58 comments

[ 3.8 ms ] story [ 166 ms ] thread
Interesting, I never considered how that could spoil the surprise. I guess the most straightforward solution is to do private browsing when shopping for gifts. Pretty annoying since it won't have any of your saved data (logins, saved forms, etc.) but you don't have to worry about the ads.
Isn't gift shopping one of the first reasons given for the use of incognito mode?
That ones gonna go over well.

"Honey, why is your browser on incognito mode?" "Uh, yeah I was shopping for gifts. That's it. "

A browser can't be in incognito mode; only a browser window can. You're supposed to close it when you're done.
For mobile safari, the browser goes into incognito mode.
More reason to justify the use of the AdBlock browser extension.
I can't wait for the day Firefox bakes it into the browser.
Serious question: What's stopping them from doing so?
Their large contract with Google, perhaps? That's my guess anyway.
I'd imagine he only reason adblocking is still as effective as it is is because it's used by so small a number of users. If it would ship by default, advertisers would have a much greater incentive to work around it, and ruin it even for the small minority of people using it now.
So, retargeting is the process of focusing all advertising efforts on selling you something that you've already bought?

Marketing people are like aliens.

Of course in some cases it ends up like that, but as someone who sees stats for a very big company in the IT world, re-targeting does work. I see a large number of metrics including ROAS (return on ad spend), and the false negatives are more than made up for by successful sale conversions.
Retargeting works, but it requires optimizing. Often this is not set up well, because it works so well without optimizing it.

It requires a high level of technical chops to see this and set up. Most traditional marketers just don't have the skills to set it up or the correct access to make the right changes.

No - it focuses advertising efforts on people who have visited your website. So, you look at a jacket, but then aren't sure you want to buy it, retargeting makes you see that jacket again and again until you change your mind. Then you keep seeing it anyway.
You know, I'd almost be willing to give ad companies access to my credit card statements, so they'd know when I bought something and stop telling me to buy it.

And I bet ad companies realize this. This privacy-invasion paradigm is only getting started.

Netflix is a big offender here.
If they know every page I've visited on the site, how do they not know when I've made the purchase?
retargeting is crazy effective (for me at least). After buying a home, I spent a lot of time buying things like tools etc. Often times i'd be about 90% ready to purchase something, but for some reason or another i'd decide against it. Those ads following me around would usually get me across the finish line. I ended up installing adblock.
That's funny. The ads were effective, and relevant, but you blocked them? Are you fighting a tool addiction?
"Are you fighting a tool addiction?"

I think you've given my wife a name to my problem :D

Wow... so the publicly-advertised use of Incognito Mode of shopping for Christmas presents...

...turns out to be true. It's not just for porn after all.

Incognito mode doesn't escape retargeting, at least for adwords / doubleclick. I work in the space and it's truly a pain to see the 'natural' ads.
how is it supposed to retarget you without cookies then?
By fingerprinting you based your other identifying information, including things like your OS, browser version, screen resolution, installed fonts, computer host name, list of browser plugins and extensions, IP address and ISP, and possibly the sites you've visited.
Do you know for a fact that any retargetting companies are actually doing that, or just that it is possible?

After the Facebook Beacon[1] and Google Safari cookie control bypass[2] settlements I would have thought legitimate companies would be a little reluctant to push the envelope so far as to explicitly bypass privacy controls.

[1] http://en.wikipedia.org/wiki/Facebook_Beacon

[2] http://www.informationweek.com/security/compliance/google-se...

If I were a retargeting company which did that, I'd probably keep it a secret.
There is at least one company doing this. I sat through a pitch a couple of weeks ago from a company touting that as their primary function. They couldn't explain how or if they dealt with users that don't have static ips, use proxies, are NATed or any other technical issue of course but it was a sales guy with a deck so not too surprising. I've asked my partner that was also on the call, and was actively being solicited, for the name and will update this post if he gets back to me tonight.
> From the IWeek article: The FTC and 37 states have taken action only against Google, likely because Google's privacy policy stated that the company would comply with Safari users' tracking choices.

> legitimate companies

Google is both an advertising company and a product company (and big and famous), and also uses Don't Evil as part of its brand; this why it has a user-friendly privacy policy to keep it honest.

B2B advertising companies, which is, like, all of them, have no need for privacy policies, unless their customers (website owners) demand them. And what website needs to have a privacy policy that impresses users? Googe, Facebook, sure, but cheapdiamondsonline.com?

So basically, disable javascript.
Bingo!

I use NoScript (most sites disabled) with Firefox. I also clear everything whenever Firefox closes. I exit Firefox quite often. So the best way to track me would be using IP address. And if they don't use those very often, then ... no problem!

I'm not sure why more people don't do this. On any newer computer and decent broadband connection, Firefox startup is almost instant, even if cache cleared, etc. There's very little penalty for restarts, even between individual websites. Certainly easy to do in the scenario in the article, i.e. between visits to online retailers.

About my only reason to trust Chrome for browsing is for the built-in Flash, which St. Steven wisely eschewed. So I only switch to Chrome when I absolutely want to view some silly video in Flash. Which isn't very often.

