I’ve been reading a lot about the so-called “Do Not Track” initiative the FTC is undertaking in an effort to combat aggressive targeted advertising on people. Coming from the stance of consumer advocacy, I think this is a small win for consumers, but a major loss to publishers and advertising networks. I wanted to share my views on this delicate, but meaningful issue as it pertains to online privacy, the FTC and ad targeting.
Before I get into the merits of behavioral advertising, I want to recall back why exactly what the FTC is concerned about the state of behavioral advertising.
This recent controversy started when a very smart, but somewhat untrustworthy data collection firm was revealed to have collected Pentagon-sized chunks of data on people. This data could correlate to their web history, authenticated websites, and the unique identifiers on certain websites like Facebook, demographics, interests, political affiliations, health conditions and so on. Rapleaf, meet Wall Street Journal; Wall Street Journal, meet Rapleaf.
Yikes! No one wants to have all their data housed indefinitely for a private corporation to maliciously target for their gain. Bad move on Rapleaf. The silver lining here is that Rapleaf helped expose (with the WSJ’s great assistance) how much behavior ad-tracking has gone in the past few years. And don’t get me wrong, there are many other companies that lurk in the shadows. Rapleaf is just one company that has done remarkably well at storing this data and commoditizing it for others.
Behavioral advertising is inherently politically divisive. Let’s also remember that issue is now (or soon will be) in the hands of our highly-productive senators. Every decision is a foreshadow on how it will be used against them in upcoming political races, so any way they can come down on the big-bad corporations “hurting the interwebs,” they’ll pass legislation like this without a blink. A vote for restrictions on the internet could be viewed as anti-enterprise, anti-business. A vote against it could be viewed as pro-business, pro-anarchy on the web.
Targeted ads fund quality content, distribution and commerce across the web. What most people don’t understand is how the advertiser-publisher relationship works. Ads are not necessarily endorsements from the publisher. Often, they are blank ad “spots” on their site and an advertising network fills it in with what they think it should be. These advertisers work with publishers to fund the innovation and creativity put on the web. After all, ingesting and transcoding 24 hours of video per minute isn’t free. And neither is writing. Endlessly.
Alas, a little humility. Remember that little AOL Penguin attempted to teach newbies about behavioral advertising? I commented about this in a previous blog entry on consumer privacy, which features Jules Polonetsky’s animated answer to privacy. I bet he’s hibernating in the winter now. And by hibernating, I mean that microsite is gone – 404’d – and probably for good reason.
My point of view has shifted as did the advertising industry in recent years.
I admit that my jaded and somewhat flippant views on privacy and targeting weren’t quite right when I wrote up this post in 2008 in response AOL’s approach to explain behavioral targeting to their users. I’d like the opportunity to share an updated, refined view. It may change later, but currently this is what I believe.
Opt-out does not protect consumers and unilaterally does not empower companies to truly respect and honor people’s privacy preferences. Between the average web user and the big-bad corporation, there substantial plausible deniability over how user’s data is handled and who has access to it. In laymen’s terms, many companies contract with other big companies to do stuff for them – like run their website or their ads, for instance. A publisher might contract with an advertising company. That advertising company might be in bed with many other sister advertising companies. In essence, one’s data is in the hands of an incestuous, aggressive advertising company. Opting out doesn’t work because fundamentally, a user would opt in to not be tracked. Confusing enough?
Browser-based protection limits permission-based tracking. Say a consumer wishes to opt in for a “personalized web experience” … how would these software-based protections inhibit a user? I’m certainly not the first to want this, but there is much data that suggests that users desire a truly personal, relevant experience. Hopefully there can be some universal API’s that browser companies will agree to so publishers can selectively provide “personalized experiences” for their users.
The issue is not about the data being tracked; it’s the limitless retention of it. Most web users don’t mind a relevant online experience provided their online profile and demographic has time expiration to it. The problem with virtually all data collection companies, their cookies are “lifetime” and aren’t even typical browser cookies. They use Flash and other plugin’s cookies. Creepy, I know. But, assuming this data is purged monthly (along with annual audits from the feds), I think everyone is safe from harassing, intrusive advertisements.
Example: Say you purchased a book on Amazon on, I don’t know… Entrepreneurship. Would it be true that you would generally be okay with ads from Chase Bank for opening a small business loan? I’d say yes. It’s better than shitty CPA offers that don’t relate to me. Maybe you’d be interested in another book that other customers have purchased after they purchased that book? Possibly – this is where the issue becomes fuzzy. And after about a few weeks, the data all this is based on expires and no longer is it associating you with that purchase for the purpose of advertising.
Self-regulation doesn’t work. No company would dare let go of the data they worked so hard to build. It’s like the Library of Congress setting fire to books because people criticize the titles they have. However, some oversight on data sharing, data retention and overall improprieties ought to be monitored by regulatory groups, like the FTC.
Failure to not step forward and act transparent with data collection and retention policies will result in having no voice in the discussion. Right now, that’s what’s happening with Microsoft’s and Mozilla’s commitment to voluntarily build these “stealth” browsing devices into their browsers. Isn’t it people’s jobs in these advertising networks to lobby and discuss this stuff with the public? I’ve yet to read one honest argument from them.
I agree with BusinessWeek’s contributor, Ben Kunz on the cause and effect of outlawing targeted advertising:
The FTC proposal would stop all [targeted advertising]. Trouble is, while the commission may have consumers’ best interests at heart (or be motivated by desire to toss a feel-good political football in a transition election year), the idea has two huge problems:
1. It won’t stop online ads. While Do Not Call lists kept telemarketers at bay, you’ll still see tons of banners and videos everywhere online. They’ll simply be less relevant.
2. Do Not Track will send billions of dollars to the big online publishers, hurting the little sites you might find most interesting.
What type of advertising will we see if targeting advertising is dead? Contextual and blind. Contextual ads are the ones that Google’s AdWords are famous for – providing tailored ads that match the content the visitor is viewing. Blind advertising are those annoying-as-hell “You’re the 1,000,000th Visitor” type of ads. Those prey on users looking for a gimmick and as such performance of those ads decreases. A very real possibility is that some websites would eventually slip on their revenue and, well, we’ve all heard of pets.com, right?
What is the solution? Aside from user education, the next feasible step is an ultimatum to the industry from the FTC. Advertising networks ought to relax their data retention just a bit and volunteer to purge records after a limited period. The FTC can put a squeeze on those US-based firms by simply proposing sensible practices and requesting they comply within six months with a veiled “or else” kind of threat.
So you don’t want to be tracked by ads? Here are four steps: Use Tor, Use Adblock Plus, Use Firefox and wipe temporary data frequently with CCleaner. Done.
I’m too tired to write more on this … privacy is a complex issue. Thoughts?
[Image credit: spcbrass]