Speaker profile: Max Bleyleben, SuperAwesome





170 000 kids go online for the first time every day. Most of them do it to watch videos, typically on YouTube – many of the most popular YouTube channels are aimed at younger audiences. They also watch ads, read comments and create content of their own. 

SuperAwesome, one of the fastest growing companies in Europe, provides ”kid-safe” tools that help content creators and advertisers communicate with half a billion children every month. 

These tools, used by customers such as Activision, Hasbro and Nintendo, include AwesomeAds, an advertising platform, PopJam, social content tools for engagement with children and Kids Web Services, developer tools and a compliance platform for creating kid-safe apps and sites. SuperAwesome has also launched Kidfluencer YouTube Network, a program with best practices, standards and certifications for YouTubers with young audiences.

The idea is to build a ”Zero Data Internet”, and to outperform other platforms while guaranteeing privacy compliance, the latter being achieved through contextual advertising and a mix of machine learning-based and manual reviewing of content.

Max Bleyleben, Managing Director and CPO, will give a keynote speech on ad tech and children at Nordic Privacy Arena (Stockholm 12-13 November 2018).

Bleyleben helped scaling high-growth tech companies during the first Internet boom. He has since worked as an investor focusing on Internet companies, and co-founded Beamly, a social TV platform backed by Viacom, Comcast and Sky.

– I joined SuperAwesome in January 2015 with a specific remit to scale the business globally.  I was excited by the market opportunity – there had been so little investment in making the Internet appropriate for kids, even though they are its fastest-growing user segment, says Bleyleben.

– With kids’ linear TV in continuing decline, brands are having to shift more of their marketing budgets to digital, and yet there are few large-scale, compliant options for them to do so. SuperAwesome was then the leading engagement platform for brands and content owners to interact with kids online at scale, and fully in compliance with data privacy laws.

How does contextual advertising work, and what is ”Zero Data”?

– ‘Zero-data’ is what we call it when brands engage with kids through our platform.  In fact, we believe all kids’ digital content and advertising should be ‘zero-data’. This means delivering content, enabling engagement, and delivering advertising without collecting any personal information.

– It is simply not necessary to collect IP addresses, device IDs, geo-location and similar data to engage meaningfully with kids online. But all the existing internet platforms collect this data as a matter of course. In fact, we estimate that by the time children are 12 years old some 72m data points about them will have been collected and stored and used to create targetable profiles. We aim to change that by building the zero-data Internet.

– Contextual advertising, without profile-based targeting, is extremely effective in the kids’ market.  This is because kids use the Internet in a fundamentally different way than adults. Kids go straight to the site or app they want, and stay there until the iPad is pulled from their hands. There is no need to follow them around. The way to find the kids’ audience online is to understand their likes, current trends, the hottest games, etc. Our system builds highly accurate contextual audiences for our clients from a deep understanding of the best kids’ publishers. This approach to targeting yields incredible performance in kids’ digital engagement.

What is your position on the ”age limits” for consent? Are platforms doing enough to verify identities (or rather, ages)?

– We believe that zero-data should be the standard for all kids and teens digital services.  It has less to do with a child’s ability to give consent, and more to do with simply protecting the privacy of people as long as possible. Today the most commonly used kids’ platforms – social media – are not doing enough to verify age and apply the right standard. They are fully aware of the kids on their platform and could do a lot more to protect them, for example, by switching off profile data collection on channels or pages that obviously carry kids’ content.

– For that we don’t even need fancy new age verification technologies, adds Bleyleben.

– But it does require the social media platforms to acknowledge that they have some understanding of the content they distribute.

How does one explain the ramifications of agreeing to processing of personal data to a teenager?

– How do you explain them effectively to an adult?  Very poorly at the moment. We all need to get better at explaining and – ideally – at reducing the amount of data processing to an absolute minimum, as GDPR and GDPR-K require.

In your view, have the intentions behind the data protection reform been realized?

– Not yet, but we can see many organisations making a strong effort to comply with GDPR-K.  We have seen a significant increase in interest in learning about the zero-data Internet, and in our solutions to enable compliant engagement with kids.  There remain many gaps, including more guidance required from regulators on, for example, the definition of a ‘child-directed’ service; or on what age verification approaches are acceptable in light of the data minimisation principle; among others.

– But what gives me optimism is that nearly everyone in the kids’ industry is aware of the principles underlying GDPR-K, and that is generating a different approach to building kids’ services – with data minimisation as a baseline.

You’re reviewing content both manually and with AI. How advanced have algorithms become? And on the flipside, is it possible for big companies to review to stay compliant with the GDPR without ML-based tools?

– Content moderation remains a big challenge for kids’ digital services. GDPR-K does not really affect it either way, at least until its provisions reduce the exposure of kids to adult platforms.

– Moderation can’t ever rely on technology alone, even with the best AI. This is because effective moderation is not just about eliminating inappropriate content.  Effective moderation requires community management – creating and developing and promoting healthy communities, where people interact in an appropriate manner. All our moderated platforms use a combination of AI-based tools to eliminate inappropriate content, flag risk factors, and help build trust scores for users, and human moderators and community managers who are present and active in the kids’ community to promote good behaviour.  Only this combined approach is ultimately effective.

What do you think about Facebook’s and Google’s practices when it comes to advertising, profiling and tracking? Is the data protection reform enough, or do you expect further reforms?

– In theory, the principles and provisions of GDPR-K should be sufficient to protect kids from the practices of the large internet platforms.  In practice, so far, they have been insufficient because the platforms’ approach seems to be to comply with only the minimum requirements as interpreted by them, which flouts many of the principles.

– If GDPR-K were properly observed, these platforms would switch off user profiling and personal data collection on content which they know to be consumed by kids. And they would invest in and innovate around improved age verification for the portions of their services which are meant to be for over-13s only.   We have yet to see significant efforts by them to put GDPR-K into practice, and I would expect the outcome of civil lawsuits or regulator investigations to help crystallise this issue.


Fredrik Svärd
Secretary-General, The Swedish Data Protection Forum