First Alexa, Now Fox!

From valuable personal assistant to home and outdoor external spy…

By: Annabelle Divoy

Why open a dictionary when you can ask Alexa the height of Mount Everest? Why painfully reach for your timer on the kitchen shelf when Alexa can tell you when to turn off the oven? Why even bother tell jokes to your children when Alexa can do it for you? This is only a very small – and seductive – preview of all the tasks that Alexa, the voice-controlled personal assistant created by Amazon Echo, is able to perform[1]. Launched for sales in November 2014, Alexa has been welcomed in many homes, for the reasonable price of $199 (even $99 if you are an Amazon Prime member) and has definitely stolen Siri[2]’s thunder.

 

Although Amazon does not communicate its sales estimates, its artificially intelligent personal assistant seems well-acclaimed by consumers, against all the threats it implies for their privacy. Indeed, in order to hear and execute the commands that consumers direct to “her” by calling “her” name, Alexa is constantly recording everything that happens in the home. If this very well-achieved gadget will certainly help you in many of your daily tasks and chores, entertain you and stimulate your knowledge, it will also seriously invade your most private moments. Alexa will hear you narrating your full day of work to your husband, listen to your telephone call with your best friend Carrie, be the best new companion of your children, learn that you prefer pop music to jazz, know that you added chocolate and wine to your shopping list and, even, that you let your vegetables burn for the third time this week.

Alexa may thus quickly shift from valuable personal assistant to home-robot intruder spy[3]. The level and amount of personal data that it is able to collect, analyze, use and/or disclose is so high that it becomes worrisome. And these privacy concerns grow considerably bigger when you consider the risk of Alexa’s gigantic range of data not only being used by Amazon and its commercial partners, but also potentially pirated by outsiders. Anxiety does not vanish at the view of Amazon’s Echo Terms of Use, as “Alexa” does not even have its own privacy policy, only referring to Amazon General Privacy Policy[4].

Yet, only a few seem truly concerned about Alexa’s dangers. For now, most consumers only focus on the attractive functions of this high-tech gadget and are filled with excitement as “Pringles-can-sized Alexa” will soon have a shorter and portable sibling[5]. As related by the Wall Street Journal in January 2016, Amazon recently announced the upcoming launch of “Fox”, a voice-controlled personal assistant, using Amazon Echo’s technology, but fitting in the palm of your hand and not requiring a power cord to function, allowing little Fox to be used outdoor and not be placed under house arrest like tall Alexa.

Amazon’s business strategy and technological innovation certainly deserve applause and give serious competition to others in the field. But when trading Alexa for Fox, or, even more so, combining both, and giving company to our already indiscrete iPhones or Androids and computers, there might be very little room left for our, yet so valuable, privacy.

[1] « Introducing Amazon Echo », Amazon’s official video, November 6, 2014. https://www.youtube.com/watch?v=KkOCeAtKHIc

[2] Siri (Speech Interpretation and Recognition Interface) is Apple’s intelligent personal assistant.

[3] “Goodbye Privacy, Hello Alexa: Amazon Echo, the Home Robot who hears it all”, The Guardian, November 21^st 2015,

http://www.theguardian.com/technology/2015/nov/21/amazon-echo-alexa-home-robot-privacy-cloud

[4] https://www.amazon.com/gp/help/customer/display.html?nodeId=201625490, linking to https://www.amazon.com/gp/help/customer/display.html?nodeId=468496

[5] http://www.wsj.com/articles/amazon-to-release-portable-version-of-echo-speaker-in-coming-weeks-1452532671

Privacy Blog Assignment – Pannel 6

By: Ricardo Leite Ribeiro

The article which I am providing the link here was published in the Wall Street Journal on March 2, 2016. It’s about the fact that the German antitrust regulator, the “Bundeskartellamt”, had opened an investigation against Facebook for the “abuse of dominant position” regarding the harvest of personal data from consumers. In the words of the head of the agency “It needs to be clarified whether consumers are being sufficiently informed about the nature and scale of data collection”.

The news is relevant because it points out the possibility of competition laws to be enforced as a vehicle to guarantee privacy protections for consumers. This is a path that Europe may follow, especially regarding abuse of dominant position violations. Might be antitrust a new frontier for advancing in privacy protection? Is there a role for it to play in this field? Are its instruments and tools suitable for the task? What would be the remedies applied in this case?

