Positioning itself to take a more active role in litigation that could have an impact on online advertisers, the IAB said on Friday that it has elevated Mike Zaneis to senior vice president, general counsel, from his previous position as vice president of public policy.
In his new role, Zaneis, along with Alison Pepper, director of public policy, will deal with routine legal matters -- like reviewing contracts for IAB events -- in addition to lobbying duties. By taking business matters in-house, the IAB will be able to shift resources to matters like filing friend-of-the-court briefs in online privacy cases, or in challenges to laws that restrict advertisers, Zaneis says.
"There are cases that could have broader implications for the industry, where we may want to weigh in," he says. For instance, Zaneis says, the IAB might consider getting involved in litigation about the use of cookies and Flash cookies to track people online. "We wouldn't want a bad precedent set in any one case," he says.
Zaneis also says the IAB aims to broaden its lobbying and regulatory operations. "We'll look to expand in the coming year," he says. "Certainly we're going to continue to devote resources to public policy. The challenges there are only increasing."
The IAB's move comes amid a flurry of new privacy lawsuits against companies involved in online advertising. In the most recent case, filed this week, a New York resident alleged that the behavioral targeting network Interclick violated federal computer fraud laws and wiretap laws by using "history sniffing" technology to determine what other sites she had visited, and also using Flash cookies to recreate deleted HTP cookies.
In addition, Congress is considering legislation that could affect how online ad networks track Web users, the Commerce Department is expected to propose baseline privacy laws, and the Federal Trade Commission recently recommended that online ad companies implement a universal do-not-track mechanism.
In addition to promoting Zaneis, the IAB also said on Friday that it elevated Patrick Dolan to chief operating officer and David Doty to chief marketing officer.
By Wendy Davis
Monday, December 13, 2010
Friday, December 10, 2010
Lawsuit Alleges Interclick 'History Sniffing' Violates Fed Computer Fraud And Wiretap Laws
A New York resident sued behavioral targeting network Interclick for allegedly using Flash cookies and history-sniffing techniques to thwart her attempts to prevent online tracking.
"Interclick invaded Plaintiff's privacy, misappropriated her personal information, and interfered with the operability of her computer," Sonal Bose alleges in a complaint filed in U.S. District Court in New York on Wednesday. Bose alleges that Interclick violated federal computer fraud laws as well as wiretap laws. She is seeking class-action status.
Her lawsuit -- the latest in a series of recent court cases alleging privacy violations -- comes one week after Federal Trade Commission consumer protection head David Vladeck criticized ad networks for "history sniffing" by exploiting a vulnerability in browsers to discover the Web sites users previously visited.
Researchers from the University of California, San Diego recently brought the history-sniffing technique to light when they published a paper explaining the technique and naming 46 Web sites where history-sniffing technology was being deployed. In at least some cases, ad company Interclick reportedly used the technology without the publishers' knowledge. Late last week, two other Web users brought the first history-sniffing lawsuit -- a case against YouPorn.
Bose says in her complaint that she believes she was subject to history-sniffing by Interclick based on reports about Interclick's activities, its role as "a major online ad network," and the existence on her computer of an Interclick.com Flash cookie.
Bose also alleges that Interclick "monitored her web browsing in ways she would not expect or detect" by recreating HTTP cookies with Flash cookies -- which are stored in a different place in the browser, and therefore, require additional effort to control. Interclick did so in order to "track, profile, and serve targeted advertisements to consumers without being subject to the controls consumers reasonably expected to have over such third-party interactions on the Internet," she alleges.
Measurement company Quantcast and widget maker Clearspring recently agreed to pay $2.4 million to settle two class-action lawsuits alleging that they violated people's online privacy by using Flash cookies for tracking.
The use of Flash cookies to track users who delete HTTP cookies appears to date to 2005, when ad technology company United Virtualities publicly said it could track Web users through a "pie," or persistent identification element," that would remain on people's computers regardless of whether they shed HTTP cookies.
But the technique didn't draw much public notice until last year, researchers at the University of California, Berkeley and other schools published a report outlining the practice. Shortly afterward, some Federal Trade Commission officials said they were concerned about the use of Flash for tracking purposes.
Bose's lawyers include Dallas-based lawyer Joseph Malley and New York-based attorney Scott Kamber, both of whom have filed other high-profile privacy lawsuits against a variety of Web companies.
By Wendy Davis
"Interclick invaded Plaintiff's privacy, misappropriated her personal information, and interfered with the operability of her computer," Sonal Bose alleges in a complaint filed in U.S. District Court in New York on Wednesday. Bose alleges that Interclick violated federal computer fraud laws as well as wiretap laws. She is seeking class-action status.
Her lawsuit -- the latest in a series of recent court cases alleging privacy violations -- comes one week after Federal Trade Commission consumer protection head David Vladeck criticized ad networks for "history sniffing" by exploiting a vulnerability in browsers to discover the Web sites users previously visited.
Researchers from the University of California, San Diego recently brought the history-sniffing technique to light when they published a paper explaining the technique and naming 46 Web sites where history-sniffing technology was being deployed. In at least some cases, ad company Interclick reportedly used the technology without the publishers' knowledge. Late last week, two other Web users brought the first history-sniffing lawsuit -- a case against YouPorn.
