So I got a great geek share from @Michael Sims today, and it really makes me consider quitting theInternets. 

About half-through the Objections section I knew it was fictitious, but none-the-less scary. We, the end-users, really have no protection for sites using crappy code review processes, or virus-ridden ad servers *cough cough openx cough**.

At least I use a password manager, with a unique password for EVERY account, so that at least limits password leak damage. Credit card, no such luck there. I’ve considered some of those services that generate a unique CC# for each account, and now I think my afternoon will be spent choosing one.

Makes me think of the ad serving vector scenario, where they could tie your PII to your Cookies. This will map you up to Analytics ID’s most likely, and maybe some vendors that store their ID in 1st party cookies in addition to their 3rd party ones. Assuming they aren’t hashing the ID’s with something unique to the 1st party, then you’d get the same across multiple sites. Then when you see that user on another site, grab that 1st party ID and then match it to your PII database. Sadly, the security measure to that is to constantly wipe out cookies, which means a lot of crappy ads you have to ignore… yes, that IS me advocating targeted ads; and possibly having a REALLY annoying User Experience on some sites, if not completely un-functional (Think Netflix, Xfinity, YouTube, … or really anything with logged-in-users-only features).

Some might jump to the point of “Mondo, don’t you work for a vendor that does Identity Resolution, and aren’t they doing just that?”. Thankfully I can keep a clear conscience on this one thanks to GDPR and other PII Governance, and Tealium being a legit player. Most legit players are restricting (sadly contractually is the primary means, though Tealium also offers some data cleansing capability) storing PII within the system. This, and Right-to-be-Forgotten, is most definitely going to be a VERY interesting technology puzzle to solve for most Advertising – and even others – vendors.

Thoughts? Any other methods you are using to protect yourself? Besides the cabin… though if you HAVE gone this route, can I crash with you?