Results tagged “Do Not Track” from IABlog

Last week, after a round of visits with advertising organizations and private declarations that its cookie-blocking plan was not a “done deal,” Mozilla Foundation, the lucrative nonprofit whose Firefox browser controls 20 percent of the world’s access to the Web, launched a new proposal to “address privacy concerns related to third party cookies in a rational, trusted, transparent and consistent manner.”

But Mozilla’s “Cookie Clearinghouse”  is neither new nor a proposal, inasmuch as the no. 2 browser-maker seems hell-bent on implementing on a tight deadline cookie-blocking by fiat. It is not a clearinghouse for cookies - it is a kangaroo cookie court, an arbitrary group determining who can do business with whom.  It replaces the principle of consumer choice with an arrogant “Mozilla knows best” system. It is not “independent,” as Mozilla claims, but is stocked with self-interested academic elites with whom Mozilla has long histories. Nor is it rational, trusted, or transparent, as I will describe below. 


But oh, is it consistent - consistent with the history of large technology providers with substantial market shares wielding the indisputably virtuous concept of “consumerism” as a weapon to fight competitive battles. These browser warriors are indifferent to the collateral damage they might create among the small publishers, retailers, and other businesses that employ more than 5 million Americans, account for 3.7 percent of U.S. gross domestic product, and define the Internet’s richness and diversity.

In February 2012, the IAB and the other groups comprising the Digital Advertising Alliance agreed eagerly with the White House and the Federal Trade Commission to work with the major browser companies to honor browser-based choice for the DAA Principles - principles that underlie a successful self-regulatory mechanism to enable consumers to manage their data in digital environments, including the management of third-party cookies. That agreement, which involved several stakeholder groups, earned praise from the Obama Administration, the Commerce Department, and the FTC. It contrasted sharply with the ongoing challenges experienced by the Worldwide Web Consortium (W3C), the NGO that manages the Internet’s underlying technical standards, in developing similar consensus-based consumer-choice mechanisms for the management of data, privacy, and “do not track” options.

Mozilla’s “Cookie Court” is just another blatant attempt by a powerful tech company to destabilize efforts by multiple stakeholders to reach consensus about how lives and livelihoods should be aligned in the Internet era. Mozilla is reassembling the players whose inexperience and antipathy to negotiation and consensus have subverted the early W3C processes. Its members have blithely gloated about their willingness to “put a number of third parties out of business.” They include technological totalitarians who dismiss negotiations with the haughty declaration that “it’s very difficult to see a long-term consensus approach,” and who equate corporate imposition of “the technologies at the browsers’ disposal” with “the consumers’ side.” 

We admit we were hopeful when Mozilla proffered that its new system for managing cookies would make exceptions for “sites complying with DAA opt-out and supporting DNT.” But its proposal does nothing of the sort. Hundreds of companies, representing thousands of Web sites, belong to the DAA program; yet their advertising will be peremptorily blocked by Mozilla’s system.  Tens of millions of consumers who have visited the DAA site and affirmatively opted to do nothing — effectively choosing to allow ads relevant to them to be delivered — will find their choice sabotaged.  And Mozilla’s argument that sites “supporting DNT” may still be able to deliver relevant advertising is disingenuous.  Since there is not yet a consensus definition for DNT - partly because Mozilla allies have so mismanaged or undermined the process for reaching consensus - it’s not currently possible for sites to support it. 

Worse, there is nothing in the Mozilla system that recognizes, let alone offers solutions for, the particular needs of the many thousands of small publishers and retailers that depend on the Internet supply chain and the third-party cookies that, however imperfectly, are a central component of it. By making it punishingly difficult for advertisers to reach highly engaged audience segments through small publishers dependent on this third-party-cookie supply chain, Mozilla’s new system will prompt marketers to concentrate their ad buys among a tiny handful of giant Internet companies that dominate the deployment of first-party cookies. This fear has led almost one thousand “long tail” Internet companies to sign a petition asking Mozilla to reconsider its determination to block third-party cookies by decree.