From the article, it becomes clear that the accusation the motivate the investigation is that Facebook is leveraging its monopolistic advantage as a social network to obtain advantages in the data market. As an antitrust problem, this might be classified as using the market power acquired in one specific market to restrain the competition in an upstream market. This is particularly interesting because in U.S. this conduct is very unlikely to be a violation of § 2 of the Sherman Act, particularly after Trinko.

http://www.wsj.com/articles/facebook-faces-antitrust-investigation-in-germany-1456920796

 

 

 

Panel 5

Pierre-Paul’s Medical Disclosure Claim Against ESPN: Issues of Intersecting Privacy Torts.

By: Eliza Marshall

The New York Giants’ Jean Pierre-Paul’s suit against ESPN, which pertains to ESPN’s publication[2] of medical records linked to Pierre-Paul’s index finger amputation last summer, provides fruitful grounds for exploring the territory covered by intersecting and perhaps under-inclusive legal regimes in the medical information context. Pierre-Paul’s claim appears to fall in between two broad legal regimes: HIPAA and Florida’s state medical information statute.[3] HIPAA’s protection is broad in that it focuses on source rather than content or publication to avoid questions of harm in the context of medical information, but narrow in that it only covers certain entities and their business associates. Florida’s law, in contrast, is more limited in terms of content, publication and harm, but more broad in that it applies outside of the covered entities listed in HIPAA.[4] Yet Pierre-Paul’s claim may lie in territory covered by neither laws, and demonstrates a gap between regimes arguably worth addressing by expanding one or both.

Under HIPAA, the content of the disclosure is clearly covered. But the statute does not regulate the behavior of ESPN. It is not a “covered entity,” and falls outside of more expansive definition of “business associate” because it does not (and did not) receive, maintain, or transmit personal health information for any of the functions or activities listed in the regulation.[5] HIPAA is prefaced on the notion that medical information is uniquely sensitive and inherently involves privacy harm, and so the statute does not require any inquiry into harm or publicity and covers the entire category of medical data being vulnerable to disclosure even if no unauthorized access ever occurs. One can question, therefore, why entities like ESPN should not be forced to treat this information with care. But the answer seems clearly to be that HIPAA does not cover them, and so any claim thereunder would have to be against the health care provider who provided the records to ESPN in the first place—and theirs are the only (presumably shallower) pockets that Pierre-Paul can tap.

State law picks up where HIPAA leaves off,[6] but like the wider genre of Prosser’s privacy torts presents Pierre-Paul with its own set of obstacles. ESPN is covered under Florida’s statute, but it is not clear that the disclosure that occurred is actionable. First, it is not clear that a private right of action exists. Second, unlike HIPAA, Florida’s statute requires Pierre-Paul to prove concrete harm from the disclosure of his medical records. Especially in light of first amendment limits on the publication of true facts, Pierre-Paul faces an uphill battle. It is not clear what information other than the amputation was included in the medical records. But arguing on the basis of the amputation alone, he will have to craft a convincing explanation for an injury suffered simply by the timing of the disclosure—as a professional athlete whose occupation is highly public, this information would not have been secret for long.[7] His absence, or his finger’s, would surely lead to speculation and would be easy to detect with the naked eye even without detailed medical records. As for information beyond the fact of amputation, Pierre-Paul may have a harder time describing how ESPN’s disclosure harmed him in any concrete way. Still, the Shulman[8] case supports a court finding offensiveness and the potential existence of a special zone of privacy when it comes to the medical context and the relationship between a medical provider and a patient that journalists must respect. This suggests Pierre-Paul has some hope. Still, intuitively, having a journalist publish medical records is a highly offensive and unacceptable invasion of privacy. Certainly, most people would object to having it happen to them. Yet the legal result is far less straightforward. This may suggest the need for new methods of protecting privacy that avoids the difficulties of proving harm.

[1] Link to Article: https://www.law360.com/articles/764455/nfl-player-must-tackle-common-privacy-pratfall-in-espn-suit

[2] An ESPN reporter tweeted an image of Pierre-Paul’s medical records, reaching nearly 4 million twitter followers.

[3] Fla. Stat. § 456.057.

[4] The Florida statute applies to any “records custodian” which is defined as any person or entity that “obtains medical records from a records owner,” which seems to include ESPN. § 456.057(3)-(4).

[5] These include “claims processing or administration, data analysis, processing or administration, utilization review, quality assurance, patient safety activities listed at 42 CFR 3.20, billing, benefit management, practice management, and repricing.” 42 CFR § 160.103.

