Thank you. We have a duty to let lawmakers know that high privacy standards are compatible with innovation. Too often, senators hear the opposite claim from our colleagues in industry.

I think we are about to see a change in the advertising market, with two distinct flavors of “behavioral” targeting emerging, and a revival of “contextual” targeting.

There are two flavors of behavioral targeting, one good and one bad.

Good: Secure behavioral that is stored locally on your device and never communicated to anyone else. Brave Ads use “local” behavioral profiles secured on the device (and only with opt-in). Your device operates as a data Faraday Cage, and even we at Brave can not extract your protected profile data from it.

The Bad: Insecure behavioral that broadcasts your profile to thousands of companies when you load a webpage. This is what “Real-Time Bidding” ad auctions are. New research indicates that insecure behavioral nets publishers almost nil in extra revenue.

The Bad form of behavioral is unlawful under the GDPR, and thanks to work by Brave and our friends, regulators are investigating this and are likely to force Real-Time Bidding companies to stop broadcasting personal data in this way. The result is likely to be that Real-Time Bidding will shift to broadcasting data that cannot be tied to an individual. This will still allow advertisers to show relevant advertising, and protect websites against the retargeting of their audiences at lower cost on other websites. It is also likely to reduce the multi billion dollar ad fraud problem. I spoke about this recently at the European Data Protection Supervisor’s conference—here is the video. You could call this safe form of Real-Time Bidding a new type of contextual.

We were invited to testify because Brave regularly briefs staff in both parties, and submits input on privacy issues regarding federal law to federal agencies. For example, see

• Brendan Eich’s letter to the US Senate Committee on Commerce, Science, and Transportation.
• Brave’s letter to the National Telecommunications and Information Administration.
• Brave's letter to the Federal Trade Commission.

The Senate staff seeks expert opinion on the issues under consideration. We were happy to receive Senator Graham’s invitation, but we did not solicit it.

I understand that the tracking industry lobby attempted to block my invitation, and failed because both Republicans and Democrats were eager to get the substantive facts.

This is an indication of sentiment in Washington: both parties want action.

Re Ted Nelson and Xanadu, yes, I do. I shared my thoughts on this in a previous AMA. Here is what I said in that AMA:

Hypertext was invented by Ted Nelson in the 1960s. Part of his dream was that everybody who contributed to the interconnected latticework of hypertext documents would be rewarded by those who perused them. People would drop tiny “bread crumb” like payments behind them as they flitted from item to item. It is a beautiful vision.

But this aspect of Nelson’s great dream was never realized at scale because these tiny micro payments were not practical. This is why BAT excites me. It may finally allow us to realize part of Nelson’s vision.

Re quality and diversity of media production, I think it is reasonable to suggest that RTB has not worked well for publishers. Alessandro Acquisti's new study indicates that publishers net only an extra 4% of revenue from RTB, and doesn’t factor in the additional cost of audience arbitrage (bid request data allows a publisher's unique audience to be retargeted at lower cost on bottom of the web websites) and ad fraud that diverts spend away from publishers. Something has to change. I hope we are building something better.

I can answer about privacy.

The issues are simple: should data about you be handled fairly and transparently? Should intimate data about you be kept secure? The principles of data protection are laid out in a few simple lines, known as the “Fair Information Processing Principles” (FIPPs) in the 1974 US Privacy Act. Almost exactly the same principles are at the heart of Europe’s General Data Protection Act, in Article 5. All legislators know this. Governments around the world are drafting new protections based on these principles.

In the United States, both Republicans and Democrats are furious about digital privacy abuses. If you watch last week’s US Senate Judiciary Committee you will feel the tangible outrage the senators of both parties have for the unending data breaches and intrusions into private life that they suffer together with their constituents.

Lawmakers have to grapple with a torrent of issues and different domains every day. It's a challenge for them to be on top of so many disparate briefs. But privacy issues now affect everyone, including law makers. I think they get it.

Thank you.

I think that fines are only a secondary threat. The main threat to Google or any similar company is that Article 58 gives data protection authorities the power to compel them to cease data processing. In other words, a data protection authority can tell Google or any other company to change how it does business. That is a very, very big deal. And I think it will happen.

Fines do matter though. As you say, the maximum fine of 4% of global turnover sounds significant but may not be for companies with a large profit margins. However, as more jurisdictions around the world adopt GDPR-like standards, there is a possibility that a company could face not one European fine, but layered fines from an EU data protection authority plus duplicate fines from their counterparts in other jurisdictions. For example, India’s Data Protection Bill could do this, if it becomes law. Since there are GDPR-like laws on the way in many jurisdictions, layered fines could add up to crippling fines in the future.

I used to wear a formal suit to work every day, when I worked at the Institute of International & European Affairs. Since the English Restoration in the 1660s men’s clothing has become a rather drab affair. But from Charles II’s reign in the 17th century to the present, there is one thing a man can do to stand out: wear a colorful tie. The tie in question is an early 2000s hand-made silk tie from Duchamps.