Commercial tracking software often secretly records where users go on the Internet. If businesses don't set their own clear, simple privacy standards, government may need to step in with a 'do not track' option.
The ease and speed with which people can share information over the Internet is perhaps the marvel of this era. The way they live and work is changing rapidly, posing new opportunities and new hazards.
One area undergoing massive change is personal privacy. Fluid exchanges of information mean that more knowledge about people’s lives can be shared than they realize or desire. Facebook and Google are two Web giants that have recently faced criticism for playing fast and loose with information about their users.
A significant number of apps – small software applications that users download onto their iPhones or other smart phones – have been shown to be surreptitiously collecting information on their users, such as the person’s location or their list of contacts.
Meanwhile, the United Arab Emirates and Saudi Arabia say they will curtail the use of BlackBerry phones for the opposite reason – their texts and e-mails are encrypted and difficult to intercept and decipher. The UAE claims this privacy feature is a threat to its national security.
The development of computerized data banks – such as those storing credit-card information, medical records, or store “loyalty card” buying habits – continues to erode personal privacy.
Now several US lawmakers and the Federal Trade Commission (FTC) are raising concerns about the need to better regulate the way that websites, and the advertisers on them, place tracking data on the computers of visitors. Called “cookies,” “beacons,” “pixels,” or just “Web bugs,” these programs operate behind the scenes to record not only which pages are visited on that site but continue to track and report back on the user’s subsequent visits to other sites.
Tracking software, of course, can be useful. It can remember a password, what the user bought earlier on the site, or even the volume setting you like for watching videos there. It also helps websites gather legitimately useful information about how their own site is being used, such as how many pages have been viewed and how many unique visitors have dropped by.
But as The Wall Street Journal recently pointed out, as did the Monitor last year, privacy advocates and ordinary citizens alike are becoming alarmed by the amount of information being quietly collected on websites and the lack of consumer awareness of it.
One senator has likened Web tracking to someone following a consumer around a store with a camera and recording everything the person looked at or bought.
The Journal, for example, found that the Web’s top 50 websites place an average of 64 pieces of tracking software on each visitor’s computers, often without telling them. A principal aim is to amass a deep database of information about consumers that can be sold to marketers.
Marketers argue that the data comes without any names attached, though there are often enough clues to determine an individual’s hometown, general age, and shopping habits. Users benefit, marketers say, by seeing ads that better match their interests. (If you’re reading about baby clothes, you may be expecting a child and could be served ads about diapers, for example.)
Why should we clutter your screen with ads for things you’re not interested in when we can target your real interests, marketers ask?
In testimony last week before a Senate committee, FTC chairman Jon Leibowitz revived the idea of creating a “do not track” registry for website visitors, akin to the popular National Do Not Call Registry that fends off any for-profit telemarketers targeting home phones. Instead of users laboriously asking to “opt out” of being tracked at each site they visit, they would sign up for a blanket refusal.
Browsers such as Internet Explorer and Firefox allow users to delete “cookies” and limit which new ones are installed. But users may also find that useful features, such as being able to bypass the retyping of a password, will also be deleted.
Online advertisers are rightly concerned that too strict a policy could severely damage online commerce. Companies spent $23 billion to advertise online last year – in no little part attracted by the ability to target ads to users.
A “do not track” policy wouldn’t prevent visitors from seeing ads altogether, it would only prevent advertisers from making educated guesses about which goods or services the site visitor might be most interested in.
The FTC plans to make recommendations on tracking software this fall. And members of both the House and Senate have legislation either filed or promised.
But before restrictive rules or legislation is considered, the online advertising industry ought to be given a chance to better regulate itself. It has made a beginning by forming the Network Advertising Initiative, whose members include some of the key marketers doing tracking. The site offers useful information about the practice as well as a way to opt out of tracking by its individual members, some of the largest behind-the-scenes data marketers.
Today most consumers are simply not aware of online tracking or how it works. They should be. In the end, each individual is primarily responsible for understanding how their data is being collected and used and for protecting their own privacy.
But it is in marketers self-interest to help them out.
Transparency and openness should be keystones in creating any policy on Web tracking. Websites need to prominently display simple, clear information on how users can opt out of being tracked. Sites should also explain in simple layman’s language (no legal mumbo jumbo) what information they will otherwise collect, how it will be used, and with whom they will share it.
If the industry refuses to broadly adopt clear, consistent, and reasonable standards of its own, Congress and federal regulators may have to step in.