AMA with Dr. Johnny Ryan

by BraveMay 31, 2019AMA, Community, GDPR, Policy

Welcome to the seventeenth post in our series of BAT Community-run AMAs.

The ongoing AMA series on Reddit features various guests from the Brave and BAT teams, and, as of recently, guests from projects that Brave partners or works with.

The latest AMA took place on May 31st and featured Dr. Johnny Ryan, Brave’s Chief Policy & Industry Relations Officer. Johnny fielded both pre-submitted and live questions from Redditors on a number of topics, such as his appearance in front of the US Senate Judiciary Committee earlier this month, the level of concern among legislators outside of Europe (e.g. in the United States) regarding web privacy, and whether he believes there will be real consequences—like fines—for tech giants known to mishandle sensitive user information. Johnny touched upon the inefficiency of real-time bidding (RTB), Ted Nelson’s Literary Machines, and the history of his (now famous!) colorful suit ties.

Highlights can be found below, with a link to the full AMA at the bottom of this post.

The next AMA will take place on Wednesday, June 5th, and will feature Jimmy Secretan, VP of Services and Operations at Brave.

For the list of upcoming BAT Community AMAs through May 2019, see below.

Gekko29: Johnny, enjoyed your appearance at the US Senate. Where do you see the industry going in terms of advertising? I think we all agree Brave browser and BAT are great solutions, but the best solutions don't always win. In your opinion, what is going to have to happen?

Thank you. We have a duty to let lawmakers know that high privacy standards are compatible with innovation. Too often, senators hear the opposite claim from our colleagues in industry.

I think we are about to see a change in the advertising market, with two distinct flavors of “behavioral” targeting emerging, and a revival of “contextual” targeting.

There are two flavors of behavioral targeting, one good and one bad.

Good: Secure behavioral that is stored locally on your device and never communicated to anyone else. Brave Ads use “local” behavioral profiles secured on the device (and only with opt-in). Your device operates as a data Faraday Cage, and even we at Brave can not extract your protected profile data from it.

The Bad: Insecure behavioral that broadcasts your profile to thousands of companies when you load a webpage. This is what “Real-Time Bidding” ad auctions are. New research indicates that insecure behavioral nets publishers almost nil in extra revenue.

The Bad form of behavioral is unlawful under the GDPR, and thanks to work by Brave and our friends, regulators are investigating this and are likely to force Real-Time Bidding companies to stop broadcasting personal data in this way. The result is likely to be that Real-Time Bidding will shift to broadcasting data that cannot be tied to an individual. This will still allow advertisers to show relevant advertising, and protect websites against the retargeting of their audiences at lower cost on other websites. It is also likely to reduce the multi billion dollar ad fraud problem. I spoke about this recently at the European Data Protection Supervisor’s conference—here is the video. You could call this safe form of Real-Time Bidding a new type of contextual.

bananablocks: How much have you seen in interest from legislators in actually caring about the damage Facebook, Google and others are making? Are they actively reaching out or was it a stronger push on Brave’s end to have you speak in front of legislators?

We were invited to testify because Brave regularly briefs staff in both parties, and submits input on privacy issues regarding federal law to federal agencies. For example, see

The Senate staff seeks expert opinion on the issues under consideration. We were happy to receive Senator Graham’s invitation, but we did not solicit it.

I understand that the tracking industry lobby attempted to block my invitation, and failed because both Republicans and Democrats were eager to get the substantive facts.

This is an indication of sentiment in Washington: both parties want action.

mellowMangos: Hi Johnny, thanks for your time. I have a couple big-picture questions. Do you believe that Brave is the best chance to realize Ted Nelson’s 1960s vision of having real-time micropayments tightly tied to copyright management, and if so, why? Additionally, do you believe this economic model will actually foster more creativity on the content side than traditional RTB digital advertising models, and if so, why?

