Group items tagged

"The Network Advertising Initiative will unveil a new tool on Thursday that allows people who want to avoid behavioral targeting to permanently preserve their opt-out cookies. Currently, Web users who don't want to receive targeted ads can opt out via cookies. But those cookies have notoriously short lives -- often because users who want to avoid tracking frequently delete all of their cookies, including the opt-out cookies. Once the opt-out cookies disappear, behavioral targeting companies revert to tracking users and serving them targeted ads. "

More consumers are growing comfortable with online behavioral targeting, perhaps as a result of an increase in familiarity, but the majority remain uneasy with the practice. That's according to a new study conducted by TNS on behalf of the privacy group Truste. For the study, consumers were asked whether they agreed or disagreed with the statement: "I am comfortable with advertisers using my browsing history to serve me relevant ads, as long as that information cannot be tied to my name or any other personal information." Twenty-eight percent of respondents agreed, up from 24% who agreed when the same study was conducted last year. At the same time, 51% said they disagreed that they were comfortable with anonymous behavioral targeting. While that figure represents a slim majority, it's down from last year, when 57% of respondents said they disagreed. At the same time, more respondents than in the past now say they delete cookies. Almost half--48% of survey respondents--said they erase cookies at least weekly, up from 42% last year. It's not clear how much overlap there is between the respondents that regularly delete cookies and those who say they're uncomfortable with behavioral targeting. Colin O'Malley, vice president of strategic business at Truste, attributed the increase in the proportion of consumers who said they were comfortable with behavioral targeting to increased publicity over the issue. He said the recent attention to the issue in the mainstream media has helped to increase transparency. He added that the increased cookie erasures showed that consumers want to be able to manage their experience. "Cookie deletion is just one more indication that consumers are seeking tools to increase their level of control," he said.

"Web users are not yet deleting Flash cookies as often as they shed more traditional cookies, but that doesn't mean it's a good idea to use Flash technology to track consumers online. That's according to a new report commissioned by media audit company BPA Worldwide. The report, authored by analytics expert Eric Peterson, warns that the use of Flash cookies, also called "local shared objects," to override consumers' choices could invite new privacy laws. "With the attention given to consumer privacy on the Internet at both individual and governmental levels, we believe that companies making inappropriate or irresponsible use of the Flash technology are very likely asking for trouble, (and potentially putting the rest of the online industry at risk of additional government regulation)," writes Peterson, CEO and principal consultant at Web Analytics Demystified. "

Flash cookies may draw additional legislation for the online advertising industry.

A Harvard University fellow has developed a browser extension that stops advertising networks from tracking a person's surfing habits, such as search queries and content they view on the Web. The extension, called Targeted Advertising Cookie Opt-Out (TACO), enables its users to opt out of 27 advertising networks that are employing behavioral advertising systems, wrote Christopher Soghoian, who developed it, on his Web site. Soghoian, a fellow at the Berkman Center for Internet and Society at Harvard and a doctoral candidate at Indiana University, modified a browser extension Google released under an Apache 2 open-source license. Google's opt-out plugin for Internet Explorer and Firefox blocks cookies delivered by its Doubleclick advertising network. A cookie is a small data file stored in a browser that can track a variety of information, such as Web sites visited and search queries, and transmit that information back to the entity that placed the cookie in the browser. Google's opt-out plugin comes as the company announced plans last week to target advertisements based on the sites people visit. Targeted advertising is seen as a way for advertisers to more precisely find potential customers as well as for Web site publishers to charge higher advertising rates. But the behavioral advertising technologies have raised concern over how consumers get enrolled in the programs, what data is being tracked and how the data is protected.

OPT-OUT becomes untenable when users have to visit 40 - 50 or more sites to do it.

The online advertising industry and U.S. policy makers need to give online users more control over the collection of personal data and surfing habits beyond the traditional opt-out approach, some privacy advocates said Wednesday. Dozens of online ad networks allow users to opt out of being tracked as a way to deliver behavioral advertising, and in most cases, the opt-out is stored in a cookie that goes away every time the users clear their browser cookies, privacy advocates said during a discussion of online advertising at the Computers, Freedom and Privacy Conference in Washington, D.C. Some advertisers require that people opt out of targeted advertising every month, and some advertisers make the opt-out link difficult to find, said Christopher Soghoian, a fellow at the Berkman Center for Internet & Society at Harvard University. Some opt-out mechanisms aren't even functional, he said. Soghoian, while creating a single opt-out mechanism for the Firefox browser, found more than 40 advertising networks, he said. "How can we expect consumers to visit 40 or 50 different online advertisers, opt out, then revisit these sites every six months or every year, and then, when they delete their cookies, go back again?" he asked.

