Digital Ad Lobby Plan for Commerce Privacy Approach: Sideline FTC and Stronger Consumer Protection Rules

The Department of Commerce’s report on privacy has received praise from the Interactive Advertising Bureau lobbying group.  As reported by Politico,  “IAB’s Mike Zaneis [said] the Commerce Department’s new privacy report represents “a really important step in what has been a really inclusive and productive process by commerce and the administration.” Zaneis said he felt Commerce recognized (more than the FTC did) the importance of “economic growth” in recommendations about what to do next with online privacy. On the proposed Privacy Policy Office, the IAB-er further told us he felt it strikes the right balance – it is a “great idea to coordinate various stakeholders,” he said – and it creates a relationship where Commerce coordinates the rulemaking while the FTC handles enforcement. “What this has done is identify the FTC as an enforcement, not as a rulemaking or legislative, body,” he told us.


The IAB and other data collection groups are fearful of the FTC, because that agency has finally caught up to speed on the digital marketing, consumer protection and privacy issue.  Its Chairman Jon Leibowitz supports do not track (something the Commerce paper didn’t really discuss);  the Bureau of Consumer Protection head appointed by Mr. Leibowitz is a serious and skilled attorney who is concerned about consumers.  The IAB would rather have the business-interest friendly Department of Commerce be the broker of a deal that they hope will affirm the data profiling and tracking status quo.

The Obama Administration is going to have to ensure that any new multi-stake holder process provides the consumer and privacy advocates not only parity with industry, but access to resources and information so the process will be fair to consumers.  Discussions will require transparency and accountability.  The FTC should not be sidelined–although we want to see both that agency and the Commerce Department do a better job standing up to protect consumers and their privacy.

Finally, the Obama Administration must put the interests of European and Asian/Pacific consumers and citizens before the commercial concerns of U.S. online marketing companies.  The U.S. shouldn’t be a digital enabler that allows online ad companies to track and target users abroad for financial, drug, junk food and other products without serious safeguards.  A higher global standard of privacy and ethical conduct of the U.S. government is required.

Statement of Jeff Chester on the Department of Commerce’s Internet Policy Task Force Privacy and E-Commerce: a Bill of Behavioral Targeting “Rights” for Online Marketers?

The Obama Administration asks some important questions about protecting the privacy of U.S. consumers.  But given the growth of online data collection that threatens our privacy, including when consumers are engaged in financial, health, and other personal transactions (including involving their families), this new report offers us a digital déjà vu.   The time for questions has long passed.

Instead of real laws protecting consumers, we are offered a vague “multi-stakeholder” process to help develop “enforceable codes of conduct.”  If the Commerce Department really placed the interests of consumers first, it would have been able to better articulate in the report how the current system threatens privacy.    They should have been able to clearly say what practices are right and wrong—such as the extensive system of online behavioral tracking that stealthily shadows consumers—whether on their personal computer or a mobile phone.   The paper should have firmly articulated what the safeguards should be for financial, health and other sensitive data.  The report should have rejected outright any role for self-regulation, given its failures in the online data collection marketplace.  While the report supports a FIPPS framework, these principles can be written in a way that ultimately endorses existing business practices for online data collection and targeting.

This illustrates one of the basic problems with the Administration’s approach to protecting consumer privacy online.  The Commerce Department is focused on promoting the interests of industry and business—not consumers.  It cannot play the role of an independent, honest broker; consequently it should not be empowered to create a new Privacy Policy Office.   Having the Commerce Department play a role in protecting privacy will enable the data collection foxes to run the consumer privacy henhouse.  We call on the Administration and Congress to address this issue.  A new Privacy Policy Office should be independent and operate under the Administrative Procedures Act—ensuring there are safeguards for meaningful public participation and transparency.

The Commerce paper’s real goal is to help U.S. Internet data collection companies operate in the EU, Asia/Pacific and other markets as “privacy-free” zones.  Under the cover of promoting “innovation” and trade, I fear the U.S. will craft a crazy-quilt code of conduct regimes that they will claim should pass muster in the EU (which has a more comprehensive framework to protect privacy).  The Obama Administration appears to be promoting a kind of “separate, but equal” framework, where it will argue that no matter how weak U.S. privacy rules are, other countries should accept them as the equivalent of a stronger approach.  The new paper should have acknowledged the U.S. has to play catch-up with the EU when it comes to protecting consumer privacy.

We have been promised meetings with the new White House subcommittee on privacy, where consumer and privacy groups will raise these and other concerns.

