AdTech Confidential: Mastering Vendor Due Diligence and Privacy with Richy Glassberg

Intro  0:01  

Welcome to the She Said Privacy/He Said Security Podcast. Like any good marriage we will debate, evaluate, and sometimes quarrel about how privacy and security impact business in the 21st century.

 

Jodi Daniels  0:21  

Hi, Jodi Daniels here. I’m the founder and CEO of Red Clover Advisors, a certified women’s privacy consultancy. I’m a privacy consultant and certified informational privacy professional providing practical privacy advice to overwhelmed companies.

 

Justin Daniels  0:36  

Hello, I am Justin Daniels. I am a shareholder and corporate m&a and tech transaction lawyer at the law firm Baker Donelson, advising companies in the deployment and scaling of technology. Since data is critical to every transaction, I help clients make informed business decisions while managing data privacy and cybersecurity risks. And when needed, I lead the legal cyber data breach response for good.

 

Jodi Daniels  1:02  

And this episode is brought to you by Red Clover Advisors. We help companies to comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. We work with companies in a variety of fields, including technology, ecommerce, professional services, and digital media. And short we use data privacy to transform the way companies do business. Together. We’re creating a future where there’s greater trust between companies and consumers. To learn more and to check out our best selling book Data Reimagined: Building Trust One Byte at a Time, visit redcloveradvisors.com. Well, we are going to have some fun today.

 

Justin Daniels  1:39  

You’re very energized. Why don’t you tell people about your recent smoothie drink?

 

Jodi Daniels  1:44  

Right before our podcast recording, I made some smoothies that were really cold. And so all bundled up in a blanket, but it gave me the boost of energy I needed. You can stop laughing now. Okay, let’s get started. We have Richy Glassberg, who does not know what kind of fun he’s in for. He is the Cofounder and CEO of SafeGuard Privacy, a company established in 2019 to help businesses manage privacy compliance with effectiveness and efficiency. A 25 year plus digital media veteran. He has led seven startups and held executive roles at renowned brands and agencies such as cnn.com and MTVN and Turner Broadcasting. Welcome to the show, Richy.

 

Richy Glassberg  2:31  

Hello, welcome. Hello, both you, Jodi and Justin. I’m sorry that I didn’t have a smoothie. I’m still recovering from the first night of Passover last night and too much can filter fish. So I just had a salad for lunch so that I would not die today. Well, it’s a good choice.

 

Jodi Daniels  2:48  

I thought yesterday, today it was really cold.

 

Justin Daniels  2:51  

Maybe you don’t want to put your blanket back on.

 

Jodi Daniels  2:55  

No, I’m good. Okay, well, we still want to talk about that.

 

Justin Daniels  2:59  

So Richy, given that colorful introduction that Jodi provided us, can you tell us a little bit more about your career journey?

 