Maybe another way to deal with this is to set up some sort of Squid-like proxy on a firewall computer?

No, your browser sends all that crap in the HTTP headers.
What about multiple "users" in Chrome? If you go to the settings page, you can add additional "users" and then open a window as another "user" using the icon in the upper right corner.

Each user gets their own profile: cache, cookies, history, saved data, extensions, etc. The only thing shared should be IP address and user agent. (Unless the user infects the profile with a url that identifies them.)

I use this for testing, isolating my facebook profile, and isolating all of my banking sessions from my main browsing window. (Just in case they have a CSRF issue.)

How does retargeting work through Incognito mode?
Incognito mode doesn't hide the IP address.

Anyway, the solution to this problem is dead simple: Do your shopping at work, or at a library.

I don't believe ads get retargeted by IP address very often. The miss rate is far too high when you have multiple people behind the same IP, and it only serves to subvert people who use incognito mode - which creates an angry user rather than a sale.
(comment deleted)
How do those track you then? Do they only use ip address? Seems like that would really fail for any offices that use NAT.
I used to work in this space, and you could only buy retargeting ads based on cookies. Adwords/doubleclick don't let you specify target IPs: https://support.google.com/adwords/answer/6322?hl=en

If you really wanted to you could do cookie syncing based on IP, but does anyone actually do that?

Well if I were Google, I would make sure that the Incognito mode of Chrome prevents targeting except for adwords/adsense. Pretty easy to do when you control the browser...
Good you aren't Google. That would be evil, drive away Chrome users, be quite possibly illegal, and not possible unless it had something like AdBlock. Once the browser -- any browser -- is communicating with a server, the server can panopticlick-identify it.
Seeing an ad for something doesn't make me assume someone else bought one for me.
But if you see lots of ads for that thing [on a shared internet connection] then it might now?
No, probably not. Even then, do I remember or notice what ads I am seeing? I think this is more of a fear in the mind of the buyer that will almost never be realized.
An easy solution is just to use different profiles. Chrome supports having different users on the same browser. I use this feature at work to keep corp and private profiles separate.
The crazy thing for me is that i keep getting advertised with my own products. Just a bit of bug-finding on the company site, and voila! that's all I see, no matter where I go.

The funny thing is when people with no clue about how internet advertising works, and they rage at a site for advertising something. Something like 'I cannot believe your site has ads for XYZ! That is outrageous and hypocritical!'. When there is a good chance they have been shopping for XYZ themselves, and that's why the ad popped up.

That's not how advertising works, it's how advertising is insane and broken.
"This holiday season is one more reason to cry")
I find retargeting creepy to the point that I installed an adblocker. The first time I noticed it, was when I booked a holiday to New Zealand and paid a deposit to hire a camper van online. Suddenly started noticing ads for that company everywhere online, where as previously I hadn't noticed any. Even after I came back they persisted for a while but eventually ceased. When in reality I'm unlikely to repurchase something like that for another 1-5 years.
It will usually last 30 days.
I run a retargeting company and this annoys me too!

The reason this stuff happens is because many players in the space soak up advertiser spend by not immediately opting users out of product retargeting campaigns after a purchase is made. The advertisers don't always know to ask for this and the retargeting companies make more money if they don't suggest it.

These personalized campaigns are so profitable for the advertisers that they don't notice the extra spend being bled out on people who they shouldn't be retargeting.

This tends to happen among the big "enterprise" retargeting companies that serve large online retailers like Macy's. There's so many people involved in the deals and operations of the campaigns that no one person is there to say, hey, let's make sure this doesn't happen.

The takeaway: Only work with retargeting vendors that give you control and visibility into who you're targeting and why! We do this, but so do others. Not everyone is this lame.

(comment deleted)
Seriously, why would you click inside an ad to turn it off? That's the kind of behavior that gets you even more "one weird trick" and flashing "millionth visitor this second" ads that follow you around everywhere. I probably would've gone another year or more without knowing what that stupid triangle was for.
What do you mean "even more"?

If you turn off targeted ads, then you get more untargeted ads. Is that what you were saying?

I mean that if you click on an ad, you tend to get more of that kind of ad. And since ads routinely have misleading UI, I wouldn't expect clicking on an ad to let me turn it off / make it less annoying.
I didn't know retargeting existed until a few years ago when a family member died. I had pulled up the website for a cremation service provider to look up their number, so I could pass it along to the person in the family who was making arrangements.

For the following week, more than half of the Google ad banners I saw all over the web were for the cremation company. Even on things that were completely unrelated, like an Android developer blog. I could reload over and over again and I kept seeing ads for that company. I cleared cookies and it went away, and that's when I realized they were specifically sending me that ad because of an original visit to that website.

To me it really seemed insensitive on the part of the cremation company for them to have bought retargeted ads. You'd have to think that more often than not, people visiting your site have just lost of a loved one. Is it really the best thing to remind them of it on every subsequent website they visit?

I recently bought some underwear. A day or so later, I noticed men's underwear ads on Youtube, and declared "damn you, Google!" I eventually had to search for and watch other topics, like Call of Duty, to make them go away faster.