Every time you load a webpage, an invisible auction takes place in milliseconds. Your browsing history, location, age, income bracket, and hundreds of other data points are broadcast to dozens of advertising companies competing to show you an ad. This is the ad tech ecosystem — a multi-billion-dollar industry built on harvesting and monetizing your personal data. Here's how it works and what you can do to protect yourself.
What Is Ad Tech and How Does It Work?
Ad tech — short for advertising technology — is the collection of platforms, tools, and data systems that power digital advertising. The infrastructure behind online ads is a surveillance network that tracks, profiles, and trades your personal information at scale. The ecosystem includes several key components:
- Demand-side platforms (DSPs): Tools that advertisers use to buy ad space. Major DSPs include Google's DV360, The Trade Desk, and Amazon DSP.
- Supply-side platforms (SSPs): Tools that publishers (websites and apps) use to sell their ad inventory. Examples include Google Ad Manager, Magnite, and PubMatic.
- Data management platforms (DMPs): Systems that collect, organize, and sell audience data. Companies like Oracle Data Cloud, Lotame, and LiveRamp operate in this space.
- Ad exchanges: Digital marketplaces where ad inventory is bought and sold in real time.
How Real-Time Bidding Broadcasts Your Data
Real-time bidding (RTB) is the mechanism at the heart of most online advertising. When you visit a website that displays ads, here's what happens in roughly 100 milliseconds:
- The website sends a "bid request" to an ad exchange, containing data about you — your IP address, device type, browsing history, location, and any audience segments you've been placed in.
- The ad exchange broadcasts this bid request to dozens or hundreds of potential advertisers simultaneously.
- Each advertiser's system evaluates your profile and decides how much to bid to show you their ad.
- The highest bidder wins, and their ad is displayed on the page.
Your Data Is Broadcast Even When No Ad Is Shown
The privacy risk of RTB isn't just the winning bidder seeing your data. Every company that receives the bid request — including the ones that don't win the auction — gets access to your personal information. Industry research has found that a single user's data can be broadcast hundreds of billions of times per year across the RTB ecosystem. Once your data is in a bid request, there's no practical way to control what recipients do with it.
The Major Players in Ad Tech
A handful of companies dominate the ad tech landscape:
- Google (DV360 / Google Ads): Operates the largest ad network in the world, spanning search, YouTube, Gmail, Android, and millions of partner websites.
- Meta (Facebook / Instagram): Tracks users across its apps and the web through the Meta Pixel, embedded on millions of websites.
- The Trade Desk: One of the largest independent DSPs, processing trillions of ad impressions annually.
- LiveRamp: Links your offline identity (name, address, purchase history) to your online activity, enabling cross-device ad targeting.
- Oracle Data Cloud: Aggregates data from thousands of sources to build consumer profiles for ad targeting.
- Amazon Advertising: Leverages purchase data to target ads on Amazon properties and across the web.
What Data Does Ad Tech Collect About You?
The breadth of data flowing through ad tech systems is staggering:
- Browsing history: Every website you visit and product you view, tracked through cookies, pixels, and scripts.
- Location data: Your GPS coordinates and movement patterns, often collected through mobile apps and location data brokers.
- Purchase history: Online and offline purchases, gathered through loyalty programs, credit card data, and retail partnerships.
- Demographics: Age, gender, income, education, marital status, and household composition — sourced from data brokers and public records.
- Health and financial interests: Inferred from browsing behavior and search queries. Visiting a diabetes resource site can place you in sensitive audience segments.
- Device and app data: Your phone model, installed apps, advertising ID, and unique device identifiers.
Skip the manual opt-outs
One opt-out won't stop them — brokers relist your data. PrivacyOn removes your info from 100+ sites and keeps it removed.
Start your free scanHow to Protect Yourself From Ad Tech Tracking
1. Use Industry Opt-Out Tools
Industry organizations offer tools to opt out of targeted advertising from member companies:
- Digital Advertising Alliance (DAA): Visit YourAdChoices.com (optout.aboutads.info) to opt out of interest-based advertising from over 100 participating companies.
- Network Advertising Initiative (NAI): Visit optout.networkadvertising.org for guidance on opting out of NAI member companies individually.
- Your Online Choices (EU): European users can visit youronlinechoices.eu to manage ad preferences for participating companies.
