Selling your data to advertisers is a good thing

The alternative is much scarier

Mark Zuckerberg stated during his recent Congressional testimony that “there will always be a version of Facebook that is free.” Would a paid, ad-free option would help encourage a more privacy-focused ecosystem?

Common wisdom says yes, but perhaps the alternative is much scarier.

For all the privacy problems that exist with internet ads, their corrosive influence is ultimately indirect. Most ads are targeted through powerful but restricted proprietary tools provided to advertisers by the ad platforms (e.g., Facebook Ad Manager). Advertisers generally don’t have access to raw data. Even Cambridge Analytica probably wasn’t providing raw SQL dumps to political parties. The ad platform and/or middleman has a vested interest in maximizing targeting power while minimizing data disclosure. Their dataset is their cash cow and they would be fools to give it away.

But if you got rid of ads, would the market for direct data disclosure, which already exists through grey market deals between big advertisers and shady analytics firms, go mainstream? What if instead of Facebook Ad Manager we had Facebook Bulk Data Exporter for Business? Facebook would prefer that exposure to their proprietary dataset be inherently restricted in a technical sense — you don’t need raw data to create targeted ads, and so FB doesn’t provide it through their tools. But a next best option would be rent out the raw data itself and enforce licensing through legal controls. Compared to ads, that would be an absolute nightmare for user privacy.

Many advocates of an ad-free model will say that the solution lies in making users pay directly. Medium is trying to do this, but at least in the case of Facebook, it’s naive. Almost nobody is going to pay $20/year for Facebook (their annual revenue divided by their number of monthly active users).

More fundamentally, on Facebook and similar sites, the product isn’t the service, the product is you. Pivoting to asking users to pay would be akin to asking Toyota to make money from toll roads. If advertising is removed, they will still sell you, but probably in “innovative” ways that you can’t — and don’t want to — imagine.

What’s the solution to user privacy?

Let’s set aside corporate malfeasance for a moment. We live in a world where the names, addresses, SSN’s and credit card numbers of millions are regularly and legally shuttled around on USB drives in the pockets of lawyers, bike messengers, judges and investigators. Where private information you never even knew existed is regularly cached on Akamai servers without a thought (because who ever thinks about caching?) Where a record of every website that you’ve ever been to is sent to randomly selected servers because of engineering laziness.

For these reasons, any solution for digital privacy can’t rely on technical controls alone. We must start the unglamorous, error-prone and iterative political process of regulation. EU GDPR may be onerous but is a step in the right direction. Legislatures should aim to create flexible frameworks that don’t micromanage technical solutions but rather that set out guidelines that can be interpreted through courts.

Online advertising is a better place to start regulation than anywhere else. It’s a known quantity that we’ve had decades of experience with. For businesses, legislation around advertising will provide clarity and certainty. For end users, it will hopefully safeguard our rights. And for entrepreneurs and innovators, regulations focused on advertising will still leave new methods of monetization open for innovation — if our legislators and regulators can get it right.

This story is published in The Startup, Medium’s largest entrepreneurship publication followed by 315,628+ people.

Subscribe to receive our top stories here.