Targeted Advertising Cookie Opt-Out (TACO) On A Roll
Privacy activist and technologist Chris Soghoian has updated his TACO opt-out plug-in to include 44 additional ad networks. Users who download TACO automatically get opt-out cookies from 84 ad networks, cookie tracking companies and others offering an opt-out cookie. Importantly, this opt-out sticks even if users inadvertently delete opt-out cookies.
Since we well know that setting an ordinary opt-out cookie is a defective option, since so many users loose opt-out cookies to anti-spyware programs (or to their own browser controls), why should any ad network offer an opt-out cookie without also advising users of the need for a plug-in that will help maintain the opt-out? Google provides one for the opt-out from its ad targeting DoubleClick cookie and the TACO is available at no cost for anyone else. The Network Advertising Initiative has hinted that it is working on a plug-in for its members and TRUSTe could probably do the same. We predict that plug-ins will soon be proliferating.
Is this a good thing? It is better than doing nothing. But it’s time for the browser companies to get on this pronto, so that a special download is not needed. Give Web sites a way to offer users a privacy choice that the browser can reliably maintain! Respect user choice!
The Political Ad Practice Insiders Want to Keep Secret – ClickZ
My cookie says I am a moderate Democrat soccer dad who is a “triple prime” voter. (Look it up, if you’re not a political geek like me). Folks who are paying attention to the privacy issues around behavioral advertising are very focused on ads targeted based on the Web sites you have visited. But, in fact, more ad dollars are probably spent on appending offline data like the political data discussed here, as well as data from the big data brokers or data about your customer relationships with your bank and stores you frequent. Any industry self regulatory solutions or legislative proposals should recognize that basic cookie clickstream targeting was state of the art 9 years ago. The industry has moved far beyond, but the discussions seem frozen in the past and dont seem to consider the far more complicated world of online data use today. Jeff Chester ‘s blog is a must read for an understanding of how sophisticated and complex some of the online targeting has become. It is true that some of the folks Jeff documents who are claiming to target ads based on brain waves and eyeball movements are probably full of hot air, but anyone who thinks we are talking about simple anonymous cookies helping choose a Nike ad for the sports site surfer is living in the last decade.
Barking Robot: News Flash: Teens Don't Give a Twit About Twitter
It seems that there is a consensus that teens do not twitter, preferring less public venues such as Facebook status updates and phone texting. See they do care about privacy – they dont intend to blast their info to complete strangers (followers) but rather just to all their pals or maybe their friends friends. Detail here:
Whassup? I read on the privacychoice blog that you take privacy seriously. That is good to hear. There is another Jon who like you takes privacy seriously. He is at the FTC. I think he might say that if you are helping your clients sell clickstream profile data about what their users do online, you want to require that they let users know about it. That Jon might consider it deceptive if you were to claim you take privacy seriously, but then continue to help a client sell user data after you were told that they weren’t letting users know about it. That Jon has many enforcement cases keeping him busy and probably doesn’t have time to read blogs, but he has staff who help him out. So, please, on behalf of those of us who do believe that companies who do care about privacy can get this right, get on your clients before Jon does.
Readers can follow the exchange between Coremetrics and Jim Brock of Privacychoice.org here. Be sure to read the exchange in the comments.
From Webtrends: Thoughts on Web 2.0 Cookie Transparency and Control
One analytics company, Webtrends, speaks up about how the federal government can use cookies. In a blog post and in a comment at the White House Open Government, site they make some sensible points about transparency and the use of first party domains. The ideas echo some of the proposals we and CDT have previously made and underscore the opportunity to update the current OMB cookie policy in a progressive manner.
Op-Ed in Roll Call: Behavioral Advertisers Need to Change Their Behavior
Jules had an op-ed published in Roll Call today, let us know your thoughts.
Behavioral Advertisers Need to Change Their Behavior
Behavioral Advertisers Need to Change Their Behavior
Roll Call
By Jules Polonetsky
June 22, 2009
On Thursday, two House Energy and Commerce subcommittees held a joint hearing to discuss something called “behavioral advertising,” the tracking of users’ Web site visits and searches in order to deliver tailored online advertisements. Almost a decade ago to the day, I testified before the Senate Commerce Committee on the very same topic as the chief privacy officer of DoubleClick. At the time, I said:
“Consumers have the right to know what kind of data net advertisers are using, and they have the right to have control over that use. There are significant steps that industry can and should take to give consumers more confidence in and more control over their Web experience. Primary among them are notice and choice. Consumers need and deserve real choice. They need to know the type of data that is being collected about them and they need to have the ability to opt out, to choose not to participate if they want to.”
Today, I would admit to being less confident that old-fashioned notice and choice is still the right model. After years of working more directly with consumers at AOL, I am convinced that companies need to be more honest and open with users about how they collect and use their data.
A few articles covering remarks by new FTC Bureau of Consumer Protection Director Dave Vladeck have described some of the latest thinking at the Commission. Here is a synopsis from the law firm of Perkins Coie.
–Over the past ten years the agency has followed two approaches. Neither has worked well. The first was notice and consent. But consumers don’t know what they are consenting so, especially regarding secondary uses of their data. The second was a “harm” approach like GLB. Certain data collection practices pose privacy risks so great that we protect consumers by banning or imposing defined obligations on the practices, regardless of what the collecting firm has disclosed to consumers or asked them to consent to. But the “harm” model doesn’t address “non-quantifiable” harms (he didn’t define those harms). So we need a new approach.—
This could indicate a major turning point and is – IMHO – big news.
Could Bozeman Montana city officials be prosecuted for Facebook snooping?
Bozeman city officials are requiring certain applicants to hand over social media passwords for background checks.
From the Lori Drew case, we know that violating a social network site’s Terms of Service could be charged as a crime. Here is the relevant language in the Facebook Terms of Service.
“You will not share your password, let anyone else access your account, or do anything else that might jeopardize the security of your account.”
So are the applicants violating the law? Or perhaps the Bozeman officials are for inducing this violation?
Should Facebook spell out in its that systematic access to users profile for the purpose of an employment background check is not a permitted use of the service?
“I think its indefensibly invasive and likely illegal as a violation of the First Amendment rights of job applicants,” said Kevin Bankston, an EFF attorney. “Essentially they’re conditioning your application for employment on your waiving your First Amendment rights…and risking the security of your information by requiring you to share your password with them…Where does it stop? How about a photocopy of your diary?”
