By Stephen C. Webster | RAW Story
Friday, February 24, 2012
Following the White House’s announcement of support for new one-click Internet privacy rules, electronic privacy advocates warned Raw Story that online advertisers who claim support the new standards might not actually be keen on giving up their most valuable metrics.
Experts who spoke to Raw Story this week warned that if government officials are really serious about protecting Americans’ private data, it’s going to take a lot more than the recently announced voluntary standards.
The Electronic Frontier Foundation (EFF) is concerned that industry groups may be able to find wiggle room around any such proposals that may ultimately become law, merely by altering their little-read terms of service agreements to include the very tracking the “Do Not Track” policy purports to allow users to opt out of.
“Right now we are at the beginning of a difficult negotiation about who is going to be in the room for deciding what ‘Do Not Track’ means [in potential future laws],” EFF activism director Rainey Reitman explained to Raw Story. “Yesterday’s announcement from the [Digital Advertising Alliance] underscored the risk of allowing an advertising company to decide what ‘Do Not Track’ means.”
Following the president’s announcement, the Digital Advertising Alliance (DAA), an industry group representing the largest online ad networks, said (PDF) that it would implement a series of privacy protections that should allow users to easily opt-out of behavioral tracking systems. However, Reitman warned that while it sounds good, DAA’s move may actually be an effort to pre-empt the World Wide Web Consortium (W3C), which offers a stakeholder-driven process for open collaboration on privacy standards.
If that’s successful, online advertisers could potentially tweak their terms of service to say they’re in compliance with “Do Not Track” rules merely by exempting unwilling customers from behavioral advertising, while still conducting tracking in the background and away from public view.
“That’s the fear, but I certainly hope that’s not the case,” she said.
Those concerns were echoed to a degree by Joy Butler, a Washington, D.C. attorney and author of the book The Cyber Citizen’s Guide Through the Legal Jungle: Internet Law for Your Professional Online Presence.
“First, everyone is not in agreement on the meaning of ‘Do Not Track,’” she told Raw Story. “To some internet companies, it means no targeted ads will be sent to the consumer, but the consumer’s information may still be recorded, stored, and even shared. Hence, ‘Do Not Track’ may initially insert more consumer confusion into the marketplace.”
She added that even while the Federal Trade Commission will help to enforce adherence to industry privacy policies, “without Congressional legislation to codify it, the Consumer Privacy Bill of Rights is only a list of suggested best practices that Internet companies can voluntarily adopt or reject.”
Chris Babel, CEO of TRUSTe, a leading online privacy group, agreed that companies could potentially find ways around “Do Not Track” principles if they become law, but suggested that it wouldn’t be in their interest to do so.
“‘Do Not Track’ and the whole Privacy Bill of Rights is not a law yet,” he explained. “So, one, it needs to become a law. But the question is, could they [evade the law]? Sure, they could. Would they do that? Well, it would be a PR disaster.”
He concluded that companies getting around “Do Not Track” by putting an exemption “buried in the terms of service somewhere multiple layers deep” is probably a bad idea. “I just think that puts you in the crosshairs of so many government regulatory agencies that I don’t think they would do it,” he said. “And I don’t think that anyone would recommend that they should do it.”
So far, companies like Google, Microsoft, Yahoo! and AOL have all volunteered to comply with anti-tracking capabilities built into web browsers, and the DAA said it would work with browser makers to unify the technology. What that unifying language will be remains anyone’s guess.
The DAA did not respond to a request for comment.
Following the White House’s announcement of support for new one-click Internet privacy rules, electronic privacy advocates warned Raw Story that online advertisers who claim support the new standards might not actually be keen on giving up their most valuable metrics.
Experts who spoke to Raw Story this week warned that if government officials are really serious about protecting Americans’ private data, it’s going to take a lot more than the recently announced voluntary standards.
The Electronic Frontier Foundation (EFF) is concerned that industry groups may be able to find wiggle room around any such proposals that may ultimately become law, merely by altering their little-read terms of service agreements to include the very tracking the “Do Not Track” policy purports to allow users to opt out of.
“Right now we are at the beginning of a difficult negotiation about who is going to be in the room for deciding what ‘Do Not Track’ means [in potential future laws],” EFF activism director Rainey Reitman explained to Raw Story. “Yesterday’s announcement from the [Digital Advertising Alliance] underscored the risk of allowing an advertising company to decide what ‘Do Not Track’ means.”
Following the president’s announcement, the Digital Advertising Alliance (DAA), an industry group representing the largest online ad networks, said (PDF) that it would implement a series of privacy protections that should allow users to easily opt-out of behavioral tracking systems. However, Reitman warned that while it sounds good, DAA’s move may actually be an effort to pre-empt the World Wide Web Consortium (W3C), which offers a stakeholder-driven process for open collaboration on privacy standards.
If that’s successful, online advertisers could potentially tweak their terms of service to say they’re in compliance with “Do Not Track” rules merely by exempting unwilling customers from behavioral advertising, while still conducting tracking in the background and away from public view.
“That’s the fear, but I certainly hope that’s not the case,” she said.
Those concerns were echoed to a degree by Joy Butler, a Washington, D.C. attorney and author of the book The Cyber Citizen’s Guide Through the Legal Jungle: Internet Law for Your Professional Online Presence.
“First, everyone is not in agreement on the meaning of ‘Do Not Track,’” she told Raw Story. “To some internet companies, it means no targeted ads will be sent to the consumer, but the consumer’s information may still be recorded, stored, and even shared. Hence, ‘Do Not Track’ may initially insert more consumer confusion into the marketplace.”
She added that even while the Federal Trade Commission will help to enforce adherence to industry privacy policies, “without Congressional legislation to codify it, the Consumer Privacy Bill of Rights is only a list of suggested best practices that Internet companies can voluntarily adopt or reject.”
Chris Babel, CEO of TRUSTe, a leading online privacy group, agreed that companies could potentially find ways around “Do Not Track” principles if they become law, but suggested that it wouldn’t be in their interest to do so.
“‘Do Not Track’ and the whole Privacy Bill of Rights is not a law yet,” he explained. “So, one, it needs to become a law. But the question is, could they [evade the law]? Sure, they could. Would they do that? Well, it would be a PR disaster.”
He concluded that companies getting around “Do Not Track” by putting an exemption “buried in the terms of service somewhere multiple layers deep” is probably a bad idea. “I just think that puts you in the crosshairs of so many government regulatory agencies that I don’t think they would do it,” he said. “And I don’t think that anyone would recommend that they should do it.”
So far, companies like Google, Microsoft, Yahoo! and AOL have all volunteered to comply with anti-tracking capabilities built into web browsers, and the DAA said it would work with browser makers to unify the technology. What that unifying language will be remains anyone’s guess.
The DAA did not respond to a request for comment.
No comments:
Post a Comment