In case you were unable to join us for the December 1 “Do Not Track” Demystifed event, below is a link of the event’s audio recording. Forgive the white noise in the beginning (fast-forward about 10 minutes.)
Read Chris’ and Jules’ op-ed, featured on CNN.com, here: “Techies, not lawmakers, can curb online tracking.”
POLITICO featured Chris’ and Jules’ op-ed titled, “Time to double team on Internet privacy,” on its website today. The piece encourages the agencies, businesses and consumer advocates to come to an agreement in order to successfully find a solution for online privacy.
| FOR IMMEDIATE RELEASE: | Media Contact: Ted Kresse |
| December 1, 2010 | 202.777.3719 |
| [email protected] |
Future of Privacy Forum Releases Statement on Federal Trade Commission’s Privacy Report
WASHINGTON – Today, the Federal Trade Commission released their preliminary staff report on “Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers.” The Future of Privacy Forum (FPF) released the following statement in response to the report. This statement should be attributed to Jules Polonetsky and/or Christopher Wolf, co-chairs of the Future of Privacy Forum:
“Today’s FTC report identifies the most pressing privacy issues facing consumers today. The report raises a number of questions for public consideration and input; indeed, it raises more questions than it answers, which is understandable given the complexities. The Commission correctly recognizes that the current framework needs to be updated to reflect consumers’ ongoing concerns about how their data is being collected and used. By focusing on key issues such as Privacy By Design, employee training and consumer education the Commission lays out the foundation that needs to exist for any company to successfully deliver on its privacy promises. A key focus of the report is the failure of current privacy policies and notices that are provided to consumers. We applaud the Commission’s focus on the need for and testing of new types of notices to ensure their effectiveness.
As we have previously noted, the current cookie based opt-out system is ineffective in managing consumer choices. Rightly, the Commission calls for a better system for users to be able to control online data collection. The Commission was widely expected to call for legislation of a Do Not Track mechanism, but wisely left the door open to either legislative or self regulatory solutions. The industry should act quickly to explore and implement a Do Not Track mechanism that both supports responsible advertising practices and enhances consumer controls and choices.”
Later this afternoon the Future of Privacy Forum will hold an event entitled ‘Do Not Track’ Demystified, which will feature individuals from across the government, business, advocacy and academic arenas, discussing the merits, flaws, and technological capabilities of a ‘Do Not Track’ mechanism. To learn more about the event visit: fpf.org
The Future of Privacy Forum (FPF) is a Washington, DC based think tank that seeks to advance responsible data practices. The forum is led by Internet privacy experts Jules Polonetsky and Christopher Wolf and includes an advisory board comprised of leading figures from industry, academia, law and advocacy groups.
###
Some Background Notes on Do Not Track – in Advance of the Future of Privacy Panel and the Energy and Commerce Hearing
Today’s Wall Street Journal article by Julia Angwin focuses on the upcoming “Do Not Track” events taking place this week, including the FPF program on Wednesday, and provides some background on recent developments. To further brief those of you attending in person or by phone, we thought it would be useful to provide an overview that captures the incredible flurry of advances in this area. Although there are improvements that are still critically needed, there has been tremendous progress in this area and a host of innovations are just beginning to emerge. We hope the attention from the FTC, the Hill, the media, and the advocacy community will encourage the next steps needed to advance meaningful consumer controls and will support responsible advertising data uses.
Industry Efforts
Every behavioral targeting company already offers web surfers the option to opt-out of the tracking cookie used to tailor advertising across web sites. This opt-out relies on the web surfer clicking to accept an opt-out cookie which is generic and ensures a profile isn’t built based on the web sites that are visited. The Network Advertising Initiative and now the joint coalition of industry groups now known as the Digital Advertising Association provide a central location where web surfers can go to opt-out of most ad networks. Shortly, companies involved with behavioral advertising will be providing an icon alongside targeted ads, leading users to www.aboutads.info, the DAA’s central opt-out location. However, the opt-out cookie is deleted when users clear their cookies, tossing them unknowingly back into the ad targeting pool.
When Google launched its behavioral advertising network, it created a browser plug-in that users could download to “protect” their opt-out cookie from deletion. Chris Soghoian created TACO, a Firefox plug-in which would opt-out a user out of most ad networks by collecting the needed opt-out cookies and protecting them. Lotame began offering users TACO, in addition to the standard cookie opt-out. Online privacy company Abine has purchased TACO and incorporated it into a free suite of comprehensive consumer privacy tools. The NAI now offers a download that will protect the opt-out cookies set by its members. Better Advertising is providing a program and process for managing and ensuring opt-outs and overall behavioral policy compliance for the Digital Advertising Association and its Ghostery browser download offers users transparency and detailed controls over cookies plus other tracking methods. TRUSTe offers enhanced an enhanced opt-outs via its program and PrivacyChoice offers an option that can be implemented via a toolbar bookmarklet. PreferenceCentral offers a centralized opt-out manager tool which also allows users to centrally manage multiple profiles that are created by ad networks.
Advocacy Efforts
In November 2007, a number of advocacy groups led by the World Privacy Forum propose that the FTC create a do not track list by requiring any advertising entity that sets a persistent identifier to provide the domain names of their servers to the FTC. Consumers would then download this list and use browser plug-ins to ensure those domains did not track them.
Progress
In 2010, the Center for Democracy and Technology and the Future of Privacy Forum held a number of meetings with companies, trade groups, browser companies and advocates focused on improving the opt-out process. Ideas discussed include plug-ins and the use of an opt-out header that could replace the opt-out cookie.