Bose says in her complaint that she believes she was subject to history-sniffing by Interclick based on reports about Interclick's activities, its role as "a major online ad network," and the existence on her computer of an Interclick.com Flash cookie.
Bose also alleges that Interclick "monitored her web browsing in ways she would not expect or detect" by recreating HTTP cookies with Flash cookies -- which are stored in a different place in the browser, and therefore, require additional effort to control. Interclick did so in order to "track, profile, and serve targeted advertisements to consumers without being subject to the controls consumers reasonably expected to have over such third-party interactions on the Internet," she alleges.
Measurement company Quantcast and widget maker Clearspring recently agreed to pay $2.4 million to settle two class-action lawsuits alleging that they violated people's online privacy by using Flash cookies for tracking.
The use of Flash cookies to track users who delete HTTP cookies appears to date to 2005, when ad technology company United Virtualities publicly said it could track Web users through a "pie," or persistent identification element," that would remain on people's computers regardless of whether they shed HTTP cookies.
But the technique didn't draw much public notice until last year, researchers at the University of California, Berkeley and other schools published a report outlining the practice. Shortly afterward, some Federal Trade Commission officials said they were concerned about the use of Flash for tracking purposes.
Bose's lawyers include Dallas-based lawyer Joseph Malley and New York-based attorney Scott Kamber, both of whom have filed other high-profile privacy lawsuits against a variety of Web companies.
By Wendy Davis
Monday, November 22, 2010
Regulators May Enact New Internet Service Rules Next Month, Analyst Says
U.S. regulators next month may write rules governing how companies led by AT&T Inc. and Comcast Corp. provide Internet service, deciding on an issue that has divided the technology and telecommunications industries and provoked political debate.
The Federal Communications Commission may vote on the policy, known as net neutrality, at a Dec. 15 meeting, Paul Gallant, a Washington-based analyst with MF Global, said today in a note to clients.
Net-neutrality rules, which would bar telecommunications companies from interfering with subscribers’ Internet service, are backed by President Barack Obama and technology companies led by Google Inc., EBay Inc. and IAC/InterActiveCorp. Telephone providers have said rules aren’t needed and might damp investment.
FCC Chairman Julius Genachowski may not have reached a final decision to seek a commission vote, “but right now it appears to be the most likely scenario,” said Gallant, a former FCC staffer. He didn’t identify sources for his information.
Republicans who won a House majority in the Nov. 2 election have opposed the rules. Representative Cliff Stearns, a Florida Republican, today in an e-mailed statement reiterated warnings about a “job killing and investment freezing net neutrality proposal.”
All Options Considered
Genachowski has been advocating for rules that would prevent Internet-service providers from selectively blocking or slowing content delivered to subscribers while favoring their own offerings and those of business partners.
The agency is considering “all the options” as it seeks “the right rules to write down to preserve Internet freedom and openness,” Genachowski said at a conference in San Francisco on Nov. 17.
The proposal being considered would be “positive” for AT&T, Comcast, Time Warner Cable Inc., Verizon Communications Inc. and Cablevision Systems Corp. because the possible rules don’t include a previous Genachowski plan to pull high speed- Internet service into the regulatory regime used for telephone service, Gallant wrote. Companies said telephone rules might lead to regulation of rates.
Jen Howard, an FCC spokeswoman, said in an e-mail the agency hasn’t circulated the agenda for its December meeting.
“These rumors from outside, uninformed sources are pure speculation at best,” Howard said.
‘Legal Anchor’
Genachowski in May proposed using the telephone rules as the “legal anchor” for reclaiming authority undermined by a U.S. court. Judges on a federal appeals court in April ruled the agency lacked authority to punish Comcast for interfering with subscribers’ Web traffic.
Now Genachowski “is leaning toward” relying on the same section of the law the court attacked, Gallant wrote.
The agency is trying to find authority for goals including subsidizing high-speed Internet service, or broadband, Gigi Sohn, president of the Washington-based advocacy group Public Knowledge, said in an interview.
“The Comcast decision left open a tiny little hole in the needle that the FCC can try to thread,” she said. “I believe they may try to do that.”
Stearns, the top Republican on the House subcommittee on communications, technology and the Internet, said Genachowski’s proposal would “further impede economic growth and job creation.”
“Ramming through Internet regulations would ignore the will of a bipartisan majority of Congress and the American public,” he said.
House members, including 171 Republicans and 74 Democrats, have written to Genachowski to express concern over his proposed Web policies.
To contact the reporter on this story: Todd Shields in Washington at tshields3@bloomberg.net
To contact the editor responsible for this story: Allan Holmes at aholmes25@bloomberg.net .
The Federal Communications Commission may vote on the policy, known as net neutrality, at a Dec. 15 meeting, Paul Gallant, a Washington-based analyst with MF Global, said today in a note to clients.
Net-neutrality rules, which would bar telecommunications companies from interfering with subscribers’ Internet service, are backed by President Barack Obama and technology companies led by Google Inc., EBay Inc. and IAC/InterActiveCorp. Telephone providers have said rules aren’t needed and might damp investment.
