The new “Digital Advertising Alliance” self-reg plan. See if it tells consumers what its sponsor ad groups really say to each other. That they track and target your “digital footprint”

On Monday, the new self-regulation magical “icon” that is designed to make the online ad industry’s privacy problems disappear will be unveiled.  A new group called the “Digital Advertising Alliance” will unveil the icon-based plan–all timed to help head-off the kinds of protections and safeguards consumers require.  The current financial crisis affecting tens of millions of Americans require that government and big business groups do more than pay digital lip service to consumer protection.

As a kind of litmus test for the new self-regulation effort, see if the icon and the information connected to it really informs you about how data on you is collected and used for profiling, tracking and targeting. For example, last week, the Interactive Advertising Association (IAB), one of the key backers of the new Alliance, released a guide to targeting consumers at the local level.  Here’s excerpts of what they say.  See if that little icon is being honest when you click it.  Of course, we really require rules that eliminate the kind and amount of data that can be collected on you and you family and friends in the first place–as well as honest disclosure on the process.  Note as well that all that data on you is expensive–and others are cashing in on information that belongs to you!  From the new “Targeting Local Markets” guide:

Explicit profile data Targeting. definition–
Explicit data is “registration quality data” collected either online or offline. For online registration data, the user has certain attributes in his or her registration profile at a particular site or service, and that data is associated with the user’s Web cookie or some sort of audience database when the user next logs in. Offline registration data includes the sorts of data held in the massive offline direct response industry databases built up over the last several decades. These are then matched to a user online when that user logs in somewhere that is a partner of the data company. The site at which the user logs in, usually an online mail or similar site, sends the name/email combination to the data company, which then makes the match and sends back data…pricing–In general, first party data commands a far more variable premium than third party data…Third party data is usually available in much larger quantities, and yet there is often a fee of anywhere between $0.50 to $2.00 or more paid to the data provider by the ad seller – thus increasing the cost of goods sold (COGS) on the ad, and therefore increasing the price…

Behavioral Targeting (Implicit profile data Targeting)-definition-
Behavioral Targeting is the ability to serve online advertising based on profiles that are inferred from an individual user’s technical footprint and viewing behavior…As the medium has grown from a “browsing” experience to interactional so have the levels of information gathered. Newer forms of information include the data collected about influences, social preferences through social networks and an individual user’s content created online…The data is often gathered in real-time and can be used for real-time decision-making so that relevant advertising can be delivered dynamically to an individual user during their online session…Behaviorally targeted advertising commands a higher price because of targeted placement versus general run-of-site (ROS) advertising…Behavioral Targeting can be highly accurate when the user is leaving a digital footprint of their activities as they move through the Web.

Consumer and Privacy Groups at FTC Roundtable to Call for Decisive Agency Action

Washington, DC, December 6, 2009 – On Monday December 7, 2009, consumer representatives and privacy experts speaking at the first of three Federal Trade Commission (FTC) Exploring Privacy Roundtable Series will call on the agency to adopt new policies to protect consumer privacy in today’s digitized world. Consumer and privacy groups, as well as academics and policymakers, have increasingly looked to the FTC to ensure that Americans have control over how their information is collected and used.

The groups have asked the Commission to issue a comprehensive set of Fair Information Principles for the digital era, and to abandon its previous notice and choice model, which is not effective for consumer privacy protection.

Specifically, at the Roundtable on Monday, consumer panelists and privacy experts will call on the FTC to stop relying on industry privacy self-regulation because of its long history of failure. Last September, a number of consumer groups provided Congressional leaders and the FTC a detailed blueprint of pro-active measures designed to protect privacy, available at: http://www.democraticmedia.org/release/privacy-release-20090901.

These measures include giving individuals the right to see, have a copy of, and delete any information about them; ensuring that the use of consumer data for any credit, employment, insurance, or governmental purpose or for redlining is prohibited; and ensuring that websites should only initially collect and use data from consumers for a 24-hour period, with the exception of information categorized as sensitive, which should not be collected at all. The groups have also requested that the FTC establish a Do Not Track registry.

Quotes from Monday’s panelists:

Marc Rotenberg, EPIC: “There is an urgent need for the Federal Trade Commission to address the growing threat to consumer privacy.  The Commission must hold accountable those companies that collect and use personal information. Self-regulation has clearly failed.”

Jeff Chester, Center for Digital Democracy: “Consumers increasingly confront a sophisticated and pervasive data collection apparatus that can profile, track and target them online. The Obama FTC must quickly act to protect the privacy of Americans,including information related to their finances, health, and ethnicity.”