Re Ted Nelson and Xanadu, yes, I do. I shared my thoughts on this in a previous AMA. Here is what I said in that AMA:

Hypertext was invented by Ted Nelson in the 1960s. Part of his dream was that everybody who contributed to the interconnected latticework of hypertext documents would be rewarded by those who perused them. People would drop tiny “bread crumb” like payments behind them as they flitted from item to item. It is a beautiful vision.

But this aspect of Nelson’s great dream was never realized at scale because these tiny micro payments were not practical. This is why BAT excites me. It may finally allow us to realize part of Nelson’s vision.

Re quality and diversity of media production, I think it is reasonable to suggest that RTB has not worked well for publishers. Alessandro Acquisti's new study indicates that publishers net only an extra 4% of revenue from RTB, and doesn’t factor in the additional cost of audience arbitrage (bid request data allows a publisher's unique audience to be retargeted at lower cost on bottom of the web websites) and ad fraud that diverts spend away from publishers. Something has to change. I hope we are building something better.

bananablocks: How well do you believe the legislators understand the topics of privacy in technology, blockchain & cryptocurrency? Thank you good sir, you have a great day.

I can answer about privacy.

The issues are simple: should data about you be handled fairly and transparently? Should intimate data about you be kept secure? The principles of data protection are laid out in a few simple lines, known as the “Fair Information Processing Principles” (FIPPs) in the 1974 US Privacy Act. Almost exactly the same principles are at the heart of Europe’s General Data Protection Act, in Article 5. All legislators know this. Governments around the world are drafting new protections based on these principles.

In the United States, both Republicans and Democrats are furious about digital privacy abuses. If you watch last week’s US Senate Judiciary Committee you will feel the tangible outrage the senators of both parties have for the unending data breaches and intrusions into private life that they suffer together with their constituents.

Lawmakers have to grapple with a torrent of issues and different domains every day. It's a challenge for them to be on top of so many disparate briefs. But privacy issues now affect everyone, including law makers. I think they get it.

Patatoo: Hey Johnny! Great speech btw. When do you think Google will face real fines? When I think that google might face or faces fines of ~5% of global turnover, it doesn't seem that it will affect them much? And these kinds of fines don't happen quite often. Won't they just simply try to bargain the fine as low as possible and then just continue what they were doing in the first place? Thank you for the awesome work you do sir.

Thank you.

I think that fines are only a secondary threat. The main threat to Google or any similar company is that Article 58 gives data protection authorities the power to compel them to cease data processing. In other words, a data protection authority can tell Google or any other company to change how it does business. That is a very, very big deal. And I think it will happen.

Fines do matter though. As you say, the maximum fine of 4% of global turnover sounds significant but may not be for companies with a large profit margins. However, as more jurisdictions around the world adopt GDPR-like standards, there is a possibility that a company could face not one European fine, but layered fines from an EU data protection authority plus duplicate fines from their counterparts in other jurisdictions. For example, India’s Data Protection Bill could do this, if it becomes law. Since there are GDPR-like laws on the way in many jurisdictions, layered fines could add up to crippling fines in the future.

Razzashi: What made you start with the ties?

I used to wear a formal suit to work every day, when I worked at the Institute of International & European Affairs. Since the English Restoration in the 1660s men’s clothing has become a rather drab affair. But from Charles II’s reign in the 17th century to the present, there is one thing a man can do to stand out: wear a colorful tie. The tie in question is an early 2000s hand-made silk tie from Duchamps.

Read the full AMA here.

See our latest Partner AMA with Lin Dai, Co-Founder & CEO of Hooch App and TAP Network, here.

Follow the BAT Community’s Updates here: https://www.reddit.com/r/BATProject/

Upcoming BAT Community AMAs:

June 2019
Ian Kane (COO) and Daniel Gouldman (CEO), founders and co-owners at Ternio
Marshall Rose, Principal Engineer at Brave
Jordan Spence, CMO of MyCrypto

July 2019
Alex Wilson and Patrick Duffy, Founders of The Giving Block
Catherine Corre, Head of Communications at Brave