Richy Glassberg  3:14

So I’m, look, I’m one of the very few people that’s been a publisher had a network had Ad Tech had an agency had I started as a kid at MTV did all the live shows and got into business, went to Turner Broadcasting early years of cable and why its formative was I was there when cable was fighting broadcast. And there was a ton of research around wide cable versus broadcast with all kinds of technical stuff in the reach and frequency, blah, blah, blah. And when I went to Turner about halfway through, I was lucky enough to get caught in a conference room with Ted with five other people. And we were asked to start cnn.com You’d have to understand it was 1995. There was Prodigy, there was CompuServe, AOL had just started sending out those discs to everybody’s mailbox. And you know, a lot of people you know, who were in big media companies like me, who were in this Vanguard that my peers said, Oh, you’re thrown away your career, you know, Harry Montreux in Atlanta, Scott Wolf, fool myself, Jimmy Mark Bernstein. And you know, Ted was tough. We all had to do a separate job. So we did this on the side. We launched cnn.com on August 31 1995. Then we started, you know, we started building it around the world, I was lucky enough to run it around the world for four years and run all the sales and revenue. And in that time, about 30 people got together at Halsey minor at CNET’s. Office. Then, we realized we needed an industry trade organization. So about 30 people, 35 people, the history is kind of cool. About eight of us got together as a steering committee and we founded in 1996, the Internet Advertising Bureau, I was lucky enough to serve as the vice chairman and originally Virgie, who is running espn.com and starway for the first six years, and it was important because we set a lot of the original standards in the industry, we set the original eight standard banner size As we set the actual spending because people didn’t believe that digital was a thing, the T’s and C’s, and a lot of cool stuff. I started the first premium ad network called phase two media with great timing in 1999, filed to go public in February of 2000. And the world turned in March of 2000. kept it alive for a while. Then I ran a couple of businesses for News Corp startups insider News Corp, then back to the the entrepreneur side with a company in San Francisco and then some very famous VCs foundry and chipper Fisher Gotham brought me in as the, you know, the CFO for a very famous CEO and the first mobile ad tech creative company, which we pivoted to be the first mobile ad server for all the holding companies, we ended up selling it to WPP, and I was the smallest subsidiary CEO of Martin Sorella, WPP, for a couple years, came out of that. And in 2018, I saw GDPR. And my personal feeling was that GDPR was a reaction to 15 years of programmatic advertising, we forgot the consumer. And my thesis was these laws were going to proliferate, and we were gonna get a ton of them. And when I looked at the IEP Factbook, in 2018, there was approximately 150 companies, not one of those companies was led by somebody from ad tech, not one. And I’m like, that’s not going to work. It’s not going to work at all. The ad tech ecosystem is so convoluted and so complex. And the relationships are so circular. I decided to start this company. And what we are is we built the TurboTax, a privacy compliance, I’m not a consultant, we love red clover. We’re not a law firm. We work with law firms and advisors. And we really built the TurboTax of privacy compliance as just a management platform for people. And that’s really where I came from that background in cable and digital, the industry background trying to fix stuff for the industry. And then ad tech. And that’s really my journey. The one other thing I’ll add is the thing I’m most proud of in my entire career. When I left cnn.com, which was run around the world, and I started Phase Two Media. One of my older sisters got sick with breast cancer, and she thankfully recovered. But a very famous woman named Dr. Marisa Weiss, who wrote the book Living Beyond Breast Cancer in Philly, had helped out my mom, my sister in our family. And after my sister got through it, Dr. Weiss said, Hey, you’re the internet expert, I wrote this book. And I have this idea for a website for women. And it was a terrible name. And you know, overnight tonight, and I helped her buy the name breastcancer.org. I served on the board for 22 years. And breast cancer.org is the number one site for women in the world informational site for women worldwide breast cancer, who served 23 million women last year. It’s the leading informational site for women’s breast cancer, it’s got information, peer reviewed on every possibility of breast cancer. And I think that’s the thing that I’m most proud of is that 23 million women around the world every year get this incredible help for free, which is what the promise of the internet was, and they have no idea who I am. So that’s my background.

 

Jodi Daniels  8:20  

I love that Richy, I had no idea. And I’m really glad that you added that. So thank you. And you also shared how at a really pivotal time, the double King at a pivotal time that you all banded together to create an industry organization — the IAB. And so let’s fast forward because right now your crystal ball of many different privacy laws has come to fruition and Safeguard and the IAB have partnered together in something at a also a really important time as it’s very complex, especially in the tech ecosystem to try and manage all the compliance requirements. So can you share the origin of the IAB digital? Oh my gosh, I cannot speak diligence platform. And SafeGuard Privacy is all the stuff we just keep in it’s all good. 

 