Susan Grant, Consumer Federation of America: “It’s time to recognize privacy as a fundamental human right and create a public policy framework that requires that right to be respected,” said Susan Grant, Director of Consumer Protection at Consumer Federation of America. “Rather than stifling innovation, this will spur innovative ways to make the marketplace work better for consumers and businesses.”

Pam Dixon, World Privacy Forum: “Self-regulation of commercial data brokers has been utterly ineffective to protect consumers. It’s not just bad actors who sell personal information ranging from mental health information, medical status, income, religious and ethnic status, and the like. The sale of personal information is a routine business model for many in corporate America, and neither consumers nor policymakers are aware of the amount of trafficking in personal information. It’s time to tame the wild west with laws that incorporate the principles of the Fair Credit Reporting Act to ensure transparency, accountability, and consumer control.”

Written statements and other materials for the roundtable panelists are available at the following links:

CDD/USPIRG: http://www.democraticmedia.org/node/419

WPF: http://www.worldprivacyforum.org/pdf/WPF_Comments_FTC_110609fs.pdf

CFA: http://www.consumerfed.org/elements/www.consumerfed.org/File/5%20Myths%20about%20Online%20Behavioral%20Advertising%2011_12_09.pdf

EPIC: www.epic.org

Technology Policy Institute Spins the Privacy Debate in D.C.–Group funded by Some of the Biggest Data Collection Companies

Today, the Technology Policy Institute (TPI) is holding a Hill forum on privacy and the Internet.  The group’s announcement for the event states that More privacy, however, would mean less information, less valuable advertising, and thus fewer resources available for producing new low-priced services.  It is this tradeoff that Congress needs to take into account as it considers new privacy legislation.”

What an absurd, reductionistic, and intellectually-dishonest claim.  First, this group is funded by some of the largest companies engaged in behavioral data collection and also fighting meaningful privacy policies.   That includes Google and Time Warner.  TPI’s other funders involved in some form of data collection and targeted interactive marketing include AT&T, Cisco, the National Cable and Telecommunications Association and Verizon.  Rep. Cliff Stearns, the ranking member of the House Subcommittee on the Communications, Technology, and the Internet is speaking at the event: that committee is currently drafting privacy legislation to protect consumers.  Panel speakers include TPI supporters Google and Comcast.  The lone privacy group on the panel, CDT, is funded by Google and others.  One academic on the panel also works for a high-tech consulting company.  The other panel academic has done fine work on social networks and privacy.

What makes TPI’s posturing absurd, beyond its funding conflicts, is the current economic crisis.  Consumer privacy laws are required to ensure that our financial, health and other personal transactions online are conducted in a responsible manner.  Anyone–or group–who believes that we can’t have both privacy and a robust online marketplace is out of touch.

Progress & Freedom Foundation Comes to Aid of its Data-Collecting Backers (Using a `save the newspapers’ as a ploy to permit violations of consumer privacy protection!)

This report from Internetnews.com on the Progress and Freedom Foundation’s “Congressional” briefing illustrates how desperate some online marketers are that a growing number of bi-partisan congressional leaders want to protect consumer privacy.  So it’s not surprising that some groups that are actually financially supported by the biggest online marketing data collectors in the world would hold a Hill event to help out the friends who pay their bills.

It should have been noted in Ken Corbin’s that Google, Microsoft, Time Warner (AOL), News Corp. (MySpace) financially back the Progress and Freedom Foundation (PFF).  Other behavioral data targeting `want to be’s’ who monopolize U.S. online and other platforms are also backers:  AT&T, Comcast, NBC, Disney/ABC, Viacom/MTV/Nick, etc. For a list, see here.

PFF and some of its allies deliberately distort the critique of consumer and privacy groups.  We are not opposed to online marketing and also understand and support its revenue role for online publishing.  But many of us do oppose as unfair to consumers a stealth-like data collection, profiling and ubiquitous tracking system that targets people online.  One would suppose that as a sort of quasi-libertarian organization, PFF would support individual rights.  But given all the financial support PFF gets from the major online data collectors, how the group addresses the consumer privacy issue must be viewed under the `special interests pays the bills’ lens.

PFF and its allies are playing the ‘save the newspaper’ card in their desperate attempt to undermine the call for lawmakers to protect consumer privacy.  Newspapers and online publishers should be in the forefront of supporting reader/user privacy; it enhances, not conflicts, with the First Amendment in the digital era.  Finally, PFF’s positions on media issues over the years has actually contributed to the present crisis where journalism is on the endangered species list.  This is a group that has worked to dismantle the FCC, eliminate rules designed to foster diverse media ownership, and undermine network neutrality.