FCC Chairman Julius Genachowski may not have reached a final decision to seek a commission vote, “but right now it appears to be the most likely scenario,” said Gallant, a former FCC staffer. He didn’t identify sources for his information.
Republicans who won a House majority in the Nov. 2 election have opposed the rules. Representative Cliff Stearns, a Florida Republican, today in an e-mailed statement reiterated warnings about a “job killing and investment freezing net neutrality proposal.”
All Options Considered
Genachowski has been advocating for rules that would prevent Internet-service providers from selectively blocking or slowing content delivered to subscribers while favoring their own offerings and those of business partners.
The agency is considering “all the options” as it seeks “the right rules to write down to preserve Internet freedom and openness,” Genachowski said at a conference in San Francisco on Nov. 17.
The proposal being considered would be “positive” for AT&T, Comcast, Time Warner Cable Inc., Verizon Communications Inc. and Cablevision Systems Corp. because the possible rules don’t include a previous Genachowski plan to pull high speed- Internet service into the regulatory regime used for telephone service, Gallant wrote. Companies said telephone rules might lead to regulation of rates.
Jen Howard, an FCC spokeswoman, said in an e-mail the agency hasn’t circulated the agenda for its December meeting.
“These rumors from outside, uninformed sources are pure speculation at best,” Howard said.
‘Legal Anchor’
Genachowski in May proposed using the telephone rules as the “legal anchor” for reclaiming authority undermined by a U.S. court. Judges on a federal appeals court in April ruled the agency lacked authority to punish Comcast for interfering with subscribers’ Web traffic.
Now Genachowski “is leaning toward” relying on the same section of the law the court attacked, Gallant wrote.
The agency is trying to find authority for goals including subsidizing high-speed Internet service, or broadband, Gigi Sohn, president of the Washington-based advocacy group Public Knowledge, said in an interview.
“The Comcast decision left open a tiny little hole in the needle that the FCC can try to thread,” she said. “I believe they may try to do that.”
Stearns, the top Republican on the House subcommittee on communications, technology and the Internet, said Genachowski’s proposal would “further impede economic growth and job creation.”
“Ramming through Internet regulations would ignore the will of a bipartisan majority of Congress and the American public,” he said.
House members, including 171 Republicans and 74 Democrats, have written to Genachowski to express concern over his proposed Web policies.
To contact the reporter on this story: Todd Shields in Washington at tshields3@bloomberg.net
To contact the editor responsible for this story: Allan Holmes at aholmes25@bloomberg.net .
Thursday, October 21, 2010
Report: Click Fraud Reaching New Heights
Advertisers waste millions of dollars on fake ad clicks, eroding the credibility of brands and throwing away budget dollars for invalid ads on Google, Microsoft and Yahoo. Click fraud for online advertisements rose to 22.3% in the third quarter, ending Sept. 30 -- up from 14.1% during the year-ago quarter, according to a report released by Click Forensics Wednesday.
The countries outside North America with significant CPC traffic producing the greatest volume of click fraud in the third quarter were Japan, the Netherlands, the Philippines and China, respectively, Click Forensics reports. But startups like Irvine-based BlueCava have begun to develop technology to identify click fraud by identifying the devices that cause the fraudulent action.
The technology begins by validating the type of device that clicks on the ad, as well as the number of times to detect click fraud. In fact, BlueCava plans to make public a test running with one client that will demonstrate how many invalid ads run on Google and on its affiliate network. "It will offer proof for advertisers that click fraud occurs," says David Norris, CEO at BlueCava, a credit bureau for devices conducting business online. "Most advertisers waste between 20% and 30% of their budget, so they should go get their money back from Google."
The idea of identifying devices is not unique, especially for enterprise-related platforms. It's a little like remotely downloading updated software to a set-top box, or a Hewlett-Packard printer that when plugged into a Sony laptop can sign on through an open Internet connection and find and download the correct printer driver.
BlueCava has begun to provide original equipment manufacturers with the device identification technology to integrate it into consumer products. This means the device would come out of the box with the ability to identify itself. The services might include security and identity protection, but it would also include the ability to match the device owner with online ads.
Rather than the device relying on a browser cookie to identify a specific audience segment, it now appears it will have a specific demographic profile of its own that Norris believes is "99.9999% accurate." If a billion devices, not people, visited a specific Web site, he says the technology would accurately identify more than 90% of them. The profile of the device could accurately serve up the appropriate ad.
Not only can BlueCava's technology identify the device, but the company has put together a data exchange where businesses can contribute information they know about a device that should make targeting ads more accurate. BlueCava plans to market the data to advertising agencies, brand marketers, ad exchanges, and media-buying companies.
And if that's not enough, the technology can identify fraudulent actions such as child predators. Sites like Disney, which shut down accounts once they find them, tend to be a Mecca for child predators. But companies like Disney must do it manually. There's a way to limit people who are not welcome on Web sites, from sites catering to children to online dating sites like Match.com.