Richy Glassberg  9:20  

So in July last year, all the credit goes to Michael Hahn. So Michael Hahn is the GC of both the IB and the Ivy Tech Lab and I have not been involved with the IB and since 2001 because it became professional we hired a CEO, Greg Greg Stuart and then Randall Rothenberg and it’s now huge but it was volunteer the first six years. So Michael Hahn is the GC of the IBM tech lab. He does tremendous stuff in this industry. You know, there’s the LS pa which became the MSPA. There’s all this work that the IB does and Michael had been talking to to regulators, and he talks to them all the time. And last July around there Michael realized the risk that is inherent in all these laws. And I’m not a lawyer. But if you go back to GDPR, there’s this obligation. More specifically, there is the issue under CPRA, both in the law and the regs, that there’s an obligation to do a due diligence above and beyond your contractual relationship, which is the way stuff used to happen with all your counterparties in the past. And Justin, you can correct me if I do this wrong, you know, your reps and warranties protected you. But now the California regulators have said, you have to do this due diligence, or you lose the presumption of innocence. And that’s a big deal. So Michael pulled together was called the PRT committees. And the PRT committee was looking at diligence. And there’s two types. There’s legal diligence and technical diligence. And Michael, in the first call was talking to all these companies. And they said, Well, should we write it ourselves? So we built this company in 2019, is when we launched it. We built the vendor compliance through 2020, with Bank of America and with some others, and a bunch of the IRB members were already on the platform. And we had reimagined compliance. My co-founder, Wayne Mattis, my most famous privacy lawyer, lasted for two years. And he founded two huge privacy practices. And then he was the managing director of UBS. He was the senior lawyer in compliance for UBS globally and got them GDPR compliant. And what we built was a compliance platform. So a lot of people were using us. And in that first meeting, you know, the IB said, Should we write our own questionnaire? People said, well, let’s, why don’t you look at SafeGuard Privacy, because it’s standardized. And one of the things that came back from every company in the industry is that the biggest problem is everybody’s writing their own questionnaires. And those questionnaires become stale, they become repetitive, and they don’t cover the law they are for if you’re an automotive, you wrote it for you, if you’re a farmer, you wrote it for you. I’m not picking on anybody, but you know, industry specific stuff. And the publishers, the IAB members and the ad tech companies, were being inundated. A big publisher could get 50 RFI in a month. And a major platform could get to thousands. And then we’re all different, and they’re all on paper, or they were a spreadsheet or they’re a PDF, and it was impeding the industry from moving forward. So the IB was hearing that from the members and from the regulators. So then there was a whole nother eight months of subcommittees looking at everything in the marketplace. Did anybody else do this? Who was doing it? I mean, and our vendor compliance looks a little bit like GRC. But GRC is mostly InfoSec. And a lot of the GRC platforms are a mile wide and an inch deep and they don’t cover privacy. We’re now in a situation where it’s doubtful we’re gonna get a national law, I highly doubt it. And we’ve got what 1617 states, Nebraska, Maryland, we get another 20 this year, right? So we’re in a situation where we got to standardize things to do it. So long story interminable started Jody and Justin, the committee’s and it was 50 companies and 10 law firms went through any available thing out there and they all came back and said, Look, Safeguard privacy, the only agnostic company, I don’t sell any tools, right? I don’t have a cmp consent string. So I, everybody uses different tools. I’m the only person that’s agnostic out there. We’re the only company that covers every single law links them together. And we’re the only company that built something that’s auditable. And in the regs, they wrote the words it has to have audit, and you’d have to exercise your audit rights. So the IAB realized that we fit their pieces and they asked us would we create the IAB diligence platform in the IAB diligence platform is three things. It’s our state law assessment. It’s our automated standardized vendor compliance. And importantly, the thing I couldn’t do, and that is adding the questions of business questions. So outside the law, if you’re an advertiser, and you put your data into a major DSP, and you don’t win that auction, the question you want to ask is, Hey, did my first party data come out of your device graph because I didn’t win that. And those are the types of questions so those three things that three legged stool, state by state assessments that are all linkable, to make it easier to do the ability to ask vertical questions, and advertiser to a DSP and SSP to a DSP and advertiser to a publisher. And let’s say, you know, questions for a data company or location, and then the standardized vendor compliance. So it came together over since July of last year, it was announced January at the IB meeting. It was Jodi and Justin 50-60 companies and 10 law firms. It was a huge, very rigorous process. And I know this is your next question. This is for IRB members and non IRB members, Michael Hahn and David Kona, the IB did a great thing. This was built to help the industry. This wasn’t built just to help the IB. Because this was built to help ad agencies, clients, vendors, all different types of vendors. And it was really built to help the industry because if we can’t solve this problem, this legal liability is massive for everybody involved.

 

Jodi Daniels  15:31  

One of the pieces that I’d love for you to explain a little bit is the challenge, you have many companies all trying to assess the same vendors. So can you explain a little bit? Is it the vendor who’s going to answer kind of one time and then all the companies have access to their base of answers? What if I, as a company, want to ask something extra special? So can you elaborate? 

