# A Short Word About GDPR

If you’re not dead and you’ve been on the internet recently, you’ve probably head about GDPR. Given the circumstances of you reading this article, I’m going to assume that both of those things are true. GDPR, which of course stands for Google Democratic People’s Republic General Data Protection Regulation, is a new law in the EU. The gist of it is this: you’re data belongs to you; you get to choose who has it; you get to choose how it is used.

Without fear of breaking my NDA, I think I can say that GDPR led to a lot of internal effort at Google. Perhaps not quite as much as you would think. Google does genuinely try to be a good steward of its users’ data. But still, there was effort, and possibly the biggest nexus around which that effort revolved is Google’s advertising business.

Most of the commentary on GDPR amounted to it being an annoyance for large businesses and a burden for smaller ones. Some smaller companies have stopped doing business in the EU permanently (or so they say). Some lightbulbs have stopped working in the EU (not kidding). Some US news websites are currently blocked1, and USA today actually threw up an EU only ad free version of the site2.

There is also some effect on small blogs such as this one. At least: some effect on small blogs such as this one… which happen to use use Google AdSense. Google has actually made it the publisher’s responsibility to get consent for showing personalised advertising. Why would a publisher want to do that? Well, let me illustrate by showing the “tracking type” distribution for the tiny amount of AdSense revenue I’ve made via this site:

As you can see well over half of this tiny amount of money has come from personalised ads3. If this was my main source of income you could see why I might want to keep showing ads with personalised targeting. It isn’t, though. Also: in order to keep showing them I’d have to ask each user if they’re okay with it. Then I’ve have to store that information somewhere, probably with a cookie. I do not want any part of using cookies.

Where I’m going with this, dear reader, is that I’ve gone ahead and made the decision on your behalf. Sincere apologies if you do wish to be tracked, and see adverts which are more relevant to you on all of the websites you visit. However I’ve decided that actually I’d prefer the readers of this site not be tracked. So, as per Google’s instructions, I’ve added the following line of code to the ad unit which is shown on this site:

(adsbygoogle=window.adsbygoogle||[]).requestNonPersonalizedAds=1


The upshot of this is that you should never see personalised ads when reading this site.

1. What the hell are you doing with our data, guys?

2. It’s wonderful. Just HTML and CSS. I wish this is what all news websites were like.

3. Personalised and contextual targeting are somewhat straightforward. “Run of network” is remarking (you put these shoes in your basket but didn’t buy them), I think. Placement means someone specifically placed an ad on my site. I don’t have that enabled (I think?), so it makes sense that it’s zero. “None” is a puzzling one, though. It’s not included in the AdSense definitions. I guess there are circumstances under which an ad is selected randomly?!