Google To Refund Advertisers After Suit Over Fraud Scheme (#GotBitcoin?)
Legal claims spotlight tech giant’s dominance in online advertising, both as a buyer and seller. Google To Refund Advertisers After Suit Over Fraud Scheme (#GotBitcoin?)
Alphabet Inc.’s Google has agreed to refund advertisers for ads purchased through its ad marketplaces that ran on websites with fraudulent traffic, following a lawsuit claiming the tech giant was withholding those back-payments, according to court documents and people familiar with the situation.
In 2017, Google offered limited refunds to hundreds of marketers and ad agencies who had purchased online ad space through its online ad-buying tool after the company discovered a wide-ranging fraud scheme that resulted in ads running on sites whose traffic was artificially boosted by “bots,” software programs that mimic the website clicks of humans.
At the time, Google offered to refund the “platform fee” for its ad-buying tool, Display & Video 360, which represented a fraction of the total cost of the ad purchases. Google said it wasn’t in a position to return money that had already flowed from its buying tool to third-party online ad marketplaces where publishers were selling ad space.
But some ad executives weren’t satisfied. The online ad company AdTrader Inc. sued Google in California federal court, arguing the tech giant wasn’t fully refunding everything it could repay, since some of the fraudulent traffic went to ad marketplaces that Google itself owns and fully controls: AdX and AdSense.
Google has planned these refunds since before the suit was filed, according to a Google spokeswoman.
In internal Google memos detailed in the court proceedings, portions of which were unsealed this week and reviewed by The Wall Street Journal, a Google engineer said the company didn’t pay about $75 million of refunds linked to its own products. The engineer blamed technical difficulties related to the links between the different arms of Google’s vast ad operation.
Google has offered to pay refunds linked to its own marketplaces. the people familiar with the situation said. The company said in a statement, “while we have had a longstanding policy of refunding advertisers for invalid traffic, we recently expanded this policy to include ads purchased via Display & Video 360.”
The revelations highlight Google’s unique role in the online ad world, where it is dominant in multiple areas. It is a major player in facilitating ad buying on behalf of marketers and agencies, but also operates powerful marketplaces that serve up ad space for sale across thousands of sites, receiving about 37.2% of digital ad spending in the U.S., according to eMarketer. Google dominance, including its role in online advertising, has become an issue of interest for regulators around the world and some candidates on the 2020 presidential campaign trail.
The complexity of online ad purchasing—which includes layers of middlemen separate buyers and sellers—makes it susceptible to fraud and very difficult for advertisers to recoup money wasted on sites with invalid traffic. Some $5.8 billion in ad spending will be wasted this year to fraud, according to a report released this month by the Association of National Advertisers.
One challenge for Google is that it doesn’t always detect fraud schemes soon after they occur. Under its earlier policy, if the company discovered fraud well after the fact—once money had already been paid through marketplaces to publishers—Google’s online ad-buying tool didn’t systematically provide refunds. But that policy has been updated, the company says, and it will now pay such refunds.
In the memos that surfaced in the court proceedings, the Google engineer described how Google’s automatic system for issuing refunds through its ad-buying tool wasn’t connected to the database of ads flowing through AdX. Relevant teams within Google weren’t even aware of the automatic refund system, he said, according to the court documents.
Google said in court that while it has agreed to make the retroactive refunds, its contracts with advertisers don’t require the company to do so, according to according to a Google spokeswoman.
AdTrader works with both advertisers and publishers, giving it visibility into Google’s dealings with both ad buyers and sellers. Google determined that some of AdTrader’s publisher clients had sites with invalid traffic and withheld payments to them after discovering the 2017 fraud, according to the complaint.
Separately, Google promised AdTrader that its advertiser clients would receive refunds for ads that ran on sites with fraudulent traffic. Based on its view of the situation, AdTrader determined it wasn’t being compensated for money flowing through AdX.
