Ask HN: I bought Voltaren at the chemist, now Google shows me ads for it. Why?

323 points by wideareanetwork ↗ HN
How does google know I bought Voltaren?

Is my bank purchase history shared with google somehow?

I guess it could just be coincidence?

493 comments

[ 2.9 ms ] story [ 300 ms ] thread
Have you been googling about your symptoms, illnesses or anything else that can have a connection to drugs like Voltaren?
No I’m almost certain I haven’t. Because I’ve used it before and I don’t really have any questions about it so I ran out and I just go buy more.

At this stage I’m just assuming it’s a coincidence.

It has made me realize the holy grail for google and advertisers is to access your bank transactions and advertise to you based on that.

(comment deleted)
(comment deleted)
A bank transaction would not reveal what product you bought whereas a receipt would.

If prices were unique you could deduce something from a few items bought together though.

In the business of advertisements the user pays for clicks. However, it would be much more reliable for the user to pay for ads that led to actual transactions instead of just clicks.

Is there some reason for why this hasn't happened so far? (Or has it already happened?)

Indeed though I find it silly when I buy something like a laptop (I’m probably good for a couple of years) and start getting bombarded by “hey laptops galore!”ads. I just bought one, don’t need another !

It would be cleverer to identify the replacement cycle for each kind of product and only promote stuff the victim is likely to be looking for at that point in time (after 3 years likeliness of looking for a laptop replacement is higher).

Did you take your phone with you to the chemist, and did it have GPS or Wi-Fi enabled? That wouldn’t explain the exact match but the product category, and choosing Voltaren feels like a pretty plausible coincidence given the category.
IIRC this is the most probable cause. Not to be a conspiracy nut but it probably didn't help if you spoke of it out loud either
> I guess it could just be coincidence?

Could it be? of the billions of items you could be advertised for, why then exactly Voltaren?

Do you have an android phone, by chance?

I get Voltaren ads all the time on YouTube. I don't use it or any similar products. Maybe they just have a large advertising budget.
It might be that you are just noticing the ads now that you bought the product. I read about similar observations recently. Might be a cousin of frequency illusion

https://en.wikipedia.org/wiki/Frequency_illusion?wprov=sfti1

It's been a few times now where I've talked with my wife about some new product (physically, in the room) and she starts seeing ads about it. I thought that was the explanation too, but it's happened too many times for comfort.

I know my devices are (probably) not listening, but I can't explain it either. Neither of us searched for the product or saw it online or anything, we just discussed something and got ads about it a few minutes to hours later.

> I know my devices are (probably) not listening, but I can't explain it either.

How do you know?

Network traffic and battery usage monitoring.
It seems like one of those things that are simply to hard to keep secret. Implementation would require way to many people to keep it secret. I’m also not sure if it make finacial sense to implement, given the large number of more easily metrics available.
> It seems like one of those things that are simply to hard to keep secret.

I used to believe that too. You might call it the unwieldy conspiracy principle. But I'm not as certain of it anymore. Things like the Snowden revelations might seem evidence for the principle but I kind of see it the opposite. For years, thousands even tens of thousands of people knew about that and they still kept it secret. It's entirely possible it could've gone on for years more without a particularly conscientious person happening to be let in on it.

The same goes for the Pentagon papers. And COINTELPRO was only uncovered due to people actively breaking into an office and stealing records.

Who's to say if stories like those are inevitable conclusions that befell all the major conspiracies worth writing about in our recent history or if they are just some portion of ones uncovered. Similar maleficence has persisted in the private sector too.

I'm not saying for sure they are listening in but at the same time, I'm not sure I buy unwieldiness as a surefire principle demonstrating it is not happening either.

> It's been a few times now where I've talked with my wife about some new product (physically, in the room) and she starts seeing ads about it. I thought that was the explanation too, but it's happened too many times for comfort.

The wierdest instance of this is I told my wife her father should consider geting those fixed bridge dentures, next day I start seeing all-on-4 ads on the phone. I asked her if she looked it up (to rule out IP tracking) and she said she hasn't. It's a very random thing to advertise to me, I'm not the target group, I didn't look it up.

A lot of it is IP tracking - I'll start browsing for guitars or some other random stuff my wife has no interest in - she'll start seeing ads for it.

Yeah but neither of us had searched for that or anything, and I use DDG and uBO so it's not likely it'd be tracked.
A friend demonstrated me this with her Google Pixel. We talked for a bit about a very conspicuous topic in presence of the phone, and the Google app (which shows a news feed when you open it) started showing articles relevant to the topic within a few minutes. At that point I believed her that her phone is listening, though I didn’t make a big deal of it because she did not make an effort to configure her phone not to.
I doubt they have such a good recognition model for Greek, plus my DNS blocks Google at that level, and I have a Xiaomi phone. Not that it's impossible, but it's less likely, plus the battery would die quickly.
I see. We talked in English, and there was no blocking.
There are many sources of errors that people have described in other comments. The proper way to deal with this is a blinded experiment.

Preparation:

1. Get two identical phones, one that you use, and one that has a dead battery.

2. Fix a set of product-categories.

Experiment:

Every week,

1. Label the phones A and B. Use a coinflip to decide whether the working one is A or B. Record which it was.

2. Hand the phone to someone else. They exchange the labels for 1 and 2. If heads A=1, if tails A=2, and record the coinflip.

3. Get the phone labelled 1 back. Neither of you know whether it is working or not.

4. Randomly pick a topic from the pre-fixed list and talk about the topic near the phone.

5. Let the other person remove the labels.

6. Pick out the working phone and go about your day.

7. Write down whether you see ads relating to the topic, yes or no.

Analysis:

Join the records, to see which weeks you used a working phone, and if those corresponded to seeing ads.

