In the vibrant world of digital advertising, where personalised content is the king, concerns about data privacy have risen. When you log into your favourite social media platform (X, Facebook, Instagram, Snapchat, Tiktok, etc), you notice that your timeline is filled with posts and adverts. It’s like a virtual art gallery, with each artwork attempting to steal your attention. However, amidst the chaos, you notice something interesting – advertisements that feel strangely relevant to your interests.
You recently researched cameras online because you’re into photography, and suddenly, there’s an advert for a photography workshop. You’ve been planning a trip to Zanzibar and there’s an advert for discounted flights to Tanzania. It’s almost as if the platform read your mind. The recommendations are so accurate that you find yourself thinking, “How do they know me so well?”
This personalised experience is a testament to the power of targeted advertising. The service leverages your viewing history to curate a selection of content that you’re likely to enjoy. While it enhances your viewing experience, it also raises questions about privacy and transparency.
Online advertising is currently a rich source of revenue for the Internet giants. With the ever-increasing number of smartphones, there is a fertile market for personalised and localised advertising. Google is currently the market leader in online advertising. According to BCC Research Institute, in 2022, Google’s ad revenue amounted to $224.47bn. Firms using targeted advertising are estimated to enjoy between five and six per cent higher profit gains than those that don’t.
The cornerstone of the Nigerian Data Protection Act, 2023 is the empowerment of individuals by giving them control over their personal information and ensuring that organisations act responsibly when collecting, storing, and processing data. That empowerment is deeply rooted in section 25(1)(a) of the NDP Act which mandates data controllers to seek explicit and informed consent of data subjects before processing their personal data. Considering advertising involves the accumulation and analysis of data about a person’s preferences, political affiliations, and family life (to name a few examples), data subjects must be informed of what they’re getting into before their data is processed.
Several companies have deployed tricky data collection methods by burying consent clauses in lengthy ‘Terms of Use’ which often lead to confusion or unintentional consent, thereby violating the essence of user autonomy. The reasons a website or application uses cookies must be briefly explained, and the users must be presented with opt-in consent options: “reject” or “accept”, and not track its users unless they opt-in.
Users often face challenges in understanding the intricacies of data collection, its purpose, and the extent to which their information is utilised. Advertisers must be transparent about data practices, clearly informing users about data collection methods and how it’s used for personalised ads. Platforms need to offer more transparent and accessible controls for users to manage their data, as mandated by section 24(1)(a) ) of the NDP Act.
The vast volume of user data collected for targeted advertising poses a significant security risk. The risk arises due to the extensive collection and storage of a large volume of user data. The more data that is gathered and stored for targeted advertising purposes, the higher the risk of potential security breaches or misuse. This large volume of data increases the attack surface for potential hackers, thereby amplifying the risk of data breaches, unauthorised access, or misuse of sensitive personal information. Implementing stringent cybersecurity protocols and conducting regular security evaluations are essential measures to mitigate potential breaches.
Users can also take proactive steps to safeguard their data privacy. Employing measures such as regularly reviewing and adjusting privacy settings, utilising ad blockers that restrict tracking, and being vigilant about the information shared online can significantly enhance personal data protection.
The growing ambition of internet giants to maximise profits from personalised content has triggered challenges within the realms of consent, transparency, and data security. However, amidst these challenges, a pathway to responsible and ethical targeted advertising emerges through comprehensive solutions. Empowering users with clear and accessible controls, and fortified cybersecurity measures are necessary in safeguarding user privacy and trust.
Oladipupo Eluyera writes via [email protected]