AdTrader and its clients filed suit in the Northern District of California in December 2017, months after the fraud scheme was detected and initial refunds had been paid. The suit is pending. AdTrader is seeking certification to represent a class of advertisers—ad agencies and their clients—who were customers of AdX and AdSense.
“This may be only the tip of the iceberg, so we’ll keep at it,” said AdTrader’s attorney Randolph Gaw in a written statement.
Google has modified its contracts to alter its policies regarding litigation brought by advertisers, a person familiar with the matter said. In September 2017, after the fraud scheme was discovered and some refunds were being paid, Google added retroactive clauses that would waive advertisers’ rights to bring class actions, unless they opted out of that provision.
AdTrader says it opted out of the class-action waiver.
How Google Edged Out Rivals and Built the World’s Dominant Ad Machine: A Visual Guide
The U.S. is investigating whether the tech giant has abused its power, including as the biggest broker of digital ad sales across the web.
Nexstar Media Group Inc., the largest local news company in the U.S., recently tested what would happen if it stopped using Google’s technology to place ads on its websites.
Over several days, the company’s video ad sales plummeted. “That’s a huge revenue hit,” said Tony Katsur, senior vice president at Nexstar. After its brief test, Nexstar switched back to Google.
Alphabet Inc.’s Google is under fire for its dominance in digital advertising, in part because of issues like this. The U.S. Justice Department and state attorneys general are investigating whether Google is abusing its power, including as the dominant broker of digital ad sales across the web. Most of the nearly 130 questions the states asked in a September subpoena were about the inner workings of Google’s ad products and how they interact.
We dug into Google’s vast, opaque ad machine, and in a series of graphics below, show you how it all works—and why publishers and rivals have had so many complaints about it.
Much of Google’s power as an ad broker stems from acquisitions of ad-technology companies, especially its 2008 purchase of DoubleClick. Regulators who approved that $3.1 billion deal warned they would step in if the company tied together its offerings in anticompetitive ways.
In interviews, dozens of publishing and advertising executives said Google is doing just that with an array of interwoven products. Google operates the leading selling and buying tools, and the biggest marketplace where online ad deals happen.
When Nexstar didn’t use Google’s selling tool, it missed out on a huge amount of demand that comes through its buying tools, Mr. Katsur said: “They want you locked in.”
The first step is to understand how online ads are typically bought and sold, and where Google fits in.
Google’s role as both the primary auction house for selling digital ads and an auction participant has led to calls for regulatory action. Presidential contender Elizabeth Warren has proposed unwinding the Google-DoubleClick merger.
Google says that the way its ad products work together is one of the primary attractions for publishers, advertisers and other tech companies. “Publishers use our technology to access demand from over 700 partners, of which Google is just one source,” a Google spokesman said in a written statement. “Advertisers use our technology to buy inventory on over 80 exchanges. Interoperability across the ad tech landscape allows publishers and advertisers to mix and match technology partners to meet their different needs.”
Locked To Google
More than 90% of large publishers use the Google ad server, DoubleClick for Publishers, according to interviews with dozens of publishing and ad executives.
Using Google’s DoubleClick for Publishers is the only way to get full access to Google’s AdX exchange, publishers say. Why is AdX special among major exchanges? One reason is that it connects to yet another powerful Google product, AdWords, which draws on the company’s dominance in search.
For many years, Google’s AdX was the only ad exchange that had access to this fire hose of ad dollars. Google now opens up some AdWords demand to rival exchanges, but AdX continues to receive the majority of demand, according to people familiar with Google’s ad products.
Media companies are so reliant on the proprietary advertising demand flowing through Google’s AdWords that one executive at a major publisher referred to it as “crack.”
Wall Street Journal parent News Corp, a longtime Google critic and active complainant against the company with Australia’s antitrust authority, considered switching its ad-serving business over from Google to rival AppNexus, in which it had invested, but ultimately felt it would endanger the 40% to 60% of advertising demand its gets from Google’s ad marketplaces, according to people familiar with the matter. News Corp has invested in several advertising-technology rivals to Google.