 

Richy Glassberg  15:54  

Great, great question, Jodi. So the whole point of this is to standardize. So obviously, on a podcast, we’re a privacy company, we have almost 500 companies on the platform already. It’s everybody who know, we can’t say the names of those companies publicly. We don’t believe in public shaming, there’s no public website, you can go look up UI and see a score and do Gotcha. That’s not the way anybody wants to work. If you’re a publisher, if you’re an ad tech company, if you’re whatever you are, you fill it out once and you share it multiple times. Jodi, you hit on the beauty of the platform, you can share this as many times as you want. For somebody participating in the platform, you got to be on the platform to do this. We do offer four hosts, which would be like an advertiser that can have a certain number of a specific question. So if you are in an industry where you want to ask five or so specific questions, you can ask that. So we’re trying to cut down the freelancing and have everything standardized. And Michael Hahn and the POD committees are still working today. So if you’re listening to this, and you’re in the ecosystem, join the POD committees because they’re setting up the standardized questions for, you know, advertiser to DSP, blah, blah, blah, those things, but you can, you can have individual questions, as long as they’re not repeating what’s been covered, because what the committee in the industry has chosen is that our questions are not they’re not sales questions. They cover all of our assessments, cover all the legal obligations of the law, in a very, you know, agnostic way so that a small publisher, a big publisher, an ad tech company, a location company, can answer the obligation of the law the appropriate way for that type of company. Does that make sense? Jodi?

 

Jodi Daniels  17:40  

Does make sense. And thank you very much.

 

Justin Daniels  17:43  

So for the benefit of our listeners, Richy, because I’m not an ad tech expert. Could you tell me what a DSP and an SSP is, because I’m admonished regularly on this show when I use acronyms, and so you’ve used a couple with which I’m not familiar. So please, if you can educate. 

 

Richy Glassberg  18:02  

So let’s talk about digital advertising. In the old days, a salesperson would go sell somebody ads on CNN, and it would show up on the air or ads on a radio station or CBS, whatever you want. In digital, what happened was programmatic advertising. Oh, 8070809 around there, people will argue about it all day long. So if I’m an advertiser or an ad agency, I can put my request and it’s something called a DSP. That’s a demand side platform. There’s — I don’t want to name names of companies on the — Jodi, I don’t think I should, but it was a couple of big public ones out there. All right. The biggest public one is trade desk. On the supply side, that demand side platform talks to a supply side. So the biggest public company, one is Magnate, those two pieces talk together. The supply side platform is hooked into thousands of publishers. The demand side platform is hooked into advertisers and agencies. And they mediate between the two. And they allow you Justin to buy an ad from Jody without ever knowing Jody, but you can do it through this interface. And you can pick demographics, you can pick actual email addresses, you can pick PII, you can pick non PII, you can pick contextual, you can set up your marketing buy in that demand side platform that then talks to supply side platforms. And that auction takes place between the two pieces. Does that make sense? Justin?

 

Justin Daniels  19:34  

It sounds like you’re describing a marketplace where the purchasers and sellers of advertising digitally can come together.

 

Richy Glassberg  19:42  

You shouldn’t be a CMO for the digital.

 

Jodi Daniels  19:46  

It’s actually a really good question, Justin because I find many times that people in the marketing departments understand all this privacy and many legal professionals who didn’t come from this universe or have spent time because they needed to don’ts and yet their marketing teams are doing things we have privacy laws that are focused on this ad tech piece. And trying to understand what this all is

 

Justin Daniels  20:09  

My point to our viewers, and Richy, thank you for taking the time to explain that is even though I’m no certain things, I don’t know others, and there’s no shame in asking someone, can you explain that to me? I’ve been in far too many conversations or whatnot, where people would rather continue not knowing something, then ask the question. So Richy, thank you for entertaining me, because I didn’t know what those terms were. Anytime.

 

Jodi Daniels  20:36  

And now you do. Richy, where would this process fit within a vendor management process that someone might already have? So I’m a company, I already have my vendor process. Now I have more assessments and questions, I want to ask, how do I blend these together? 