PS:  The article quotes from Prof. Howard Beales of George Washington University (and a fCV,ormer Bush FTC official with oversight on privacy).  Prof. Beales was on the PFF panel.  Prof. Beales, according to his CV has served as a consultant to AOL and others (including  Primerica and the Mortgage Insurance Companies of America).  Time Warner, which owns AOL, is a PFF financial backer.  All this should have been noted in the press coverage.

Online Consumers Require Real Privacy Safeguards, Not the Digital Fox [AAAA, ANA, BBB, DMA & IAB] in Charge of the Data Hen House

The self-regulatory proposals released today [2 July 2009]  by five marketing industry trade and lobby groups are way too little and far too late. This move by the online ad industry is an attempt, of course, to quell the growing bi-partisan calls in Congress to enact meaningful digital privacy and consumer protection laws. It’s also designed to assuage a reawakened Federal Trade Commission–whose new chair, Jon Leibowitz, recently appointed one the country’s most distinguished consumer advocates and legal scholars to direct its Bureau of Consumer Protection (David Vladeck). The principles are inadequate, even beyond their self-regulatory approach that condones, in effect, the “corporate fox guarding the digital data henhouse.” Effective government regulation is required to protect consumers. We should have learned a painful lesson by now with the failure of the financial industry to oversee itself. The reckless activities of the financial sector—made possible by a deregulatory, hands-off government policy–directly led to the current financial catastrophe. As more of our transactions and daily activities are conducted online, including those involving financial and health issues–through PCs, mobile phones, social networks, and the like–it is critical that the first principle be to ensure the basic protection of consumer privacy. Self-dealing “principles” concocted by online marketers simply won’t provide the level of protection consumers really require.

The industry appears to have embraced a definition of behavioral targeting and profiling that is at odds with how the practice actually works. Before any data is collected from consumers, they need to be candidly informed about the process–such as the creation and evolution of their profile; how tracking and data gathering occurs site to site; what data can be added to their profile from outside databases; the role that data targeting plays on so-called first-party websites, etc. In addition, the highest possible consumer safeguards are necessary when financial and health data are involved. Under the loosey-goosey trade industry principles, however, only “certain health and financial data” are to be treated as a “sensitive” category. This would permit widespread data collection involving personal information regarding our health and financial concerns. The new principles, moreover, fail to protect the privacy of teenagers; nor do they seriously address children’s privacy. (I was one of the two people that led the campaign to enact the Children’s Online Privacy Protection Act).

The failure to develop adequate safeguards for sensitive consumer information illustrates, I believe, the inability of the ad marketing groups to seriously address online privacy. The so-called “notice and choice” approach embraced by the industry has failed. More links to better-written privacy statements don’t address the central problem: the collection of more and more user data for profiling and targeting purposes. There needs to be quick Congressional action placing limits on the collection, use and retention of consumer data; opt-in control over profile information; and the creation of a meaningful sensitive data category. Consumer and privacy groups intend to work with Congress to ensure that individuals don’t face additional losses due to unfair online marketing practices.

[press statement by the Center for Digital Democracy]

Congressional Internet Caucus and the State of the Mobile Net: Corporate Donors Influence Group’s Agenda, Leaving Public Vulnerable to Loss of Privacy

When will members of the Congressional Internet Caucus wake up and address the role its special interest dominated “Advisory” Committee is playing?  The Caucus is holding a “State of the Mobile Net” conference on April 23.  It’s doubtful Congress will be receiving the unbiased information they need, given that the sponsors of the event are the leading companies engaged in mobile marketing and data collection.  As typical of the “business model” crafted by the Center for Democracy and Technology connected group known as the Internet Education Foundation, the event prominently acknowledges its  Platinum” sponsors: the CTIA lobby group, Google, Microsoft and Verizon.  Gold” sponsors are AT&T, Nokia, T-Mobile.  There is also a category called “promotional” sponsors which lists Yahoo and several others.

It’s highly unlikely that the meeting will discuss the real issues challenging consumer privacy and welfare on the mobile Internet (including, we expect, the recent CDD/USPIRG complaint filed at the FTC– which has helped launch an investigation into that market).   The Advisory Caucus is run by the Internet Education Foundation, whose board members include representatives from Google, Verizon, Comcast, Microsoft, Recording Industry of America, and the Consumer Electronics Association. So the line-up of speakers is crafted to make sure that corporate donor feathers–and their willingness to continue to financially contribute–aren’t ruffled.  On the privacy panel for the event we have, of course, a representative from CDT.   There are also mobile marketers–including Yahoo and loopt.  There is the DLA Piper law firm that advocates for industry and a lone academic. Consumers and citizens deserve better from Congress.

