March 11, 2011 — As the public debate over digital privacy continues, federal regulators on and off Capitol Hill are telling online marketers that now is the time to widely adopt strict self regulatory programs that enable Web users to opt-out of unwanted tracking and marketing. If not, marketers can expect legislation and/or regulation by the Federal Trade Commission (FTC) creating a federal mandate and a possible Do Not Track system like the FTC’s popular Do Not Call program.
New threats and regulatory proposals seem to be popping up everywhere, from proposals by the Federal Trade Commission and Department of Commerce, to hearings and proposed legislation in the Senate and the House. Meanwhile, the Coalition for Healthcare Communication, the 4A’s and other leading marketing companies are reminding policy makers of the industry’s opt-out program while urging more advertisers and agencies to participate.
“We believe that the industry has taken a strong leadership role in educating and protecting consumers in the online advertising arena,” said Dick O’Brien, head of the 4A’s Washington office. “The industry’s new self-regulatory program is up and running and providing consumers with effective and workable options to help them manage online advertisements.”
The members of the Digital Advertising Alliance include the 4A’s, the Association of National Advertisers, the American Advertising Federation, the Direct Marketing Association, and the Interactive Advertising Bureau. The Alliance program, developed in conjunction with the Better Business Bureau, has been operating since late 2010.
But the warnings keep on coming. For example, on March 8, at the 4A’s annual meeting in Austin, Texas, David C. Vladeck, director, FTC Bureau of Consumer Protection, told attendees that although the FTC “recognizes that behavioral advertising benefits consumers,” it also “raises serious privacy concerns.” Vladeck explained that the preliminary report issued by the Commission in December 2010, “Protecting Consumer Privacy in and Era of Rapid Change: A Proposed Framework for Businesses and Policymakers,” was intended to “spur industry to develop more robust and effective best practices and self-regulatory guidelines.”
FTC Calls for More Progress with Self-regulation
Vladeck said the FTC supports the industry guidelines and an opt-out mechanism. But while he finds them “encouraging,” he’s concerned that they are not yet widely adopted and apparent to users on the Internet.
“We’re concerned about [other] practices that subvert or undermine consumer choice, and our enforcement agenda reflects that concern,” Vladeck said. In his view, a successful Do Not Track mechanism should include five basic components, as follows:
- Be easy for consumers to use and understand;
- Be effective and enforceable;
- Be universal – consumers should be able to go to one place to exercise their preferences across the board;
- Allow consumers to opt out not only from the use of tracked data, but also from its collection; and
- Ensure that consumers’ choices will be persistent – they should not have to reset their preferences every time they clear their cookies or close their browser.
“We think the industry is up to the task of ensuring that both the design and implementation of the mechanisms it is developing will have those components and operate effectively,” Vladeck said, adding that any Do Not Track mechanism “should build upon existing industry innovations.”
Speaking on a 4A’s meeting panel to discuss the new program, Carla Michelotti, executive vice president and chief legal, government and corporate affairs officer for Publicis Groupe’s Leo Burnett, indicated that current self-regulation programs are not yet fully supported by many advertising agencies. “The self-regulation program is a very good program, but you need to read, understand and know where an agency fits in,” she said. Accordingly, the 4As and the Coalition will soon announce training programs for agency executives to increase awareness and participation.
Panelist Eric Mower, CEO of Eric Mower & Associates, emphasized the connection between privacy and stewardship, especially for agencies. “Any organization dealing with consumer data has a responsibility,” he said. “Voluntary self-regulation is just that – you do it because you feel responsible.”
Lack of Progress May Open Door to Legislation
Although successful self-regulation programs may need some tweaking, Vladeck does not believe that legislation is necessary to accomplish the FTC’s goals of protecting online consumers. However, his statement that the Commission has been “disappointed in the progress of self-regulation,” leaves the door open for legislative proposals. Two pieces of Do Not Track legislation already have been introduced in the House of Representatives; two more may be forthcoming.
The Do Not Track Me Online Act of 2011 (H.R. 654), was introduced Feb. 11 by U.S. Rep. Jackie Speier (D-Calif.) and would direct the FTC to develop standards for a Do Not Track mechanism that also would allow individuals to opt out of the collection, use or sale of their online activities. On Feb. 10, U.S. Rep. Bobby L. Rush (D-Ill.) introduced H.R. 611, the Best Practices Act, which would establish ground rules and privacy minimums for consumers, including “opt-in” consent to disclose information to a third party. Under Rush’s bill, companies that collect personal information would be required to disclose their practices and provide concise, meaningful and easy-to-understand notices of these practices.
U.S. Rep. Ed Markey (D-Mass.) also plans to introduce legislation that he indicates will include a Do Not Track provision so that children do not have either their online behavior tracked or their personal information collected or profiled. Additionally, U.S. Rep. Cliff Stearns (R-Fla.) is expected to introduce a privacy bill that will include a provision for an FTC-approved five-year self-regulatory program and would prescribe requirements for a self-regulatory consumer dispute resolution process.
On the other side of Capitol Hill, the Senate Commerce Committee will be holding a hearing March 16 to examine online consumer privacy – specifically commercial practices that involve “collecting, maintaining, using, and disseminating large amounts of consumer information, some of it potentially very sensitive and private in nature.” This hearing is the second in a series of hearings examining how users’ information is stored, collected and used. [Editor’s note: Senate hearings normally are streamed live on the Committee Web site. To access, go to: http://commerce.senate.gov/public/index.cfm?p=Hearings]
“Modern technology has connected people with the world and led to new innovations, new products and new experiences,” Commerce Committee Chairman John D. (Jay) Rockefeller IV (D-W.Va.) said. “But with these new opportunities come new risks. I want to know if the privacy protections we have in place are enough, or whether Congress needs to step in and do more.”