[6] 42 CFR § 160.203(b).

[7] The article references the Hulk Hogan case and its potential for revealing the promise of Pierre-Paul’s claim for harm in this case, but surely the expectation of privacy is far higher in intimate sexual activity than it is in the presence or absence of a publicly visible body part—regardless of celebrity status.

[8] Shulman v. Grp. W Prods., Inc., 955 P.2d 469, 479 (1998), as modified on denial of reh’g (July 29, 1998).

Privacy Blog (1)

By: Maggie Kornreich

Professor Rubinstein

March 24, 2014

http://www.natlawreview.com/article/health-apps-and-hipaa-ocr-publishes-new-guidance-health-app-developers

This article addresses whether mobile device applications are subject to HIPAA regulations. In February, the Department of Health and Human Services’ Office for Civil Rights (OCR) released Health App Use Scenarios & HIPAA to examine if HIPAA applies to apps that “collect, store, manage, organize, or transmit health information.”

The Health App Guidance provides six scenarios and decides whether HIPAA would apply to the app developer in each instance. The first scenario involves a consumer who downloads a health app and provides the app with her personal information in order to organize her information without her healthcare providers. Here, the consumer is not a covered entity or business so the app developer is not subject to HIPAA. The second scenario involves a consumer who downloads a health app to manage a chronic condition. The consumer retrieves data from her doctor’s electronic health record as well as her own information to put into the app. The consumer is not a covered entity or business associate and the healthcare provider did not hire the app developer for the service so it is not subject to HIPAA. The third scenario involves a consumer who downloads an app after their doctor recommends it to track diet and exercise. The consumer sends a report to their doctor before the next appointment. The doctor did not hire the app developer so the developer is not subject to HIPAA.

The fourth scenario involves a consumer downloading an app to manage a chronic condition, where the app developer and the healthcare provider have an interoperability agreement at the consumer’s request in order to exchange consumer information. The consumer inputs their own information into the app. The developer is not subject to HIPAA because they are not creating, maintaining, or transmitting personal health information on behalf of a covered entity or business associate. In the fifth scenario, a healthcare provider contracts with the app developer for patient management services and the provider instructs patients to use the app. Here, because the provider is a covered entity and the developer is considered a business associate, the developer is subject to HIPAA. The sixth scenario involves a health plan that offers a health app to allow members to store health records, check the status of claims and track their wellness information. The health plan analyzes the information. The developer is considered a business associate and the health plan is a covered entity. Therefore, the developer is subject to HIPAA.

This article is interesting and informative because it outlines the instances when developer or company will be subject to HIPAA. This is increasingly important as people rely on their phones and apps on their phones for most if not all of their personal affairs. It is also significant in that it brings to light instances where people share health information, which many people deem to extremely private, in electronic forms.

Information Privacy: Blog Post (Panel 6)

By:Harry Grabow

http://www.marketplace.org/2016/02/10/business/new-frontier-voter-tracking

http://fusion.net/story/268108/dstillery-clever-tracking-trick/

http://www.usatoday.com/story/news/politics/onpolitics/2016/02/08/company-tracked-iowa-caucusgoers-phones/80005966/

In the first United States Presidential campaign since the 2013 Snowden, candidates have expressed varying opinions of both the man and the reality he exposed: while some have mildly praised his impact on the privacy discourse while questioning the legality and intelligence of his conduct (see here and here), others have gone as far as insisting that he is a traitor, or even an active Russian spy, prompting a response from the Kremlin itself.

However, while the candidates’ focus remains on the legitimate national security and civil liberties implications of government surveillance, another use of data collection is taking the campaign season by storm: the creation of voter profiles based on mobile device advertising profiles of individuals at polling places. Traditionally the domain of phone-based public polling and on-site exit polls, digital advertising company Dstillery engineered a way – both creative and creepy in equal measure – to track voter preferences by matching mobile device identifiers present at the geographical locations of caucus sites, to the digital advertising profiles of the device’s owners. Specifically, they monitored the real-time ad bidding that occurs each time a mobile device opens an app or web site, captured the identification associated with the service of an ad, and then further researched additional characteristics associated with that mobile device.

Though not conducted with the scientific rigor of a public poll, the results captured voter characteristics not usually polled by campaigns. For example, according to an analysis of the results conducted by USA Today: voters expecting a newborn child tend to be Republican and had a greater concentration at Senator Marco Rubio’s caucus sites; voters in locations with strong support for Donald Trump had a penchant for outdoor activities and home improvement; and tech-industry workers and enthusiasts were more concentrated in Senator Bernie Sanders’ caucus sites than those of former Secretary of State Hillary Clinton.