PS:  As an example of how incredibly biased the Advisory Committee to the Congressional Net Caucus is, look at the description and speaker line-up of its recent briefing on online advertising.  A supposed “unbiased” event,  it featured industry lobbyists and several groups funded by online marketers!  Incredibly shameful!

Advisory Committee to the Congressional Internet Caucus

Anatomy of Online Advertising: Understanding the Privacy Debate
March 30, 2009…The purpose of the briefing is to provide an unbiased foundation for understanding the various privacy issues that Congress will debate in the context of online advertising.

Panelists:

* Paula Bruening, Hunton & Williams
* Maureen Cooney, TRUSTe
* Michael Engelhardt, Adobe Systems
* Tim Lordan, Congressional Internet Caucus Advisory Committee
* Jules Polonetsky, Future of Privacy
* Heather West, Center for Democracy & Technology
* Mike Zaneis, Interactive Advertising Bureau

A Mobile Marketer explains how they build a profile, including operator, geographic, demographic, search query data [Annals of Mobile Marketing]

Here’s an excerpt from an video interview we transcribed with Paran Johar, CMO of Jumptap (a mobile marketing company).  The interview was done at the Mobile World Congress, Barcelona 16-19 February, 2009:

“Journalist: You have a lot of intelligence built in to your engines in the back. How is that working together? How far down can you deep-dive in the targeting? How granular can you get?
PJ: Number one; Targeting is only important as long as you have scale and reach. So we need to kind of frame that out. Number two; we take inputs from various sources. So, we take operator data, whatever they want to pass to us, they can pass us. Certainly with AT&T we get geographic data from them, in some cases we get demographic data, we get search word query data, whether we are the search engine or if it is Google, Yahoo or Microsoft, that can get passed to us, contextual data and behavioral data. We take all that together and we score it, build a taxonomy to build a profile that will serve a relevant ad. We believe mobile phone is the most personal devices…
Journalist: … How much of an issue is the analytics now and are you positive and upbeat now that you feel that maybe mobile operators are getting their head around this to deliver it?
PJ: That’s a great point. A couple of things with the GSMA-Comscore UK trials. Number one, was absolutely wonderful that it fostered collaboration among operators for various audience segments. Number two, it was wonderful that they looked beyond just geographic, demographic, but they also include behavioral profiles in terms of their audience assessment. I also think it is very interesting that they are moving forward without actually being able to monetize this and building a platform so advertisers can participate in this. I think from a metric standpoint, the next thing that we are gonna look for is really standardization of post clip metrics and how to integrate that into
advertising campaigns.
Journalist: That’s an interesting idea. How do you envision that? How should it be?
PJ: It gets a little complicated but it shouldn’t be. In it’s simplest form you just have post-click, like a click to action. You click on the ad unit, you perform some action and it calls a pixel and you register that. But with mobile you obviously have different actions that can occur. It could be click to a map, it could be click to call, click to SMS. How do you track those actions? How do you then integrate them into a reporting structure, which is key. And we are building the tools to make it easy for media planners, agencies and clients to actually track all their actions holistically and then optimize their campaigns so that they are reaching their maximum ROI.”

Center for Democracy & Technology Goes for the “Gold” as it Raises $ for its “Gala” from AT&T, eBay, Microsoft, Google (and many other corporations)

CDT is having a “Gala Celebration” next month, supported by “Gold, Silver, and Bronze” sponsors.  AT&T, eBay, Microsoft and Google are listed at the $15,000 “Gold” level [“Two tables in Premium Location-Two tickets to the VIP Reception”]; Among the “Silver” sponsors [“One table-One ticket to the VIP Reception”] at the $7,500 tab include Time Warner (AOL), Dow Lohnes, Qorvis Communications (repping Sun, Cisco, etc), American Express, Verizon, Intel, US Chamber of Commerce, ID Analytics, Yahoo!, Arnold & Porter, IAC/Interactive Corp, Thompson LexisNexis, Hogan & Hartson (reps News Corp’s MySpace, among others), Comcast, and Sonnenschein Nath  & Rosenthal, LLP.   There are also a number of “Bronze” sponsor at the $1000 level [“One seat at a table”]. (CDT has a Facebook page on the event.)