I work in dental marketing and you 100% are in the target demo for All-on-4. It’s a very popular/trendy service and is being advertised heavily now because it’s profitable, (relatively) easy to do, etc.

Good target markets are: Grown adults with $$$ who either don’t have teeth or know someone who doesn’t have teeth (likely parents/grandparents/in-laws). This is basically every upper-middle class adult. More people than you think are missing their teeth.

Jesus. I see dental protesis ads around the time when I see my parents. I don't have the time to set up the things for them so I'm sure their cheap Android smartphones are surveillance blackholes.
What other ads do you see when you’re around them?
Another possibility: switching the cause and effect, e.g. maybe you received ads for fixed bridge dentures and didn't notice consciously (how many ads do we gloss over each day "not paying attention"), but later brought it up because the mind assimilates ads subliminally (arguably the whole point of advertising).

This is perhaps even more creepy than just "phones listening in", but it's not an explanation I hear very often.

This is a documented effect but I forget the exact name of it so I'm having trouble finding a scholarly article about it. But it's basically how advertising is "supposed" to work from the advertisers' perspective: they get their products/brand to the top of your mind for a given subject.
It's possible - but this was in relation to a discussion she started, and why show those ads to me in the first place ?
You could certainly test this, just have a conversation every day about something random. Pick a snack food, something with a heavy advertising budget, and near your phone start saying things "man I really want some (snack food) right now."

If it's listening, you'll start getting ads specific to that snack food, best to try it with a bunch of different products to try and find a pattern.

I know my devices are (probably) not listening, but I can't explain it either. Neither of us searched for the product or saw it online or anything, we just discussed something and got ads about it a few minutes to hours later.

It's probably statistical to a certain extent: people of your specific demographic are interested in a certain thing, and you are talking about it the same as all of your peers are, and a statistically significant amount of your peers did Google for it such that now Google assumes that anyone in your demographic will be interested.

Of course that only metas the problem up one level, which is that Google knows enough about you to do this kind of analysis a) on your cohort and b) on you.

> Google knows enough about you [to not even have to bother listening]

Right. This was is actually much more alarming to me.

Whenever this topic comes up in conversation I point out that the fact that the most attractive-seeming explanation is “they’re listening”, but they actually _aren’t_, should have one even more concerned.

> I know my devices are (probably) not listening

Not thinking this is happening either. But just to speculate on a fictitious scenario..

Given a shady company, maybe even outright involved in illegal practices, where employees employ any surveillance tech they can lay their hands on. All in order to collect as much personal information as possible, from as many people as possible. As such, they won't shy away from breaking & listening in and do subsequent speech-to-text information gathering (e.g. via some Ad-obtained Windows malware, or a malicious mobile app).

They trade the collected info on the data markets, selling to anyone who'd pay. Wouldn't it be likely that this data then indirectly ends up at Google, so they can indeed target - in this case Voltaren - ads to you?

Also: If any illegally obtained information enters the data markets.. won't it be 'whitewashed' automatically as it is trading hands?

Sure, but I don't think they're listening from a technical standpoint, because the battery consumption is much less than an active network adapter would consume.
They could always either compress the audio or do a speech to text (looking for keywords rather than caring about getting the whole context correct), and batch upload the results on an interval (like when checking for email or app/system updates).
That would still absolutely kill the battery.
Id reckon you can boil the model down to a very small one to extract some keywords and thatll be pretty good already. Just having the ability to hear if someone is talking would take very little battery, to consequently turn on the top-10000 word model would still be barely noticeable on these powerhouses of phones we got, I think. Haven't tested it, though.
Don't the latest designs, ARMv9, make provision for battery-efficient speech-recognition models "at the edge"? If it's not here yet it will be soon.
Once a minute (or five, ten, whatever), turn on the microphone for one second. If voice detected, record a bit and process. Doesn't need to be always on, and as a feature missing keywords sometimes adds to the doubt that it exists ("I said 'pfizer' and got ads, you said 'pfizer' and didn't, must be something else).
Doesn't your phone sometimes stay on charging for some time?
It might not be your mobile devices listening. Alexa? Smart TV?

I've seen examples of this too, and it's downright creepy. At the same time, I love my Google Assistant. Yes, I know. I'm the product.

You don't notice all the times you talk about something and you don't see relevant advertisements. After talking about it you're primed to notice it more. Additionally this isn't isolated - you could be talking about it indirectly due to advertisments being out there (e.g. someone else sees an ad, posts / talks / youtubes about it, you talk about it and then see the ad).

Ads are getting more targeted and getting closer to the kind of things you would talk about based on your interests and data that networks have collected about you, but we are still pretty far from continuous ad surveillance.

Gaslighting in the Information Age: You just imagined that ad started following you around.
Oh come on. It's a documented effect. It's the same thing as when you buy a new car you suddenly see the same or similar vehicles everywhere.

Not every instance of someone providing an explanation for something you don't understand is "gaslighting."

Well someone doesn't enjoy a good joke. Especially one that's true
Who says i "don't understand" it? Just because it's an effect doesn't mean it's the explanation. By the definition of gaslighting being pretending you're imagining something that's actually happening, this is exactly what that is. Just because you don't understand gaslighting doesn't mean that everything that you don't understand can be explained away in terms of documented effects. Things happen and you can't explain them...the world and other people's opinions don't conform to some list of effects that you know about.

You know this: https://news.ycombinator.com/item?id=26970960

I agree with you that the term gaslighting is overused but that doesn't mean there aren't legitimate uses of it that you can also utilize.

I doubt Voltaren is advertised commonly enough that he got ads before.

I no longer have a Android phone, but too frequently I would buy something offline and have the item follow me - including impulse buys and things that I definitely didn't look for online.

