GDPR will pop the adtech bubble


“Since tracking people took off in the late ’00s, adtech has grown to become a four-dimensional shell game played by hundreds (or, if you include martech, thousands) of companies, none of which can see the whole mess, or can control the fraud, malware and other forms of bad acting that thrive in the midst of it.

And that’s on top of the main problem: tracking people without their knowledge, approval or a court order is just flat-out wrong. The fact that it can be done is no excuse. Nor is the monstrous sum of money made by it.”


I seriously doubt GDPR will have any effect on Adtech at all as the author correctly states in regards of the legitimate interest loophole. I guess the only hope in that regard might be the ePrivacy Regulation coming up in 2019. Till then things will stay the same I am afraid. :confused:

Maybe the only viable thing to do is to request disclosure about the extent of information mined by site owners employing Adtech. Asking about where the servers of the Trackers are located, how the data is processed, how and how safely that data is stored and to which other 3rd parties that data is sold. Site owners have the obligation to provide all those requested informations within 72 hours on their bill. The might have legitimate interest in monetizing visitors by tracking but still have the obligation of transparency. So if many people would request that information frequently then maybe an education effect might set in. :wink:


Legitimate interest might be a legal basis if you are an adtech company, but not when you operate a website serving those tracking-ads. In order to have those ads on your website you need people to give consent and that consent has to be unambiguous and opt-in.

I do think this will pop the bubble because there are virtually no users who will knowingly and purposefully opt-in to behavioral tracking.


This is probably the right place to share this:

The German computer magazine c’t has published (for non-commercial usage) a sample letter you can use to easily execute your rights (information about your data and deletion of your data).

It’s linked at the end of this article:

As far as I can tell, article and sample letter are only available in German, but

  1. I recently learned that gives quite good translations
  2. Probably something similar is available in other languages from other sources. If you know about it, share it here!