Behavioral Targeting Cancer Drugs: Digital Pharma watch

Online marketing of prescription drugs, including behavioral targeting, tracking, profiling and retargeting, require federal safeguards–asap.  Here’s one online marketer admitting his client actually engaged in pharma behavioral retargeting.  They write [excerpt]:  “One of our clients is a manufacturer of cancer related drugs.  They were using retargeting aggressively…

The column goes on to say that consumer complaints led the drug company to stop using behavioral targeting, but we should not permit a digital data collection “wild west” for the medical marketing business online.  Marketers of such drugs, especially for life-threatening illnesses–should not be using behavioral marketing at all (unless the consumer/patient affirmatively consents).

Microsoft’s “Advertising Exchange” for mobile and online: How will it be addressed by its own Do Not Track approach?

Microsoft has received praise for offering in Internet Explorer 9 a “tracking protection” capability that will enable users to import lists of third party sites that would be blocked.  That’s useful, but not enough.  Microsoft engages in extensive behavioral targeting (inc. for mobile) and other interactive ad strategies designed to capture data throughout its global digital advertising service (as does almost everyone else in the online ad business; that’s one reason why so-called “first-party” websites and services require consumer privacy rules). To beome a true leader in the privacy arena, Microsoft should do more.  Take its Microsoft Advertising Exchange, which sells instant access to users in real-time (such as what Google and also many others do).  We want to learn from Microsoft what privacy and consumer protection safeguards it’s developing for the Exchange, which “now supports approximately 8 billion impressions, or transactions, per month.”   Microsoft has been using and has just invested additional funding in AppNexus, which describes itself as “the industry’s most advanced real-time ad platform.”

ClickZ noted that: “In addition to using AppNexus to support real-time bidding on its sites, its ad network, and its exchange, Microsoft has begun supplementing regular ad buys on the Microsoft Media Network with exchange-traded inventory. That extra inventory carries a lot of potential reach, since AppNexus claims to support 4 billion transactions or impressions a day…Additionally, Microsoft has put the pieces in place to create a mobile ad exchange, called Microsoft Advertising Exchange for Mobile.. It will work by allowing Windows Phone 7 app developers to plug into demand from mobile ad networks like Millenial Media, InMobi and MobClix.”

Microsoft should tell the FTC, the EU, Congress and others how it plans to address the privacy issues raised by its Exchange expansion plans.  Last July, Microsoft noted that: “Microsoft is moving aggressively to provide our customers with access to our owned and operated inventory, as well as partner inventory, via our exchange. This move is in addition to our expansion of the Microsoft Media Network, which combined with the exchange, provides a holistic solution for our customers.  In recent weeks we have on-boarded US Windows Live inventory – including Hotmail and Messenger – into our exchange, providing a highly liquid pool of high quality inventory to demand partners on an RTB basis. We have integrated with each of the major DSP’s to ensure that our customers can work with the partner of their choice in accessing inventory.  Moving forward we will make available the rest of our US owned and operated inventory and partner supply. We’re excited about the efficiencies offered by an exchange-enabled ecosystem, and are committed to providing a foundation that enables innovation by allowing third parties to add value in a transparent, trustworthy ecosystem…over the next six months we will be integrating DSP’s into the Atlas Technology Partner Alliance. This will enable Atlas advertisers to seamlessly partner with the DSP of their choice to extend their buys onto RTB exchanges while enjoying all the benefits of campaign tracking and optimization…”  

We will be turning to the online ad exchange system and privacy issues, in the weeks ahead.

IAB Gets a new Chance to Play Constructive Role as Randall Rothenberg Goes to Time Inc.

The departure of Randall Rothenberg, the head of the Interactive Advertising Bureau, provides a critical opportunity for the IAB to revisit its position on protecting consumer online privacy (including Do Not Track).  Under Mr. Rothenberg, the IAB lobbied Congress to restrict the FTC’s ability to protect consumers, including on privacy.  With new leadership, the IAB could begin playing a more constructive role by working with consumer groups to build a consensus on federal privacy rules.  Instead of confrontation and denial, we hope the online ad lobby pursues serious engagement with privacy advocates.   The IAB has become just another inside the Beltway lobbying group–and has lost credibility among many policymakers.  A new IAB leader should be someone who can really help the mission of the industry by engaging in the kind of diplomacy and debate that supports the higher purposes of online advertising, digital publishing, and the public interest.
At Time, Mr. Rothenberg will now be in charge of its online ad network, which uses behavioral targeting and other interactive data techniques.  How Time responds to the growing call for better consumer privacy will be one of Mr. Rothenberg’s new challenges.

