The Future of Privacy Forum (FPF) is a Washington, DC based think tank that promotes transparency in data practices that are practical for businesses and ensure personal autonomy for consumers. The forum is led by Internet privacy experts Jules Polonetsky and Christopher Wolf and includes advisory board comprised of leading figures from industry, academia, law and advocacy groups. FPF was launched in November 2008, and is supported by AOL, AT&T, Deloitte, eBay, Facebook, Intel, Microsoft, The Nielsen Company, Verizon and Yahoo.
FTC Cites FPF Work in Letter to Congress Regarding Behavioral Ads
Today, the Commission sent the Energy and Commerce Subcommittees holding a joint hearing examining behavioral ads a letter, noting that the FTC is closely monitoring industry efforts to step up privacy efforts. Within the letter, they also reference the FPF research project underway. After members gave opening statements, the hearing was interrupted by a series of floor votes, leaving witnesses from Google, Yahoo, Facebook and the NAI waiting to see if they would get a chance to speak. A little after 6:00 PM, the hearing finally resumed…
FTC Letter to Congress regarding Behavioral Ads
The Commission today sent the Energy and Commerce Subcommittees holding a joint hearing looking in to behavioral ads a letter , noting that it is closely monitoring industry efforts to step up privacy efforts. They also reference the FPF research project underway. After members gave opening statements, the hearing was interrupted by a series of floor votes, leaving witnesses from Google, Yahoo, Facebook and the NAI waiting to see if they would get a chance to speak. Stay tuned.
FPF Launches Leading Practices Gallery
Today, two House Energy and Commerce Subcommittees are holding a joint hearing to discuss behavioral advertising. Clearly, Congressional leaders continue to have concerns about the technologies used to track users Web activity and are dissatisfied with current practices. The FTC has repeatedly expressed its dissatisfaction with the status quo. And significant numbers of consumers themselves make their discomfort clear by deleting cookies. In response, privacy legislation could be on the way.
How are companies responding? Some argue that stricter standards will disrupt the economic model of internet advertising supporting free content. Some claim that self-regulation is working. Some support national privacy legislation. And others are beginning to explore opportunities to improve current practices. We think that regardless of whether legislation or better self-regulation is the right answer, companies need to be focused on maintaining the trust and confidence of their users if they hope to be able to succeed in the long run.
In order to encourage companies advance trust by finding innovative ways to engage and communicate with users about data use, FPF has decided to create a “Leading Practices Gallery”. Our goal is to highlight the companies that are going a bit farther to provide transparency and control to their customers with the hope that other industry players will follow in their footsteps. We recognize that not all the practices highlighted will be the best solution for every business. We appreciate that some of these examples are only baby steps in the right direction. But, all too often, privacy progress by businesses is stalled by critics who deride any minor progress because it isn’t the perfect solution or because the advances are perceived to be an ingenuous attempt to deter the holy grail of legislation. We take a different view. We think that by recognizing some of the positive methods that some businesses are taking, we can inspire other companies looking to increase transparency and control and support those who are trying to get it right. Soon, we will be consumer testing some of these efforts and will be trying to design some of our own.
So take a look at the Leading Practices Gallery to see which companies and practices are working to improve consumer trust.
Gallery of Leading Practices
In order to encourage companies to further develop innovative means of communicating with its users about data use and behavioral advertising, The Future of Privacy Forum highlights the following companies for taking the lead in providing transparency and control to its customers. If you are aware of other companies that deserve a “cheer”, please let us know by commenting or emailing us at [email protected]. Easy to view if you enlarge the presentation to full screen.
Relying on your privacy policy to give user’s notice and choice? Watch this video where 50 people in Times Square were asked “What is a browser?” It’s not exactly a scientific study, but you get the point about the communication challenges involved if reading a page about browsers, cookies and IP addresses is supposed to ensure that users understand behavioral advertising. We also have to keep in mind that you and I and our Beltway, Silicon Alley and Silicon Valley friends are not representative of the mass Web audience. Heck – some of us are even befuddled when challenged to go beyond email, browsing or signing up for Facebook.
That brings us to tomorrow, when two House Energy and Commerce Subcommittees will hold a joint hearing on behavioral advertising. When I first testified before the Senate Commerce Committee on this very issue almost a decade ago, I wasn’t quite sure the Members clearly understood the technologies and business models we were discussing. It will be interesting to see how congressional fluency in this area has progressed. Subcommittee Chairman Boucher and his staff have spent a great deal of time on this issue, hearing from companies, advocates and trade groups and seem to be well up to speed. My former colleague from local Brooklyn politics, Anthony Weiner, is quite tech savvy and had some smart points to make at the recent ISP focused committee hearing. Energy and Commerce Committee Chairman Henry Waxman also seems interested in the issue and even has the Chief Privacy Officer of the Federal Trade Commission detailed to his committee to support privacy efforts. So I do hope for a savvier and more engaging discussion this time around.
