News Clipping

Europe Taking Much Stricter Stance On Do-Not-Track Rules

By , USA TODAY

Thu, Sep 1, 2011 at 3:35 pm

  • Share

Europe’s privacy regulators are advancing toward adopting much stricter do-not-track rules than what the U.S. online advertising industry prefers.

A group called the European Union’s Article 29 Data Protection Working Party wants to require data aggregators and advertising networks to obtain specific permission from each European consumer to use each and every tracking cookie — stealthy programs that track where you go and with whom you associate on the Web.

The Working Party has been circulating this document prior to a workshop scheduled later this month with advertising industry representatives. The group is insisting on the use of a form containing a detailed explanation about each tracking cookie, along with an acceptance box consumers must check. The check box must be provided by every entity proposing to place each tracking cookie.

“Simply put, the Working Party has rejected every (self-regulation) proposal put forward by industry to avoid the necessity of consumers affirmatively consenting to every placement of cookies by every party proposing to place such cookies,” says Chris Wolf, privacy expert at Washington D.C. law firm Hogan Lovells.

Why tech giants are worried

Europe’s insistence on empowering consumers is worrisome for Google, Microsoft, Yahoo, Adobe, AOL, Coremetrics and Quantserve, the giant data aggregators that conduct the ecosystem of tracking cookies, web beacons and other Web tracking mechanisms. It’s all part of interlaced tracking networks comprised of dozens more smaller, independent ad networks, data analytics firms and tracking services.

“The Article 29 Working Party seemed to convey the message that it’s our way or the highway,” says Wolf. “That does not send a message to industry that genuine efforts at self-regulation will be recognized and rewarded. That approach could in fact impede business initiatives to advance privacy.”

It could also impede the tech giants’ direct path to online advertising lucre. Research firm eMarketer this week issued fresh projections that the U.S. online advertising market will will grow 20.2% to $31.3 billion in 2011, up from $26 billion in 2010.

A primary driver: improved targeting technology. The more intensely data aggregators can track you, the more they will be able to triangulate your online haunts and preferences. That intelligence, in turn, is expected to boost sales of pricey display advertising. The display ad market is expected to grow 24.5% to $12.3 billion in the U.S. this year, up from $9.9 billion in 2010, according to eMarketer. That assumes, of course, that the current set up of self-regulation of the data aggregation industry prevails.

However, consensus appears to be gelling in the U.S. and Europe, among consumer and privacy advocates, as well as regulators and politicians, that self-regulation won’t cut it. The concerns raised by the EU are being echoed by the Federal Trade Commission, the Federal Communication Commission, the research community, non-governmental organizations, and certain federal lawmakers, led by Sen. Jay Rockefeller, D-WV.

“The online advertising industry has been attempting to persuade the FTC and EU regulators that its self-regulatory program is adequate,” says Jonathan Mayer, a researcher at the Stanford University Center for Internet and Society. “It’s now clear that EU regulators aren’t buying it.”

Here in the U.S., privacy and consumer advocacy groups are rallying behind Sen. Rockefeller’s proposed Do Not Track legislation. It would require use of a simple mechanism that empowers consumers to make a universal request not to be tailed around the Web. The ad networks and data aggregators would be required by federal law to honor such requests.

Co-mingled tracking data

Concern is rising about the advertising industry’s wide spread practice of co-mingling tracking data from Internet searches and surfing with the information Internet users disclose at websites for shopping, travel, health or jobs. And personal disclosures made on popular social networks, along with the preferences expressed via Web applications on smartphones and tablet PCs saturating cool smartphones and tablet PCs are getting tossed into the mix.

Privacy advocates worry that health companies, insurers, lenders, employers, lawyers, regulators and law enforcement could begin to acquire detailed profiles derived from tracking data to use unfairly against people.

Rockefeller’s proposed Do Not Track law would give the FTC and state attorneys general power to enforce the law and impose penalties for violations. But Google, Facebook and data aggregators have been lobbying hard to maintain the self-regulated industry.

Craig Spiezle, executive director of the Online Trust Alliance, says the tack Europe is taking “underscores the chasm between the EU’s privacy perspectives versus that of the U.S.”

Earlier this week, the Interactive Advertising Bureau — whose 500 members include Google, Facebook and Microsoft – made it mandatory for all of its members to begin using a turquoise triangular icon to alert users to tracking cookies and give them a way to request a halt to tracking.

While the turquoise icon alert is “a significant first step,” Spiezle says what’s lacking is a “road map” addressing the entire spectrum of privacy concerns. “We need to move beyond this discussion of interest-based advertising, which I believe is a good thing and provides consumer value, to the broader issues on how else is the data being used and who has access to it,” says Spiezle.

John Simpson, spokesman for the non-profit Consumer Watchdog advocacy group says “the Europeans have exactly the right approach. They are asking that a consumer must be given the right to opt in before a cookie is placed.”

Simpson says the IAB’s icon alert mechanism is “mostly window dressing.” He says if European regulators do end up imposing a strict opt-in rule across Europe, Google, Facebook and the other data aggregators and ad networks will be forced to comply to do business in Europe.

At that point, “there is no reason they cannot do the same thing in the United States,” says Simpson. “Strict rules in Europe would show the U.S. self-regulatory program to be the sham that it is.”

Share
, , , , , , , ,

Leave a Reply