Heroic/notorious NSA whistleblower Edward Snowden recently outlined his recommendations for maintaining privacy online, and had this to say about ad blocking.
While Snowden’s praise of ad blocking was only one element of a much larger program for security, it loudly underscores the dangerous interplay between current online advertising with security and privacy. Not surprisingly, Snowden’s entry into the raging debate over ad blocking raised quite a few eyebrows, and emphasizes, once again, how multi-faceted the discussion has become. Ethical, financial and technical questions swirl around ad blocking, of course, but there is also an undeniable security issue that may, for some, trump any other considerations. And the security problem with online advertising has existed for quite some time, both from a tracking perspective and an attack vector perspective.
Snowden’s analysis of ad blocking is idiosyncratic, however, in that he does not focus on either conventional adtech tracking or malvertising by third parties but instead calls out ad injection schemes by internet service providers. Such practices have occurred in recent years, and they could increase as ISPs continue to search for alternative revenue models, but they do not seem overly prevalent just yet. Infiltration by either malicious ad networks or hackers leveraging infected ad networks seem far more likely to cause problems.
In the comments to the piece, author Micah Lee does lay out a much stronger point of view in support of ad blocking in general, and he, unlike Snowden, does not connect it to publishers at all, just advertisers.
The ad industry needs to figure out how to profitably advertise without violating people’s privacy. It’s a hard problem, because the more intrusive the tracking the more valuable it is to these companies. But people have a right to privacy, to control how they use and what they install on their own computers, and to protect themselves from shady stuff online — and blocking ads does all of these.
It may be that Snowden agrees in Lee on this point, and just expressed himself inarticulately in the interview. But the questions does remain: o we have a moral obligation to view ads on publications we want to support, even if this presents us with serious security issues? The most high profile security activist in the world currently seems to be saying we should.