 

Richy Glassberg  20:54  

So modern software and built a lot of the biggest software and ad tech out there, it’s fully API driven. We can integrate into any GRC platform, there’s a major announcement coming of a big GRC platform that everybody in the private space knows is going to take our output into their GRC platform. You know, it’s we do privacy, we do privacy, and we do privacy to the obligations under the law, we can fit in to it depends on the company and the size, right? We fit into anybody’s tier CPRM, which is a third-party risk management Justin platform, we can API in or you can do any kind of manual pick. So someone could say, Hey, here’s my InfoSec. And then here fill out my safeguard privacy. So we’ve automated this as much as we can as modern SAS software to work with any company out there.

 

Jodi Daniels  21:52  

Many people listening, you mentioned I don’t have to be an IAB member to participate. Can you talk a little bit about maybe someone’s listening? I think this is really important. Which were sort of the business model to me. Am I the people completing the assessments paying? Are the people receiving the assessments also paying and how does the membership piece work?

 

Richy Glassberg  22:13  

Everybody pays to be on the platform. Okay, it says software, it’s an annual license, it’s a flat fee, we don’t, we try to make this as affordable as we could for everybody out there. It’s based on revenue. So for a small company, it’s totally affordable. Even for a big company, we’ve priced this at less than half the cost of an operation person, because we realized that the operation person and the lawyers filling this out, and we’re trying to make the market more efficient. So this is a very low cost platform that has no hidden fees, and no gotchas. And you can add 110 100 people on it cost you the same thing. So we’re making it very easy for everybody to get involved with the platform.

 

Jodi Daniels  22:52  

And to clarify, I might be the ad tech company who has to answer 400 Of these, and I participate in the platform. And the benefit to me is I don’t have to answer 400 times, and I pay my license fee. And then the company who has however many of these it has to send out and has to send and has to review, it has to do all these things, then I pay the license fee and have the benefit of having this all streamlined. And in being able to see it all on the platform. 

 

Richy Glassberg  23:17  

Look, our first product was just managing you. We were approached by the second largest bank in America at CES in 2020. And they explained the problem, and they’re using us to manage 4000 veterans. They’ve saved two and a half million dollars a year running on our platform because the amount of people and time and effort they’ve saved because it’s automated. We have, you know, tons of IAB members on the platform today and the average cost savings for IAB members over 80%. And a lot of that is personnel, you got to send these out, you got to send out a spreadsheet. And we’ve also reimagined it’s no more spreadsheets, no more email, and it’s secure. And Jodi, you said one thing that I want to follow up on. I am a publisher, I just don’t share it with people, I don’t know if you choose who you want to share it with. So this is a permission based system on both sides. And Justin, as you know, you don’t want to share it with somebody that you’re not doing business with. Right, you want to control your data. This is very, this is sensitive data. And there is no public shaming. There’s no place on our website where you’ll see a list of companies and their scores. None of that exists. Because we believe that companies will really only want to share when they can decide. Alright, I’m going to share with Jodi I’m going to share with Justin fans. Yep.

 

Justin Daniels  24:30  

So Richy, as I’ve listened to you talk about these areas and your history in this area. You know, obviously, you know in detail how ad tech works, but you’re also a person who is a consumer of ads or you have family members of that and as an ad tech veteran, given the you know, you’re an expert in the field, but you’re also someone who is just a person. Can you kind of talk to us a little bit about what your predictions are for the future of ad tech and privacy in the US? Kind of looking at here’s what I see what the laws but you know, what is the person? Maybe from a policy perspective, you might like to see X, Y or Z.

 

