Most people think advertising online works by matching a page to a banner. In reality, adtech often works more like a broadcast system. Real-time bidding sends bid requests that can contain information about the page, device, context, and user profile to a large ecosystem of intermediaries who decide whether to bid on that impression.
The scale is what makes the system hard to ignore. The Irish Council for Civil Liberties reported in 2022 that the average person’s data was broadcast 747 times a day in the United States and 376 times a day in Europe. The UK ICO said one ad impression can involve distribution to hundreds of organizations. That is not a tidy one-to-one data exchange. It is repeated mass exposure.
Even consent frameworks do not necessarily make the scale intuitive. IAB Europe’s vendor list ran to hundreds of vendors — ICCL cited 856 on the Global Vendor List in 2022. That gives consumers a better picture of what “accept” can mean in practice: not one trusted publisher, but a sprawling marketplace of downstream actors.
For privacy products, RTB is a useful case study because it shows that the risk is not only what a website knows. It is also what a whole market can infer and pass along once the request leaves the page. That is where collection becomes circulation.
The practical privacy lesson is that users need tools that reduce what is visible, not just what is stored locally. Blocking some trackers helps. So does weakening identifiers and making high-risk activity legible in real time. A privacy defense layer should be built for systems that share data at industrial scale.
Cloak should explain RTB clearly because it gives people a concrete answer to a common question: why does privacy still feel out of reach even when I am careful? Part of the answer is that the system is built to distribute information faster and wider than any one person can manually control.