In Australia, Fairfax Media Limited, the publisher of The Sydney Morning Herald, left Google’s ad server for AppNexus in 2016 but returned the following year. The most prominent publisher to have moved off Google’s ad server to AppNexus is German publisher Axel Springer SE—but its biggest American subsidiary, Business Insider, stayed on Google.
One point of tension for publishers: Google’s own properties, along with those of Facebook Inc. and Amazon.com Inc., are competing with them for digital ad spending—and winning. Collectively, the tech giants will take in 68% of the roughly $130 billion in U.S. digital ad spending this year, according to eMarketer.
Overall, Google made $116 billion in advertising revenue last year, a 22% rise from the previous year and 85% of the company’s total revenue. Most of that ad revenue came from Google’s own properties, but the company’s vast role in brokering online ad sales off its own platforms gives it an added level of dominance.
Google has, at times, provided incentives to use its products in tandem. A few years ago, Google waived certain fees for DoubleClick for Publishers if an ad sale was made through its AdX exchange, according to a contract reviewed by The Wall Street Journal.
Last year, Google merged those two products—DoubleClick for Publishers and AdX—into a single product called Google Ad Manager, making it plain to the industry that they are indeed linked, ad and publishing executives say.
Websites put their ad space up for sale in exchanges, where auctions happen. But there are several major exchanges—how do publishers decide which one should sell their ad space? Google’s rivals and critics have accused the company over the years of tilting the process in ways that hurt publishers and help its AdX exchange.
Google is now rolling out additional changes that it says will eliminate any advantage it ever had. But it will come with other changes that publishers fear will reduce control over how they sell advertising.
Google’s tightening of the screws over the years hasn’t just hurt publishers, but also competing ad tech companies.
Several rivals to DoubleClick for Publishers have left the ad-serving business in recent years, including OpenX, Facebook and Verizon Communications Inc.
“The ad-tech industry is like a cemetery,” said Damien Geradin, an antitrust lawyer and professor of competition law and economics at Tilberg University in the Netherlands.
At the start of 2016, Google began requiring ad buyers to use Google’s tools for purchasing video ads on YouTube, by far the most trafficked video site on the web. Previously, advertisers could use various third-party buying tools to purchase ads on YouTube.
“That was in many ways the beginning of the end,” said Brian O’Kelley, the co-founder of AppNexus, which sold to AT&T Inc. last year for around $1.6 billion after its revenue growth stalled. Mr. Kelley had previously acknowledged that AppNexus, like others in the industry, was also battling to root out fraud in its system.
“Google used its monopoly on YouTube to put its hand on the scale,” said Ari Paparo, who today runs Beeswax.io Corp., an ad-buying specialist that competes with Google.
Also in 2016, Google began allowing data it gathered from services like Gmail and Google maps, such as users’ locations and email addresses, to be used in DoubleClick’s ad-targeting system—but only for customers of its ad-buying tool DV360. Google said it anonymizes and aggregates this data into audience segments, and stopped using Gmail data for ad personalization in 2017.
Rival ad-buying companies say when they asked to access the data, Google refused, citing privacy concerns. “We offered to sign a privacy assurance, and they said no,” Rajeev Goel, chief executive of rival ad-tech firm PubMatic Inc., said.
One former senior Federal Trade Commission official who supported the DoubleClick deal in 2008 now regrets it. “At the time, it seemed like the right decision, but things changed a lot in the last dozen years,” the official said.
New Tactics Punch Holes In Big Tech’s Ad-Fraud Defenses
Fraudsters use readily available technology to boost site and ad traffic, bolster search results and pad reviews.
Tech giants such as Google and Amazon.com Inc. are deploying artificial intelligence to ferret out fraud on their platforms, but some cybercriminals are outfoxing Silicon Valley with software that is getting better at mimicking human behavior.
