The flaws in Google's Report on Third Party Click Fraud Auditing
On the other hand, Google is still looking at the issue in a very misguided, naive fashion. They are attempting to place counter-blame against the blame laid on them. Their AdWords Blog touts their Report on Third-Party Click Fraud Auditing as "troubling findings".
Well, the scenarios that Google's engineers propose for explaining what they call "fictitious clicks" are certainly plausible. However, they fail to make the case that their scenarios are the only plausible explanations for these clicks. So Google is in no better position than the third-party auditors, which means that advertisors are left in the middle, asking who is right. The most definitive argument Google presents in its report is the statement:
Correctly determining that the latter events are not
caused by a Google ad click and are the result of subsequent user browsing behavior requires a more complex analysis. For example, advertisers could possibly analyze their logs to realize a user came from Google, went deeper in their site, and their subsequent request for the homepage is likely the result of user hitting the back button on their browser.
"likely"? Likely based on what statistics of user behavior? I can tell you that I sometimes hit the back button and sometimes I reload a page manually by trimming the URLs, and sometimes I go back to a search engine and rerun the search (yes, to find the same site again).
But click fraud is supposed to be big business for some people. If you're going to write a script to click on ads for yourself, you may get as sophisticated and convoluted as the technology permits or you may be very simplistic or you may fall somewhere in-between. Without access to the clicking technology itself, both Google and the third-party auditors are guessing at what is happening.
Has Google proven that fictitious clicks can occur? Yes. Have they proven that all server logs containing the data they analyze are documenting fictitious clicks? No.
They go on to question the validity of AdWatcher's deductive reasoning:
Therefore, in addition to inflating click counts similar to the previous page reload sequence, AdWatcher also attributes ad clicks on other ad networks such as Yahoo, and ad clicks on other advertisers in the number of fraudulent clicks that it reports to an advertiser. So it is not uncommon for a single Google ad click to be portrayed as tens of fraudulent events.
Okay, what the report has identified is an arbitrary decision by AdWatcher to label a collection of clicks across advertising networks as fraudulent (or potentially fraudulent) if they exceed a threshold. Google objects that AdWatcher is misreporting all those clicks as clicks only on Google's ads.
While this is a legitimate concern, they fail to document how AdWatcher actually accounts for the suspicious activity in their reports. Appendix B includes an AdWatcher case study. Google makes a great case for the third party auditors over-reporting click activity when compared to Google's logs. But there is a disconnect between Google's earlier claim and the data they present in the case study.
That is, Google says, "We reported and charged for X clicks but the service reported X+Y clicks that we never sent through". They have made the case for sloppy accounting on the third party auditors' part. That is unquestionable. But they aren't backing up all their assertions with a clear path from point A to point B.
Have they made the case for the accuracy of their own click fraud detection? No.
What would have helped this report would have been relevant excerpts from advertiser server logs (even with IP addresses and keywords blotted out). It would also have helped for Google to reveal data from their own logs.
Instead, they summarize data without showing that their own accounting is valid. This kind of sloppy record keeping doesn't make a convincing case for the core question: is Google accurately identifying and discarding a significant percentage of fraudulent clicks?
We still don't know.