The open-source Internet supply chain is a wellspring of strength; it has fostered one of the greatest fast waves of economic and cultural innovation in modern history. It is also a source of weakness, because it creates vulnerabilities in securing individuals’ and companies’ data and in assuring their desire to keep certain activities and interests private. But acknowledging and correcting for those weaknesses doesn’t require taking a blunt sledgehammer and destroying the digital supply chain. Rather, we need rational, consensus solutions that will meet all major stakeholders’ needs.

That Mozilla doesn’t understand this is unsurprising. After all, it represents nobody. It is part of a global distribution cartel whose members have been in a perpetual state of war with each other for 15 years. Browser makers should not be dictating the kind of economic and cultural policies Mozilla is trying to implement any more than television set manufacturers should be deciding which shows make it to your home.

The IAB, our constituents, and our partners in the DAA, have engaged in a serious effort to participate in consensus-building around the complex issues of protecting consumer choice and privacy while enabling the commercial activity that supports a diverse and robust internet.  We welcome other serious participants. We do not welcome Mozilla’s proposed kangaroo court led by the very people who have thwarted consensus in the past … and who have evinced not an iota of concern for the publishers, small businesses, and hundreds of thousands of people that depend on Internet advertising for their livelihood.

About the Author
sp_rothenberg_randall_100x134.jpgRandall Rothenberg

Randall Rothenberg is President and Chief Executive Officer, Interactive Advertising Bureau. 

Enhanced by Zemanta

In the past 30 days, we’ve seen Do Not Track proposals reach a crescendo, and the stakes for both the industry and the consumer can’t be overstated. Many of the proposals strike at the core of how web content is delivered, optimized, and funded, and would have a highly disruptive impact on medium to small size firms. Many influential parties are supportive of Do Not Track (DNT), but they all define the concept differently. Does DNT address the consumer need? And how could the DNT debates shape your view of the self-regulatory program?

Let me catch you up on some recent events. In July 2010, FTC Chairman John Leibowitz expressed support for DNT in congressional testimony. In December 2010, an FTC privacy report featured DNT and a House subcommittee held a DNT hearing. In January 2011, the CDT published a paper proposing a definition of ‘tracking’ for DNT. Also in January, Microsoft, Google, and Mozilla announced significant new features to make available widely different forms of browser based DNT.

DNT carries heavy associations with the Do Not Call list, which the FTC launched in 2003. But Do Not Call dealt with an issue that was substantially less complicated and did not require browser level technology to enforce. Tracking occurs invisibly, many times, by many parties on the typical page load, and for diverse purposes, many of which the consumer expects. To keep bad actors at bay, government would need more than legal recourse, but also technology solutions that would block trackers across a global internet.

Do Not Track: What IS it?

Presumably, a Do Not Track service could allow a consumer to stop third parties from monitoring and recording her online behavior. But two major complications arise immediately, even amongst DNT supporters:

#1: Definition of ‘tracking’: 3rd parties span a wide range of business models, many of which provide basic functionality on the internet that consumers have come to expect, even if specifics of how these 3rd parties use their data are not well understood. Most DNT proponents will concede that there are substantial categories of tracking that should be exempted from DNT to preserve basic web functionality, including 1st party tracking, tracking for anti-fraud purposes, tracking for aggregated analytics, tracking for fulfillment of basic transactions, etc. Therefore, after signing up for DNT, tracking would continue, sometimes for behavioral advertising (1st party), sometimes by 3rd parties for ad selection (frequency capping), and by a range of 3rd parties (analytics, shopping cart providers, security firms, etc). Where does a reasonable person draw the line so that consumers are protected without breaking an excessive portion of how they expect the internet to behave? And assuming that the right balance can be found, how will consumers feel about a DNT solution that bills itself as simple, but represents the realization of a complicated policy conversation and fails to stop a wide array of tracking?

#2: Implementation: Assuming that we can resolve the definition question, who will run this beast? Public companies with massive advertising operations that operate most of the leading browsers? These companies also have some of the leading 1st party consumer brands on the internet, which exempt them from many of the tracking categories blocked by DNT, which begins to sound like a conflict. So who then, the government? If DNT should be simplified, who is the natural provider?