Policymakers
In 2010, policymakers began expressing support for the general concept of a Do Not track mechanism. The FTC is expected to advance support for Do Not track in its upcoming privacy report, while the Department of Commerce takes a broader approach in calling for a general Fair Information Practices privacy law.
On Wednesday, FPF convenes a panel of key stakeholders to examine what the different concepts of “Do Not Track”actually are and to discuss questions such as:
Does government need to play a role or can industry and technology address the concerns?
Is an Opt-Out or Do Not Track header a feasible replacement for the opt-out cookie?
Are browser plug-ins or other opt-out managers a potential solution?
Are there options that continue to enable ad supported content, but give users more control?
At the panel, audience marketing platform provider Lotame Solutions will discuss the improved transparency and consumer choice options afforded by the host of new privacy management tools being introduced by industry groups and independent players, and the risks for consumers and businesses in trying to construct a government-sponsored “Do Not Track” mechanism. Mozilla will address future plans for privacy in the Firefox browser. Technologists, experts and advocates including CDT, Consumer Action, ITIF, Chris Soghoian and Arvind Narayanan will discuss technical and legal paths forward.
Most importantly, kick-off speaker Danny Weitzner of the Department of Commerce/NTIA will help us focus on the bigger picture privacy issues that need to be the lead focus for those who want to see progress in the upcoming year!
In person seating at the event is filled, but email [email protected] for dial in details.
On Thursday the Energy and Commerce Committee will hold a hearing on Do Not Track and is expected to hear from witnesses including FTC Consumer Chief David Vladeck, TimeWarner Cable, Symantec, Prof Eben Moglen, Susan Grant, Dan Castro of ITIF and others.
FPF Do Not Track Resource Page
http://fpf.org/2010/11/17/do-not-track-resources/
Jules Polonetsky/ChristopherWolf views
A government created Do Not Track list is not a practical solution for advancing online consumer controls. Recent progress by companies in providing users with access to profiles and the ability to edit or delete their ad preferences is a far more useful path and should be encouraged. Companies and technologists can deliver on the goals of “Do Not Track” by improving the current imperfect cookie based opt-out process. Moreover, certain existing laws can bolster the effectiveness of new technologies designed to empower consumers. Once consumers choose not to be tracked, companies that ignore those wishes do so at their legal risk. Note: Other panelists at the FPF event will present a range of diverse views. The opinions of Chris and Jules are not necessarily representative of the position of supporters or advisory board members of the FPF.
FPF was featured in The Wall Street Journal article, “Hiding Online Footprints.”
FPF will host an expert event entitled, “Do Not Track” Demystified. The discussion comes on the eve of a Congressional hearing to examine the need and feasibility of a federal law to control the tracking of consumers’ online activity for marketing and analytic purposes. This program will examine the role of technology in empowering consumers to control online tracking and whether there is a need for a new legal framework.
When: Wednesday, Dec. 1
Time: 2 p.m. until 4 p.m. EST
Panelists:
Daniel Weitzner, Associate Administrator, NTIA, Dept of Commerce
Jules Polonetsky, Future of Privacy Forum Co-Chair
Christopher Wolf, Future of Privacy Forum Co-Chair
Chris Soghoian, Indiana University
Erica Newland, Center for Democracy & Technology
Sid Stamm, Mozilla (Firefox)
Arvind Narayanan, Stanford University
Adam Lehman, Lotame Solutions
Michelle De Mooy, Consumer Action
Daniel Castro, ITIF
Future of Privacy Forum Do Not Track Resource Page
Space is limited. Please RSVP to [email protected] to request location information and to reserve your spot.
FPF was featured in MediaPost.com article, “World Privacy Forum: FTC, Not Commerce, Should Take Lead On Privacy.”
Read full story here, and see FPF quote below.
Meantime, the think tank Future of Privacy Forum is taking the position that two heads are better than one. “We need the FTC and Commerce working together — pushing and pulling and a combination of both law and serious but flexible and business practical self-regulation,” the group says in a new blog post. “Creating a false sense of competition or conflict will result in inaction and lack of progress.”
Gordon Crovitz is wrong to equate the idea of a senior U.S. privacy official (as he provocatively put it, a “privacy czar to regulate the Internet”) with the proposal in the European Union of a “right to be forgotten.” (“Forget Any ‘Right to Be Forgotten,‘” Information Age, Nov. 15). It is precisely because of international proposals that may impact U.S. principles that the U.S. needs a senior governmental official to participate in the global debates over the regulation of personal information.
Read Chris’ and Jules’ full Wall Street Journal letter to the editor here.
Topsy Turvy World of Privacy: World Privacy Forum blasts FTC for not taking action against companies who falsely claim they are in Safe Harbor or who don’t live up to Safe Harbor committments. Advocates critique FTC for not taking enforcement action on numerous complaints they file and argue the FTC support for self-regulation is misguided, only a law will do. Upcoming FTC report likely to continue to call for self-regulation. Department of Commerce report calls for an expanded Fair Information Practices based privacy law – first time ever for the US government -if the White House agrees with the report’s proposals. Commerce calls for additional enforcement authority and rulemaking for FTC – efforts the Commission has sought but failed to receive from a privacy friendly Congress this past term. World Privacy Forum and other advocates tell the Dept of Commerce to step back from privacy leadership and leave field to only the FTC.
Reality check: We need the FTC and Commerce working together – pushing and pulling and a combination of both law and serious but flexible and business practical self-regulation. Creating a false sense of competition or conflict will result in inaction and lack of progress – perhaps a satisfactory solution for the most aggressive data mongers and for privacy martyrs who aspire for the most profound restrictions on data. But the rest of us – ordinary internet users, reasonable businesses and practical advocates – are hoping for progress that recognizes that everyone gains when smart privacy and online trust advances.