Google Ads Targeted at Literally One Person Could Be the Future of Doxxing
It’s easy for anyone to disaggregate your data, and use it against you
--
In December 2018, I wrote that when you click an online ad, your data passes through to Google, and a third-party marketer.
This data includes your location, your age, your income, your web browsing history, where you work, the words you type into Google, the size of the company you work for, if you rent or own a home, if you’re married or single, if you have kids, how old your kids are, the apps you use, the YouTube videos you watch, if you’ve recently gone through a “major life event,” if you drive a Chevy (or prefer Ford), the degree you hold, whether or not you graduated high school, and so much more.
The amount of data Google has on you has only increased since 2018. What hasn’t changed is that your data is in aggregate: it’s lumped in with the data of everyone else who clicked the same ad you did.* So if I’m targeting an ad to women who live in Park Slope, who are 30-years-old, and you fit those parameters, it’s hard for me to tease out who you are, because there are a lot of 30-year-old women in Park Slope.
For the 12 years that I’ve been a Google marketer, Google has never let me target you — and only you — with an ad. Because that would mean I would have a direct line to your data. That would make me less of a marketer, and more of a spy.
Every day, thousands of Mexican migrants tell Google about their intent to cross the border into the U.S.
Nevertheless, throughout 2019, I ran various experiments, trying to achieve this “one-to-one” ad targeting — the ability to serve just you an ad, and get just your data, disaggregated. (The current grail of privacy exploitation in the age of surveillance capitalism.)
In these experiments, I served ads to small populations who conduct niche Google searches. Small groups conducting themselves similarly online equals fewer clicks. Fewer clicks equals smaller datasets. It’s not hard to disaggregate sparse data. It’s not exactly one-to-one targeting, but it’s close.