It happened with things I would talk about as well on occasion. I joked in front of my phone about visiting Greece, and a few minutes later auto-suggest in Google offered me "How much.. [is plane tickets to Greece]"

Keep in mind that he is some guy on the internet. There are lots of people on the internet. While it's unlikely for it to happen to him in particular, it's not that unlikely that there is someone on the whole internet that it happened to. Now I'm not saying that it is a coincidence, merely that as far as I can tell it could be.
I had the same experience with my prevous phone - a Samsung. Talked about a product that would normally be the furthest thing from my mind with a friend who took an interest in it.

Next day, voila, the whole internet is plastered with ads for this product.

I switched to an iPhone.

Did you day the word voltaren close to your phone ? That happened to me for real estate investment discussion over the phone with my mom.
I have no sources at all, but my memory tells me that I've read that Visa, Mastercard and similar sell "anonymous" transaction info and that Google is their customer. I've been living under the assumption that Google could de-anonymize practically all that transaction info when they match it up to all their other info they track us with. Maybe I'm wrong?
Some payment providers, like WorldPay, have both online and real-world payment systems so you can imagine they could be passing back that type of targeting info.
Visa’s audiences are merchant level, spend/frequency level. Ie “users in the top 10% of spenders at jewelry stores”. “Users who’ve bought train tickets in the past month”.

Visa has very strict rules about audience size, and all the audiences are modeled. (Your criteria can’t target something like less than 20k users, and then they model that up to a few million users).

In this case either the store, the pos/crm, or bank used his purchase data.

I think that usually these things are actually just a symptom of the fact we see hundreds of ads every day. Most of the time you don't consciously notice them but then, when they trigger some recognition, you do and it feels like a big coincidence - which I find almost as disturbing as the idea that they were somehow watching.

The eerie feeling compounded by the fact that we are sometimes correctly targeted and there's no way to distinguish the two. Zeynep Tufekci writes a lot about the this type of thing if you're interested in it.

Also known as the frequency illusion. Like when you learn about a word for first time and then suddenly it seems like it's popping up everywhere.
Or when you start looking into buying a particular car model and suddenly it’s the most popular car and you see it everywhere :)
Don't you use an adblocker? I could be being targeted with all sorts of stuff but I'd never know.
Adblocker stops you from seeing the ad but not from google deanonymizing and linking your transactions to your search. Also lots of websites these days require you to disable adblockers to function.
I don't use those websites.
(comment deleted)
It's credit card purchasing data, which is sold and cross linked to your identity for advertising re-targeting.

It is deeply invasive and should be blocked.

It works like this. You go to a store and buy, say, a sexual wellness product. You then get targeted with ads online (search result ads, facebook ads, news media ads, amazon sponsored results etc) for the same product, or something related (let's say something embarrassing that you might not want other people to see). Other users on your same network or IP may also be re-targeted with the same ads.

Credit card data tracking is a levelling up of surveillance capitalism. It is deeply intrusive. Not all card providers participate, but it is a significant source of revenue for them [1]

[1] https://www.fastcompany.com/90490923/credit-card-companies-a...

[Edit: Removed specific reference to a medication as it likely triggered anti-spam]

You might have “googled” the term or a related term subconsciously some time before you’ve made the purchase. I do this all the time even when I’m purchasing things offline.
Tangential: a while back I bought a very specific cheese from Lidl. And the very same evening I got a Lidl ad for that very cheese on Facebook. I have never signed up as a member, the only things that connect me to that place would be my credit card.

I did bring my Android phone that has got Messenger lite installed, but that's stretching it tbh.

Your public ip provided by mobile/celltowers already reveals your location quite accurately (even with all location services turned off.) So it's definitely possible.

Google is an ad company, they sell your profile/interests and such to advertisers, it's their core business. So it's not "stretching" at all...

I was seeing this happen in our household as well. For now, the only answer I have is using UBlock everywhere + having PiHole up and running. These two really go a long way for at least blocking the creepy ads, but I think we have passed the point of no return when it comes to preventing tracking itself. Everything is being tracked all the time by insanely advanced ad-tech.
Opt out of VISA marketing

https://marketingreportoptout.visa.com/OPTOUT/request.do

Second, disable GPS, and cellphone tower ID reporting (root needed.) So Google can't correlate you with sales records.

At the moment, there is no way to disable Google AGPS spying on the stock Android.

Third, block Google apps from reading your IMEI/IMSI/serial number, so they can't get AGPS data from your cellphone provider if it sells it.

Better, get a de-Googled ROM

Use an iPhone?
This only works if you trust Apple instead of the firm you're running from.

But it does "work". iPhone is the only phone besides a GrapheneOS phone with an intact security model worth writing about.

Not to say that any organization (eg Apple) is trustworthy to an outsider, but at least Apple makes a lot of money upfront from the device’s price tag.

Their incentive is to not annoy their rich & powerful customer base with privacy violations.

> Their incentive is to not annoy their [...] customer base [...]

Apple knows how much they can get away with annoying, that's why they can push updates that slow down your phone, or make devices less repairable.

Privacy is trickier though because it's based on trust not annoyance and it doesn't take much to lose it. I've already lost trust in Apple. What I do trust is that 'privacy' is currently working for Apple to increase their market share. It also conveniently keeps data away from competitors.

>VISA marketing

Why is this even a thing? Maybe I should just go back to buying everything with cash, it's impossible to keep up with all the crap we need to disable or hack around

> Why is this even a thing? Maybe I should just go back to buying everything with cash, it's impossible to keep up with all the crap we need to disable or hack around

And some agencies may be more interested in these exclusion databases. So I don't think there is any way to get out of this maze. When you sign up to exclude from a list, you get included in many other.

What’s the risk here? Am I branded as a terrorist for opting out of marketing? What’s the logic?
Lists can be used for things other than terrorists
Obviously, such as tracking who opted out of marketing based on their credit card spend.

The question is what unintended (and specifically undesirable) consequences that poses to the members of the list.

