• by Shawn Riegsecker , Op-Ed Contributor, November 10, 2023

Part One: The Unsustainable World Wide Web

Advertising has fueled the internet’s rise, its growth, and its openness. It’s allowed for the democratization of information, the birth of new industries, and more personalized customer experiences. But as the years have passed, and the World Wide Web has emerged from adolescence and into young adulthood, the digital advertising industry has morphed and mutated to the point where corporate interest has trumped consumer privacy, undermining the very spirit that birthed the modern internet itself.

This iteration of the internet, and of digital advertising, is very clearly unsustainable. To address the core concerns, and to satisfy the newly vocal demands of privacy-minded stakeholders and regulators, some of my peers in the advertising industry have introduced new “cookie replacements,” solutions that aim to ease the burden on media buyers who have grown accustomed to cheap, widely available third-party cookies and who fear what might happen once those identifiers disappear from a world that’s been built around them. But I believe this so-called “next generation” of proposed identity solutions are insufficient. These “solutions” are mere workarounds, a half-step to the side rather than two giant steps forward, and they fail to truly address the core problem that sits at the heart of digital privacy: the need to create a more trust-based internet experience, one where individual control of personal data determines a user’s experience, rather than today’s internet, which is fueled by the deceptive harvesting and use of that data without conscious consent.

How it All Began

In the early-to-mid-1990s, a new medium was emerging that carried the potential to revolutionize how the world’s population communicates, receives news, content, and entertainment, and conducts business. At the time, it was called the World Wide Web, later to be known as the internet.

This new medium revolutionized traditional communication channels and technologies. It offered unlimited freedom for people anywhere in the world to access important news, information, and content. No longer would citizens be shackled by whatever media was available to them in their city or town.

For brands, it created a new, impactful channel to find and build relationships with consumers. For journalists and news organizations, it presented a new opportunity to expand their newsrooms and deliver critical information as it happens versus waiting for the evening local news or the paper going to print that night. For content producers, it would allow for an explosion in programming with the ability to deliver it in a one-to-one, time-shifted, and on-demand environment versus the time-locked, one-to-many constraints traditional media channels offered them.

It was an exciting time to be in the journalism, content, news and information industry, as well as marketing and advertising, as this new medium would allow them all to engage and interact more effectively than ever before.

www. = Wild Wild West?

Throughout history, whenever a new discovery is made, and before civic leaders, policymakers, or regulators have the ability to institute protections, and safeguards, it ushers in a societal free-for-all. 

An example in U.S. history was the discovery of gold in Coloma, CA in 1848. This discovery, and the impact of the California Gold Rush, can’t be understated. It’s estimated at least 300,000 settlers migrated west in search of fortune. Little fortune was ever created by gold, and the collateral damage caused by these migrants came at a steep cost. In the 19th century, the Native American populations in California were reduced by over 90%—from more than 250,000 to approximately 15,000—and America’s buffalo population was almost wiped out, going from 60 million in number to less than 600 by 1889.

This period has been exaggerated and sensationalized in books and films, but it is referred to as the Wild Wild West because it was a time of lawless men, outlaws, gangs, and robbers acting in their own interest without any law enforcement authorities to stop them. 

It’s an apt metaphor for the similar Internet Gold Rush in the late 1990s and early 2000s. This new medium was akin to a digital gold rush - digital explorers rushed into the new medium seeking fortune at a time before intelligent protocols had been contemplated, laws had been created, and authorities were put in place to prevent bad actors from preying on technological illiteracy of consumers, brands, and publishers. Just as the Wild Wild West was defined by the lack of basic laws and the ineffectiveness of authorities and law enforcers, the same can be said relative to what transpired from the mid-1990s until today relative to the lack of intelligent and enforceable regulation, the establishment of effective law enforcement agencies, and the free-for-all and anything goes mentality of early digital pioneers. 

Although some historians consider the Wild Wild West lasting about approximately 70 years and ending when law enforcement agencies were instituted. For all intents and purposes, if we use 1994 as our starting mark for tangible household penetration—this was the year America Online, then the world’s largest Internet Service Provider, announced it reached one million subscribers—we are closing in on living through the first 30 years of the Wild Wild West period of the Internet Gold Rush.

As an industry, it’s time we put an official end to the Wild Wild West period in digital media publishing, marketing, and advertising and replace it with a smarter, safer, healthier, secure, and transparent infrastructure and model to allow it to flourish, grow, and fulfill the promises it presented the world in 1994 without the unnecessary perils and bad actors that have dominated so much of the past 28 years. 

