- From: Tamir Israel <tisrael@cippic.ca>
- Date: Tue, 21 Aug 2012 17:40:05 -0400
- To: Shane Wiley <wileys@yahoo-inc.com>
- CC: "Dobbs, Brooks" <Brooks.Dobbs@kbmg.com>, Lee Tien <tien@eff.org>, Craig Spiezle <craigs@otalliance.org>, 'Chris Mejia' <chris.mejia@iab.net>, 'David Wainberg' <david@networkadvertising.org>, 'Jonathan Mayer' <jmayer@stanford.edu>, "public-tracking@w3.org" <public-tracking@w3.org>, 'Nicholas Doty' <npdoty@w3.org>
Shane, OK. Maybe on the fraud detection (as opposed to SOX) it's too detailed a discussion. It'll come down to the added utility of each, but to assess that, you'd need to have Brooks' special sauce recipe.... Best, Tamir On 8/21/2012 5:16 PM, Shane Wiley wrote: > Tamir, > > I don't want to say too much here but please understand inconsistency in standard signals such as UID/IP address and other factors in themselves can help distinguish fraudulent activity. > > - Shane > > -----Original Message----- > From: Tamir Israel [mailto:tisrael@cippic.ca] > Sent: Tuesday, August 21, 2012 2:12 PM > To: Dobbs, Brooks > Cc: Shane Wiley; Lee Tien; Craig Spiezle; 'Chris Mejia'; 'David Wainberg'; 'Jonathan Mayer'; public-tracking@w3.org; 'Nicholas Doty' > Subject: Re: SOX Requirements RE: ACTION-216 - Financial Reporting "Exceptions" > > OK, thanks again, Brooks (and Chris). And I understand why perhaps it isn't wise to discuss in too great details on a public forum. > > I'll just ask that you folks think about the added utility of UID/IP addresses, given that a determined fraudster can delete the first and proxy the 2nd. > > And with respect to IP addresses, I think this is one that remains in the 'to be decided' pile of the DNT definition ..... > > On 8/21/2012 5:01 PM, Dobbs, Brooks wrote: >> Tamir, >> >> So to be clear people don't publish there "secret sauce" on how they >> identify and remove click fraud, or to be more politically correct >> "low quality" clicks. So your question is - do UIDs fix his problem. >> Obviously not knowing the secret sauce I can't specifically answer HOW >> they help, but I can say they are part of the solution. With clicks >> selling for real values in whole dollars and even upwards of tens of >> dollars, you need to make sure that, for instance, the same user can't >> create a charge for more than one click. This presupposes that you >> can identify "same user". You may also need to know who someone >> isn't, as you wouldn't want someone who financially benefits from the >> click to do the clicking. The more data you have, the better job of >> determining the quality of the click. Now I use click here as an >> example, but the same really holds true for ad views as well; it is just a question of scale. >> So yes cookies are deleted and some folks have no cookies, but all >> this can be used to create heuristics that build confidence. If you >> don't log IP and you don't log cookies this confidence is pretty hard to come by. >> >> -Brooks >> >> >>
Received on Tuesday, 21 August 2012 21:40:50 UTC