Polls show that Internet users – even the young and hip, who grew up surfing the web and sharing their lives on Facebook and MySpace – care about online privacy. Yet how many of us leap from tab to tab, email to email, site to site without a care, little noticing the strikingly “relevant” ads that follow?
Enough to worry Rep. Edward Markey, D-Mass., and his colleagues on the House Committee on Energy and Commerce. Its four leaders sent letters to 33 Internet and cable firms Aug. 1 demanding information about how they track information – and what they do with it.
Many of the responses have come in now – 25 of them were posted on the committee’s website as of last night – and the congressional inquiry itself has prompted Google and Yahoo to announce new user opt-out procedures.
Whether those changes (and new rhetoric expressing the companies’ concern for users’ privacy) will ward off government interest in further regulation is anyone’s guess; the industry, naturally, prefers self-regulation. But whatever Congress eventually decides, its hearings and demand letters are already raising the public’s consciousness and knowledge level about current and future threats to what’s left of Internet privacy.
‘The new frontier of advertising’
“Even some in the government admit that they do not have a clear grasp of what companies are able to do with the wealth of data now available to them,” wrote Stephanie Clifford in the New York Times, who quoted Steven A. Hetcher, a professor at Vanderbilt University Law School: “That is why Congress, at this point, is wanting to gather a lot more information, because no one knows. That information is incredibly valuable; it’s the new frontier of advertising.”
Clifford added that, “Beyond the data question, there are issues of how companies should tell browsers that their information is being tracked, which area of law covers this and what – if anything – proper regulation would look like.”
Ellen Nakashima laid out a bit of what Congress has learned from responses to its letters in today’s Washington Post:
“Several Internet and broadband companies have acknowledged using targeted-advertising technology without explicitly informing customers. … And Google, the leading online advertiser, stated that it has begun using Internet tracking technology that enables it to more precisely follow Web-surfing behavior across affiliated sites. …
“Google, in its letter … stressed that it did not engage in potentially the most invasive of technologies – deep packet inspection, which companies such as NebuAd have tested with some broadband providers. But Google did note that it had begun to use across its network the ‘DoubleClick ad-serving cookie,’ a computer code that allows the tracking of Web surfing.
“Alan Davidson, Google’s director of public policy and government affairs, stated in the letter that users could opt out of a single cookie for both DoubleClick and the Google content network. He also said that Google was not yet focusing on ‘behavioral’ advertising, which depends on Web site tracking. But on its official blog last week, Google touted how its recent $3.1 billion merger with DoubleClick provides advertisers ‘insight into the number of people who have seen an ad campaign,’ as well as ‘how many users visited their sites after seeing an ad.’ “
Google embraces ‘full-blown behavioral targeting’
Nakashima quoted Jeffrey Chester, executive director of the Center for Digital Democracy, as saying that “Google is slowly embracing a full-blown behavioral targeting over its vast network of services and sites.” Google, he told her, “knows more about consumers than practically anyone.”
The privacy issues are vast and include whether any company should be allowed to collect and hold vast amounts of information on consumers, to what extent consumers should be able to know about it and /or opt in or out of collection, and to what use companies can put the information.
The New York Times’ Clifford laid out some of the regulatory history and options: “The Federal Trade Commission has made some tentative steps toward standards, including a December proposal on behavioral-advertising practices. The proposal suggested that companies provide a clear notice to consumers that lets them opt out of tracking, notify consumers if the company changes the way it uses the data and use reasonable security measures. It also sought comment on several matters.
“But Lydia B. Parnes, the director of the F.T.C.’s Bureau of Consumer Protection, has said she supports industry self-regulation, saying that it isn’t yet clear that the consumer is being harmed and that regulations might be too specific to current technologies. Laws have been made on slices of the privacy pie, including data about finances or children. But complying with various pieces of legislation is difficult, companies said.”
Self-regulation seen as ineffective
Still, privacy advocates think more rules could help users. “There’s a self-regulatory program out there which hasn’t been very effective,” Alissa Cooper, the chief computer scientist at the Center for Democracy and Technology (CDT), told the Times.
Heather Green and Catherine Holahan of BusinessWeek, whose article clearly report some of what companies like Yahoo do and don’t do with information, describe an analysis put out by the CDT late last month: “It advocates a Do Not Target list and wants the targeting companies to sit down and come up with standard guidelines for how long they keep the information. ‘The industry in general has been growing in a way that allowed them to come up with the practices we’re seeing,’ says Ari Schwartz, an analyst at the CDT. ‘There isn’t a sense that these companies have long-term privacy protection plans in place.’ “
Green and Holahan continued: “Yahoo believes most people don’t opt out because they actually like targeted ads. ‘It is our strong belief that a more customized experience is what users prefer,’ says [Yahoo VP Anne] Toth.
“That’s the concern Congress wants to address. And it explains why more scrutiny is likely to follow.”
Susan Albright, a MinnPost managing editor, writes about national and foreign developments. She can be reached at salbright [at] minnpost [dot] com.