> > Visa marketing

I guess this is one of the things that just has to be forbidden by law.

(comment deleted)
In the UK there are data science groups at banks that target specifically extremely wealthy customers based on their transactions and balances. I think that they only focus on wealthy customers right now because they haven't scaled up properly but the plan is to eventually expand to everyone.
This has happened since banks started selling investment products, wealth managers simply pull up a list of cash heavy accounts who haven't opted out of marketing where they can push investment products. Think is biz model private bankers and 'Wealth Management' arms at banks are built upon
High street banks in the UK don't really have products for HNW its normally high charging OIECs that are not good value.

Ok Nat west has Coutts but not just any euro trash millionaire can get an account there

In Germany (and probably all of Europe), it is forbidden by law.
I get the impression it's not forbidden in the UK. Here's the equivalent page from MasterCard. [0] (Incidentally, the captcha is broken so the page is unusable.)

[0] https://www.mastercard.co.uk/en-gb/vision/terms-of-use/commi...

The captcha has been broken for months. I don't think it's an accident.
Because credit card rewards aren’t free? Banks compete for credit card consumers by offering rewards. Those rewards cost them money. Selling consumer information is another revenue stream to make up for the cost of rewards. Most consumers are okay with this trade off: they get their airline miles / low interest / cash back in exchange for their purchase history.
>Because credit card rewards aren’t free

So this isn't covered by the 1-3% transaction fee the merchant pays every time you use your card?

>Most consumers are okay with this trade off

No they aren't. Most consumers aren't even aware they are paying with their privacy, so you cannot take a low opt-out rate to mean high levels of consent.

It doesn’t matter if credit card providers are paid 0%, 3% or 5% on each transaction. If the law (and/or customer blowback) allows a company to sell customer information, management will eventually give in to selling it because it’s a revenue source. When called on this they will give you a story about how it “lowers customer costs” and some people will accept this as a valid excuse, but none of this changes the reality.

PS: this is really a response to grandparent poster, not parent.

Speaking with coworkers that aren't tech workers - nobody gives a damn. Not one, not even something resembling one. To them, they are getting paid for something they otherwise have no use for. They're aware everything is tracked about them, and they do not give a fuck.

Your friends, family, and coworkers might though, so the critical mass of people not okay with this can still grow :)

Credit cards are such an American thing though. Here in UK pretty much everyone uses debit cards with no rewards. I actually have a credit card just for emergencies but it offers no rewards either.
In order to bootstrap adoption of CCs, the banks pushed for a law in the 60s that put all the fraud liability on the banks, not the card users (and, to a lesser extent, not on the merchants). Your CC purchases are quite protected and it's easy to dispute a charge (apparently a very big deal in the phone and online sex businesses).

As debit cards became popular here (well after Europe) the banks push them hard on people who aren't excellent credit risks (good credit risks = profit), because they push essentially all the risk onto the account holder and absolve the banks of any responsibility.

I have three CCs (one of each major network) and pay them off every month; it's like having three debit cards except I get a free loan of a month's worth of spending. The term used in the banking business for people like me is "deadbeat"

So here's the thing - I don't understand the liability thing. At least here in the UK I have disputed transactions on my debit card several times and every single time the charges were reversed during the phone call, I had the money back instantly. Is that only available for credit cards in the US?
That is correct.
Citation needed. I use credit cards exclusively so I cannot say for sure, but I am extremely skeptical that banks don’t offer any fraud protection on debit cards in the US.

AFAIK the main reason people prefer CC’s over debit cards for fraud prevention is simply that with a debit card your money comes out immediately if it is used by someone else, whereas with a CC there is a 30-day buffer.

Literally the first links when I search for ‘fraud protection credit card debit card” are below.

The TL;DR is:

- you have a short window to report DC fraud before you bear the full risk; CC risk is capped

- dispute a CC charge: you don’t owe anything / accrue interest until resolved; DC case you don’t get any money back until bank decides it’s not your fault. Tough luck if you needed that money to pay your rent.

https://www.consumer.ftc.gov/articles/0213-lost-or-stolen-cr...

https://www.experian.com/blogs/ask-experian/are-credit-cards...

https://www.nerdwallet.com/article/credit-cards/credit-card-...

https://creditcards.usnews.com/articles/why-credit-cards-are...

https://komonews.com/sponsored/wafd/financial-focus-tips/cre...

Don't you have to pay interest on your average balance even if you pay off your balance every month?
Not GP, but the answer is no if you pay the balance in full every month. The issuer anyway makes money from the MDR (merchant discount rate) charged to the seller. But they would love customers who pay a partial balance regularly (at or above the minimum due) and charge them hefty interests like 20% per annum or 36% per annum or even higher, depending on a few different factors. Once you carry over balances from month to month, then every transaction attracts interest until the entire balance with interest is paid off.
And then on charge cards (NOT credit cards) like American Express, you don't even have the option to carry a balence. Full balence must be paid every month in it's entirety.
CC in the UK use to have some nice rewards - and there are advantages in buying some thigs via credit card holidays for example.
A person I work with (very knowledgable about tech and IT) uses a flip phone and cash (as much as possible). If they want to send a gift they buy it locally, pack it up, and ship it. Etc. They don't even bank online. Why? Not sure but they have lots of free time and this is how they choose to spend it (trips to see a teller, back machines, part office visits, using public transport to shop for nearly everything).
>Why? Not sure

Maybe they are sick of surveillance capitalism and don't wish to be part of it?

I'd do the same, but I really don't want a flip phone. Maybe once Pine Phone with GNU/Linux is working reasonably well, I'll switch to that.

I actually want a good flip phone myself.

I bought a locally made KaiOS phone but it has too low RAM and keep crashing.

Nokia makes flip phones with KaiOS but they aren't allowed in my country sadly.

