Published in the Charleston Regional Business Journal
Marketing departments and advertising agencies celebrating the data goldmine made available by online profiling may find it prudent to withhold their cheers – at least until next year’s congressional session deals with the issue.
U.S. Sen. Ernest Hollings, D-SC, along with nine other members of the U.S. Senate Commerce Committee, will introduce a comprehensive bill aimed at regulating privacy policies on the Internet.
The potential invasion of privacy
comes in the form of online profiling through user agreement (overt or covert),
as well as placement of text files – called “cookies” – into the browser
directory and the computer’s RAM to obtain personal
information.
At the heart of the proposed legislation is the overt or covert distinction in how the agreement is obtained, known respectively as “opt-in” or “opt-out.” Most sites employ an opt-out policy, which means the site automatically collects user data unless the user requests exclusion from online profiling. The bill advocates an opt-in policy, which means the site does not collect data unless the user requests inclusion in online profiling.
Among the concerns raised by Hollings and the other committee members is the intelligibility of the policies. A recent analysis showed that most of the policies found on Web sites required a master’s level reading ability.
Rewording the policies into
user-friendly language may be the easy part. More difficult will be setting a
standard for cookies, which are lines of text
recognized by the Web site. As a user browses through a site, a different
cookie is placed with each mouse click. Upon exiting the site, the text lines
are copied into a data area of the Web site and are compiled into information
about the user’s behavior; for instance, whether the user responded to animated
banners or clicked on certain links – which is valuable information for
advertisers.
But while this information may be valuable to advertisers, it is a serious breach of trust for consumers. Earlier this year, DoubleClick Inc., one of the Internet’s largest advertising companies, backed off its plans to build extensive personal profiles of people surfing the Web after an uproar among privacy advocates and more than 100,000 consumer complaints sparked federal and state investigations.
According to a statement by Hollings, some advertising industry leaders argue “limiting the ability to profile will undermine the Internet business models that are based on customized advertising targeted to individuals whose personal information has been collected.” However, critics maintain that targeted advertising on the Internet may not be a sustainable business model — especially after recent dot-com roller coaster rides on Wall Street.
Maybe not, but for the time being – and Wall Street dips notwithstanding – collecting personally identifiable information is becoming a lucrative business. Testifying before the Joint Economic Committee last June, Intel Chairman Andy Grove revealed, “A person’s individual data – whether it’s financial data or health data or whatever – is the currency of the Internet. People trade it. People covet it. It is a valuable good, as valuable a good as the money in my pocket.”
Hollings insists the privacy bill is not an attempt to prohibit the Internet advertising model. The bill’s purpose, he feels, is to “create a framework requiring consumers to be notified and consent to these practices, if businesses choose to collect information online.”
Industry would advocate self-regulation, but Hollings has a fast retort. “[Self-regulation] is like letting the fox guard the henhouse. How can we trust companies whose every economic incentive is to collect, compile, enhance, target and disseminate personal information for profit?”
And so the gauntlet is thrown.
A wise sage once said lawmaking is not a pretty sight, and so far, this promises to be no exception. The “opt-in” bill – while designed to create a federal standard and pre-emption (precluding inequity in state legislatures) – is already creating its own double-standard: Last month InternetWeek reported “only about 3% of the 65 government sites reviewed met the Federal Trade Commission’s fair information practices.”
In fact, the report noted, even the FTC – the agency spearheading the campaign to regulate how personal information is collected and used – did not meet its own privacy standards.