United Kingdom

82 readers

7 users here now

General community for news/discussion in the UK.

Less serious posts should go in !casualuk@feddit.uk or !andfinally@feddit.uk
More serious politics should go in !uk_politics@feddit.uk.

Try not to spam the same link to multiple feddit.uk communities.
Pick the most appropriate, and put it there.

Posts should be related to UK-centric news, and should be either a link to a reputable source, or a text post on this community.

Opinion pieces are also allowed, provided they are not misleading/misrepresented/drivel, and have proper sources.

If you think "reputable news source" needs some definition, by all means start a meta thread.

Posts should be manually submitted, not by bot. Link titles should not be editorialised.

Disappointing comments will generally be left to fester in ratio, outright horrible comments will be removed.
Message the mods if you feel something really should be removed, or if a user seems to have a pattern of awful comments.

founded 1 year ago

MODERATORS

tom@feddit.uk

GreatAlbatross@feddit.uk

frankPodmore@slrpnk.net

If Britain is so bothered by China, why do these .gov.uk sites use Chinese ad brokers? (www.theregister.com)

submitted 7 months ago by flamingos@feddit.uk to c/unitedkingdom@feddit.uk

11 comments fedilink hide all child comments

At least 18 public-sector websites in the UK and US send visitor data in some form to various web advertising brokers – including an ad-tech biz in China involved in past privacy controversies, a security firm claims.

[…]

In the US, .gov websites are not supposed to run ads. In the UK, ads are allowed on .gov.uk websites, subject to some limitations. The .gov and .gov.uk sites flagged by Silent Push each publish an ads.txt file that spells out the businesses allowed to automatically sell that site's ad space to advertisers as a visitor arrives.

[…] Silent Push found a bunch of UK and US government websites with [the ads.txt] file listing various advertising exchanges and resellers ranging from Google (like what El Reg uses) to one in China.

[…]

One of the ad-tech vendors used by the .gov.uk sites, and highlighted by Silent Push, is Yeahmobi. This Chinese entity reportedly had its mobile ad SDK removed from the Google Play Store in 2018 for alleged ad fraud. Yeahmobi did not respond to requests for comment.

[…]

Silent Push's report identifies four .gov sites that, in our experience, do not display adverts though do ping web ad platforms, do list various exchanges in their ads.txt files, and may break US government CISA rules. In the UK, it's a different story, as 18 sites identified by Silent Push use Yeahmobi among others to display ads somewhere on pages.

you are viewing a single comment's thread
view the rest of the comments

[–] autotldr@lemmings.world 2 points 7 months ago

This is the best summary I could come up with:

Exclusive At least 18 public-sector websites in the UK and US send visitor data in some form to various web advertising brokers – including an ad-tech biz in China involved in past privacy controversies, a security firm claims.

Silent Push's report identifies four .gov sites that, in our experience, do not display adverts though do ping web ad platforms, do list various exchanges in their ads.txt files, and may break US government CISA rules.

"So these organizations don't all immediately get JavaScript access to drop on the page but they do get payloads from the bid stream – and by default it includes sensitive fields, like the device IP address.

There are settings that publishers can toggle on to limit some of the personal data from being shared via the bid stream, but there's no indication this is on for these UK sites – especially based on the significant number of vendors that are authorized by the domains."

"The JavaScript of [tracking] pixels captures similar data that the JavaScript of real-time bidding endpoints collects, with the core difference being that pixels can set a cookie on your browser immediately, whereas in ad tech the thousands or tens of thousands of entities with opportunities to bid don't get an opportunity to put a cookie on your computer unless they win an auction – and then only through approved attribution vendors," he explained.

"We take these matters very seriously, and after looking into this in some detail with the team, we have never had any ad quality issues with Yeahmobi in the past, nor are we aware of any Chinese links, but as a precaution we are in the process of removing them from all our publisher ads.txt files until further notice.

The original article contains 1,311 words, the summary contains 290 words. Saved 78%. I'm a bot and I'm open source!