A bipartisan group of US senators on Friday sent letters to major digital ad exchanges, including Google and Twitter, asking whether user data was sold to foreign entities who could use it for blackmail or other malicious ends.
In the real-time bidding process to decide which personalized ads a user sees when a web page loads, hundreds of businesses receive a user’s personal information, including search history, IP address, age and gender.
Questions about the sale of data gathered during the auction process were also sent to AT&T, Index Exchange, Magnite, OpenX, PubMatic and Verizon, according to the office of Senator Ron Wyden, a Democrat representing Oregon.
“Few Americans realize that some auction participants are siphoning off and storing ‘bidstream’ data to compile exhaustive dossiers about them,” Wyden and other senators wrote in letters to the companies.
“This information would be a goldmine for foreign intelligence services that could exploit it to inform and supercharge hacking, blackmail, and influence campaigns.”
While online ad exchanges use automated bidding systems to determine which ads to show people using internet services, data such as user locations, devices, and web activity can be gathered, according to the senators.
“These dossiers are being openly sold to anyone with a credit card, including to hedge funds, political campaigns, and even to governments,” the senators wrote.
Questions sent to the companies included what information is gathered about people in the course of serving up ads and which foreign firms have bought such data from them, according to the release.
The companies were given until May 4 to provide answers.
Twitter told AFP it had received the letter and intended to respond. The other companies did not immediately respond to queries for comment.
Google has pledged to steer clear of tracking individual online activity when it begins implementing a new system for targeting ads without the use of so-called “cookies.”
The internet giant’s widely used Chrome browser recently began testing an alternative to the tracking practice that it believes could improve online privacy while still enabling advertisers to serve up relevant messages.