One group of developers running a Russian website advertises a $100-a-month subscription to a browser called Linken Sphere. Customers have used the software to get around fraud-detection tools employed by Alphabet Inc.’s Google, Amazon and Facebook Inc., according to researchers and users of the tools. The browser allows users to harness hundreds of stolen online accounts, purchased on the dark web, to generate fake ad traffic or to boost online search rankings and shopping reviews, those people say.
Another popular tool, AntiDetect, also costs $100 a month for a subscription, and offers a $2,990 professional version. Its creator charges an extra $100 a month for personal technical support, servers and free configurations. A tool called Multilogin, created by an Estonian-based company, can control up to 100 different profiles. It charges 99 euros, about $110, a month. Customers can pay more to have those profiles automated to behave in special ways.
All these tools can be used for legitimate purposes, according to researchers. They can be used by tech firms to look for vulnerabilities and test their own defenses, for instance. But they are also being used to evade fraud-detection defense for illegitimate purposes, according to researchers and users.
Linken Sphere’s creators didn’t respond to several requests for comment. On their website they say Linken Sphere can be used for legitimate purposes. A spokesman for Antidetect said it was unfortunate such programs were used by attackers, “but this should not be regarded as the developer’s fault.”
Donat Voronin, chief executive of Multilogin Software Ltd., based in Tallinn, Estonia, said his company’s browser was primarily used for research by companies, nongovernmental organizations and universities but that, like any software service, there were “nonmainstream use cases.”
Fraudsters have typically relied on complex computing software, known as virtual machines, that allows them to anonymously direct fake traffic to sites or ads, to then artificially boost product ratings or reviews. Another long-used trick: Large networks of hacked computers, known as botnets, can send fake traffic at these targets.
Many big tech companies have come up with defenses to identify these and other techniques, by looking more closely at the accounts and using artificial intelligence to determine whether they are active or not. If they aren’t, that is a red flag and a sign of possible fraud.
The new tools, however, can evade some of these AI-enabled defenses. The tools essentially act like browsers—alternatives to Microsoft Corp. ’s Internet Explorer or Apple Inc. ’s Safari—that allow for the creation of hundreds of fake personas quickly and cheaply, according to users of the tools, researchers and discussion forums about them.
The browsers help carry out one of the most popular types of online fraud—spoofing traffic to online ads or social media profile pages, thus increasing the value of those pages by making them look more effective than they really are. Marketers are expected to lose around $5.8 billion on ad fraud this year, according to a report by the U.S. Association of National Advertisers.
A spokesman for Facebook said the company was getting better at spotting fake accounts, and that its detection technology helps block millions of attempts to create fake accounts every day. A Google spokesman said it has been researching anti-detection tools, and that the company blocks most invalid traffic before it affects advertisers. Amazon didn’t respond to requests for comment.
Linken Sphere first emerged in 2017, according to researchers at Recorded Future, a cybersecurity consulting firm based near Boston. The developers behind the Russian-language site, who call themselves the Tenebris Team, say on the site that it can be used for legitimate purposes such as testing the defenses of websites.
Linken Sphere’s developers describe themselves online as security engineers, but a YouTube ad for the product says the service can “successfully bypass anti-fraud systems.” Members of the development team behind Linken Sphere give technical advice on a dedicated chat channel anyone can join, with close to 6,000 members, on encrypted mobile messaging app Telegram. They discourage discussion on that channel about how the software is used, observations of the discussions show.
Fraudsters, though, can use the software to mimic the online browsing and shopping habits of real people. For example, they can send fake personas to visit different websites, click on various links and ads, and leave five-star reviews. Such actions could help boost the popularity of an ad or product, leading to increased clicks and sales.
“It’s like the wardrobe for someone who wants to do impersonations,” said Staffan Truve, Recorded Future’s chief technology officer. “You can pick the clothes and the mustache, and which behavior you want to have.”