BlueCava also has begun to develop a service that allows devices to identify malware or possibly when someone downloads a piece of software onto a machine and begins siphoning information. During the next 12 to 24 months, Norris says the company will introduce the technology in a variety of places that will "revolutionize" the industry. Norris says BlueCava plans to provide educational material that explains behavioral targeting and the opt-out and opt-in process -- and that if a consumer opts out, it doesn't mean they won't get advertising, it just means they won't get advertising that is relevant to them. The information will launch on a Web site within the next 60 days.
BlueCava continues to attract attention with this focus. The company closed a $5 million first funding round this week led by billionaire Mark Cuban and entrepreneur Tim Headington.
The countries outside North America with significant CPC traffic producing the greatest volume of click fraud in the third quarter were Japan, the Netherlands, the Philippines and China, respectively, Click Forensics reports. But startups like Irvine-based BlueCava have begun to develop technology to identify click fraud by identifying the devices that cause the fraudulent action.
The technology begins by validating the type of device that clicks on the ad, as well as the number of times to detect click fraud. In fact, BlueCava plans to make public a test running with one client that will demonstrate how many invalid ads run on Google and on its affiliate network. "It will offer proof for advertisers that click fraud occurs," says David Norris, CEO at BlueCava, a credit bureau for devices conducting business online. "Most advertisers waste between 20% and 30% of their budget, so they should go get their money back from Google."
The idea of identifying devices is not unique, especially for enterprise-related platforms. It's a little like remotely downloading updated software to a set-top box, or a Hewlett-Packard printer that when plugged into a Sony laptop can sign on through an open Internet connection and find and download the correct printer driver.
BlueCava has begun to provide original equipment manufacturers with the device identification technology to integrate it into consumer products. This means the device would come out of the box with the ability to identify itself. The services might include security and identity protection, but it would also include the ability to match the device owner with online ads.
Rather than the device relying on a browser cookie to identify a specific audience segment, it now appears it will have a specific demographic profile of its own that Norris believes is "99.9999% accurate." If a billion devices, not people, visited a specific Web site, he says the technology would accurately identify more than 90% of them. The profile of the device could accurately serve up the appropriate ad.
Not only can BlueCava's technology identify the device, but the company has put together a data exchange where businesses can contribute information they know about a device that should make targeting ads more accurate. BlueCava plans to market the data to advertising agencies, brand marketers, ad exchanges, and media-buying companies.
And if that's not enough, the technology can identify fraudulent actions such as child predators. Sites like Disney, which shut down accounts once they find them, tend to be a Mecca for child predators. But companies like Disney must do it manually. There's a way to limit people who are not welcome on Web sites, from sites catering to children to online dating sites like Match.com.
BlueCava also has begun to develop a service that allows devices to identify malware or possibly when someone downloads a piece of software onto a machine and begins siphoning information. During the next 12 to 24 months, Norris says the company will introduce the technology in a variety of places that will "revolutionize" the industry. Norris says BlueCava plans to provide educational material that explains behavioral targeting and the opt-out and opt-in process -- and that if a consumer opts out, it doesn't mean they won't get advertising, it just means they won't get advertising that is relevant to them. The information will launch on a Web site within the next 60 days.
BlueCava continues to attract attention with this focus. The company closed a $5 million first funding round this week led by billionaire Mark Cuban and entrepreneur Tim Headington.
Tuesday, October 12, 2010
FEC Rules Paid-Search Political Ads Partially Exempt From Disclosure
Handing Google a partial victory, the Federal Elections Commission said that political candidates can, in some circumstances, run pay-per-click ads without including disclaimers in the copy.
But the FEC didn't completely grant Google's request, which was for a ruling that search ads are exempt from any disclosure rules the same as bumper stickers, pens or other small items.
In an opinion issued on Thursday, the FEC said it couldn't agree on whether to completely exempt search ads from disclosure rules, but that pay-per-click ad copy need not include all required information "where the text ad displays the URL of the committee sponsor's website ... and the landing page contains a full disclaimer."
FEC regulations typically require that political ads include information about who paid for the ad and whether it is authorized by the candidate. But those rules don't apply when the ads are on items too small for the disclaimers.
Google in August asked the FEC to rule that search ads are exempt from disclaimer rules because of the ad copy's 95-character limit. "As a result of this severe space limitation, a text ad is fundamentally different from a television or newspaper advertisement," Google wrote in its request. "Both Google and the advertiser view the landing page as the primary forum in which advertiser-to-customer communications take place."
The FEC's decision regarding search ads stands in contrast to actions by another federal agency, the Food and Drug Administration, which last year rebuked 14 pharmaceutical companies that had advertised on search engines.
The FDA warned that the pay-per-click ads were misleading because the ad copy touted the benefits of drugs without also informing consumers about risks and contraindications. Critics of that move said that the character limits make it virtually impossible to convey in a search ad that a particular drug is a potential treatment while also alerting users to its drawbacks.
But the FEC didn't completely grant Google's request, which was for a ruling that search ads are exempt from any disclosure rules the same as bumper stickers, pens or other small items.
