It’s probably happened to all of us at one point or another. You’re shopping on eBay or Amazon earlier in the week. Looking at some interesting items or auctions. Perhaps a fancy purse or a factory repair manual for your car? Fast forward a few hours or even days, and you’re on another site like Facebook, and over to one side, taunting you, is that Amazon product or eBay item you looked at but didn’t buy. “Hey! WTF? That was something I did on another site. Why am I seeing this here?”
Welcome to what the industry calls, “behavioral retargeting.”
Also known as “remarketing,” this is the process many companies utilize to follow up on customers even after they’ve left the initial site, continuing to pitch to them the things that they’ve determined they’re into. In some cases it can be convenient, but for some it also seems quite creepy.
An associate of mine recently had a heart attack. During his recovery, he took advantage of the power of Google and the internet to read up on his condition. From that point on, whenever he’d see ads on various web sites, they would involve information on heart disease, pitches for new drugs, etc. He felt like his personal privacy was violated. He eventually stopped using much of the internet. It became stressful for him to be continually reminded of his heart condition. At what point do these conveniences become invasions of privacy? These questions are being asked more and more each day.
So how does behavioral retargeting work? How does activity you’ve done in one place prompt different content elsewhere?
There are several ways this works and several components to the process. The first part involves websites creating profiles of their users. For companies like Facebook and Google, the greatest value they have is not what you’d think. It’s not the content on their site as much as the data they’ve collected on their users and how they’re able to exploit that content.
Everything you’ve ever typed into Google or Facebook is archived and analyzed. Many of these companies claim they’re not invading your privacy because, to them, you’re just a “number.” They aren’t compiling information on “you.” They are merely collecting “meta information” of what “User X” looks at and clicks on, which should be harmless, right? But in aggregate, all the little details of people's activities ultimately re-formulate into an expansive dossier.
These sites create a profile of not simply what you’ve looked at, but what you like, what you dislike, which communities you associate with, how you react to other information, etc. With this information, they categorize you into literally thousands of different compartments, each representing something a potential advertiser would want to target. For example, let’s look at what the people at Facebook (are willing to publicly say they) know about you. Go to this URL while logged in: facebook.com/ads/preferences [EDITOR NOTE: take a screen cap of your Facebook preference screen as an example].
Prepare to be freaked out. Facebook has created literally thousands of little “boxes” they put you in. You like BBQ. You have an iPhone 6. You drive a Ford. You’re into NASCAR. You have a connection with San Diego, CA. You’re single. You like women. And much more: your political affiliation. Where you went to high school. Who you’ve voted for in the past. There are probably numerous indicators for people who are having affairs or like pictures of certain things. It’s all there, and this allows potential advertisers the opportunity to very specifically target people—not just geographically and socially but based on very specific behavior and things you like or dislike. Most people will also see lots of categories that they don’t feel represent them. Facebook seems more aggressive than accurate when it comes to creating user profiles.
This explains, for example, if you looked at a treasure-hunting page, why you’re now seeing ads for metal detectors.
But what about information from one site following you around? How does this work?
Buried somewhere in the fine print of the terms of service of just about every one of these sites will be a seemingly innocuous sentence like, “The information we collect is used to serve you useful content. We may also share this information with our partners.” “Partners” basically is an arbitrary designation. Whoever they want to do business with is a potential “partner” or “associate.” So basically, any information they collect, they can make available to other separate entities.
But even if one site doesn’t have an information-sharing relationship with the other, they can still follow and track you on other places online. This is accomplished by “tagging” you with a unique identifier that can be picked up elsewhere. The most common tag has been the “browser cookie,” which most people have heard of. This is a way for a remote website to set a little block of information on file on your computer, and anytime you visit a page they have code in, they can pull this information back. It’s like an ID tag. So eBay knows you looked at a purse at auction and set an ID on your browser. Then when you’re on Facebook, they have ad code on Facebook’s page; it pulls the cookie, recognizes who you are, and shows you the auction you last looked at, reminding you it’s still available. Not magic. Science.
So, is there any way to stop this?
Sure. Turn off your phone and/or computer. Set it on fire.
But seriously, it’s very difficult. Companies have found so many ways to track people, even traditional things like resetting/restricting cookies doesn’t really work. You can be tracked by a variety of other things including your IP address and the configuration of your phone/computer. Even if you go to elaborate lengths such as using anonymous proxies, they can use seemingly harmless information like browser version, graphics settings, and other esoteric bits of information to create a unique identifier.
In some cases, you can opt out of detailed tracking. Google, Facebook and others allow you to turn off certain “features” as they like to call them. On Facebook, this is a frustrating, never-ending array of playing whack-a-mole, turning off any of the tens of thousands of categories they put you into on their ad preference page [ facebook.com/ads/preferences]. On Google, they call it “ad personalization” and you can opt out of it as well. You’ll have to go to just about every major site you use and opt out, and each will call their tracking system something different.
As you can see, there’s a lot of work involved in opting out of being tracked. There’s no way to maintain complete privacy online, but there are things you can do.
So, next time you see an ad that is way too personal, you’ll know why and can do something about it. Or not. You still might want that purse or repair manual, right?