Richy Glassberg  25:14  

I think our industry is in for a world of hurt. I don’t think this is gonna be a fun two to three years. I think we forgot the consumer. And I think that’s why we have GDPR. I think we forgot the consumer. That’s why we have CPRA. Alastair MacTaggart will tell you how angry he was that data is being used. And they’ve written both ballot initiatives and the laws California privacy. I think that’s all pretty public. I think we screwed up. I think the inability to moderate our targeting and retargeting is a dire threat to our ecosystem. I think regulators reacted to consumers who were fed up with it. Look, I buy it. Look, I’m the biggest Amazon geek out there. And I Prime everything — you know, there’s a box every day, I buy the same pair of Merrill sneakers every five years after I wear them out, I went on the Amazon store, I bought them. It’s the best e-commerce company out there, I completed the purchase. I saw those sneakers for 30 days after that on every site out there. Now, let me replace that because the algorithm doesn’t know the difference between a pair of sneakers. And if I searched for depression, or if I searched for a medication, or I searched for anything that is sensitive. And the algorithm does not know AI is stupid. Let’s just say AI is not a human. Yeah, it can do great party tricks. You do great stuff. But that algorithm messed it up. And I think the regulators are trying to do the right thing. I think the failure is the unintended consequences of the regulators is they were trying to rein in the big platforms, and they made the big platforms, X percent stronger, they built the moats even higher, because if you’re a publisher, you can’t afford to do all the steps that the regulators made to go through. So I think that conundrum, to me, is that, you know, we’re gonna have a really bad two to three years for the ecosystem. Let’s talk about what it should be right? What should it be? I hate pop up boxes, that’s all, you know, that was internet 1998 pop ups and all that stuff. I hate consent boxes. You know, we have to rethink this whole thing, right? I give a lot of data to Google, because it’s a utility to me, it tells me where to go and told you in the store is open. And I freely give no data to social because I’m not really on social, but they don’t give me anything. Right. And I think we have to rethink just because I land on a page. I don’t need to see a consent box. I’m just reading the article. Have I interacted with it, maybe that. But we also have to think about what is life as a marketer? Do I need to have a lot of data for a CPG product? Probably not. For a high touch product. Let’s look at cars, right? The average person buys a car every three to four years. I don’t know what the number is today. I got a 10 year old Toyota pickup truck. I love the damn thing. I’m not in the market for a car. How about we come up with a process and an advertising world where I could signal? Hey, you know what, I’m picking up my head umpire car. So there’s auto intenders signals, you go build a card, some triggers are not anything. How about then I get consent? Hey, looks like you’re looking to buy a car? Can we share your data for the next 90 days or until you tell us to stop? Let’s think about this. Instead of saying, Hi, I’m putting a cookie here. And I’m going to do this with your cookie. Well what you can do with a cookie, the average consumer doesn’t know it. How about we get transparent how we get clear and say, Look, you know, advertising runs our site. I’m going to share your data with a bunch of different companies out there. And I’m going to delete your data in 30 days. If you come back to my site, it’s going to restart in 30 days. But if not, I’m not going to do that. And I think you know, it’s so scary to me. I think ad techs in a world of hurt. I think marketing isn’t a world to hurt. These laws are written for marketers, right? These laws are written for companies that have data on a consumer. So let’s call it what it is. Advertising is the biggest driver of GDP in the world, from the local subway shop person who owns that local subway, who you know what? They go and put 100 bucks on Facebook and they drive people to their subway. That’s value. Okay, two people selling a new Toyota pickup or whatever they’re doing. Advertising is the lifeblood of our economy. Advertising shouldn’t be demonized, but we’re screwing it up. We do this to ourselves. We forgot the consumer, we treat them like crap. And it’s a horrible position to be in. So short-term I’m really unhappy about advertise. I’m really unhappy about what’s going on long term. I think it’s going to force us to innovate and come up with new ways to do stuff because advertising an ad supported internet is the only reason why the internet is successful. So I don’t know if I answered your question Justin, I’m, I’m on one hand unhappy. And on the other hand, I think innovation is going to come as a force of change.

 

Justin Daniels  30:18  

Oh, no, I really thought your answer was interesting, because it got me to think differently. But here’s the other thing I wanted to ask you. So you’re talking about the ad tech space. And we talked a lot about this on the show lately is now you’ve and you mentioned that you have now artificial intelligence, which now weaponizes A lot of this stuff, and we’ve got the privacy laws that are proliferating. I just don’t know how the regulators are going to catch up before something AI related and could be in the advertising or other space doesn’t cause some real, unexpected bad consequence.