In an opinion issued on Thursday, the FEC said it couldn't agree on whether to completely exempt search ads from disclosure rules, but that pay-per-click ad copy need not include all required information "where the text ad displays the URL of the committee sponsor's website ... and the landing page contains a full disclaimer."
FEC regulations typically require that political ads include information about who paid for the ad and whether it is authorized by the candidate. But those rules don't apply when the ads are on items too small for the disclaimers.
Google in August asked the FEC to rule that search ads are exempt from disclaimer rules because of the ad copy's 95-character limit. "As a result of this severe space limitation, a text ad is fundamentally different from a television or newspaper advertisement," Google wrote in its request. "Both Google and the advertiser view the landing page as the primary forum in which advertiser-to-customer communications take place."
The FEC's decision regarding search ads stands in contrast to actions by another federal agency, the Food and Drug Administration, which last year rebuked 14 pharmaceutical companies that had advertised on search engines.
The FDA warned that the pay-per-click ads were misleading because the ad copy touted the benefits of drugs without also informing consumers about risks and contraindications. Critics of that move said that the character limits make it virtually impossible to convey in a search ad that a particular drug is a potential treatment while also alerting users to its drawbacks.
Friday, October 8, 2010
Ringleader Adds 'Mobile Cookie' Certification For Publishers
Mobile ad firm Ringleader Digital has launched a certification program for publishers to use the company's Media Stamp, its mobile equivalent of a Web cookie for tracking usage. Ringleader's new Certification Center will allow agencies to access the complete list of participating publishers along with key site demographics and contact information to help them run more targeted mobile campaigns.
"This gives advertisers the ability to come in and see the value of the Media Stamp across multiple publishers and who's participating," said Brad Blanken, chief revenue officer at Ringleader. He added that the move would help pave the way for marketers to make direct buys with mobile publishers, hundreds of whom have already signed up for certification.
The new vetting process is also ensuring that publishers are sharing information about Ringleader's privacy and opt-out policies with their visitors, according to the company.
Its Media Stamp technology has raised privacy concerns over its ability to create and store profiles about cell users based on the sites they visit. By collecting data based on more than 100 device characteristics, the company says it can gather enough information this way to create unique, "anonymous" stamps for each mobile phone user.
A class action suit filed last month against Ringleader alleged that the company is violating consumers' privacy by tracing their mobile activity for ad purposes without their permission. The action, which also named publishing partners including CNN and WhitePages.com, further claimed that Ringleader makes it impossible to delete tracking databases in the iPhone and other devices using HTML5 software.
Blanken said the company's privacy policy provides "a very clear, conspicuous way to be notified on what's happening and to opt out if that's their choice. When a consumer opts out, we're taking them out of any type of targeting or contextually relevant ad-serving." The company's privacy policy provides an opt-out link that allows users to refrain from receiving targeted ads.
As demand for mobile audience measurement increases, more companies are offering tracking tools for mobile publishers. Earlier this week, comScore announced a new service with analytics firm Bango to let users tag mobile sites and applications to track engagement metrics.
"This gives advertisers the ability to come in and see the value of the Media Stamp across multiple publishers and who's participating," said Brad Blanken, chief revenue officer at Ringleader. He added that the move would help pave the way for marketers to make direct buys with mobile publishers, hundreds of whom have already signed up for certification.
The new vetting process is also ensuring that publishers are sharing information about Ringleader's privacy and opt-out policies with their visitors, according to the company.
Its Media Stamp technology has raised privacy concerns over its ability to create and store profiles about cell users based on the sites they visit. By collecting data based on more than 100 device characteristics, the company says it can gather enough information this way to create unique, "anonymous" stamps for each mobile phone user.
A class action suit filed last month against Ringleader alleged that the company is violating consumers' privacy by tracing their mobile activity for ad purposes without their permission. The action, which also named publishing partners including CNN and WhitePages.com, further claimed that Ringleader makes it impossible to delete tracking databases in the iPhone and other devices using HTML5 software.
Blanken said the company's privacy policy provides "a very clear, conspicuous way to be notified on what's happening and to opt out if that's their choice. When a consumer opts out, we're taking them out of any type of targeting or contextually relevant ad-serving." The company's privacy policy provides an opt-out link that allows users to refrain from receiving targeted ads.
As demand for mobile audience measurement increases, more companies are offering tracking tools for mobile publishers. Earlier this week, comScore announced a new service with analytics firm Bango to let users tag mobile sites and applications to track engagement metrics.
Thursday, September 30, 2010
Click Fraud to Play Fraud
Interesting discussions lately in ReelSEO and IndustryPace on an issue we can call ‘Play Fraud’. Think of click fraud, but with video plays instead of clicks.
It shouldn’t surprise any of us that this issue has come up. Many video platforms are paid by the play, regardless of whether the viewer watches for any period of time and despite declining CDN costs to deliver content. Ad networks delivering video are paid by the play, so they have a vested interested in defining ‘play’ as liberally as possible to increase plays and revenue. It’s increasingly common to see video ads that auto-play below the fold on a page, communicating nothing to the audience and creating no value for the advertiser…while counting as a video view.
