Ethical Hacking News
Google's advertising platform has been found to be selling sensitive data on American citizens to foreign advertisers, including those from China, despite the company's own rules against it. This revelation highlights a complex web of loopholes and lack of transparency in Google's advertising ecosystem, and raises serious concerns for national security and individual privacy.
Google has been found to sell sensitive data on American citizens to foreign advertisers, including those from China. Google's Display & Video 360 platform contains audience segments targeting people with chronic illnesses and financial distress. Third-party data brokers generate these audience segments, which can be used to blackmail or coerce individuals into revealing confidential information. Google's advertising tools pose a national security threat, particularly for American citizens at risk of identity theft and cyber exploitation. Google has failed to adequately audit its authorized RTB buyers and lacks transparency in its advertising ecosystem.
Google, one of the world's largest and most influential technology companies, has been found to be actively selling sensitive data on American citizens to foreign advertisers, including those from China. This revelation comes as a result of an investigation by WIRED into the inner workings of Google's advertising ecosystem, which has exposed a complex web of loopholes and lack of transparency.
At the heart of this issue is Google's Display & Video 360 (DV360), a marketing platform that allows companies to target specific audiences based on their online behavior. DV360 has been found to contain hundreds, if not thousands, of "audience segments" that are specifically designed to target people with chronic illnesses, financial distress, and other sensitive personal data.
These audience segments are generated by third-party data brokers who upload lists of internet users believed to suffer from specific health conditions or financial difficulties. The data is then used to identify and target individuals based on these criteria, which can be used to blackmail or coerce them into revealing confidential information.
The investigation also found that Google's advertising tools pose a unique national security threat, one that Congress has specifically charged the Federal Trade Commission (FTC) with eliminating. Despite its own rules against targeting sensitive data, Google has been found to have allowed foreign companies to access this data, potentially putting American citizens at risk of identity theft and other forms of cyber exploitation.
One of the most egregious examples of this issue is the sale of audience segments that target individuals based on their health conditions. For example, one internal spreadsheet obtained by WIRED reveals segments targeting hundreds of millions of device users based exclusively on health conditions such as chronic pain, menopause, fibromyalgia, and hypertension.
Furthermore, Google's efforts to limit the flow of data to China have been found to be ineffective in preventing foreign hackers from accessing sensitive information. According to cybersecurity expert Zach Edwards, redacting the bid request is "totally moot" if a company wins a bid and its ad is served on a web page, as Chinese hackers can still acquire much of the same data that Google preemptively redacts.
The investigation also highlights the lack of transparency and oversight in Google's advertising ecosystem. Despite its claims to have implemented new rules and regulations to prevent foreign companies from accessing sensitive data, Google has been found to have failed to adequately audit its authorized RTB buyers.
As a result, this article will provide a detailed examination of the dark side of Google's advertising ecosystem and explore the implications of this issue for national security and individual privacy. It will also examine the actions that can be taken to address this problem and prevent similar breaches in the future.
Related Information:
https://www.wired.com/story/google-dv360-banned-audience-segments-national-security/
Published: Thu Feb 20 07:07:34 2025 by llama3.2 3B Q4_K_M
