An anonymous reader writes: Google's new advertising product, called Customer Match, lets advertisers upload their customer and promotional email address lists into AdWords. The new targeting capability extends beyond search to include both YouTube Trueview ads and the newly launched native ads in Gmail.
Customer Match marks the first time Google has allowed advertisers to target ads against customer-owned data in Adwords. Google matches the email addresses against those of signed-in users on Google. Individual addresses are hashed and are supposedly anonymized. Advertisers will be able to set bids and create ads specifically geared to audiences built from their email lists.
This new functionality seems to make de-anonymization of google's supposedly proprietary customer data just a hop, skip and jump away. If you can specify the list of addresses that get served an ad, and the criteria like what search terms will trigger that ad, you can detect if and when your target searches for specific terms. For example, create an email list that contains your target and 100 invalid email addresses that no one uses (just in case google gets wise to single-entry email lists). Then apply that list to searches for the word "herpes" — set the bid crazy high, like $100 and you are guaranteed to find out if your target searches for herpes which would be a strong indicator that they have herpes. Repeat as necessary for as many keywords and as many email addresses that you wish to monitor.