Opt-Out Limitations
Industry opt-out tools stop ad personalization but do not stop data collection. Companies may still gather your data for analytics and measurement. These tools rely on opt-out cookies, which are lost if you clear your browser cookies.
2. Adjust Google Ad Settings
Google is the single largest player in ad tech, so limiting its data collection is a high-impact step:
- Visit myaccount.google.com/data-and-privacy
- Navigate to My Ad Center and turn off Personalized Ads
- Under Activity Controls, pause or disable:
- Web & App Activity — stops Google from logging your searches and app usage
- Location History — prevents Google from recording your movements
- YouTube History — stops video watch history from being used for ad targeting
- Periodically review and delete your stored activity data using Google's auto-delete controls
3. Enable Global Privacy Control (GPC)
Global Privacy Control is a browser signal that tells websites you do not want your data sold or shared. Unlike "Do Not Track," GPC has legal backing — at least 10 U.S. states require websites to honor GPC signals.
- Firefox: GPC is enabled by default in Firefox's privacy settings
- Brave: GPC is enabled by default
- Chrome: Install an extension like Privacy Badger or OptMeowt to send the GPC signal
4. Disable Third-Party Cookies
Third-party cookies are a primary mechanism ad tech companies use to track you across websites:
- Firefox: Go to Settings > Privacy & Security > Enhanced Tracking Protection, and select Strict
- Chrome: Go to Settings > Privacy and Security > Third-party cookies, and select Block third-party cookies
- Safari: Third-party cookies are blocked by default through Intelligent Tracking Prevention
5. Install Privacy Extensions
Browser extensions block tracking scripts before they load:
- uBlock Origin: The most effective tracker and ad blocker available, blocking known tracking scripts and ad network requests using regularly updated filter lists.
- Privacy Badger (EFF): Automatically learns to block invisible trackers and sends the GPC signal on your behalf.
6. Manage Mobile Ad Tracking
Your smartphone's advertising ID lets apps and ad networks track your behavior across different apps and link it to your advertising profile.
- Apple (iOS): Apple's App Tracking Transparency (ATT) requires apps to ask permission before tracking. Go to Settings > Privacy & Security > Tracking and disable Allow Apps to Request to Track.
- Android: Go to Settings > Privacy > Ads and select Delete advertising ID (Android 12+). On older versions, use Opt out of Ads Personalization and periodically reset your advertising ID.
7. Switch to a Privacy-Focused Browser
Your browser choice significantly impacts how much data ad tech companies can collect:
- Brave: Blocks ads and trackers by default, randomizes fingerprint data, and includes built-in GPC support.
- Firefox with Enhanced Tracking Protection: In Strict mode, blocks social media trackers, cross-site cookies, fingerprinters, and cryptominers.
- DuckDuckGo Browser: Blocks hidden trackers, forces encrypted connections, and includes a tracker radar that identifies ad tech scripts.
The Data Broker Connection
A critical part of the ad tech pipeline is the network of data brokers that feed personal information into the advertising ecosystem. Here's how the supply chain works:
- Data brokers collect your information from public records, loyalty programs, purchase data, social media, and dozens of other sources.
- They package this data into audience segments — "homeowners aged 35-44 with household income over $100K" or "recently divorced" or "diabetes interest."
- Ad tech platforms purchase or integrate this data to enrich their targeting capabilities. LiveRamp, for example, specializes in connecting offline data broker records with online identifiers, enabling advertisers to target you based on your real-world behavior.
- Advertisers use these enriched profiles to bid on ad impressions through RTB, completing the cycle.
This means that even if you block every cookie and install every privacy extension, your data may already be circulating through broker databases and feeding the ad tech machine.
Cut Off the Supply Chain With PrivacyOn
The most effective way to disrupt ad tech tracking is to attack the problem at its source: the data brokers that supply your personal information to advertising platforms.
PrivacyOn removes your personal data from over 100 data broker and people-search sites — the same companies that sell your name, address, phone number, and demographic details to ad tech platforms. By eliminating your profiles from these databases, PrivacyOn cuts off a major source of the data that advertisers use to target and profile you.
Browser-level protections are essential for stopping future tracking, but PrivacyOn addresses the data that's already out there. Combined with the browser and device settings outlined above, PrivacyOn's continuous monitoring and automated removal requests provide a comprehensive defense against the ad tech industry's data machine.