 

Richy Glassberg  30:54  

I agree with you, but we’re having unexpected bad consequences today. You know, you’re you’re, you know, it happens today. Excuse me. You know, just because you can mark it to somebody with data doesn’t mean you should. And that, right? I mean, guys, if you’ve got a, you got a CPG product, 99% of the people in the world wash their hair? Do you really need to have the demos on that? Come on, let’s just stop. But you’re a CMO, like, Well, I gotta have this first party. Let’s talk about first party data. First-party data, I think, is the most dangerous thing out there. Everyone’s like, oh, it’s the new golden all that. I’d be really careful. Do you have a high touch high consideration product? Yeah, first, party data matters a lot. If you’re selling. You know, my friend is one of the biggest chocolate companies out there. Everybody knows I’m a big freak for Reese’s Peanut Butter Cups. They don’t need to know who I am. I’m dropping to 19 in every gas station in America to buy a Reese’s cup. They don’t need to know me. Right? They need other data. They need store data, they need zip plus four, they need usage data and they need traffic. They need other stuff. And they’re doing a great job of doing that. But there’s too many people who are like, Oh, I gotta have Jodi’s name, what’s your email, I’m gonna put your you don’t need this stuff. It’s crazy. 

 

Jodi Daniels  32:13  

It is an interesting consequence, likely unintended with people trying to shift from cookies, we could talk about, you’re not really shifting, you’re just moving to different technologies. But then you’re also increasing on the first party side, which means you’re actually collecting more data, which means your exposure is higher and greater. And we could wait.

 

Richy Glassberg  32:38  

Wait till regulators figure out that they’re all just fingerprinting. It’s like, right, Jodi?

 

Jodi Daniels  32:43  

It’s creating a lot of conversations on server to server, you’ve just shifted it another direction. From one technology to another technology.

 

Justin Daniels  32:51  

Richie. I know what fingerprinting is. But what do you mean in the context of what you were saying?

 

Richy Glassberg  32:56  

So fingerprinting is everybody says, “Oh, my device graph, I’ve got to terminate and all this know that,” that what they’re doing is, you know, a fingerprint in real life, you know, should say that this is me. And that’s duty and your justice. In the technical world, they look at everything that you do on this device, sorry. There we go, not in the zoom, everything you do on this device. And they look at 100 to 200 different variables, how many apps you have what configuration, the app, what version of the software, your time clock is a big one, they don’t talk about that publicly, people use your time clock as a as a differentiator, there’s a slight difference on the settings of the time clock, all this stuff, and those are fingerprints. But in my world, the fingerprint shouldn’t change on the phone, the fingerprint is going to change a lot. So you know, a lot of the work in the back end and these device graphs is looking at the changes on that device. They’re looking at everything on your device, I’ve got two computers in front of me two screens, I got an iPad, I got a phone, they’re looking at the IP address, they’re looking at, you know, things that are associated if they got my email, and they’re taking these 100 different points, and they’re creating a fingerprint of who I am in the device crowd. And that’s pretty bad. Right? You can’t get out of that. By the way, you want a crazy one, what’s gonna happen in 2026, when California has the Delete, and every data broker, it’s got to flow downstream. I think the next two to three years are going to be just a world of hurt. And it’s not just ad tech. It’s the entire advertising ecosystem. Digital’s now 275 billion a year in television 60 in the United States it flip flop from when I was a kid to now.

 

Jodi Daniels  34:42  

Well, we could talk about this all show but instead we might just have to have you for a part two. Let’s ask knowing why. You know, what is your best personal privacy tip we ask everyone who comes on the show. 

 

Richy Glassberg  34:57  

Alright, manager settings, turn off. Turn off tracking everywhere you can, if it’s utility, you get value of gain, I give Google everything. They tell me where to go, how to get there, I love it. I give them everything. And I freely know they’re telling me all my data, but it’s a utility and I get a lot from it. Make a choice, right? Um, you know, have at it. If it’s something you’re just consuming, give them nothing. I give no click, I turn off tracking on everything I can. My airline app doesn’t need to have tracking on me. Google does because I need Google Maps. I don’t think I have tracking on for apps. You know, it’s crazy. It’s just manager settings, you can turn off tracking, do your stuff. If you get a value of it, share if you don’t get a value. Don’t give him anything, give him the highest.

 

Justin Daniels  35:43  

I give him the Heisman. You know, it’s funny you say that, Richie, because I tried to turn off the geolocation on my phone. And if you do that, you can’t use Google Maps. 

 

Jodi Daniels  35:55  

So app by app, I know.