In an interview with news site Fusion, a representative from Dstillery explained, “One thing that isn’t in the data is personal identifiable information. The data and system are completely anonymous. We have no idea, for example, what your name is. All we see are behaviors and everything we do is based on analyzing those behaviors writ-large.”

So, while identifying individual voters and their preferences through this method of data collection might not be a present concern, the prospect of campaigns themselves utilizing these tactics might subject Iowans to an even greater saturation of political advertising in 2020, on top of the astounding $70 million spent in 2016. And, with many Iowans lamenting the constant barrage of TV and radio ads, campaigns might be eager to attempt this new, more subtle approach

Privacy Blog

By: Mary Churan Huang

http://www.irishtimes.com/business/technology/google-eu-s-data-protection-authorities-have-absolute-focus-on-privacy-1.2556597

This article discusses the positions taken by some of the world’s largest multinational companies in respect of the EU’s incoming General Data Protection Regulation (GDPR). The GDPR is set to replace the existing EU Data Protection Directive of 1995. There is a need to update the existing privacy laws in the EU as the technology evolution has accelerated and the current framework does not properly cover critical issues such as social networks and cloud computing. The GDPR is designed to be a more comprehensive and wide-ranging legal framework which will apply EU-wide, transcending any local privacy laws. The GDPR is intended to strengthen and unify data protection within the EU so that there will be one single legal framework within the EU. This would allow for international businesses to more easily comply with the EU privacy framework while allowing for more comprehensive protection for EU residents.

Both Google and Microsoft seems to regard the GDPR as a necessary step in data protection but does not anticipate a major change in their respective companies’ policies as they have already undertaken significant steps to enhance privacy over the years. Microsoft is concerned about the heavy penalties set out in the GDPR and has indicated that the new regime will be a great test of whether their privacy controls are working the way they should be. Google indicated that it will be working closely with the regulators to find a rational way of interpreting some of the ambiguities contained in the GDPR.

Adobe seems to be more critical of the GDPR, expressing its disappointment that the framework is not as unifying as it is intended to be. Adobe is of the view that new framework will still be fragmented and subject to interpretation by local authorities. The responses by these major multinational companies are unsurprising considering that any new regime would bring about much uncertainty. However, all these companies have expressed a willingness to comply and work with the relevant regulators to find a solution.

A Consumer Privacy Legislation? A Highly Debated Proposal since 2012

By: Ida Faustine Jacotey

http://www.nytimes.com/2016/02/29/technology/obamas-effort-on-consumer-privacy-falls-short-critics-say.html

In February 2012, the White House, released “A framework for protecting Privacy and promoting innovation in the Global Digital Economy”, thereby presenting a new Consumer Privacy Bill of Rights described by the presidency as a “blueprint for privacy in the information age”.[1]

President Obama’s proposal aimed to establish a consumer privacy framework in order to provide consumers with clear guidance on what they can expect from companies[2] handling their personal information, as well as setting obligations for companies using personal data[3]. As stated in the reference article, President Obama intended to see the Consumer Privacy Bill of Rights’ principles put into law, throughout a conjoint work between the Administration and the Congress.

Four years later, in February 2016, Natasha Singer, journalist for The New York Times, raises the question as to why the President’s proposed framework has not moved forward.

This question seems particularly relevant today, as the US is hosting an overwhelming fight between Apple and the FBI, bringing therefore greater attention into consumers’ privacy issues.

Such Proposal is born in a context where technology has strongly stepped into the commercial world. As a result, in 2012 like today, consumer privacy was and still is a major concern in the US, particularly since the Snowden Revolution, which brought alarming revelations related to privacy and data collection to the public eye.

From a consumer’s perspective, because privacy policies often appear obscure and/or complicated, it seems easier and almost mandatory to rely on trust when one subscribes to a service. Therefore, when the FTC brings actions against companies, consumers’ concern as to the collection and use of their personal information increases. This is particularly true when major companies such as Google or Facebook are involved, since they are an inherent part of most Americans’ lives. Such cases involving big-scale companies are likely to be assimilated as proofs of the industry’s tendency to abuse consumers’ trust.

As highlighted in this article by Cameron F. Kerry, a former Department of Commerce’s general counsel, a loss of trust is neither desirable from the industry’s point of view.