"I heard a rumor that I hope isn't true. Specifically, I heard that opting out of behavioral profiling may not stop advertising companies from tracking you as you travel across the Web. Rather, according to the rumor, in many cases you merely opt out of seeing the tailored ads your web history might otherwise trigger. The ability to opt out of behavioral profiling essentially underpins the argument for self-regulation by the industry. The idea is that (1) people like tailored ads and (2) those that worry about the practice, for instance, from a privacy perspective, can opt out of it. Setting aside the apparent frailty of cookie-based opt out (when you delete your cookies, you delete your opt out as well) and the availability of other means to track users (like flash cookies), this seems pretty straightforward and convincing. But what does "opting out" mean, exactly? A close look at the Network Advertising Initiative website, which offers an opt out tool on behalf of most major online advertisers, turns up no guarantee that opting out will stop a company from logging where a user has traveled."

Now, you can either use Collusion to shock and appall yourself, or you can use it to show friends and family just how rampant behavioral tracking is. Once your mother sees that no less than five companies track her behavior when she visits MSNBC.com, and six when she visits FoxNews.com, she might be a little more cautious. She might also ask if there's a way to block the tracking cookies - at which point you promptly install Ghostery and BetterPrivacy on her computer.

"Beginning next week, the FTC will hold a series of public roundtables covering the growing number of challenges to consumer privacy on the Internet. Dubbed "Exploring Privacy," the daylong discussions will focus on "the collection and use of information by retailers, data brokers, third-party applications, and other diverse businesses." Hold that yawn. Behavioral tracking and ad targeting have everything to do with the pesky "Warning!" pop-up blinking behind your browser window right now. The one that could shatter your online privacy. In advance of the roundtables, Fast Company spoke with online privacy advocates Jules Polonetsky, co-chair and director of the Future of Privacy Forum, and Ari Schwartz, vice president and chief operating officer of the Center for Democracy and Technology. Below, Polonetsky and Schwartz highlight five of most nefarious techniques used to trick and track you." 1. "Malvertising Gangs" 2. Flash Cookies 3. "Cookie appends" 4. Personal Health Data 5. ISP Tracking

Much of the privacy debate has focused on cookies and icons and not what really matters: the misuse or abuse of consumer data by third parties in the real world. I don't care whether I see behaviorally targeted ads so much as I don't want my health care or auto insurance to be impacted by sites I've visited and stuff I post online.

The use of data in the online world is being governed by the rules of the "Wild West," the European Commission will argue this week, in the clearest warning yet to Internet companies to curb how they use the information they collect on users. With concern growing over the amount of data gathered by the biggest players on the Internet, the comments will challenge the industry to agree on new principles for its use - or face a clampdown. Meglena Kuneva, the European consumer affairs commissioner, will argue that basic consumer rights are being violated by companies that profile and target consumers, according to a draft of a speech seen by the International Herald Tribune. "From the point of view of commercial communications," the draft speech reads, "the World Wide Web is turning out to be the world 'Wild West."' Kuneva is to deliver the speech to a meeting of around 200 industry and consumer representatives on Wednesday. Her comments reflect the anxiety of regulators on both sides of the Atlantic about the commercial use of information garnered through online tracking made possible via "cookies" - small files dropped into users' computers by the Web sites they visit. These cookies help companies take note of users' habits and can be sold to advertisers to help them target their marketing efforts. But their use raises serious questions about who knows which sites we visit and what they do with that information. In the United States, the chairman of the Federal Trade Commission, Jon Leibowitz, warned recently that, if the industry does not show it can protect users' privacy, it will invite legislation from Congress and a more regulatory approach from the F.T.C.