Reason is I want a phone I can repair myself, all my previous phones I had to replace because some unrepairable part that didn't need to be unrepairable (one of them it was the battery!) broke down.

Instead of shelling a ton of money to be tracked and buy a product that won't last, I wish I could spend my phone on something that will last.

And the flip cover is convenient for me because I keep forgetting to lock my phone and managed to pocket dial even with an android.

https://calyxos.org/ and https://grapheneos.org/ both go part of the way. They're hardened, privacy-preserving Android flavors that work best on Google Pixel 3 - 5. CalyxOS emulates google services so you can use basically any Android app, while GrapheneOS goes further down the security hardening hole.
Huh didn't know about these, thank you! I'll look into them
I don't do online banking on my primary bank - only on the secondary NatWest one I keep < £100 in.

Its reducing the attack surface as I see it.

That's why some people are working hard to make cash disappear.
>Maybe I should just go back to buying everything with cash

You should.

Cash registers will just start scanning serial numbers on bills and banks and ATMs will scan them when dispensing.

Better to focus on privacy laws.

Also google may read your email (if you are using gmail) - which contains your bank receipt (so seller), time and amount.
https://support.google.com/mail/answer/6603?hl=en

> We will not scan or read your Gmail messages to show you ads.

Not like Google has been fined unprecedentedly large sums numerous times for deceiving users and abusing their info.
They've also been asking for birthdays lately, obstensibly to verify age, but with the small print that it will also be used for ad targeting. But don't worry, they say, you can control how your information is used after you add it. On that page, the only option is whether to show the birthday publicly or not. There is no option to disable use for targeted advertising.

Oh yeah, and Google frames asking for a birthdate as being "in order to comply with the law". They are deliberately ambiguous in order to imply that it is me who could be breaking the law, rather than Google. Also, the law only requires verifying age, and doesn't require storing the birthdate afterwards. That one is entirely on Google.

So overall, my trust in anything that Google claims is rather low.

You may not like the bevahior, butlt there's no indication of dishonesty there. Quite the contrary.
If you are referring my my description, then there absolutely is dishonesty. The notice deliberately implies (1) that is is a legal requirement on me to provide a birthday, and (2) that I can disable the use of this information for ad targeting. Neither of these is the case. Therefore, dishonesty.

If you are referring to reading email for ad targeting, you are correct that dishonesty in one area doesn't necessarily imply dishonestly in another. However, it does mean that a person or entity loses the benefit of the doubt, and must have independent verification of their claims.

No, they'll scan it for other reasons...

I don't trust Google. They are evil.

What other reasons?
may be to build your profile (still not showing ads), but for potential future product like social network or video platform that will show you recommendations based on your profile.
Amazon went from showing every item in order confirmation emails, to showing none. That tells me they don't believe Google's promises either.
Google isn't the only company that might read your email.

Also, hiding order info is a way to push you back to the store to engage in more Amazon ads.

That's great and all, but they literally used to.
Horseshit, they were 100% doing that.
Instead of a list of instructions, it might be nice to have details on how all the things you mention actually work...
That would likely be a much lengthier post with lots of detail. So much that the extent of surveillance would be lost to the reader.
My initial response out loud: Holy fuck. This exists?
This is the dumbest ad strategy ever. Why on earth would ads about a product you just bought be effective marketing material.

This is like how you get a million ads about dishwashers the day after you Google around and buy one. At least wait for a short duration of time to let the target run out of medicine before adversiting new stuff.

I still get ads about leather wallets from when I was searching for one like 10 years ago.
Same, but I think it's also just that Bellroy is just a massive Display advertiser.
Brilliant if you are selling the ads.
I used to think this, but people who just bought a dishwasher are probably somewhat likely to buy another dishwasher, even the same dishwasher, and there only needs to be a tiny fraction of a single percentage chance for it to be worth showing an ad impression.
Presumably even for that tiny fraction of people who buy a dishwasher right after buying a dishwasher there must be a limit to how many times they will repeat the cycle, otherwise ... well, we can imagine the planet Earth completely covered in dishwashers and somewhere under the mass of white cubes, a constant mouse clicking sound and a cry of anguish... Must. BUY. M O R E <clickclickclickclick>.
Well my girlfriend just bought a laptop, it was broken, she returned it, she bought a different laptop, again broken, and now bought a third one. Looking at how many products are DOA nowadays, it might be that a person that just bought something is more likely to buy it again than the average person.

Also in general I've noticed there are a lot of people that return online purchases a lot, even the non broken ones, since you can't determine if the clothing fits, if the colors really look good, if it has a good texture, from pictures and descriptions online.

They may not be good customers, but Google probably gets money per purchase, not for customer quality.

Is she buying them secondhand? What’s the DOA rate on laptops these days? Two in a row must be rather unlikely.
They are all new, I'm guessing bad luck.
Agree, I bought my first dishwasher a few years ago but it seems like every 15 years or so I buy a new one. It's possibly due to those ads. Just can't help myself!
And people who just bought a coffin are probably somewhat likely to buy another coffin.
I don't think they try to sell you what you've alrady bought, I think they're trying to sell you what you have shown any kind of interest in. Perhaps you filled in the order and then backed out- how would Google's recommender system know that? I mean, they sure can but not for everyone, probably (hopefully). So the moment you show any kind of interest in some kind of product, they bombard you with ads for that same kind of product, hoping that they will get you in the short window of time right before you've made a purchase.

... or not. Maybe their recommender systems have simply decided that buying product X is highly correlated with buying product Y where Y = X. Who knows? Probably not even google itself knows.

Also, remember that google is not trying to sell you anything, they're only trying to maximise adoption of their ad platform by advertisers. Who cares what you actually buy? Not Google.

Many purchases are recurring consumables. Food, clothing, medicine, office supplies, car parts- none of it lasts forever. What does it cost to be reminded that you can buy more?

