Tracking Firm AdTruth to Work With W3C on Privacy

AdTruth, a division of 41st Parameter, has become a member of the World Wide Web Consortium (W3C). As a member of the organization’s Tracking Protection Working Group, it will help provide guidance for implementing and adhering to Do Not Track policies.

The W3C’s mission is to create Web standards and guidelines designed to ensure long-term growth of the Web.

41st Parameter’s seven-year-old technology was developed for internet security, helping to prevent fraud by recognizing troublesome devices. Rebranded as AdTruth, the company now helps marketers track, target and retarget consumers.

It uses more than 100 parameters, including operating system, language and installed software, to identify a particular device without gathering any personally identifiable information. It executes JavaScript inside the browser of the device and then generates a fingerprint hash which resides on the web publisher’s servers. The server then recognizes when the same device makes another page request.

The key to device recognition AdTruth-style is its patented technology called TDL, for time-differential linking. While in the billions of connected devices there may be thousands with the same configuration, no two will have their clocks set to the same time — at least, not when you take it down to the millisecond.

Says Ori Eisen, founder of 41st Parameter and AdTruth, “We take these disparate time stamps and compare them to the server master clock. If there is any doubt, the TDL is the tie-breaker.”

Because it IDs the device itself, AdTruth does not recognize a consumer who visits the same site from a different device.

AdTruth software resides in the memory of its clients’ servers, reducing latency and the possibility that the company could inadvertently expose consumer information. Eisen says SteelHouse is a customer.

Competitor BlueCava has also extended its aspirations from security to marketing, releasing a new version of its device ID service. Both companies hope to take advantage of an update to the European Union’s ePrivacy Directive that could make the common practice of dropping cookies on consumers’ devices less attractive.

The latest revision prohibits the use of cookies to track what’s in a consumer’s online shopping cart without gaining express permission, known as an opt in.

Momentum for do-not-track legislation is growing in the United States. The Federal Trade Commission proposed a do-not-track function in browsers in late 2010, and since then bills introduced in both houses of the U.S. Congress have included such a function.

The Firefox, Safari and Internet Explorer browsers all offer a do-not-track option that let users signal they do not wish to be tracked during browser sessions.

When consumers opt out of tracking via the browser, AdTruth’s technology honors the Do Not Track HTTP header and does not identify the device.

Companies that ID a consumer’s device without leaving any code on it may be obeying the letter but not the directive. In fact, Eisen expects privacy codes to continue to tighten.

“We have worked with lawyers in Germany, where we did some early testing. They evaluated what we are doing and what is the letter of the law” he says. “Currently, we’re clear. But I don’t expect it to stay like this forever.”

He thinks marketers need to stay moving as privacy requirements shift, rather than holding onto their cookies for as long as they can.

Privacy issues aside, Eisen says that his company’s device identification technology, sometimes called digital fingerprinting, gives publishers and marketers a more accurate view of their audiences when used to augment cookies. When a consumer deletes local cookies or when the browser is set to automatically delete them at close of a session, device ID will help the website recognize a returning user.

He says, “You have to use something like us to salvage every impression you can in a world where cookies are disappearing.”

Related reading