Will the companies presenting have much more to say than I did nearly a decade ago? Have practices progressed much further than the commitments made in those early days? I will be twittering from the hearing, so follow me there or at the Twitter box on this site for live updates.
An interesting ITIF Event
The Cost of Privacy: A Debate on the Impact of Privacy Laws on Health IT Adoption
As the Obama Administration moves forward with plans to modernize health care by encouraging the use of electronic medical records (EMR), some parties continue to raise concerns about privacy. Strong privacy laws may help protect confidential patient information and encourage user acceptance. But strict privacy laws can also impose additional burdens on health care providers and may slow technology adoption. A new study recently published in Management Science attempts to quantify the effect of state privacy regulations on the diffusion of EMRs and finds that strict privacy regulations reduces aggregate EMR adoption by hospitals by almost one-quarter. However, organizations promoting stricter privacy regulations such as Patient Privacy Rights have dismissed the findings as “preposterous.”
Join ITIF for a thoughtful debate between the authors and critics of the report to learn more about the impact of privacy laws on technology diffusion in health care.
Time: 2:00 PM – 3:30 PM
Date: Monday, June 22, 2009
Place: WE HAVEMOVED —ITIF, 1101 K Street, NW, Suite 610, Washington, DC — WE HAVEMOVED
Co-author of study, Douglas Drane Career Development Professor in IT and Management, and Assistant Professor of Marketing and , MIT Sloan School of Management
Ad network FetchBack is now adding a link to its ads that take users to an informational and opt-out page. This is certainly another step in the right direction, so we offer our compliments.
That being said, without a screenshot of what the little link on the ad looks like, the value to users of this link it is hard to assess. Does it say “info” or “about” or something a little more useful such as ‘why this ad” or “this ad was selected for you” or “personalized ad/on/off”? Since our research project is focused on this very issue, we will ask them to share some further details.
Note that “retargeting”, where data of an advertiser is used to “retarget” a user elsewhere, was long not considered subject to behavioral advertising rules by many in the industry, because often the advertiser’s data is used only on their behalf and isn’t shared. Today that policy distinction has eroded. We aren’t sure that consumers would ever have appreciated the difference, and many advertisers are still trying to figure out their obligations in this area, so it is indeed nice to see a company from this industry segment taking a step forward.
Update: Thanks to fetchback for the quick response, here is a screenshot.
In Depth Review of Social Networks and Privacy
Thanks to Prof. Michael Zimmer for his post about this University of Cambridge in depth comparison and study of social network privacy controls and policies. Kudos to my former Bebo colleagues for being rated on top of the pack. Not sure I agree with the conclusion that sites are intentionally playing a sophisticated communications name nor that requiring real names is de facto a poor privacy practice, but the very thorough comparisons and analysis are well worth a read.
Web Analytics Companies: Let Your Voices Be Heard!
Web Analytics Companies: Let Your Voices Be Heard!
Over the past year, FPF and other groups including CDT , EFF and the Federal Web Managers Council have proposed revisions to the current limitations on use of cookies by the federal government.One area where many seem to agree is that allowing government to use analytics to understand how many unique users are visiting a Web site over time is quite essential, but only if proper privacy rules are in place.
While any new regulations will directly affect federal websites only, the implementation of new cookie policies for the government sites will undoubtedly have an influential effect on the analytics industry.Thousands of government Web sites may become major customers of analytics services who will need to provide services under any new rules.In addition, these new rules could set a model for leading private sector practices.Some of the leading companies in the private sector are already requesting more stringent practices of their analytics partners – in fact this is where many of our ideas for progress originated.
To put it more simply, if you are in the analytics business, these changes will affect you!Speak up!
Tomorrow, the White House Open Government Site will open up the floor to all interested parties wishing to provide input on this issue.Please let us know your thoughts below or comment at CDT’s wiki or at the White House site.
What is the impact of retaining log-file level data for only 30, 60 or 90 days?Some vendors already have the ability to immediately hash or delete IP addresses without reporting impact, are there any issues with doing so?Is using a first party domain, as many in the private sector already do, feasible for sites with limited traffic? Why can’t those cookie expire on a tight time frame? Can you provide a better and more stable opt-out? Speak up and be part of the effort to ensure that users get the benefit of government sites that both serve their needs effectively and respect the privacy of their data.