Also, completely unrelatedly, if you saw some armchair internet rando claim they'd debunked a major and long-standing business strategy of market sector leader, how seriously would you take them?

Not sure if it fits with what the poster you replied to was saying but I find it a bit curious when I buy say a guitar on Amazon and my recommendations (emails or ads in other sites) over the next few days are still guitars. I do not remember seeing one of those promotions which follow a purchase being about accessories or add-ons.
I dunno, I’ve bought several guitars in a row…
Well I've had it happen with toilet seats. In 40 years on this planet I've only ever needed to purchase that one. I'd imagine if I needed to get more than one that I would get them all at the same time.
Its a math mistake on Amazons part.

They’ve conflated “most purchases of a toilet seat are made by someone who buys another” and “most people who buy one toilet seat buy a second”.

There’s a small, but high volume group of toilet seat purchases — eg, office buildings or apartment maintenance.

There's probably a nontrivial number of people who renovate houses one bathroom at a time.
I'm sure there are. I'm also sure, having been around house flippers (my brother flipped for a while, my MIL flipped for a while) and reno (my parents, my MIL, and my wife when we were dating) a few times in my life, that they don't buy them through Amazon/online.
That's the sort of thing you buy a new one because one broke and now it shows up how tatty (worn, old, messy) the other one(s) in your house are. Or someone asks where you got it ... "oh, I can't remember but Google ads showed me the same one of available at $diy_store", or whatever.
(comment deleted)
No automated recommendation system is going to be perfect; it’s either going to over-recommend or under-recommend. From the way the Amazon system works, we can infer that they have decided that missing to the over-recommend side is a better business strategy than missing under.

And it kind of makes sense if you think about it... really, what are the consequences of seeing these silly over-recommendations? Did you stop buying from Amazon? I bet the vast majority of people shrug or laugh, but don’t change habits.

Also, big one-time purchases tend to be rare, so optimizing a recommendation system around those is probably suboptimal compared to optimizing it around frequent consumable purchases.

I can see what you are saying, the downside is pretty much nil. And it seems like people do buy more guitars than just one. I'm currently just entering this phase where I just now stopped regretting the purchase because I couldn't play any music out of it initially. :)
> I bet the vast majority of people shrug or laugh, but don’t change habits.

Or you tell all your friends about it and end up having a conversation about guitars/dishwashers or whatever.

It may not be intentional on their part, but spin off conversations can be a nice by-product for them. Feels like it helps it stick in the mind, a bit like writing a witty TV ad.

I think guitars are like bicycles where the optimal number to have is n+1 where n = the number you currently own.
Unless you are married or in a committed relationship, then it becomes n-1 where n = the number at which your significant other leaves you.
> What does it cost to be reminded that you can buy more?

At a certain point in my life, one where I sought fewer material comforts (and had less media exposure), I used to claim that advertising won't convince me to buy anything but it may convince me not to. There is a very fine line between persuasion and overstepping ethical boundaries.

Sure, but for most people that line is not so fine.
I had a 2-4-1 offer on chainsaws sent to me.

Business is subject to fads and stupidies, we have proof that open officez are a net negative, yet businesses continue. We have proof that getting people to change passwords every month is bad for security, but its still policy in many places. We have proof that using basalt or stainless rebar in RCC is more cost effective in the long run, but bs still continues.

Maybe enough people who buy chainsaws are running tree trimming crews?
I live on a farm and want multiple chainsaws. I've 3 currently and wouldn't mind a couple more.

For urban life multiple doesn't make sense. For professional/rural it really does.

To reinforce the notion that you’ve made the right choice and keep you as a long term loyal customer. This is an expressed part of car ad strategies.

For medicinal products I’d be keen to see research on whether a treatment group being re-targeted would report better efficiency of a treatment than a non-retargeted control.

Cause, and effect.

It throws dust into eyes of advertising efficiency measurement.

Company pays for ads, and Google just sizes the ad impressions to what it can find.

Yandex Ads network has a wonderful button - "I'm already bought this product" to stop ad spam on the things already at home )
Why would I want to give the ad networks additional information and make their advertising more efficient? Given they exist, I’m perfectly okay with advertisers wasting money on badly targeted ads.
Because some things in life are win win. I actually prefer relevant ads vs irrelevant ads.
Me too, but I also prefer fewer ads over more ads. The more efficient we make ads, the more of them there will (virtually guaranteed) be.
Quantity of ads seems more like a decision for web site operators to make, balancing the wishes of viewers and clients. If a site's ads drown out the content I go there for, I'd give up on the place, but if a site's ads are "too relevant," I'd probably keep going there.
Then again, could be fun to screw with them a bit. I wonder what would happen if you just kept clicking I already bought this on everything that pops up. Or better yet, just write a script that clicks it every time one of those ads appears. I wonder if it's possible to go through every single item they advertise and what would happen if you did.
If you want to stick it to the man there is: https://addons.mozilla.org/en-US/firefox/addon/adnauseam/

That clicks all adds for you. Maybe it can be modified somehow to click already bought item?

I suspect that when you do this the following thing happens:

* Big businesses are unaffected as they use click fraud prevention services.

* Businesses that don’t use that have to pay more money to Google because people clicked on their ad, and they think their marketing is effective (at least from a click through perspective).

* Google makes even more money because you are clicking on all the ads and it makes them look better. They can demonstrate how well their marketing platform works even better!

Simple Bayesian logic.

P(buying crap) < P(buying crap | has bought crap before)

Advertising is applied statistics and works on large cohorts. Nobody cares about you personally or your psychology.

Upvoted, this is a great comment. Thanks for finding the words to sum it up so concisely.
(comment deleted)
Along with what others have said, the system isn’t perfect and some marketers aren’t great at their job. It’s easy for recently purchased data to get mixed in with just about to purchase data. It’s easy to forget to exclude an audience of people who just bought, etc.
The strategy is extremely effective, especially for high-priced but rarely purchased items like dishwashers, cars, flooring, etc.