Preservation of Choice and the ‘Great Lost Consumer’

We’re in the midst of a golden age of innovation in privacy technologies. Consumers that are so inclined have a growing array of tools to manage their privacy online. These tools range from the aggressive and technical (NoScript, Adblock Plus), to the simple and ad industry friendly (NAI/ opt-out page, Facebook privacy settings), with many options in between (Ghostery, which Evidon operates; TrackerBlock, etc.) Each of these tools approaches the policy, technology, and larger political conversation differently, which is precisely the point. Privacy requires the active management of trade-offs.

So if the proactive already have ways of creating their own DNTs, why do we need a formal DNT? It’s about the passive majority, which can collectively be described as the ‘Great Lost Consumer.’ Does the Great Lost Consumer really know that they are being tracked on the internet? Are they aware that when they log onto the New York Times, more than 1 company is collecting data about them? The data actually suggest that yes, they do. The majority of them know that they’re being tracked, and they know that companies are tracking them to customize content and advertising. The Great Lost Consumer is not nearly as hopelessly unaware as many advocates would have you believe.

Now it’s also true that consumers don’t know enough about who is tracking them, what their data is being used for, and how to take control. This is where the industry needs to improve substantially, both through the self-regulatory program and beyond. The consumer needs contextual notice, real information, and easy controls.

Perhaps the most dangerous impact of a formal DNT, is that it becomes a mass invite to the passive majority to participate in a discussion about complicated and personal value propositions on false pretenses. If you ask the Great Lost Consumer if they want to be tracked, the answer is no. If you ask her if they prefer customized content and advertising, the answer is yes. We would therefore expect for a great portion of the population to sign up for DNT and to be frustrated by the results. If they reverse their decision, they are back where they started, no more informed and sour on the whole experience.

The consumer also expects the content they consume to continue unabated, but the networks and data companies that would be most impacted by a DNT list, are precisely the companies that small and medium sized web sites rely upon to compete with the biggest players. The top companies have 1st party relationships with the consumer and massive scale. If smaller sites can’t pool their audiences leveraging 3rd party technologies, they will wither and die.

DNT relies on the false promise of a privacy ‘on-off’ switch, and encourages the masses to make a blunt decision, without context, with massive negative impact on industry that will circle back to the consumer.

DNT and Self-Regulation: What’s a company to do?

Advertising-Option-Icon.gifDespite all of the DNT talk, the Self-Regulatory Program for Behavioral Advertising is beginning to make a significant impact. In October of 2010, the Digital Advertising Alliance launched with a cross industry Advertising Options Icon. Over the first four months of the program, Evidon delivered over 10 billion icons on behalf of advertisers, each with notice about targeting and opt-out choice for the companies behind the campaign. Over 400,000 people clicked through on the icon to pages that informed them about how their data was being used, with the great majority declining to opt-out. In the first quarter of 2011, both the DMA and the BBB will launch their enforcement programs.

The leading trade associations for online marketing, including the IAB, are unified behind the program, and view it to be industry’s best hope to avoid draconian legislation and now ‘draconian DNT.’ We could still have a bill (several are circulating and more are expected). We could still have DNT. Avoiding both entirely may be a long shot. But what kind of bill? And will DNT allow responsible players to continue their businesses without massive disruption?

The folks in DC that will ultimately define these programs are challenging industry to step up and give them a reason to believe that self-regulation has a role to play. And depending on how widely credible self-regulatory tools are deployed, they will decide how aggressively government needs to step in to fill the gap.

Time is of the essence right now. The window of opportunity to influence the conversation is beginning to close. Yet everyone believes that the commercial market has a role to play and want to see leaders on privacy rewarded.

So to aid your evaluation of where your company should stand with the self-regulatory program, consider the following:

  • If self-regulation fails, we get draconian legislation + draconian DNT
  • If self-regulation succeeds, we likely get neither
  • If this ends in a compromise, all indications are that corporate leaders in the self-regulatory movement will be rewarded
  • If you want to influence the outcome, you must act now
  • The self-regulatory movement is about empowering the consumer; do right by the consumer and your brand will benefit (with or without a self-regulatory program)

It’s time to get on board with self-regulation and DNT is just the latest in a list of good reasons.

Colin O’Malley is Co-Founder & VP of Business Development and Policy for Evidon and member of the IAB’s Networks & Exchanges Committee and Public Policy Council.

You can reach him via email or on Twitter @micshasan and @evidon.