"When will the *real* working (not big, just real) advertiser community be heard on this issue? Yes, click fraud is an issue. Google has reported they are filtering and combating it more than ever before. So now I suppose we may be arguing about accuracy in numbers. The "security community" can yell all it wants, but we have a job to do here, and this situation was far worse in Bubble 1."
I gave a response, which I doubt will get a reply. My POV, as you probably know, is based primarily on a technological assessment of how PPC advertising works:
"I guess since I come from more of a technical than business background, I tend to take a dim view of arguments that attempt to rationalize the design defects of a system on the grounds that a lot of people are still getting good ROI. Sure, you'll get good ROI as compared to overpriced traditional media. But what happens when traditional media drops its prices, or apples-to-apples comparisons are made among online advertisers?"
I tend to think of this issue in terms of, say, how it might be assessed if it was assigned in 6.033 (computer systems engineering) as a paper to critique or a design project. Perhaps I'm wrong, but I have a feeling that if I handed in a critique or design to Jerry Saltzer featuring arguments that PPC advertising was superior to any other type of online advertising based primarily on ROI from (real) advertisers, I would not get a good grade. And it wasn't as if economic considerations were not an issue in the class; systems were critiqued based on multiple POV: economic and social as well as technological.
So now I'm wondering what would happen if there were a debate between Saltzer or perhaps Jeff Schiller, another MIT security expert (who was my recitation instructor for the 6.001 of my day) and Shuman Ghosemajumder (who as I mentioned earlier has an MBA from the Sloan school). It's not as if such a debate could never happen. But if it did, would there be an opportunity for sharing and learning, which might result in changes to PPC advertising that improved the situation for everyone? Or would both camps remain entrenched in their positions? And if PPC advertising continues to make a lot of money, does this change the way that a system with security flaws should be assessed?
So in answer to my question, perhaps it's like asking what happens if a tree falls in the forest but no one is there to hear it. (At least until someone shows up and notices that too many irreplaceable trees have fallen.)