Online ad groups release new behavioral ad principles

Online consumers should get more information about what information is being tracked and collected for the purposes of behavioral advertising, and they should have more control over what data is being collected, according to new privacy principles released Thursday by four advertising trade groups.

Online advertising networks should also "maintain appropriate physical, electronic, and administrative safeguards" to protect data collected, and they should retain the data "only as long as necessary to fulfill a legitimate business need, or as required by law," the principles said.

The principles were endorsed by American Association of Advertising Agencies (4A's), the Association of National Advertisers (ANA), the Direct Marketing Association (DMA) and the Interactive Advertising Bureau (IAB), plus the Council of Better Business Bureaus (BBB), a group focused on building trust between consumers and businesses.

The principles come out as some U.S. lawmakers and privacy groups have questioned whether self-regulatory approaches are adequate to protect consumers when online advertising networks and broadband providers can track Web users' surfing habits across the Internet.

In mid-June, several members of the U.S. House of Representatives Energy and Commerce Committee called for new laws regulating the use of consumer data collected online.

But members of the advertising trade groups defended this latest effort. The principles show trade groups working together to "advance the public interest," Randall Rothenberg, IAB's president and CEO, said in a statement.

"Although consumers have registered few if any complaints about Internet privacy, surveys show they are concerned about their privacy," he said. "We are acting early and aggressively on their concerns, to reinforce their trust in this vital medium that contributes so significantly to the U.S. economy."

In addition to data security and transparency for consumers, the new principles also call for consumer education efforts and for online behavioral advertising organizations to obtain consumer consent before implementing any material changes to their data collection policies.

Privacy advocates sounded less than impressed with the new principles.

The Center for Democracy and Technology, a privacy and civil liberties advocacy group, is encouraged to see all the advertising groups work together, but action is what's needed, said Alissa Cooper, CDT's chief computer scientist. CDT will continue to push Congress to pass comprehensive privacy legislation, including rules for online data collection, she said.

Online ad networks "haven't been very active on the self-regulatory side in the past," Cooper added. "What we're really looking for now is implementation. We have been talking about self-regulation for a long time."

The test of the principles will be how they work in practice, Cooper said. "You say that you want to be more transparent, and you want to provide notice outside of a privacy policy -- what is that actually going to look like? The day we see these links and icons outside of the privacy policy ... is the day when we really get to judge."

The principles are an effort to avoid legislation or regulation by the U.S. Federal Trade Commission, added Jeff Chester, executive director of the Center for Digital Democracy, a privacy and civil liberties advocacy group. He called the principles "way too little and far too late."

"The principles are inadequate, beyond their self-regulatory approach that condones the 'fox overseeing the digital data henhouse approach,'" Chester said in an e-mail. "Effective government regulation is required to protect consumers. Online marketer self-dealing 'principles' won't provide the level of protection consumers really require."

The principles treat certain health and financial data as sensitive, allowing "widespread" data collection of some health and financial records, Chester added. The principles also don't address the privacy of teenagers, he added.

"The so-called notice-and-choice approach embraced by the industry has failed," he said. "More links to better-written privacy statements don't address the central problem: the collection of more and more user data for profiling and targeting purposes."

But others defended the principles. The Better Business Bureau and Direct Marketing Association will work on an enforcement process between now and 2010, when the principles are expected to be implemented, said Pablo Chavez, Google's managing policy counsel.

"I think the end result will be even more transparency and choice for Internet users about how their information is used," Chavez wrote on the Google Public Policy Blog.

"One of the key strengths of the principles is the fact that they apply to a broad range of companies participating in online advertising -- advertisers, publishers, and ad networks. Of course, for any self-regulatory effort to be effective, there has to be some kind of enforcement process."

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

• Bookmark this page
• Share this article
  •  
  • facebook
  • slashdot
  • digg
  • Reddit
  • stumbleupon
  • linkedin
  • twitter
• Got more on this story? Email CIO
• Follow CIO on twitter

• Share
  Share this article

  •  google+
  • facebookfacebook
  • slashdotslashdot
  • diggdigg
  • RedditReddit
  • stumbleuponstumbleupon
  • linkedinlinkedin
  • twittertwitter
• print
• email
• Bookmark