Part Two: The Origins of Ad Tech 

Looking back, I would argue that if the goal of early internet pioneers were to take a promising new medium and turn it into a digital cesspool of opaque tracking and surveillance technologies, spyware, malware, misinformation, disinformation, fraud, robbery, identity theft, scammers, trolls, and bots, they couldn’t have done a better job if they’d tried. 

Additionally, although less nefarious (but more annoying) is the user experience as it relates to digital advertising. Although the days of annoying pop-ups and pop-unders have mostly disappeared, they’ve been replaced with video overlays, banners on top of other banners, ads that automatically play with sound on, and images covering the content we’re trying to access. This isn’t a good experience for consumers, let alone publishers looking to increase their traffic, or for brands looking to present their offerings and engage with consumers in a positive, rewarding, and healthy manner. 

On top of this poor user experience is the “creep” factor in which consumers know they are being tracked but don’t know how, why, or what to do about it. The experience of users should be one defined by trust, safety, ease, comfort, security, and protection—the opposite of today’s internet experience.

Origins of Cookies and Tracking

In the early years of the browser wars, Netscape had a problem they needed to solve for MCI, one of their largest customers. The product team needed a way to remember a user. Netscape was building a shopping cart engine for MCI and needed a method to recognize a customer if they put something in their shopping cart, left the site, and then returned.

In 1994, Lou Montulli, the 23-year-old Netscape founding engineer, took the responsibility to devise a solution. Many of the early digital pioneers came out of academia and universities who shared a healthy level of distrust for government and considered themselves more libertarian than anything, according to Montulli. As they set out to devise a solution, they did so with the intent to create “a mechanism that allowed you to be remembered, but not tracked.” 

One of the earliest proposals was to give each browser a persistent ID that could also be attached to a user profile. Although the solution would have worked well, there were two problems. The first was that creating each browser with a persistent ID attached to a profile opened up the door for every user to be tracked wherever they went, which didn’t fit the product requirements of not being tracked. The second was that HTTP Basic Authentication was ugly, not friendly, and asking users to register every time they went to a site for memory purposes, unless there was a valid reason, would be clunky, cumbersome, and inefficient.

Dating back to 1979, UNIX programmers devised the method passing a short packet of data between computer programs to help each program understand the command its receiving. They called this a magic cookie—a play on a fortune cookie which is a cookie with an imbedded message inside.

Montulli and team borrowed the concept to create what today is known as a cookie. At the most basic level, it provides a mechanism that allows a browser and web server to communicate and remember unique web clients (e.g. browsers) and users.

The intent of the original cookie mechanism was to allow a web server to remember a user for better, faster, easier, smarter, and more efficient way for users to browse the web—not for advertising. It was built to facilitate a memorable 1:1 relationship between a user and a site, not to be used as an advertising surveillance mechanism in which an unknown third-party, who is not primary to the relationship, is allowed to set cookies. 

The concept of unknown, and unregulated, third parties using cookie ID technology to follow a user, collect data, and create a comprehensive profile—albeit without any personally identifying data (unless the user provides identifying data like filling out a form, or authentication services)—would have been deemed an unacceptable side effect of their solution and they, most likely, would have gone back to the drawing board. Even Montulli admits it was a “problem that [he] missed.” 

The cookie, specifically the third-party cookie, is the invention that allowed the ad tech industry to be created—at least in its current design. Had a different solution been invented and adopted, the ad tech industry would still exist but it would look and function differently. 

The third-party cookie’s first use was in ad serving. When ad servers were invented, there were two competing software delivery models. The first model was delivering the software via an on-premise hosting and enterprise licensing model in which each customer owns and maintains their own instance of the software. In this deployment and hosting method, it was practically impossible for a third-party to surveil users as they traverse the open web. This method, unintentionally, created inherent data protection for publishers and brands, greater privacy for consumers, and a significant increase in protection against malware and malicious code.

DoubleClick, acquired later by Google, introduced the first server-side, or network- (cloud-) hosted, ad serving software. Rather than needing to set up and manage your own server on premise or in a data warehouse for advertising delivery and tracking purposes, a webmaster could just install a few lines of code in their HTML, call the networked ad server, and deliver advertising. This ad serving method allowed DoubleClick, et al., the ability to set a DoubleClick ID that could be read and appended to your cookie ID when you visited any site using DoubleClick’s ad serving technology. Because of a hosted ad server’s ability to track users across the web, it spawned a host of ad network companies. These companies would, for all intents and purposes, offer the ad serving software for minimal to no cost to publishers in exchange for the right to sell advertising on the publisher’s site. 

And that’s how our world of ad tech began.