Cracker of an Issue

Untangling the Web of Online Advertising and Privacy

Wednesday, August 24, 2005

Fair exchange: you get content, we need cookies

While the IAB is still working with publishers to gather information to determine the extent of cookie deletion (before they make any concrete efforts to change the industry and consumer perception of cookies), here are some interesting highlights from discussions at Safecount's recent Advisory Board Meeting that outlines their possible strategy of “education & regulation” to save cookies.

Safecount seems to have come up with some very interesting discussion points on how to tackle the problem of cookie deletion and lack of consumer understanding of the value provided by third party cookies. Until now, the online advertising industry has failed miserably at being proactive about consumer concerns and have often reacted (primarily to legislative developments) only in the interest of self-presevation. However, there is still an opportunity for legitimate companies that are likely to be impacted by cookie delection, ad-blocking, anti-spyware tools and poorly drafted laws to step up and be honest and clear about what they do and why no Internet user should be concerned about their business practices. Crafting exceptions in proposed spyware laws and negotiating with Anti-spyware vendors to meet one's own business goals has so far done nothing to combat long-term consumer concerns about the safety of their computers and personal information.

I had not paid much attention to the Safecount initiative until now and the initial progress is very encouraging and some very positive ideas seem to have come out at their Advisory Board Meeting. For example, they seem to recognize that educating the majority of online consumers is a massive task, but eminently doable with major publisher support. Further, although they are supportive of the NAI principles, it appears that their aim is to go a step further, because they boldly admit that having a cookie statement in a privacy policy will not do it (has not done it!). In an effort to add even further credibility to their plans, they accept that education is not enough. Without some way to enforce good principles, everything will remain in a confused state and we will advocate for a certification or regulatory system to be installed.

This is where things get interesting because they seem to be proposing something like a "good cookie" seal as part of the self-regulatory solution. This sounds like a logical solution, but will definitely have its critics who are bound to doubt the effectiveness of such a seal. However, with a good consumer education campaign backing such an effort, it could prove to be a useful mechanism for creating some sort of awareness regarding cookies. Moreover, a cookie seal could play a crucial role by providing a vehicle where online advertising companies can communicate their commitment to best practices and privacy so consumers know which businesses they can trust. The seal could be used to separate out the responsible players and really highlight what they are doing as best practice standards. However, if Safecount is serious about undertaking an honest consumer education and self-regulatory effort it will have to make sure that the self-regulatory aspect of such an initiative should take consumer feedback into consideration and not just the opinions of industry executives in closed door meetings. That has been done in the past and consumers were obviously not informed.

I look forward to something concrete coming out of the Safecount initiative. Let's just hope this is an honest effort that goes beyond merely explaining the "you get content, we need cookies" value proposition and tackles real consumer privacy concerns like behavioral targeting companies aggregating anonymous profiles via cookies and publishers merging them with personal information gathered from its users; cookie-based behavioral targeting using search data collected by ISP's; companies gathering data from adware installations and merging it with data gathered via cookies, etc.

Good luck, Safecount!