Behavioral Targeting: A Regulatory Nightmare
So now that I have given you a little background on Behavioral Targeting/Advertising (with the help of some comments from friends – thanks guys!), I think it is important to inform you on what regulations are currently in place and what further regulations are being proposed.
There has been much discussion in the industry and in government regulatory commissions about consumer’s privacy in regards to behavioral targeting. Many feel as though this sort of behavioral tracking is an invasion of a web user’s privacy because they have not expressly consented to having their online activity tracked. Other’s claim that because the cookies track only nonpersonally identifiable information that there is no breach of a consumer’s privacy.
During the last decade, the online advertising industry has attempted to proactively ease consumer’s privacy encroachment fears. In addition to the Network Advertising Initiative’s (NAI) self regulatory principles, the Internet Advertising Bureau (IAB) submitted new interactive advertising privacy guidelines to the Federal Trade Commission that are designed to ensure users’ control over the use of personal information by interactive media and advertisers while at the same time guaranteeing continued improvement in the delivery of relevant marketing communications to consumers.
Most Advertising Networks adhere to the IAB’s guidelines in addition to being a member of the NAI. While these networks are in the business of making money serving relevant and targeted ads to consumers, they also know that if they were to aggressively collect consumer’s data and use it in ways the consumer finds invasive there would be a massive outrage against all forms of online advertising. Therefore, these Ad Networks have tried to straddle line between serving relevant ads and not being invasive in so doing.
But some don’t believe that these networks are doing enough to protect the consumer’s privacy. Namely, one Assemblyman from New York, Richard Brodsky. Mr. Brodsky proposed bill, Third Party Internet Advertising Consumers’ Bill of Rights (A. 9275), imposes a host of requirements on companies that monitor Web-surfing activity for marketing purposes. The most significant include the mandate that companies that use cookies to track people across the Web tell users about the practice and give them an opportunity to opt-out.
The bill is largely penned on a 7 year old voluntary standards initiative put in place by the Network Advertising Initiative (NAI). The guidelines, which many of the industry’s biggest players are a part of, prohibit Network Advertisers from merging personally identifiable information (name, age, address, etc) with nonpersonal identifiable information (IP address, sites you’ve visited, etc) without prior affirmative consent (opt-in). The collecting of nonpersonal information is widely used in the industry by many Online Ad Networks through the use of cookie based tracking, called behavioral targeting.
Proponents of the bill are calling for increased consumer notice standards to be put in place. Namely, advertisers would first have to obtain a consumer’s expressed affirmative consent (opt-in) prior to the ad network being able to collect personally identifiable information. Additionally, it asks that all ad networks require the sites they serve to include notice and opt out options.
Opponents of the bill argue that ad networks that belong to the NAI already promise to adhere to the law’s key portions and that a state-by-state approach to behavioral targeting would create huge implementation problems for online ad companies because it’s not always possible to know what state Web users are in when they log on. The better course of action would be to bring deceptive and unfair trade practices actions against companies who promise to do something and fail to do it.
It shouldn’t be too hard to figure out where I might stand on this issue… but if you care to find out for sure, I suggest you checking back tomorrow.
June 4th, 2008 at 8:03 am
Kat thanks for this thought provoking entry; it immediately made me think of what I would find acceptable in terms of tracking my online behavior.
After some though I find that the concept is fine with me, in fact I’d rather the banners and what not on the web serve a purpose and be relevant to things I might actually want to click on. Though I’d like to see some type of standard or limitation on cookie duration. Perhaps one cookie a 24 hour period that has a 15 day duration, providing a rolling 2 week trail.
As far as opt in or opt out, I’m not particularly worried about that so long as there is transparency to what is being tracked. In other words I want to be able to navigate to a specific web page that reads the cookies stored information for me in a nice table so I can see what is being reported. Nothing fancy with accounts and logins just a page that reads the local cookies used for the tracking stored by the browser I’m viewing the URL with.
Additionally if this type of marketing is going to be useful to me I need the tracking to be weighted by category. If I go to many sites about widgets, a few sites about doohickeys, and one site about thing-a-ma-bobs then I want the ads served to me to be mostly about widgets, thats where my current interest is. Understandably this might be more difficult than it sounds because the Agency serving the ads may not be working with any widget sellers but, in a category hierarchy they should be able to provide some type of relevant linkage for me.
I can’t wait to hear your thoughts on the idea and technology in your next post!