If George Orwell were writing today, 1984â€™s Winston Smith would be working as a â€œDoublespeakâ€ specialist crafting privacy policies and creating self-regulatory regimes for the online ad industry.Â None of the replies provided to Reps. Markey and Barton answered the basic charge posed by the WSJ in its series and previously raised by privacy advocates:Â that â€œ[O]ne of the fastest-growing businesses on the Internet is the business of spying on Internet users.â€Â Â All the companies hide behind `itâ€™s a business as we created it and good for everyoneâ€™ facade.Â Many use a scare tactic claiming that the data collection model they developed is responsible for funding online content/publishing and without it much/if not all of the Internet would vanish (as if you canâ€™t have both robust e-commerce and privacy!).Â Many of the answers to Congress also say that their privacy policies and membership in self-regulatory groups (such as the NAI) reflect best practices (as if they automatically vanish the problems!).Â The companies donâ€™t take responsibility for the problem or acknowledge that there are privacy concerns outstanding.Â
The responses reflect the Orwellian recasting of industry terms on the data collection practices it created and operates.Â Behavioral targeting (with $1.13 billion this year in spending for this type of ad) has been transformed into â€œpreference,â€ â€œrelevant,â€ or â€œinterestâ€ targeting.Â Online profiling and targeting is now called â€œcustomization.â€Â The industry is running away from the precise definitions they created and use because they are honest terms showing consumers are being tracked, profiled and targeted based on our behaviors and actions.Â Finally, several of the companies submitted their privacy policies.Â Â In order to full understand them, a consumer (in between taking their children to school or a soccer game, working, shopping, cooking) would simultaneously also have to be a technologist, lawyer, and investigator, to understand and control all the cookies, etc.
Also, the companies resort to a now out-of-date definition of whatâ€™s considered so-called personally identifiable information (PII).Â Cookies, IP addresses, pixels and web bugs, they claim, are â€œnon-PIIâ€ and hence fail to raise privacy concerns.Â Yet both the EU and FTC have said that in todayâ€™s online data collection world, the old definition of whatâ€™s identifiable no longer really works.Â The FTC explained last year that â€œ[S]taff believes that, in the context of online behavioral advertising, the traditional notion of what constitutes PII versus non-PII is becoming less and less meaningful and should not, by itself, determine the protections provided for consumer data.Â Indeed, in this context, the Commission and other stakeholders have long recognized that both PII and non-PII raise privacy issuesâ€¦