Since last January, I’ve been traveling across the United States to meet with companies engaged in online behavioral advertising (also called interest-based advertising). I have met with scores of engineers, entrepreneurs, program managers, privacy counsel, executives, business leaders, and policy advisors from nearly 20 different entities. Companies ranged from some of the largest industry players in California’s Silicon Valley to small startups crammed into the converted lofts of New York’s Silicon Alley. The labels for the companies vary – networks, exchanges, data management platforms, to name a few. Regardless of label or specific business model, the companies I met with enable online advertising targeted to perceived interests that are inferred from users’ online activities.
So what did I find during these meetings? Perhaps not what you’d expect given the inflammatory debate raging on in some corners of the world about these “invisible corporate trackers.” I found people eager to discuss consumer privacy, actively engaged in privacy by design, and deeply committed to responsible data handling practices. I watched presentations about segregating and de-identifying data, hashing, encryption, and efforts to minimize data collection or block the collection of sensitive data. I heard people repeatedly make statements such as, “we thought about, but didn’t implement, a certain business model because it wasn’t transparent” or “we decided against this practice because some people may view this particular topic as sensitive.” I was genuinely impressed by the Herculean efforts of some companies to safeguard data and minimize potential risk to consumers. In fact, many efforts I witnessed during my meetings with commercial enterprises far exceeded the privacy procedures I observed while serving as a chief privacy officer in the federal government.
It’s certainly possible that I just didn’t visit the right (or wrong) companies. After all, if you are pushing the envelope on consumer privacy issues you may not want to meet with a privacy lawyer and former regulator. And to be truthful, I have had some brief, informal conversations with companies I generally don’t work with that raised some eyebrows. The business practices of those entities made me wonder if they have thought about notice, transparency, and choice (much less the other FIPPs) in a meaningful way. “I’ll be reading about these guys in the WSJ,” I thought to myself.
To be sure, companies – like government agencies and non-profits – sometimes make mistakes. And yes, eager engineers sometimes skip procedures, good people make bad choices, and not every decision demonstrates Solomon’s wisdom. It’s also true that company executives sometimes say regrettable things and marketing materials puff up the predictive data mining potential of products and services. But for the most part, I have found that online advertising companies are working very hard to create innovative products while engaging in responsible data management practices and respecting user choice.
No one denies that companies seek to make money (yes, even profits). I’m not suggesting that they all embrace privacy by design or sign up for self-regulation with purely altruistic motives. Trust me, even lawyers and engineers working for the most responsible government agencies wouldn’t engage in privacy by design either if a CPO, backed up by the E-Government Act and Office of Management and Budget memos, didn’t require it. In the case of the private sector, the Federal Trade Commission (FTC) and consumer advocates get some of the credit for pushing the industry in the right direction.
But regardless of motivation (consumer trust is actually a big one), I’m finding that companies today are working very hard to address concerns about consumer privacy. More and more privacy controls are being baked in from the beginning. In addition, self-regulatory codes of conduct already require member companies to address the very issues identified by the FTC in its recently released privacy report (security, notice, retention, access, etc.).
What does this mean – beyond the fact that I now have gold status on U.S. Airways from traveling to all these meetings? I hope it means that our collective future includes a great online experience that consumers trust, a dynamic and growing digital economy, and a dizzying array of free content and services supported by interesting and relevant ads.
This column was originally published on May 4, 2012.
Time is running out to feature your company in our inaugural Mobile Vendor Reader Survey.
Marketers create personas to better understand their target audience and what it looks like. If marketers can understand potential buyer behaviors, and where they spend their time online, then content can be targeted more effectively.
What’s behind a successful data-driven marketing strategy?
Audience targeting can be challenging in social media, especially when brands make quick assumptions about their target users. How can you avoid generalisation and what are the real benefits of it?