In the US, companies enjoy a large freedom to set up their own privacy policies. We know that many companies look closely to the FTC’s actions, particularly because the FTC has been increasingly active and has had a strong influence within the industry to consequently adapt their privacy policies. Despite this evident freedom that US companies enjoy to collect and use data of consumers, the industry seems aware that privacy practices require continuous adjustments to meet with consumers’ reasonable expectations as to the use and collection of data. Some companies took the relevant steps and efforts in enforcing consumer privacy protection, but some have not.

In the one hand, this context demonstrates a lack of any pragmatic instrument that would provide consumers with some level of guarantee that their privacy remains protected. In the other hand, this great flexibility is also the reason why American companies continue to innovate so much.

Consequently, there is a significant divergence of opinions about whether a legislation is desirable in the consumer privacy context. Because this ideological war is not new – and not over yet-, Natasha Singer mentions “a tale of clashing visions for American society and commerce”.

Two confronting ideas are causing the proposal to freeze: Companies’ free access to consumers’ personal information susceptible to cause them harm in many ways against the will to allow American technology companies to continue innovating with data.

In 2012, for the first time, the White House considered individual rights as a priority in the commercial privacy world[4]. This step fed the debate opposing consumer advocates (“pro-legislation”) and industry advocates (against the legislation).

As revealed by this article, some advocates argue that there is already a sufficient number of federal laws with specific limitations to companies’ use of consumer records. However, the privacy advocates points out the fact that these existing acts are specific to some companies and that the bill would instead target any companies rather than certain categories only.[5]

While the debate concerning this legislation still runs, the industry is nevertheless active, and the article points out some notable improvements that have been made since 2012, such as the data disclosure charts devised as a result from numerous discussions on mobile app transparency[6].

 

[1] www.whitehouse.gov/sites/default/files/privacy-final.pdf, Introductory Note, page 3

[2] www.whitehouse.gov/sites/default/files/privacy-final.pdf, Executive Summary, listing the key principles of the Bill, or “Fair Information Practice Principles” (FIPPs)

[3] www.whitehouse.gov/sites/default/files/privacy-final.pdf, Introduction page *7*

[4] www.whitehouse.gov/sites/default/files/privacy-final.pdf, Introduction: page *5* “Strengthening consumer data privacy protections in the United States is an important Administration priority. Americans value privacy and expect protection from intrusions by both private and govern- mental actors.”

[5]http://www.nytimes.com/2015/02/28/business/white-house-proposes-broad-consumer-data-privacy-bill.html, Natasha Singer for the New York Times, February 27, 2015, “There are already a number of federal laws, like the Fair Credit Reporting Act and the Video Privacy Protection Act, that limit how companies may use certain specific consumer records. The new proposed bill, the Consumer Privacy Bill of Rights Act, is intended to fill in the gaps between those statutes by issuing some baseline data-processing requirements for all types of companies” and Senator Edward J. Markey stating that “Instead of codes of conduct developed by industries that have historically been opposed to strong privacy measures, we need uniform and legally enforceable rules that companies must abide by and consumers can rely upon”.

[6] “The yearlong discussions on mobile app transparency ultimately resulted in a subset of the participants getting together on their own time to devise data disclosure charts — akin to nutrition labels on food packages — that apps could display for consumers.”

Privacy and Reporting Child Abuse

By: Charles Kopel

Privacy law came to the fore last month in Ontario, when two provincial government officials undertook a new public awareness campaign. Privacy Commissioner Brian Beamish teamed up with Advocate for Children and Youth Irwin Elman to improve responses to situations of suspected child abuse by “dispelling myths surrounding information sharing with children’s aid societies.”

As reported by the Toronto Star, the project’s immediate motivation was a coroner’s inquest into the tragic 2002 starvation death of five-year-old Jeffrey Baldwin. Baldwin died in the care of his maternal grandparents, who were subsequently convicted of second-degree murder and sentenced to life in prison. The inquest jury discovered that police officers and school board officials who had knowledge of Baldwin’s predicament did not know what private information they were legally permitted to share with children’s aid workers. In response to the jury’s call for clarification of this legal standard, Beamish and Elman have published a 15-page educational booklet, titled Yes, You Can, and distributed it to relevant public servants. A link to the booklet can be found in the Star article.