The new “OpenRTB” online ad exchange platform–consumer protection and privacy concerns

Both Advertising Age and Adexchanger.com report on the new “real-time bidding” consortium.  Real-time bidding stands for a process where each of us are tracked and sold to the highest bidder, in real-time, so we can be targeted with ads (from financial products to pharmaceuticals to travel and more).  The OpenRTB effort provides “industry standards for communication between buyers of advertising and sellers of publisher inventory.”  Initial members include leading data targeting companies Data Xu, MediaMath, Turn, Ad Meld, Pubmatic and the Rubicon Project.

The further integration of data tracking and selling platforms raises consumer protection, privacy and competition issues.  Consumers need to be able to decide for themselves about whether they wish to be targeted through such exchanges.  The consortium offers its online ad partners tools to streamline the digital marketing process.  Where are the tools for a consumer–so they can determine how they are treated online through these anonymous and impersonal systems?  In its haste to advance online behavioral targeting, the new OpenRTB consortium appears to have left privacy and consumer choice and control aside. Regulators, privacy and consumer advocates and others will need to maintain a close watch on the new online targeting alliance.  Meanwhile, we hope that this new group will adopt new consumer protection safeguards–and not rely on the flimsy argument that groups such as the NAI and triangled icons somehow protect the public.

Online Pharma Watch: BeWell.com/More disclosure required from Dr. Nancy Synderman

BeWell.com is a “new social network founded by America’s top doctors,” including NBC News Chief Medical Editor Dr. Nancy Synderman and others.  The site is organized around “communities” that address issues involving important health concerns, including breast cancer, reproductive health, aging, etc.  BeWell is owned by “by LLuminari, Inc, an innovative health media company…”  LLuminari says on its website that “Our programs are made possible by leading companies who support providing consumers and employees access to the knowledge of the best and brightest experts. Our sponsors have included:

Johnson & Johnson GlaxoSmithKline General Mills PepsiCo Stonyfield Farm Newman’s Own Smith Barney Eileen Fisher PacifiCare Health System United Healthcare Genomic Health PriceWaterhouseCoopers

BeWell’s privacy policy doesn’t really explain how the data it collects might be used for its advertising. The site provides important information for its users.  But we need to see more disclosure on the site about exactly the role its “sponsors” play, such as with its “Pfizer Support Center,” “Health Tools” featuring “Oncotype Dx” (Genomic Health) and the “Healthy Sight Resource Center” sponsored by Transitions.  As an NBC journalist, Dr. Synderman should also disclose when doing her reporting the connections with the advertisers and sponsors of BeWell and LLuminari.  Online health sites, especially given their public interest purpose, should be transparent about their relationships with drug companies and other health marketing sponsors.

Neuromarketing & Privacy: German Data Protection Authority Enacts Safeguards

We have long been sounding the alarm over the role of neuromarketing in advertising, especially for online marketing.  We are gratified that the Data Protection Authority in Hamburg Germany, according to this law firm post, just imposed safeguards on the role of neuromarketing.  It explains that [excerpt]: “[O]n November 23, the data protection authority (DPA) of the German Federal State of Hamburg imposed a €200,000 fine [link in German] against the Hamburg-based savings & loan Hamburger Sparkasse due to violations of the German Federal Data Protection Act (the BDSG) for, among other reasons, using neuromarketing techniques without customer consentIndeed, according to the head of the Hamburg DPA, Prof. Johannes Caspar, the intent was to send a clear signal to the market against the use of modern neuromarketing and comparable methods in violation of data protection law.  The case also clearly illustrates that German regulators are willing to enforce the new data protection regime and are well prepared to impose significant fines upon companies rather than giving them merely a warning notice…The decision of the Hamburg DPA may also attract attention beyond Germany and influence the interpretation of data protection laws in other countries, in particular with respect to the compliance of neuromarketing and brain sciences techniques with data protection laws.  Due to the sensitivity of such activities, it is likely that regulators in the EU will follow the approach taken by the Hamburg DPA.”

FTC/FDA Need to Protect Health Privacy Online–Look at what personal medical info one health site asks

The online marketing of health and medical related services require urgent and serious scrutiny–from regulators, the Congress and the Obama Administration.  CDD’s recent complaint on digital pharma marketing and advertising addresses this issue.  But action is required.  Take for example, an email we received today from Quality Health/Allergies, promoting a “guide to help you sleep.”  In order to get the guide, you are asked to provide information.  Look at this one example and ask yourself.  Aren’t safeguards required to govern the collection and use of such information.  The newsletter features the TRUSTe seal which should raise questions about how effective that group’s work is protecting privacy.

