National Consumers League

The promise and peril of always-on ad filtering

Last year, we examined whether the growth of ad blocking was partly a logical response to consumers’ desire to reduce their data security risk. The catalyst for that blog post was Google’s announcement that it intended to include ad filtering-by-default in its Chrome browser, the most popular browser on the market. Earlier this year, that promise became a reality as Google rolled out an update to Chrome that included the ad filtering function.

Much of the online discussion around this move has centered on whether Google’s move, while laudable for pushing for less-annoying ads, should be viewed as a way for Google to give its advertising business an unfair leg up. That conversation is one that needs to happen to ensure that Google doesn’t abuse its market position as both the leading browser maker and the Web’s dominant advertising platform. However, it’s also important to consider whether and how consumers’ data security could benefit from this move. In this blog posting, I take a look at some of the data security benefits that could flow from the growth of always-on ad filtering.

First, however, we must acknowledge that the Coalition for Better Ads (whose Better Ads Standard serves as the basis for Chrome ad filtering tool) had limited goals. One reason for this may be that the Coalition didn’t include any consumer organization representatives as it developed its standard, who would have probably pushed for a broader scope. While removing annoying ads is certainly a plus for consumers, this limited scope means Chrome’s ad filter won’t address many of the reasons that consumers have increasingly embracing third-party ad blockers. As our colleagues at the Electronic Frontier Foundation recently noted:

This industry membership explains the limited horizon of the group, which ignores the non-format factors that annoy and drive users to install content blockers. While people are alienated by aggressive ad formats, the problem has other dimensions. Whether it’s the use of ads as a vector for malware, the consumption of mobile data plans by bloated ads, or the monitoring of user behavior through tracking technologies, users have a lot of reasons to take action and defend themselves.

Given this limited scope, what data security benefits can Chrome’s ad filtering provide to consumers? For one, filtering out annoying ads can help reduce consumers’ data security risk. When we first looked at this issue, we noted studies by UC Berkeley and UC Santa Barbara (supported by Google) and security firm Namogoo showing that tens of millions of browsers visiting popular websites were infected with malware and spyware.

Second, by having a default ad filtering function built in to Chrome, consumers’ need to install a third-party ad blocker can be reduced. While plenty of consumers install ad blockers for legitimate privacy reasons, scammers have found a lucrative side business in creating fake ad blocking software. For example, five fake ad blockers on the Chrome Web Store were downloaded more than 20 million times before the company shut it down this April.

Finally, as the impact of ad filtering on Chrome takes hold throughout the digital ecosystem, there will be pressure on other browser makers to improve their own technology to better protect consumers from ad-based malware. For example, in March, Mozilla announced that they will be rolling out ad filtering on their Firefox browser this fall. It seems likely that if consumers vote with their mouse clicks and choose more secure browsers, we’ll see other browser makers implement this technology as well.

Going forward, we will be monitoring whether default ad filtering on Chrome and other browsers has a demonstrable impact on browser infection rates. Ultimately, regardless of their browser choice, the goal should be for consumers to have a reasonable level of protection against browser-based malware attacks.