Three out of four Americans believe that individuals are responsible for protecting their own privacy online. That's the bottom line of a new survey conducted by TRUSTe, a company that certifies the compliance of websites with privacy standards and statements. Nonetheless, The New York Times reports that the Federal Trade Commission is trying to put more responsibility on website operators: Last month, the F.T.C. revised its suggestions for behavioral advertising rules for the industry, proposing, among other measures, that sites disclose when they are participating in behavioral advertising and obtain consumers' permission to do so. One F.T.C. commissioner, Jon Leibowitz, warned that if the industry did not respond, intervention would be next. "Put simply, this could be the last clear chance to show that self-regulation can -- and will -- effectively protect consumers' privacy," [FTC commissioner Jon] Leibowitz said, or else "it will certainly invite legislation by Congress and a more regulatory approach by our commission." Behavioral advertising, which records individual users' Web usage by inserting cookies into their browsers and keeping a log of where they go and what they do, is the most high-profile privacy issue today. Google-owned DoubleClick is tracks Web users across many sites, combining them into one profile at DoubleClick's end to be used for ad targeting. Some survey respondents use cookie-deleting browsers and anonymizing software to thwart tracking systems. Privacy advocates, TRUSTe, and the FTC all strongly encourage companies to post meticulous privacy statements for online visitors, and to follow them to the letter. Still, only 15 percent of TRUSTe's survey respondents said they actually read privacy statements.

"If you're concerned about Google retaining your personal data, then you must be doing something you shouldn't be doing. At least that's the word from Google CEO Eric Schmidt. "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place," Schmidt tells CNBC, sparking howls of incredulity from the likes of Gawker. But the bigger news may be that Schmidt has actually admitted there are cases where the search giant is forced to release your personal data. "If you really need that kind of privacy, the reality is that search engines - including Google - do retain this information for some time and it's important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities." There's also the possibility of subpoenas. And hacks. But if any of this bothers you, you should be ashamed of yourself. According to Eric Schmidt. Gawker highlights the irony of Schmidt's typically haughty proclamations. After all, this is the man who banned CNet for a year after the news site published information about him it had gleaned from, yes, Google. But the larger point here is that Schmidt isn't even addressing the issue at hand. Per usual. When the privacy question appears, Google likes to talk about the people asking the questions. But the problem lies elsewhere: with the millions upon millions blissfully unaware of the questions. If you're concerned about your online privacy, you can always put the kibosh on Google's tracking cookies. You can avoid signing in to Google accounts. And, yes, you can avoid using Google for anything Eric Schmidt thinks you shouldn't be doing. But most web users don't even realize Google is hoarding their data. CNBC asks Schmidt: "People are treating Google like their most trusted friend. Should they be?" But he answers by scoffing at those who don't trust Google at all. Not that you'd expect anythin

"Sherry Natoli is followed everywhere she goes while shopping online, but she doesn't mind at all. Natoli, who owns a seashell business in Tampa, does all but her grocery shopping on the Internet and even opts in whenever she's asked whether she's willing to have her online movements tracked by websites." Companies have been monitoring our online behavior for almost as long as there's been an Internet, often using our online footsteps (cookies) whenever we search, browse or buy online. Tracking technology has advanced so much that everything from how long we linger over a product description to whether we are searching for sexual-dysfunction drugs can be collected and stored on individual profiles. Our profiles are numeric descriptions, not our real names, but in some cases, it's not hard to determine personal information behind the numbers. Privacy concerns abound, and several privacy and consumer groups are urging Congress to enact laws on what can and can't be collected and for how long.

Laws in Canada and other countries are increasingly helping technology force people to identify themselves where they never had to before, threatening privacy that allows people to function effectively in society, a new study has found. "What we're starting to see is a move toward making people more and more identifiable," University of Ottawa law professor Ian Kerr said Wednesday. His comments followed the launch of Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society, a book summing up the study's findings, at a public reading in downtown Ottawa hosted jointly with the Privacy Commissioner of Canada. Kerr led the study with University of Ottawa criminology professor Valerie Steeves. They collaborated with 35 other researchers in Canada, the U.S., the U.K., the Netherlands and Italy. The researchers reported that governments are choosing laws that require people to identify themselves and are lowering judicial thresholds defining when identity information must be disclosed to law enforcement officials. That is allowing the wider use of new technologies capable of making people identifiable, including smartcards, security cameras, GPS, tracking cookies and DNA sequencing. Consequently, governments and corporations are able to do things like: * Embrace technologies such as radio frequency identification tags that can be used to track people and merchandise to analyze behaviour. * Boost video surveillance in public places. * Pressure companies such as internet service providers to collect and maintain records of identification information about their customers. While Canada, the U.K., the Netherlands and Italy all have national laws protecting privacy - that is, laws that allow citizens to control access to their personal data - such legal protection does not exist for anonymity, Kerr said. "Canada is quite similar [to other countries] with respect to anonymity. Namely, it's shrinking here just as it is there.