My unscientific, hard-to-quantify definition of a video view is:
A user engages with the content. Someone clicks ‘Play’ on purpose, not accidentally. They normally do so in order to see a given piece of content. Do pre-roll ads count? Maybe. But they have to be relevant and targeted to meet the ‘engages’ criterion. Students sit through lectures. They’re engaged by great instructors. Pre-roll can be either. Do I simply tolerate the Marriot pre-roll ad as if it were a lecture, do I cut class by clicking away, or do I take away the desired message?
A user stays engaged with the content for a period of time long enough to have a reasonable probability of affecting their post-viewing behavior. With eCommerce video, that means watching a video on a product or category page long enough to have the video assist in the buying decision. Other advertising may work higher up in the funnel and hence may have different goals, but the user still has to watch for long enough to affect those goals. Do I watch the Marriot ad long enough to consider staying there on my next business trip?
Yeah…I know you can’t quantify that as easily as initiation of a play. But that’s what a view is from a publisher’s perspective. And the further a billing definition of ‘view’ is from a publisher’s definition, the more friction there will be in the ad-supported and view-driven areas of the industry. Which is why non-view-based monetization models may have a very bright future.
It shouldn’t surprise any of us that this issue has come up. Many video platforms are paid by the play, regardless of whether the viewer watches for any period of time and despite declining CDN costs to deliver content. Ad networks delivering video are paid by the play, so they have a vested interested in defining ‘play’ as liberally as possible to increase plays and revenue. It’s increasingly common to see video ads that auto-play below the fold on a page, communicating nothing to the audience and creating no value for the advertiser…while counting as a video view.
My unscientific, hard-to-quantify definition of a video view is:
A user engages with the content. Someone clicks ‘Play’ on purpose, not accidentally. They normally do so in order to see a given piece of content. Do pre-roll ads count? Maybe. But they have to be relevant and targeted to meet the ‘engages’ criterion. Students sit through lectures. They’re engaged by great instructors. Pre-roll can be either. Do I simply tolerate the Marriot pre-roll ad as if it were a lecture, do I cut class by clicking away, or do I take away the desired message?
A user stays engaged with the content for a period of time long enough to have a reasonable probability of affecting their post-viewing behavior. With eCommerce video, that means watching a video on a product or category page long enough to have the video assist in the buying decision. Other advertising may work higher up in the funnel and hence may have different goals, but the user still has to watch for long enough to affect those goals. Do I watch the Marriot ad long enough to consider staying there on my next business trip?
Yeah…I know you can’t quantify that as easily as initiation of a play. But that’s what a view is from a publisher’s perspective. And the further a billing definition of ‘view’ is from a publisher’s definition, the more friction there will be in the ad-supported and view-driven areas of the industry. Which is why non-view-based monetization models may have a very bright future.
Friday, September 24, 2010
A Browser Cookie That Won't Go Away?
"Evercookie" is the browser cookie that just won't go away. If you're concerned about having your Web browsing history tracked, you, like most people, will probably delete your cookies and clear your browsers' caches. However, evercookie, written in JavaScript, produces "extremely persistent cookies" that can identify a client even after you've removed standard or Flash cookies.
By Alessondra Springmann
By Alessondra Springmann
Thursday, September 23, 2010
Legal update: What email marketers need to know
By now, every email marketer should be very familiar with the CAN-SPAM Act, using it to create guidelines and best practices for marketing emails. In the coming 12 to 36 months, however, there will be several more regulations coming into effect that could necessitate some tweaks to your program, said Dennis Dayman, chief privacy and deliverability officer at Eloqua, a provider of marketing automation solutions.
“The U.S. is looking at some draft bills that will change the use of personal data and opt-in mechanisms,” Dayman said. “There are also other things going on in the European Union and Canada that will potentially create fundamental changes.” Because of the global nature of business today, these changes should have just as much impact on U.S. marketers, he said. “Transactions move across the world. There’s a very good chance that at some point during your day you’re touching data from someone that lives in the E.U.,” Dayman said.
The draft bill in the U.S.—H.R. 5777 also known as the Best Practices Act, sponsored by Rick Boucher (D-Va.) and Cliff Stearns (R-Fla.)—could change the way email marketers use behavioral data because the bill calls for opt-out consent for “collection and use of covered information by a covered entity.” The bill would require websites to tell visitors how their information is being collected, how it will be used, how long it will be kept and whether or not it will be shared with others.
Additionally, the bill allows prospects to opt not to allow their personal data and behaviors to be tracked and stored by websites and ad networks. That would make it impossible for marketers, for example, to send people who have opted in to an email program any additional materials based on where they went on a site after they left the original email.
By next summer, it will be illegal in the E.U. to put a cookie on someone’s computer without explicit permission, Dayman said. That will affect email marketers that send someone to a landing page containing a cookie. “It doesn’t ban cookies outright,” he said. “Marketers don’t realize that, if they are doing cross-border marketing, now they will need a check box for email and Web pages that says, ‘Can I send you something? Can I put a cookie on your PC?’ Those are the types of changes we’re going to have to make to stay compliant.”