The principle is very straightforward: Under Ontario law, any person who reasonably suspects that a child is in need of protection must report the situation to a children’s aid society. In the face of such situations, all privacy law restrictions fall away. If necessary, teachers must divulge schooling records, healthcare professionals must divulge medical records, police must divulge criminal records, and social services staff must tell investigators all pertinent information.

I was drawn to this story by my interest in child welfare law, and I see it as a useful illustration of the practical relevance of privacy rights to diverse circumstances and concerns. The rules of privacy law impact and complicate legal determinations in many areas outside of the major bodies of jurisprudence of consumer privacy and law enforcement.

This story also provides an interesting glimpse of societal attitudes towards privacy rights, if only anecdotally. In a humorous moment in the Star article, Beamish is quoted as saying, “As privacy commissioner, I’m glad people have (privacy) top of mind, but there are occasions (when) not only may information be disclosed, but it must be disclosed…” It seems that, despite the typical lack of zealousness for protecting personal data on the Internet, Western people do have an intuitive sense for the inviolability of the private information of others, even when the social utility of exposing that information is as clear as in this case. A hierarchy of values emerges from the legal conclusion here, subordinating the child’s interest in informational privacy—in being “let alone”—to his/her interest in freedom from bodily and severe emotional harm.

 

 

Privacy Blog: About Ned

By: Alec Webley

Modern privacy law in the United States is often traced to “The Right to Privacy,” a law review article written by Samuel Warren and Louis Brandeis in the late nineteenth century. Arguing for protection for invasions of privacy through the tort law, the article served as a seminal point of reference in ongoing debates about the right of the state and private individuals to enter the private lives of U.S. citizens (helped, no doubt, by the elevation of one of its authors to the United States Supreme Court).

The origins of the article were conventionally thought to be Warren’s irritation about the media’s coverage of his daughter’s wedding, an anecdote that forms a treasured part of a law professor’s repartee when teaching the privacy torts. It turns out, however, that the truth is stranger and more interesting.

In a new piece for the Harvard Law Review Forum, NYU’s Charles Colman recounts the story of Samuel Warren’s brother Ned, who was as close to being “openly gay” as it was possible to be in the late nineteenth century (as the first period of what we would today identify as anti-gay hysteria began to sweep the nation). Ned was, in more ways than one, Samuel’s skeleton in the closet—revelation of Ned’s same-sex attraction would have seriously damaged Samuel’s reputation. Samuel’s only protection was privacy, and Ned’s own decision to live largely in seclusion at the family manor.

Colman is right, I think, to point to cases like Ned’s in linking privacy as it is commonly understood (our ability to keep parts of our lives away from others) to privacy in the constitutional, substantive due process sense (such as in Griswold v. Connecticut). After all, it is precisely those most intimate details about our lives—our sexuality, our families—where we are as intolerant to the gaze of the state as we are of the public.

But Colman could afford to take this analysis a step further. Ned would not have needed to remain private about his same-sex attraction (his interest in Gracean urns is another matter) if he had lived in 2015. I think there is some cause to suspect that one of the reasons homosexuality has become more commonly accepted is because it is more difficult to keep it private; as we learn more about each other’s lives it becomes harder to vilify them. By designating certain parts of our lives as private, are we helping to create the conditions that make them necessarily so? Broader tolerance of non-conformity to familial and sexuality conventions may well be as essential as good privacy law in smoothing our society’s passage into the Information Age.

By: Kevin Kirby

Former Mozilla CEO Brendan Eich has launched a new Internet browser called Brave that blocks advertisements by default, only to provide new ad space for Eich to sell.

Advertising is sick, Eich says. It’s intrusive, tracking users with “cookies, tracker pixels, fingerprinting, everything.” His solution is to block such forms of “intrusive advertising” and instead use consumers’ local browsing history to target ads. Of the new advertising revenue, Brave will keep 15%, 55% will go to the content publisher, and 15% will go to the ad supplier. The final 15% will go to consumers, who can allocate those funds like credits to remove ads from their favorite sites.
Ad-blocking technology has great potential for increasing consumer privacy protection and browsing speed, but it is unclear whether those benefits are retained in a browser that simply replaces old ads with new ones. Nevertheless, it is quite a novel development for a browser to sell ad space instead of the content providers and publishers. Eich likens his extrication of the adtech middlemen to “putting chlorine in the pool.”

Eich’s team has raised $2.5M in investment so far and hopes to reach 7 million users this year. If the popularity of current ad-blocking plug-ins is any indicator, Brave might present a serious challenge to the current Internet advertising business model.