Google has moved forward the debate about privacy and Internet advertising, in its typical way, with deceptively simple engineering and a willingness to impose its way on others. On Wednesday, Google became the last of the big advertising companies to start keeping track of where Internet users surf online so ads can be shown to people based on what they might be interested in buying. In its approach to ad targeting, the company is responding to calls by the Federal Trade Commission and others to be more clear with users' information and control over the information it collects. It has created a window into part of its database, so users can see that Google has deduced that they are interested in "Anime & Manga" comics, or "Alternative-Punk-Metal" music or travel to Afghanistan. (Yes, those are on its list of 600 interest categories.) It also built technology to allow your browser to remember that you don't want Google (or its DoubleClick unit) to remember anything about you. It is more robust than the opt-out system used by many companies that rely on cookies in browsers. These are technical feats that other ad companies said would be too hard.

I was at an advertising conference last week. Some folks are concerned that privacy advocates will press the government to regulate the most common of tracking technologies: behavioral targeting. That's the system that drops a cookie onto our computers to record many of our wanderings through the Web in hopes of targeting us with relevant ads. I had just written The Next Net, about how we'll be tracked on the mobile Internet. And I was thinking that if behavior targeting worries people, the data cascading from our phone use will terrify them. But there are also plenty of reasons to worry about regulation. First, there's a divide in our society between people extremely worried about erosion of privacy and others who appear, with their Web postings, videos and Tweets, to celebrate it. Which group wins? They both can. Take a look at this new friend-finding location-based application for Facebook, Locaccino. It comes out of Carnegie Mellon. The idea is that people can fine-tune their privacy profiles, deciding who can see where exactly they are, and who gets a blurrier vision, or none at all. The point is that millions of people are clearly eager to exchange all sorts of data. It's a way for them to learn, make friends, find things, and have fun. What's more, it supports a vibrant and innovative software market in a gloom-infested tech industry. Some of the innovation will go toward protecting privacy. Because privacy is something that both sides of this debate want and need, even if they don't agree on what it is. Regulations? The most important privacy regs, in my view, should mandate clear communications on how customer data will be used, and will limit tracking to those who have chosen to participate.

Educating consumers about what behavioral targeting is and is not up to, deep within the cookies of their browser, seems to be a bit like alternative energy development. Pretty much everyone says the industry should be doing more about it, and yet it is hard to see where and with whom it starts. Most online materials related to BT are pitched to one end of the value chain, marketers. It's not clear to me that most of the companies in this space are even comfortable talking directly to consumers, let alone taking the time to develop an accessible language to describe their process. Specific Media controls the BehavioralTargeting.com domain and uses it to educate marketers about its methods. Even the Wikipedia entry for this field is really an explanation for advertisers. This is understandable, since most people who are familiar with the term likely come from the industry. But it seems to me the industry misses an opportunity to practice more often, and in more places, what it knows ultimately needs to be done. You guys need to find better, clearer, simpler ways to explain what it is you are doing in our browsers -- and why you are doing it. And what are the real benefits and risks a consumer incurs by tacitly agreeing to your presence? Isn't every possible point of contact with a suspicious consumer a teachable moment? In an earlier post, I recounted how I struck some retargeting gold when FetchBack tagged and remarketed me during my travels online. An opt-out option is clearly available at the front page of the FetchBack site. Unfortunately, from there you either opt-out (kick over to the Network Advertising Initiative site) or click into a long scrolling privacy policy that doesn't actually get around to explaining retargeting until a few screens down.