The bottom line, Dayman said, is that marketers will need to start doing what they should have been doing all along. “Marketers are going to have to get hypertransparent about telling people how you are collecting their data and what you are going to do with their information once you have it,” he said.
To that end, companies should update their privacy policies, using plain language and bulleted lists to make them easy to read and understand. “There’s no more room for small print or legalese,” he said. “People are more likely to give you their data and keep receiving emails and other marketing messages when you are upfront with them from the start and don’t change things once you’ve gotten them to sign up.”
By Karen J. Bannan
“The U.S. is looking at some draft bills that will change the use of personal data and opt-in mechanisms,” Dayman said. “There are also other things going on in the European Union and Canada that will potentially create fundamental changes.” Because of the global nature of business today, these changes should have just as much impact on U.S. marketers, he said. “Transactions move across the world. There’s a very good chance that at some point during your day you’re touching data from someone that lives in the E.U.,” Dayman said.
The draft bill in the U.S.—H.R. 5777 also known as the Best Practices Act, sponsored by Rick Boucher (D-Va.) and Cliff Stearns (R-Fla.)—could change the way email marketers use behavioral data because the bill calls for opt-out consent for “collection and use of covered information by a covered entity.” The bill would require websites to tell visitors how their information is being collected, how it will be used, how long it will be kept and whether or not it will be shared with others.
Additionally, the bill allows prospects to opt not to allow their personal data and behaviors to be tracked and stored by websites and ad networks. That would make it impossible for marketers, for example, to send people who have opted in to an email program any additional materials based on where they went on a site after they left the original email.
By next summer, it will be illegal in the E.U. to put a cookie on someone’s computer without explicit permission, Dayman said. That will affect email marketers that send someone to a landing page containing a cookie. “It doesn’t ban cookies outright,” he said. “Marketers don’t realize that, if they are doing cross-border marketing, now they will need a check box for email and Web pages that says, ‘Can I send you something? Can I put a cookie on your PC?’ Those are the types of changes we’re going to have to make to stay compliant.”
The bottom line, Dayman said, is that marketers will need to start doing what they should have been doing all along. “Marketers are going to have to get hypertransparent about telling people how you are collecting their data and what you are going to do with their information once you have it,” he said.
To that end, companies should update their privacy policies, using plain language and bulleted lists to make them easy to read and understand. “There’s no more room for small print or legalese,” he said. “People are more likely to give you their data and keep receiving emails and other marketing messages when you are upfront with them from the start and don’t change things once you’ve gotten them to sign up.”
By Karen J. Bannan
Thursday, September 9, 2010
Watchdog Cautions FCC Against Sliding Down Slippery 'Paid Prioritization' Slope
The influential watchdog group Center for Democracy & Technology has told the the Federal Communications Commission that allowing companies to pay Internet service providers for prioritized delivery of content would hurt the Web's openness.
"Ensuring that operators do not engage in paid prioritization is fundamental to ensuring that the Internet continues to operate as an open, interconnected platform for commerce, speech, and innovation," the group said Tuesday in a letter filed with the Federal Communications Commission.
In recent weeks, net neutrality advocates, ISPs and policymakers have increasingly focused on "paid prioritization" -- largely because the concept is central to Google and Verizon's joint proposal for neutrality rules. The two companies proposed that ISPs should be prohibited from degrading or prioritizing traffic that currently travels over the so-called public Internet, but allowed to create fast lanes for managed services like telemedicine, distance learning, and new entertainment offerings.
Neutrality advocates generally oppose that plan, arguing that allowing ISPs to create fast lanes would disadvantage innovators and start-ups that can't afford to pay for prioritized delivery.
Last week, AT&T submitted a report to the FCC arguing that paid prioritization already exists online and that the system is "expressly contemplated" by the Internet Engineering Task Force. AT&T alone has hundreds of third-party customers for such services," the company said, adding that these customers include "healthcare providers, community service organizations, restaurant chains, car dealers, electric utilities, banks, municipalities, security/alarm companies, hotels, labor unions, charities, and video-relay service providers.
The CDT's filing on Tuesday was in response to that claim by AT&T. CDT argues that AT&T "mischaracterized" the intent of the Internet Engineering Task Force, or IETF, and its part in shaping policy. "The IETF and other technical standards bodies play a crucial role in designing the protocols that allow networks and devices to interoperate seamlessly, but it is a mistake to project business and policy decisions, about paid prioritization or any other matter, onto technical standards that make no such claims," the CDT says.
By Wendy Davis
"Ensuring that operators do not engage in paid prioritization is fundamental to ensuring that the Internet continues to operate as an open, interconnected platform for commerce, speech, and innovation," the group said Tuesday in a letter filed with the Federal Communications Commission.
In recent weeks, net neutrality advocates, ISPs and policymakers have increasingly focused on "paid prioritization" -- largely because the concept is central to Google and Verizon's joint proposal for neutrality rules. The two companies proposed that ISPs should be prohibited from degrading or prioritizing traffic that currently travels over the so-called public Internet, but allowed to create fast lanes for managed services like telemedicine, distance learning, and new entertainment offerings.