Consider: one of the hardest parts about advertising is figuring out when someone is ready to buy the product. That is why car companies bombard ads everywhere, just to catch you in the rare moment when you may be buying a car. Lets guess that maybe the odds of a random person wanting to buy a dishwasher is 1 in a million.

Now consider someone who has just bought a dishwasher. What are the odds they need a new one or a second one? Maybe the one they bought is a few cm too tall/wide/deep. Maybe it came broken on arrival. What are the odds here? I have no data, but I would guess like 1 in ten thousand.

The odds of you buying a dishwasher and then needing to buy another are much better than the odds of someone wanting to buy a dishwasher in the first place, because the hard part is finding people who want to buy a dishwasher.

(comment deleted)
I'm sorry but that doesn't make sense to me at all. Is that based on anything more than intuition because if not I'd like to say that mine sides with op. I'll add some numbers too. If a dishwasher has a lifetime of 20 years and a person is 'sensitive' to adds for dishwashers for a month surrounding the time it breaks, you're talking about a 1 in 240 chance if you 'randomly' target people with a dishwasher, which should be doable to predict with a 1 in 4 chance using some basic demographics. That's roughly 1 in 1000 'total', 10x better than your 1 in 10.000 ;)
I do not have concrete numbers, but would love to know for sure if anyone on HN is from the industry.

I think once your dishwasher breaks, the time you are “live” to buy is closer to a week :). Also it is (maybe?) harder to identify a person with a broken dishwasher than one who just bought one and may need another.

The reasonable explanation I've read elsewhere is:

Something like 30% of purchased products (including appliances) are DOA or returned.

The follow-on advertising is hoping to capture your replacement activity.

Pretty sure this doesn't apply to medication or dishwashers. :D
I hope you're right about medication!

People really do return major appliances though. Perhaps dishwashers less frequently than refrigerators, though people never fail to surprise me.

dishwashers have standard dimensions

"A standard dishwasher is about 24 inches wide, 24 inches deep and 35 inches high. Most cabinet openings are made to fit a standard dishwasher size. Note that certain handles may affect the overall dishwasher depth. Oversized dishwashers are built wider than the standard opening."

they come in three sizes compact standard and custom.

Bought a cordless screwdriver at Amazon, now get lots of ads on Amazon for cordless screwdrivers. Bought a dishwasher, now get ads for dishwashers. Dumb I know (or I'm dumb because I don't get it)

Other comment explains it though: Many people return the dishwasher or screwdrivers (they might have ordered several) - Amazon wants to make sure you buy with them (though my account history should show that I practically never return things because I hate getting returned things as new).

The models use past behaviour (looking at dishwashers) to predict future behaviour (buying dishwashers). Spending cash on something is a much harder signal of interest than looking at it though. So the models would be stupid to ignore that. The question of "how many dishwashers does that person need" is hard to answer and thus mostly skipped when opportunity costs are low.

Personal anecdote: Recently I cancelled an order because a better product was shown in ads post-purchase.

I've bought 3 mechanical keyboards in my life. 2 were within a week of each other because the first was defective and returned.

Thus far, the clearest signal for answering the question "will I buy a mechanical keyboard in the next few days?" is "did I just buy mechanical keyboard?"

Well buying something tells them a lot anyhow. Brand loyalty, possible interest in consumables, favourite places of purchase.. It's not necessarily to advertise the same thing.
No, it is not. In many countries, one can return the product within two weeks, no questions asked. Why wouldn't they, if they get a better deal from an ad?
Well it makes sense in this particular use-case. Voltaren is an arthritis pain relief gel. This is something you will continue to need and would rather buy online instead of walking to a chemist when your joints are not in great shape.
(comment deleted)
From a boarder perspective, maybe the data is about knowing when someone else will buy a dishwasher. If people make similar journeys.

Also, this person is now in a certain class of shopper (I think some this may be Experian Mosaic classes), so the advertiser knows what quality level of dishwasher this person is buying. The cheapest kitchen applicances, or premium kitchen applicances? Premium kitchen applicances on credit or premium kitchen applicances full price?

This will have a massive effect of choice of other items to advertize, the difference between ads for loans (credit purcahse) or ads for international holidays (full price purchase).

Even better: flush your smartphone down the toilet.

I mean, if you have to try and double-guess your phone to make sure it's not spying on you the game is lost. I don't even know what game that is. But it's lost.

Or replace your phone with a one you can trust (Linux phone).
https://calyxos.org/ and https://grapheneos.org/ both go part of the way. They're hardened, privacy-preserving Android flavors that work best on Google Pixel 3 - 5. CalyxOS emulates google services so you can use basically any Android app, while GrapheneOS goes further down the security hardening hole.
Get a landline and answering machine. Receive only pager while on the go.
Pagers are rather famously unencrypted, and a hospital near you is almost certainly broadcasting personal and identifying information about patients right now, in the plain, and you can easily pick it up with an SDR.
Or better yet, use an iPhone. Then you can use your GPS.
(comment deleted)
> Opt out of VISA marketing

> U.S cardholders may opt out of Visa using their card transaction data for VAS, a suite of aggregated data products in the United States.

So while outside of US, I don't get the perks like cashabacks and no privacy either!

> Better, get a de-Googled ROM

If you have the patience and knowledge, I can't recommend this enough. If you don't have the patience and the knowledge, this is a good way to end up with a non-functioning phone. (It will probably be recoverable, provided that you have the patience to acquire that knowledge and don't mind being without a phone in the meantime.)

When I say I can't recommend it enough, I mean it. I have been okay with simply disabling Google services for the past few years, yet Google seems to be embedding their services deeply in applications like Phone, Messages, Contacts, and Files. It is at the point where these applications would throw up a stream of notifications when Google services were disabled on Android 10. Even though they appeared to be usable, they are clearly trying to annoy people into re-enabling Google services.

