Privacy has re-emerged as one of the most pressing and complex issues for everyone online, including search engines, after a sustained period of relative calm. However, the rise of behavioral targeting, domestic spying/wiretapping by the Bush administration, attempts by states to regulate privacy, and more aggressive moves by Europeans to protect consumers have created conflicting policies and confusion for everyone.
Yesterday there was Senate testimony in Washington DC featuring Google, Microsoft, and Facebook, among others, about online advertising, behavioral targeting, and what the government should do about it, if anything.
As the Wall Street Journal reports, there’s an irony of sorts that emerged from the meetings and hearings yesterday. The US Federal Trade Commission came out in favor of industry self-regulation. But Google and Microsoft both advocated federal privacy legislation to a limited degree.
Those interested can get the full text of the various companies’ remarks here. Here are some excerpts from what Google, Microsoft, and Facebook said: Jane Horvath (Google privacy counsel):
We believe user trust is essential to building the best possible products. With every Google product, we work hard to earn and keep that trust with a long-standing commitment to protect the privacy of our users’ personal information. We make privacy a priority because our business depends on it. In fact, if our users are uncomfortable with how we manage their personal information, they are only one click away from switching to a competitor’s services . . .
Google supports the passage of a comprehensive federal privacy law that would accomplish several goals such as building consumer trust and protections; establishing a uniform framework for privacy, which would create consistent levels of privacy from one jurisdiction to another; and putting penalties in place to punish and dissuade bad actors.
Mike Hintze (associate general counsel, Microsoft):
Hintze tried to connect the issues of competition and privacy to take a swipe at the Google-Yahoo paid search deal in his remarks:
There also is a critical relationship between competition and privacy that must not be overlooked in this discussion . . . Yahoo and Google’s recently announced agreement raises important questions in this regard . . .
In addition to supporting self-regulatory efforts, we have long advocated for legislation as a component of effective privacy protections. We were one of the first companies to actively call for comprehensive federal privacy legislation. More recently, we have supported balanced and well-crafted state legislation on privacy in online advertising that would follow the general structure proposed in our FTC comments. And we would be glad to work with the Committee on similar national privacy standards that would protect both privacy and opportunities for innovation in the online advertising industry.
Chris Kelly (chief privacy officer, Facebook): Facebook Ads are materially different from behavioral targeting as it is usually discussed, but given our goals of transparency and user control, the important corollary of ensuing appropriate security and the goal of providing users notice and choice with respect to service changes, we applaud the FTC’s desire to establish principles in the online advertising area. We believe the FTC should expand and enhance the discussion in the principles about the distinction between personally and non-personally identifiable information to clarify the need for different treatment of advertising based on those different types of information.
The companies testifying uniformly said they take privacy very seriously and advocated transparency, consumer control, and data security. However, another witness argued there’s only vague understanding among consumers about these issues, but that they are fundamentally uncomfortable with or concerned about being tracked.
Leslie Harris (President and Chief Executive Officer Center for Democracy and Technology):
In a recently released Harris Interactive/Alan F. Westin study, 59% of respondents said they were not comfortable with online companies using their browsing behavior to tailor ads and content to their interests even when they were told that such advertising supports free services. A recent TRUSTe survey produced similar results. It is highly unlikely that these respondents understood that this type of ad targeting is already taking place online every day.
She advocated stronger moves by Congress, including a “do not track” option for consumers:
Congress should encourage the FTC to investigate how technology can be harnessed to give consumers better control over their online information. The lack of effective controls and the difficulty that consumers have in exercising choice about their participation in online tracking and targeting was the motivation behind the “Do Not Track” list idea proposed by CDT and nine other consumer and privacy groups. Although the proposal has been controversial, the idea behind Do Not Track is both simple and important: provide consumers with an easy-to-use, technology-neutral, persistent way to opt out of behavioral advertising. Congress should promote further study of this idea and other innovative ways to put consumers in control of their information.
In Europe much more stringent privacy rules are being considered and implemented. The idea that an IP address is like a piece of personal property is gaining momentum. The implications of this — that IP addresses cannot be stored or tracked without prior individual consent — create all kinds of practical problems for basic things such as web analytics.
The policies and rules the EU is debating generally speaking go far beyond what is being considered by the involved companies, US Congress, or FTC.
No discussion of Congressional hearings on privacy would be compete without reference to the recently “updated” Foreign Intelligence Surveillance Act (FISA), versions of which were passed last week by both the US House and Senate. According to the AP, the bill “would allow the government to obtain broad, yearlong intercept orders from the FISA court that target foreign groups and people, raising the prospect that communications with innocent Americans would be swept up.”
Under FISA virtually all communications, including all online activity and email, would be covertly accessible by the government with few checks and balances against abuse. So even as the government is critically examining the privacy policies and practices of search engines, portals, and ad networks, it’s granting the executive branch largely unchecked discretionary power to track and spy on Americans.
There’s both irony and hypocrisy there.