CDT’s 2007 Gala, which honored Bill Gates, had “more than 900″ supporters” in attendance.

Progress & Freedom Foundation & Online Privacy: Looking at PFF’s Online Ad Industry [& Data Collecting] Funders

Two staffers from the Progress and Freedom Foundation (Adam Thierer and Berin Szoka) issued a quick response to the new FTC online marketing privacy principles.  In a press release announcing the short paper, PFF explains that:

Tighter regulation of the online advertising market in the form of privacy mandates, the authors warn, “would severely curtail the overall quantity of content and services offered—and greatly limit the ability of new providers to enter the market with innovative offerings.”

It’s interesting to consider what such “tighter regulation” of the online marketing might mean for the companies that fund the Progress and Freedom Foundation.  The list includes heavyweights of online data collection, such as Google, Microsoft, News Corp (MySpace and other Fox Interactive properties) and Time Warner.  PFF funders include monopoly ISPs which want to get into interactive data collection and online ad targeting big-time, such as Comcast, AT&T, and Verizon (other PFF supporters include a number of companies engaged in online ad targeting, such as Cox, CBS, NBC, etc).

Perhaps a good research project for PFF would be to examine the online data collection, analysis, and ad targeting work being done by its funders (including all the technologies being used).  We’d like to see the press release on that one!

Baby Steps for Online Privacy: Why the FTC Self-Regulatory Principles For Online Behavioral Advertising Fails to Protect the Public

Statement of Jeff Chester, Exec. Director, Center for Digital Democracy:

The Federal Trade Commission is supposed to serve as the nation’s leading consumer protection agency.  But for too long it has buried its mandate in the `digital’ sand, as far as ensuring U.S. consumer privacy is protected online.    The commission embraced a narrow intellectual framework as it examined online marketing and data collection for this proceeding.  Since 2001, the Bush FTC has made industry self-regulation for privacy and online marketing the only acceptable approach when considering any policy safeguards (although the Clinton FTC was also inadequate in this regard as well).  Consequently, FTC staff—placed in a sort of intellectual straitjacket—was hampered in their efforts to propose meaningful safeguards.

Advertisers and marketers have developed an array of sophisticated and ever-evolving data collection and profiling applications, honed from the latest developments in such fields as semantics, artificial intelligence, auction theory, social network analysis, data-mining, and statistical modeling.  Unknown to many members of the public, a vast commercial surveillance system is at the core of most search engines, online video channels, videogames, mobile services and social networks.  We are being digitally shadowed across the online medium, our actions monitored and analyzed.

Behavioral targeting (BT), the online marketing technique that analyzes how an individual user acts online so they can be sent more precise marketing messages, is just one tool in the interactive advertisers’ arsenal.  Today, we are witnessing a dramatic growth in the capabilities of marketers to track and assess our activities and communication habits on the Internet.  Social media monitoring, so-called “rich-media” immersive marketing, new forms of viral and virtual advertising and product placement, and a renewed interest (and growing investment in) neuromarketing, all contribute to the panoply of approaches that also includes BT.  Behavioral targeting itself has also grown more complex.  That modest little “cookie” data file on our browsers, which created the potential for behavioral ads, now permits a more diverse set of approaches for delivering targeted advertising.

We don’t believe that the FTC has sufficiently analyzed the current state of interactive marketing and data collection.  Otherwise, it would have been able to articulate a better definition of behavioral targeting that would illustrate why legislative safeguards are now required.  It should have not exempted “First Party” sites from the Principles; users need to know and approve what kinds of data collection for targeting are being done at that specific online location.

The commission should have created specific policies for so-called sensitive data, especially in the financial, health, and children/adolescent area.  By urging a conversation between industry and consumer groups to “develop more specific standards,” the commission has effectively and needlessly delayed the enactment of meaningful safeguards.

On the positive side, the FTC has finally recognized that given today’s contemporary marketing practices, the distinction between so-called personally identifiable information (PII) and non-PII is no longer relevant.  The commission is finally catching up with the work of the Article 29 Working Party in the EU (the organization of privacy commissioners from member states), which has made significant advances in this area.

We acknowledge that many on the FTC staff worked diligently to develop these principles.  We personally thank them for their commitment to the public interest.  Both Commissioners Leibowitz and Harbour played especially critical roles by supporting a serious examination of these issues.  We urge everyone to review their separate statements issued today.  Today’s release of the privacy principles continues the conversation.  But meaningful action is required.  We cannot leave the American public—now pressed by all manner of financial and other pressures—to remain vulnerable to the data collection and targeting lures of interactive marketing.