Which one do you use/recommend?
It depends upon what is available for your device and what you want out of the firmware.

What I will suggest is looking at the device specific forums at XDA. You will get an idea of what is available and what is reliable. Personally, I shy away from distributions that don't include a "what works" and "what doesn't work" section in the first post. I also prefer "official" distributions. At the very least, it is easier to track updates. The next filter I use is feature based. In this context, look for distributions that don't include Gapps and offer additional privacy enhancing features. Once you have something that you think you want, read the thread for the distribution. It often reveals pitfalls, variations within the model, and variations between carriers. These pitfalls exist even with the popular distributions, which is another reason to check out the forums.

I went with OmniROM this time around, but I have been happy with Resurrection Remix on other devices. Some devices have nice alternatives that are specific to them. As an example, I use KatKiss on the Asus TF300T. For a while, it was running a more recent version of Android than my much newer phone!

For maximum security & privacy, go with GrapheneOS (used to be CopperheadOS back in the day). Caveat is that you won't have Google Play (or even MicroG), which means some Google apps (and paid apps) won't work and if you want apps from Google Play then you need to install Aurora app.

If you want the above, but also want access to Google Play apps, then install CalyxOS.

The third option is LineageOS (was originally CyanogenMod back in the day). This custom ROM is the most accessible for a variety of devices. It's good for privacy, but, because the bootloader is left unlocked (which may or may not be relevant depending on your threat model), it is the least secure of the three.

Both GrapheneOS and CalyxOS have very user-friendly installation methods, but exist primarily for the Pixel line of devices. LineageOS has the most involved installation process, but it's available for the widest variety of Android devices.

I've installed all three ROMs on several different devices. For the average person, CalyxOS will probably be the best bet (though I think the Trebuchet launcher in LineageOS is better).

Are you saying that Google collects and uploads your location data (GPS and cellphone tower ID), despite opting out of data collection on Android?
The first one seems most likely to be the relevant answer to how this was tracked:

https://adwords.googleblog.com/2017/05/powering-ads-and-anal...

> Google’s third-party partnerships ... capture approximately 70% of credit and debit card transactions in the United States

See also https://www.bloomberg.com/news/articles/2018-08-30/google-an... and https://www.technologyreview.com/2017/05/25/242717/google-no... - Google has deals with the credit card providers to get purchase data so they can link them back to your online behavior.

And people still think Google et al. eavesdropping peoples homes is tinfoil hat level ...
> Better, get a de-Googled ROM

Which means no push, breaking an absurd amount of apps.

Holy shit, what a great phishing tool. Send people an e-mail to opt out of Visa Marketing at a vaguely long/confusing URL and ask for their CC# and PIN. The fact that this site is real makes it more convincing.
I might be naive but I don't see how the CC company would have the list of items you purchased.
Technically the system is designed such that the CC company knows nothing of the receipt and the merchant knows nothing of the buyer.

If you're using a store card, the merchant == the CC company and so knows everything about you anyways.

If you're not using the store card, the merchant probably has an agreement with the CC company to share the information, so the technical implementation is irrelevant.

Visa doesn’t build audiences for item-level data. I used to build these audiences at oracle (there are other posts in my history about visa audiences).

Geolocation is not very accurate from gps, so unless the store was off in a field by itself that’s not what happened here.

The only real way to avoid this happening would be to use a new credit card for each purchase, with a fake name/billing address.

Interesting one! But this is only for US. Is there something similar for Europe? (And for Mastercard as this is what my bank uses for my debit card)
All valid suggestions, but at the same time the burden of this ought not to fall on the consumer. Additionally, even though a small number of individuals may have the motivation and technical ability to opt out of everything, they're still trapped by the network effect of everyone else doing it.
Is there an intl equivalent?
> disable GPS

Is there no way to get GPS location, without sending it to Google? As I understand, GPS positioning does not require the phone to send any data?

It’s probably a coincidence or just the worst advertisers on the planet. Why would I show an ad to someone who literally just bought my thing?
It's pretty common. I once bought a fan online and had ads for that same fan follow me around for weeks. I believe they're called "retargeting" ads.
Retargeting is generally done after you have shown interest in a product, but haven't converted yet. "Conversions" are always excluded if possible. It makes no sense to retarget a recent buyer.
I agree it doesn't make any sense, and I would prefer to live in a world where ads were served as you described.
They may not know you converted, especially if the ads are internet and the purchase was in-person.
> Why would I show an ad to someone who literally just bought my thing?

The majority of targeted advertising I see is for items I just bought. There’s also a reasonable explanation for this...

Not every merchant shares purchase data, so if you do any research anywhere before making a purchase, they know you are interested, but as there was no tracking beacon on the site you ultimately bought from (or the purchase was misidentified or delayed or any number of reasons), that’s why you are now seeing targeted ads for it.

I have not done anything Voltaren related and have noticed a bunch of ads. So I think they just did a big ad buy.
It's listening from your pocket.
I guess it could just be coincidence?

Have you ever noticed how you don't seem to see much of X, and then all of a sudden you see one X. And then you can't stop seeing X.

Though, googles probably spying on you.

This happens a lot and what I find the strangest thing is that the ads are for things I just bought: travel I just booked, freezer I just bought etc. I do not need anything again that I just bought and so these ads are even of less use than they normally are...
I’m going to guess that the drug store sold your transaction information. Who they sell it to varies from chain to chain, but it’s common practice. For example, CVS in the states sells your purchase data.

If you want to avoid being tracked, use cash.

Are there credit card companies which do not sell transaction data?
In Europe, are there any other credit and debit card companies which are not VISA, MasterCard, or Maestro?
(comment deleted)