Some consumers say they like the way Internet retailers will suggest new purchases to them based on what they've bought previously. Others feel creeped out when a banner ad seems to know a bit too much about their Web surfing habits. It's called behavioral advertising, and it's central to the business success of all manner of Internet commerce, from bookstores to newspapers. The practice needs regulation, says Rep. Rick Boucher , the Virginia Democrat who chairs the House Energy and Commerce Subcommittee on Communications, Technology and the Internet. Boucher says legislation to protect consumer privacy online will spur people to surf more. But Internet advertising companies are not happy about regulation, especially because Boucher's plan would require, in some cases, that consumers agree in advance before their surfing habits could be tracked. Such an approach "would really be a sea change in the U.S. regulatory framework," says Mike Zaneis, vice president for public policy at the Interactive Advertising Bureau. Virtually all consumer protection laws, he says, permit people to opt out of solicitation, for instance, with a "do not call" registry. For the Internet, Congress has done almost nothing. "To suddenly move toward a draconian opt-in standard," he says, "would really be damaging not just to businesses but consumers." Zaneis, whose group includes such news heavyweights as the New York Times Co. and Conde Nast Publications, says now is not the time to upend Internet companies' business models, right when the economy is in the tank and print advertising is drying up. He argues further that new Web browsers make the issue moot by giving consumers the ability to easily block the electronic "cookies" that track their online movements. The issue promises to be a lobbying extravaganza. Last year, when the Federal Trade Commission (FTC) was developing self-regulatory guidelines for Web companies engaging in behavioral advertising, it

Emily Riley of Forrester Research presented a lot of data during her keynote presentation at today's OMMA Behavioral Conference but one point she made seemed rather salient to me: many of those marketers and data firms involved in behavioral targeting seem to skip over social media as a source of information. They might look at the data surrounding the usage of those sites but they seem to rarely do any actually monitoring, let alone interacting there. It reminded me of an experience I had with my wife. We once lived in a building where we didn't have much interaction with our neighbors, very little beyond an occasional wave in the hallway. We could, however see their mail mixed with ours and our landlord's. My wife began to notice that the landlord and our neighbor were starting to get similar envelopes from law firms. I, being the incurious mail sorter I am, didn't really think much of it. She, on the other hand, was convinced that one of them must be suing the other and was able to spin out some fairly detailed scenarios based on other clues from the hallway, the presence of exterminators one day, the thickness of paint on the front door etc. One day I encountered our neighbor in the hallway and did my customary wave. "Oh by the way," He said, "We're moving out next week." Oh really? He then regaled me with the entire story which involved a variety of things including an exterminator, paint thickness, and law firms. My wife and I were both able to glean essentially the same information. However if I had approached him and said, without any warning, "I bet you and our landlord are having one heckuva legal squabble," he probably would have punched me in the nose. I also believe that the ease with which I was able to get the whole story out of him suggests that had we interacted more it would have been I scooping my wife and not the other way around. These two approaches to gathering information are akin to the difference between following

The authorities in Brussels fired a warning shot across the bows of online advertisers today, signalling new rules to combat surfer profiling and breaches of privacy in the interests of commercial gain. In the strongest denunciation of the conduct of online advertisers, Meglena Kuneva, the European commissioner for consumer affairs, argued that personal data has become "the oil of the internet and the new currency of the digital world". She warned that surfers' privacy rights were being abused by the amassing of personal information and its supply to advertisers who targeted individuals who were often unaware of what was happening. "From the point of view of commercial communications the world wide web is turning out to be the world wild west. This could be very damaging," Kuneva told a meeting of industry professionals and analysts in Brussels. "Consumer rights must adapt to technology, not be crushed by it. The current situation with regard to privacy, profiling, and targeting is not satisfactory." The commissioner outlined European laws regulating the protection of privacy, commercial contracts, and countering discrimination, and indicated that the regulations were failing to keep up with the pace of developments on the internet. She called on the online advertising industry to come up with a voluntary code of conduct to protect consumer and privacy rights, but clearly signalled that the EU authorities would probably have to legislate to prevent abuses. The volume of personal data collected on the internet was growing exponentially and was increasingly being used for commercial purposes by tracking surfers' browsing habits, using cookies, and making the information available for individual profiling and targeting of consumers, she said.