May 27, 2015
May 26, 2015
May 25, 2015
Self-Regulation Reigns, for Now, on Consumer Data Privacy Issues
The online advertising industry is inching its way to more comprehensive policies regarding the collection of consumer data. Several announcements this month by different self-regulatory groups show that pressure from government agencies and consumer watchdog groups concerned about consumer privacy is taking effect . . . slowly but surely.
The most recent pronouncement comes from the World Wide Web Consortium (W3C), an international standards body made up of more than 300 members, including Google and Facebook. W3C announced earlier this week two first drafts for standards that provide consumers more information and control over how their data is tracked online.
The first set of standards, Tracking Preference Expression (DNT), is supposed to define means for users to establish their tracking preferences and see whether sites will honor those preferences. The second set of standards, Tracking Compliance and Scope Specification, is intended to set forth practices for websites to comply with a defined “Do Not Track” preference.
W3C’s announcement has generated a good bit of attention on the other side of the pond, where the EU has been pushing for years for more transparency and consumer control over online behavioral advertising. But W3C’s standards are not expected to be finalized until mid-2012.
On this side of the pond, more clamoring has gone on about the Digital Advertising Alliance’s consumer data tracking policies. The DAA, another self-regulatory project put together by the American Advertising Federation, the Interactive Advertising Bureau, the Better Business Bureau, and several other similar groups, announced last week its latest set of principles. These principles, known as Principles for Multi-Site Data, are supposed to govern companies’ collection and use of online consumer data – like earlier DAA standards, but more comprehensive. The DAA appears to have published these in response to the FTC’s concern that prior DAA standards did not sufficiently address forms of Internet tracking.
There seems to be a trend here: companies (and their consortiums) with major online presences are having a hard time reforming their online behavioral advertising (OBA) tracking, and are doing so with the speed and enthusiasm of a satiated pig. It makes sense: advertising, and OBA, has been the center of Web business models. Shaking up the models by giving consumers opt-outs across pages significantly interrupts, for instance, how sellers get leads to their sites, how advertisers track their effectiveness, and how affiliates get paid.
But like it or not, change is the reality for companies who use OBA. Growing concerns over data privacy will force companies to take new approaches, as we’ve discussed thoroughly here already. See this post, this post, and this post, for example.
Slow and steady as self-regulation may be going, it looks like government agencies like the FTC are willing to let companies take the lead on data privacy standards (with the ever ready government prod to coax them). FTC Chairman Jon Leibowitz made this point last week, while praising the DAA’s latest set of principles: “We believe that you, the advertising industry, should give consumers choices about how they are tracked online.”
Companies should be aware, though, that the FTC is not washing its hands of data privacy issues; it rather intends to enforce those company-prescribed standards. So another business beware: whatever data privacy policies you adopt, make sure you adhere to them. If not, the FTC may come to ensure you do. See, for example, this recent enforcement action.