Even more questions, inc. ones about specific drug brands, was asked that what we have below.  Here’s an excerpt from the questionnaire:

Simply respond to the questions below to continue.
1.     Are you (or someone in your household) going to the doctor in the next 30 days to discuss any of the following conditions below?
Alzheimer’s Disease (Moderate-to-Severe)
Bipolar Disorder
Child with Asthma
Chronic Dry Eyes
Diabetes
Osteoarthritis
Parkinson’s Disease
Rheumatoid Arthritis (Moderate-to-Severe)
Sjögren’s Syndrome
Other Condition
No appointment scheduled
Are you the Alzheimer’s Disease patient or the caregiver?
Patient
Caregiver
Can QualityHealth send you a FREE email series with important questions to ask the doctor to properly manage the Bipolar Disorder condition?
Look for this short email series over the next few weeks – check your inbox.
Yes
No
Can QualityHealth send you a FREE email series with important questions to ask the doctor to properly manage the Asthma condition?
Look for this short email series over the next few weeks – check your inbox.
Yes
No
Can QualityHealth email you a FREE email series with important questions to ask the doctor to properly manage the Dry Eyes condition?
Look for this short series over the next few weeks – check your inbox.
Yes
No
Does this person also have any of the following symptoms?
Chronic fatigue
Depression
Lack of energy
Excessive Sleepiness
Snoring
Poor concentration
Yes
No
Can QualityHealth send you a FREE email series with important questions to ask the doctor to properly manage the Osteoarthritis condition?
Look for this short email series over the next few weeks – check your inbox.
Yes
No
Can QualityHealth send you a FREE email series with important questions to ask the doctor to properly manage the Parkinson’s Disease?
Look for this short email series over the next few weeks – check your inbox.
Yes
No
Can QualityHealth send you a FREE email series with important questions to ask the doctor to properly manage the Sjögren’s Syndrome?
Look for this short email series over the next few weeks – check your inbox.
Yes
No
2.     Do you or a loved one feel tired or sleepy because of: (Check all that apply)
A non-traditional work schedule (includes working nights, evenings, rotating or split shifts or anything other than a normal day shift)
Shift Work Disorder
Obstructive Sleep Apnea, which is treated with a breathing device
Narcolepsy (sudden uncontrollable urge to sleep)
None of the above
3.     Have you or someone you love been diagnosed with Atrial Fibrillation, or AFib?
Yes, I have
Yes, a loved one has
No
4.     Do you or someone in your household have Diabetes?
Yes, myself
Yes, someone in my household
No
5.     Do you have any of the following conditions?
(Please check all that apply)
Diabetes
High Blood Pressure
High Cholesterol
Heart Attack
Stroke
Unstable Angina
Smoking or Used to Smoke
PAD (Peripheral Artery Disease)
None of the above
6.     Do you or someone you care for have Psoriasis?
Yes, myself
Yes, someone I care for
No
7.     Do you have any of the following conditions?
Major Depressive Disorder (MDD)
Generalized Anxiety Disorder (GAD)
Social Anxiety Disorder (SAD)
Panic Disorder (PD)
None of the above
8.     Have you or someone you care for been diagnosed with Cancer?
Yes
No
9.     Do you have a child (under 18) who has been diagnosed with Attention Deficit Hyperactivity Disorder (ADHD)?
Yes
No
10.     Have you or someone you care for had a “mini-stroke” (transient ischemic attack or TIA) or stroke due to a blood clot?
Yes, myself
Yes, someone I care for
No

Google’s Privacy Challenge: Face up to your online advertising culture of data collection

Google keeps making new announcements about how it will–finally, this time!–protect consumer privacy.  This latest PR salvo–after the Canadian Privacy Commissioner ruled that Google had “contravened Canadian privacy law when it inappropriately collected personal information from unsecured wireless networks in neighbourhoods across the country”– is designed to help quell EU and US policymakers enacting safeguards that would rein in some of company’s data collection practices.  Yesterday’s announcement illustrates one of Google greatest problems: it can’t admit that its entire business model is based on collecting infinite amounts of information on individual consumers.  Google’s most recent acquisitions–Admob, Invite Media, and Teracent, for example–are designed to generate new data-mining based revenues.   Google is trapped in its own success: it can’t step off the digital data collection treadmill with Facebook and others in hot pursuit.  But consumers and citizens should expect more honesty coming from the “don’t do evil” web giant–not just new promises to better behave.

Google has named Alma Whitten to head a team designed to better address privacy issues.  During her recent testimony before the Senate Commerce Committee, Dr. Whitten didn’t provide the kind of critical analysis required on the impact of Google’s online ad business and privacy.  Doing so now–and honestly addressing and redressing the problem–will be a key test.