 

Richy Glassberg  35:57  

It can be adjusted, right? I mean, there are some things you have to give up. Your phone has to have that for cells and all that. So there is a cost of doing business, like having this in your pocket is a very different thing than it used to be. Right? I totally get it. You just it’s a risk reward thing. That makes sense.

 

Justin Daniels  36:17  

Basically what you’re saying, Richie, is you have a value analysis where you are valuing what you are getting in return for sharing your information, and Google is giving you value. Other people are not so why should you share anything? 

 

Richy Glassberg  36:32  

Look, I use the wire cutter, The New York Times — I love it. I’m like addicted to it, I look for everything, oh, I’m gonna buy that or no. And when they have different things, if there’s Amazon, or let’s call just a big box store or something else, just go to Amazon, because I trust Amazon to have my credit cards that have my addresses. And do I really want to go checkout at another place where it’s checkout as a guest, I can put in my address, I don’t want to put in my address 20 times, I hate do the same thing. I hate that. You know, and then a really cool, you know, a cyber expert told me that I had had for a couple of those systems that Szell, which is run by the banks, but like Venmo and PayPal, I had a credit card in there. But I also had my bank account. And they told me that and I didn’t know this, that a credit card, you’re protected on theft, but a bank account, if that gets hacked, there isn’t the same protections. So I took off for Venmo and PayPal my bank account, because you could get wiped out. So somebody else gave me that tip. Let your listeners know if I got that right or not. Maybe I was wrong. But this very important security person told me that so that’s why I did that. I try to minimize things where I have any connection to my credit cards. I love Apple wallet, because that’s more secure. Right? So you just be it’s a value exchange. Justin, you said it great.

 

Justin Daniels  37:51  

So, Richie, when you’re not being an ad tech expert, or eating compelled to fish, what do you like to do for fun?

 

Richy Glassberg  37:59  

Everybody who knows me, I am a huge dog person, I had to get the dogs out of the office because if they were here, one of them who would be on this couch, biting my elbow. So I’m a huge dog person. My best friend in the world, my wife and I just bought a you know, a smaller place now that the evil spawn number one is 26. And number two is 24. And we’re doing a lot of we moved farther away for a bit of land and we’re doing a lot of gardening and we do a lot of metal restoration, which a lot of fun. I read a lot. It’s funny. I’ve been in television since like day five, I really don’t watch TV or not. There’s not many shows I watch. I don’t know that people say Did you see this? I’m like, yeah, not only I didn’t watch, sorry about that. And I’ve been doing martial arts for 30 years.

 

Jodi Daniels  38:51  

And Richy. If people would like to connect and learn more, where should they go?

 

Richy Glassberg  38:55  

They should go to www.safeguardprivacy.com by LinkedIn, I’m just Richy@safeguardprivacy.com I am probably one of the most findable people out there. And you know what we, I think I built this company because I think companies want to do the right thing. And I’m trying to help companies and the industry do the right thing. Because advertising is marketing. It’s the lifeblood of companies. And it’s the lifeblood of the free internet. And if we don’t support the Free Internet, and we can’t figure out it may work. I’m very afraid it’ll be a very dark world if we don’t have, you know, great journalism, great news, information, whatever you love, everybody has a passion. And there should be the ability to to find that passion and find great information. That’s the whole idea about breast cancer data work, that it is peer reviewed great information available to women around the world for free. And I think there’s a lot of great things like that out there. I just use that as an example. And I think we have to do our best to make it a safe world out there to use the positive of the internet. 

 

Jodi Daniels  40:08  

Well, Richy, thank you for sharing your thoughts. Thank you for all you do for breastcancer.org. Thank you for joining us today, and

 

Justin Daniels  40:15  

We appreciate it. Great. 

 

Richy Glassberg  40:18  

Thank you very much for having me. I really had a lot of fun. Even though I did not have a smoothie, I would have loved this.

 

Jodi Daniels  40:24  

Well, you know, I’ll just try and send you some Reese’s Pieces and stuff.

 

Richy Glassberg  40:29  

Thank you guys. Great to meet you.

 

Outro  40:35  

Thanks for listening to the She Said Privacy/He Said Security Podcast. If you haven’t already, be sure to click Subscribe to get future episodes and check us out on LinkedIn. See you next time.