2

Advertisers placing content on websites that is topically related to their ad. This is the model of advertising in magazines and it was the model used in the early days of the internet, before Data-Based Advertising.

Question 3

Advantages of Data-Based Advertising (3)

Answer 3

1. more likely to interest people
2. can target by demographics, location, interest, or previous behavior.
3. 500% more effective than advertising without data!*

*“Data-Driven Advertising in Europe: Latest Research,” GfK Global, 2017

Question 4

What is a CMS?

Answer 4

A Content Management System.

Question 5

What is a Content Management System?

Answer 5

A CMS is what is used by a publisher uses to:


1. store, create, and manage content on their website. (Ie:Wordpress, Droomla, Drupal).
2. CMS store and utilize user data to bring the right content to each user. 

3. Also, Space is left there for ads

Question 6

How do Ads get on the website?

Answer 6

An Ad Server puts ads on the website.

Question 7

How does the website/ad server get information about a person viewing the site?

Answer 7

When their browser requests a website from the publisher, SOME DATA ABOUT THE PERSON IS SENT TO THE PUBLISHER
That information is used to give them the relevant service/webpage
That information is also given to the Ad Server to show the person a relevant ad

Question 8

What is included in Web Server Logs? (7)

Answer 8

1. The user’s I.P. address
2. The unique identifier (string of characters)
3. Username (if applicable to access the website)
4. Date and timestamp
5. Data requested
6. HTTP status code (200 success) (404 error)
7. Size of the content file the person received

Question 9

What is a cookie?

Answer 9

A website-specific code that is stored in a person’s browser to ease navigation.

Question 10

Cookies have limitations (3):

Answer 10

1. Don’t work across browsers and devices.
2. Can be blocked or erased from browsers
3. Don’t work on mobile apps. (!!)

Question 11

What is a U.I.D.?

Answer 11

A user-ID created on websites where people have to login.

It is a unique number that is assigned to someone’s account that can be associated with all their logged-in behavior.

All activity, regardless of browser or device can be collected by a UID.

interests, behavior, and demographics can be stored.

Don’t store personally identifiable data, because the original item gets stored as hash data.

Question 12

What is hash data?

Answer 12

Original data gets transformed by an algorithm and it takes another algorithm to translate it. That way no personally identifiable data is stored with a UID.

Question 13

How many types of Data Ownership are there?

Answer 13

Three!

First Party Data
Second Party Data
Third Party Data

Question 14

What is First Party Data?

Answer 14

First Party Data is the data a company receives directly from the person they are interacting with.

Question 15

What is Second Party Data?

Answer 15

Second Party Data is the same as First Party Data but it passed along to a second party, often a trusted partner of the First Party, often a beneficial exchange.

Question 16

What is Third Party Data?

Answer 16

Third Party Data (“third party cookies”) is data tracked about a person across sites. The data will often be aggregated across sites to generate profiles to describe the person’s interests and behaviors online.

This data is often packaged and sold by these third parties to advertisers who use it to supplement their own First Party Data or create profiles they can use to customize their advertising.

ie: using browser cookies.
Caveat: Since people don’t explicitly give permission to collect and store this data, third party data tracking often raises privacy concerns. As a result several browsers block third party data collection.

Question 17

What are the THREE different levels of privacy control?

Answer 17

1. LAWS: 
Government regulations (GDPR, CCPA, COPPA)

2. Industry self-regulation
   (two largest: The Digital Advertising Alliance, The European Interactive Digital Advertising Alliance)
3. Company Data Policies
   Most large online platforms have a public data policy that explains what data they receive, what they use it for, and how people can control what they share.

Question 18

What are the 3 government privacy control laws?

Answer 18

1. GDPR
2. CCPA
3. COPPA

Question 19

What is GDPR? (+2)

Answer 19

General Data Protection Regulation: It’s a law that protects data and online privacy in the European Union. Very detailed and complex, but basically has requirements in two buckets:

1. EU Citizen Data Rights
2. Data protection obligations for companies who collect the data.

Question 20

GDPR rights for people (4):

Answer 20

1. Right to access (the data)
2. Right to correct it
3. Right to erase it.
4. Right to data portability (right to get a file of their information and pass it on to another company).
5. Additional data protections (companies must protect the data they receive, must tell people within 72 hours if their data was leaked, certain data categories are prohibited from collection, ex: ethnicity or sexual orientation) AND BEFORE COMPANIES CAN RECEIVE DATA THEY MUST ASK FOR CONSENT

Question 21

Who manages and develops GDPR?

Answer 21

The European Union.

Question 22

Who must comply with GDPR?

Answer 22

Anyone who works with the personal data of people in the EU.

Question 23

How is GDPR enforced? (2)

Answer 23

1. Supervisory authority in each EU country

2. Fines of up to 4% of annual revenue

Question 24

What does the CCPA stand for?

Answer 24

The California Consumer Privacy Act

Question 25

What is the CCPA law about?

Answer 25

The CCPA is a law to enhance privacy rights and consumer protection for residents of California.

The strictest of any consumer privacy laws in the U.S.

Question 26

What are the five disinct rights the CCPA gives to consumers?

Answer 26

1. the right to know what information is collected about them
2. the right to know whether that data is sold and to whom and the right to opt out of that sale
3. the right to access the personal data that was collected about them
4. the right to require a business to delete that information
5. the right to not be discriminated against for exercising these rights

Question 27

Who manages and oversees the CCPA?

Answer 27

The California Attorney General’s Office

Question 28

Who must comply with the CCPA?

Answer 28

Any business that collects and controls the personal information of a California resident.

Question 29

How is the CCPA enforced?

Answer 29

1. California Attorney General and California residents can enact lawsuits.
2. Fines: Up to $7500 for intentional violations and $2500 for unintentional violations.

Question 30

What does COPPA stand for?

Answer 30

The Children’s Online Privacy Protection Act

Question 31

What does COPPA do?

Answer 31

Protects and limits collection of personal data for users under the age of 13.

Question 32

Key requirements of COPPA (3):

Answer 32

1. Notice and parental consent before data collection for under 13.
2. Companies must have a “clear and comprehensive” data collection policy.
3. Must keep data secure and confidential

Question 33

Who manages COPPA?

Answer 33

the U.S. Federal Trade Commission (FTC)

Question 34

Who must comply with COPPA?

Answer 34

All companies who interact with or collect data of US children under 13.

Question 35

How is it enforced? (2)

Answer 35

1. FTC relies on user complaints

2. Fines up to $40K per violation

Question 36

Who are the main industry self-regulating bodies? (2)

Answer 36

1. Digital Advertising Alliance (DAA)

2. European Interactive Digital Advertising Alliance (EDAA)

Question 37

Background on the DAA

Answer 37

Digital Advertising Alliance

• an alliance of different advertising bodies that came together to establish and enforce responsible privacy practices in digital advertising
• established the “Your Ad Choices” program: encourages advertisers to show people the data that led them to see a particular ad. (icon will show you why a certain ad was shown to you, gives you info about how your data was used)

Question 38

Background on the EDAA

Answer 38

European Interactive Digital Advertising Alliance

• developed by leading European bodies
• goal was to introduce Europe-wide standards to enhance transparency and user control over data for interest-based advertising.
• educates consumers about how their data is being used.
• provides consumers with tools to control their data usage (one of these tools is the AdChoices icon created by the DAA)