Welcome back to BRANDED, the newsletter uncovering how adtech companies fund hate and disinformation. Here’s what’s new with us:
Ever wonder how Google Ads divvies up your ad campaign?
The answer is simple. Some of it goes to Google. The rest of it goes to the “sellers” — people who sell ad space on the internet. Nine out of 10 sellers are hidden from advertisers.
We already know that Google Ads is the biggest ad exchange in the world. But what you may not know is that Google also maintains the largest network of confidential publishers in the world. That is, 89% of seller accounts in Google’s vast inventory — which links publishers to Google Ads payouts — is completely untraceable.
Why are there so many mystery accounts on Google’s Ad Network? Because Google has a long-standing practice of letting publishers monetize their websites without revealing their identity to advertisers. And there are a lot of people out there who want to anonymously collect free money from the biggest ATM in the world.
There’s a lot of money disappearing into the hands of unknown people here. According to Google, when you spend $100, Google takes $32. The rest of it —$68 — is pocketed by the seller. According to Digiday, Google Ads runs about $300B of ads every year. And, according to a recent Jounce Media study, Google maintains over 1 million hidden seller accounts. That too, is just a very educated guess.
The fact is, no one knows how many secret Google accounts exist or how much revenues they may be taking in. But we know enough that we can safely say it’s propping up the global disinformation economy.
Google’s practice of flinging billions of unaccountable ad dollars across the internet explains a lot. On the one hand, it explains why advertisers are still finding their ads in places they thought they already blocked. On the other hand, it also explains why our news and information ecosystem destabilized so quickly over the past decade.
We did not just fall into this vaunted era of chaos and polarization. Google has manufactured a uniquely explosive situation: sending billions of ad dollars everyday to unknown individuals around the world. It is effectively one of the largest dark money transfers in the world — and it’s funded by all our ad campaigns.
Let’s step back for a moment.
When you run a Google Ads campaign, you can run a report to check your ad placements. On this report, you will see a long list of domains where Google served your ads. Every domain on this list is linked to a Seller account. A Seller account contains both identification details and bank account information, so Google knows where to send the checks.
For example, when WIRED.com earns Google ad revenues, the check goes the Seller account owned by its parent company Condé Nast.
But not all sellers are like Condé Nast, which maintains a small family of websites. Some Sellers are ad exchanges themselves, with massive publisher networks of their own. For example, Amazon maintains Seller accounts with Google. This allows Amazon to plug its own massive network of publishers into Google’s ad network.
But that’s not all. Amazon also brings thousands of supply-side platforms (SSPs) and ad networks with it. Each one brings their own endless supply of content publishers to the table. Google works with at least a dozen of these large exchanges,including Facebook, Amazon and Magnite. Now we’re talking tens of millions of content publishers.
Think of it like a Russian doll. Google is literally so big that every other ad exchange folds into Google’s ad network. Google is involved in over 80% of the quality ad impressions in the U.S. And crucially, it has seller information for all of them.
The question is: why won't they let advertisers see it?
Once upon a time, even Google agreed this was sketchy. In 2017, Google and Interactive Advertising Bureau (IAB) invented a new standard designed to help advertisers track their transactions.
The ads.txt protocol would let publishers list the ad exchanges they’ve authorized to serve ads on their websites on their ads.txt file (e.g. nytimes.com/ads.txt). Meanwhile, ad exchanges would maintain a sellers.json file, confirming that they partner with the site.
Advertisers would be able to use these two files together to verify that their ad revenues were landing with the right seller. With so many bad actors “spoofing” websites, an ad exchange’s sellers.json file gave them essential information:
That was the idea, anyway. Google was a huge cheerleader for the effort. They co-developed it and promoted its adoption across the industry. But over the last few years, all the other ad exchanges have published their sellers.json directories — and Google did not join them.
What happened? Industry mag AdExchanger asked them in 2020, and got back some very “dog ate my homework” vibes:
Was the world’s most powerful tech company really being foiled by the challenge of… updating their website?
They also said they were really thinking hard about how to protect the little guys speaking truth to power. “If you are in a location where freedom of speech is not as protected, and you are posting content that is critical of certain things, that could be a potential risk,” a Google rep said. “We have to make sure we respect publishers’ security and safety.”
But is that what this really about? Today, websites like SmithsonianMagazine.com, India.com, Mashable.com and TrustPilot.com all enjoy confidential seller accounts with Google.
These aren’t exactly tiny activist blogs standing up to repressive regimes, and we are certain they check their email.
What is really going on here?
As Google continues to string the industry along, advertisers are the ones paying the price. And it's steep!
Without seller crucial information, advertisers can’t meet the standards they’ve set for themselves, putting them at near constant business and legal risk.
It’s harming their brand equity. Intercom made a public statement that they supported Ukraine. Days later, we found their ads running on Russian state propaganda. How could they have possibly prevented the placement to begin with when they have no capability to block Russian sellers?
It interferes with business practices. Last year, shareholders at Home Depot and Omnicom introduced a resolution demanding a comprehensive digital advertising audit to ensure ad dollars weren’t funding disinformation. How are they doing to do that without access to end recipients?
It could land their executives in to jail. Last year, Adalytics found Google’s ad exchange placing ads on potential Iranian, Syrian, Donetsk, and Crimean websites for at least 5 years. Brands such as PayPal, Subaru, and Yale University had ads runningon sanctioned websites. Violating OFAC rules is no joke. Executives at these companies could face criminal liability.
The only tool Google gives advertisers today to manage these incredibly significant liabilities is... blocklists (or exclusion lists). But blocklists only enable you to block domains — not seller accounts. And the bad guys learned how to evade domain blocklists a long time ago.
The seller account-level is where the real abuse is taking place — with Google looking the other way.
In 2020, we reported that even though Breitbart was blocked by thousands of advertisers, they continued to monetize their website using other people’s seller accounts. And, that we had no way to identify the accounts because Google hasn’t disclosed them. It was a dead end.
While advertisers continue to invest in brand safety technology, the bad guys had discovered that having a seller account is the key to life after blocklists. With access to a seller account, they can create new websites, streaming shows, and apps to continue monetizing through their collective pool of content.
More recently, we’ve found Steve Bannon monetizing his show via seller accounts owned by a 24/7 streaming weather channel called WeatherNation. We've found disinfo rag The Post Millennial operating a Canadian content farm called WhoaCanada(.)ca — filled with tips for your next visit to Quebec City — to subsidize its true operations.
But that may actually be the least of our worries.
Earlier this year, we revealed the contents of The $1M Google Sitelist. This leaked placement report showed us how Google’s algorithm serves ads when it runs on the default settings. The list was 400,000 sites long.
While we found the usual spread disinformation and propaganda sites, the vast majority of the sites were actually content farms. Content farms humming quietly in the background, filled with anodyne content, from fashion and entertainment to sports and gossip.
These are the sites that don't bother anybody. They don’t set off any brand safety filters and instead, collect ad revenues blue chip advertisers with big budgets looking for “brand safe” places to advertise.
Most of them are also impossible to trace back to an owner. It’s an ATM for someone — but who?
In March, we called on Google to release the sellers.json of all Russian accounts. Without ownership data, no advertiser could ensure their ads were being kept away from state-affiliated individuals or businesses.
Today, we're calling on Google to release their full sellers.json directory. There is no reason not to.
Thank for reading!
Nandini and Claire
Did you like this issue? Then why not share! Please send tips, compliments and complaints to @nandoodles and @catthekin. If you like this research, please support Check My Ads as a member!
Check My Ads Institute is a non-profit 501(c)3 organization.