Last week, attorneys general representing 10 states reached an agreement with one of Internet advertising's favorite punching bags, DoubleClick, settling a long-standing privacy controversy. Issuance of press releases and a $450,000 payment marked the end of an era, to the likely relief of DoubleClick.
Led by New York Attorney General Elliot Spitzer, who recently received media attention on par with Anna Nicole Smith and Ozzy Osbourne, the states inquired into DoubleClick's practices of collecting and using data from and about Internet users. The states were particularly concerned about merging so-called non-personally identifiable information with personally identifiable information. More specifically, the states were interested in learning what self-reported, observed, and transactional data DoubleClick had access to and ways in which the company was planning on using it to deliver targeted online advertising to consumers.
Let's start at the beginning. In December 1999, DoubleClick was Internet advertising royalty. It was the acknowledged leader in the preferred ad format, banners, and had a split-adjusted stock price above $100 and market capitalization in excess of $10 billion. If it wasn't king, it certainly lived in the palace.
DoubleClick had leave to deliver banner ads to over 1,500 client Web sites and had technology that tracked surfers as they moved from one client's site to another. DoubleClick watched where surfers went, what terms they typed into search boxes, and which ads they clicked.
All this was done behind the scenes. The company was unknown to the majority of Web users. Observed data on Web activity was recorded on cookies and stored on the surfers' computers. This was non-personally identifiable information linked to the computer, not to individual users of the hardware. Some call that splitting hairs. After all, how many computers are used by more than a handful of individuals? DoubleClick employed the observed data stored on cookies to deliver banner ads based on unique individual interests, inferred by information contained on the cookie. The company calls this product Intelligent Targeting and offers the following illustration on its Web site:A unique cookie has, in the past 10 days, searched on women's fashion sites, floral sites, home/gift sites, and even more bridal sites, and has searched the words "weddings" and "bridal registry".... The fact that this computer's browser has been searching these categories may indicate that this Internet user is planning a wedding. Many companies wish to advertise to people during the specific time that they are planning a wedding. This means that this Internet user may see more ads for gifts, vacations, and home furnishings than other Internet users during the same time period or even when visiting the same websites.
That changed when DoubleClick acquired a little-known company, Abacus Direct, for the less-little sum of $1.7 billion.
Enter Abacus Direct
Abacus Direct compiles offline data on consumer purchasing habits, primarily by sharing relationships with catalog retailers and other marketers operating through direct mail. That offline data is both self-reported and transactional. A Wall Street Journal article reported in February 2000 that Abacus Direct's repository holds 2.9 billion transactions linked to individual consumers. If you've bought anything from a catalog, it's likely Abacus Direct knows who you are, where you live, how to reach you by phone, what products you purchased, how much you paid for them, and the method you used for payment.
This is personally identifiable information.
DoubleClick announced plans to link the Abacus Direct data to its own data, referenced earlier. At the time, it was considered an Internet marketer's utopia. A one-stop shop for self-reported, transactional, and observed data on individual consumers and a vehicle to deliver targeted advertising based on the consumers through 1,500 client Web sites.
The criticism put enough pressure on DoubleClick to make it reverse course on mingling the data. Kevin O'Connor, DoubleClick's CEO at the time, was quoted in a New York Times article in the spring of 2000, "I made a big mistake. It was wrong to try to match that information in the absence of government or industry standards, so until there is an agreement on it, we will not." He continued, "It became clear that the overwhelming point of contention was under what circumstances could a name be associated with anonymous Web activity. Now we're just happy to get this behind us and move on."
If only it were that easy. By March 2000, DoubleClick's stock price had dropped 20 percent, largely on concerns related to privacy issues. The FTC opened a formal DoubleClick investigation. The attorneys general continued to inquire about their business practices. Lawyers began circling with threatened class-action lawsuits. It was clear this issue that would haunt DoubleClick.
What's transpired since? The FTC dropped its investigation in January 2001. DoubleClick settled federal and state class action lawsuits addressing online privacy for $1.8 million in April 2002. Last week, an agreement with the attorneys general, including a payment of $450,000 by DoubleClick for investigative costs and consumer education, was announced (download the full agreement, guaranteed to cure insomnia).
The Intelligent Targeting product was shelved in January. Seems advertisers didn't find available observed data provided enough targeting capabilities. At the time, Scott McLernon, executive vice president of MarketWatch.com, was quoted in a Wall Street Journal article about Intelligent Targeting: "We need to be able to drill down a little further." More than two and a half years after this all began, DoubleClick is apparently now able to move beyond privacy concerns.
At press time, DoubleClick's stock price hovered around $6.00 and market capitalization stood at $740 million. Granted, much of the depreciation is related to the overall downturn in the Internet ad market, not ongoing legal entanglements.
That said, how would Internet advertising have changed if DoubleClick had been able to implement its plan? Would it be a more valuable medium today? How many other innovations would DoubleClick have pioneered if it hadn't been consumed by legal issues since the turn of the century? We'll never know.
Has the little guy prevailed over Corporate America? Did privacy groups rally enough support at grassroots and government levels to stop an aggressive, ambitious online advertising company from invading the privacy of unwitting consumers? Or did consumers and government fear the unknown, thus halting the growth of a young, innovative company as it was set to implement changes that would shift the tectonic plates of an industry?
Every story has two sides. The truth usually lies somewhere in between. I'm interested in your thoughts; please send them through the feedback link.
June 5, 2013
1:00pm ET / 10:00am PT
June 20, 2013
1:00pm ET / 10:00am PT