Neutrality advocates generally oppose that plan, arguing that allowing ISPs to create fast lanes would disadvantage innovators and start-ups that can't afford to pay for prioritized delivery.
Last week, AT&T submitted a report to the FCC arguing that paid prioritization already exists online and that the system is "expressly contemplated" by the Internet Engineering Task Force. AT&T alone has hundreds of third-party customers for such services," the company said, adding that these customers include "healthcare providers, community service organizations, restaurant chains, car dealers, electric utilities, banks, municipalities, security/alarm companies, hotels, labor unions, charities, and video-relay service providers.
The CDT's filing on Tuesday was in response to that claim by AT&T. CDT argues that AT&T "mischaracterized" the intent of the Internet Engineering Task Force, or IETF, and its part in shaping policy. "The IETF and other technical standards bodies play a crucial role in designing the protocols that allow networks and devices to interoperate seamlessly, but it is a mistake to project business and policy decisions, about paid prioritization or any other matter, onto technical standards that make no such claims," the CDT says.
By Wendy Davis
Friday, September 3, 2010
Ten Fallacies About Web Privacy
Privacy on the Web is a constant issue for public discussion—and Congress is always considering more regulations on the use of information about people's habits, interests or preferences on the Internet. Unfortunately, these discussions lead to many misconceptions. Here are 10 of the most important:
1) Privacy is free. Many privacy advocates believe it is a free lunch—that is, consumers can obtain more privacy without giving up anything. Not so. There is a strong trade-off between privacy and information: The more privacy consumers have, the less information is available for use in the economy. Since information helps markets work better, the cost of privacy is less efficient markets.
2) If there are costs of privacy, they are borne by companies. Many who do admit that privacy regulations restricting the use of information about consumers have costs believe they are born entirely by firms. Yet consumers get tremendous benefits from the use of information.
Think of all the free stuff on the Web: newspapers, search engines, stock prices, sports scores, maps and much more. Google alone lists more than 50 free services—all ultimately funded by targeted advertising based on the use of information. If revenues from advertising are reduced or if costs increase, then fewer such services will be provided.
3) If consumers have less control over information, then firms must gain and consumers must lose. When firms have better information, they can target advertising better to consumers—who thereby get better and more useful information more quickly. Likewise, when information is used for other purposes—for example, in credit rating—then the cost of credit for all consumers will decrease.
4) Information use is "all or nothing." Many say that firms such as Google will continue to provide services even if their use of information is curtailed. This is sometimes true, but the services will be lower-quality and less valuable to consumers as information use is more restricted.
For example, search engines can better target searches if they know what searchers are looking for. (Google's "Did you mean . . ." to correct typos is a familiar example.) Keeping a past history of searches provides exactly this information. Shorter retained search histories mean less effective targeting.
5) If consumers have less privacy, then someone will know things about them that they may want to keep secret. Most information is used anonymously. To the extent that things are "known" about consumers, they are known by computers. This notion is counterintuitive; we are not used to the concept that something can be known and at the same time no person knows it. But this is true of much online information.
6) Information can be used for price discrimination (differential pricing), which will harm consumers. For example, it might be possible to use a history of past purchases to tell which consumers might place a higher value on a particular good. The welfare implications of discriminatory pricing in general are ambiguous. But if price discrimination makes it possible for firms to provide goods and services that would otherwise not be available (which is common for virtual goods and services such as software, including cell phone apps) then consumers unambiguously benefit.
7) If consumers knew how information about them was being used, they would be irate. When something (such as tainted food) actually harms consumers, they learn about the sources of the harm. But in spite of warnings by privacy advocates, consumers don't bother to learn about information use on the Web precisely because there is no harm from the way it is used.
8) Increasing privacy leads to greater safety and less risk. The opposite is true. Firms can use information to verify identity and reduce Internet crime and identity theft. Think of being called by a credit-card provider and asked a series of questions when using your card in an unfamiliar location, such as on a vacation. If this information is not available, then less verification can occur and risk may actually increase.
9) Restricting the use of information (such as by mandating consumer "opt-in") will benefit consumers. In fact, since the use of information is generally benign and valuable, policies that lead to less information being used are generally harmful.
10)Targeted advertising leads people to buy stuff they don't want or need. This belief is inconsistent with the basis of a market economy. A market economy exists because buyers and sellers both benefit from voluntary transactions. If this were not true, then a planned economy would be more efficient—and we have all seen how that works.
By PAUL H. RUBIN
Mr. Rubin teaches economics at Emory University.
1) Privacy is free. Many privacy advocates believe it is a free lunch—that is, consumers can obtain more privacy without giving up anything. Not so. There is a strong trade-off between privacy and information: The more privacy consumers have, the less information is available for use in the economy. Since information helps markets work better, the cost of privacy is less efficient markets.
2) If there are costs of privacy, they are borne by companies. Many who do admit that privacy regulations restricting the use of information about consumers have costs believe they are born entirely by firms. Yet consumers get tremendous benefits from the use of information.
Think of all the free stuff on the Web: newspapers, search engines, stock prices, sports scores, maps and much more. Google alone lists more than 50 free services—all ultimately funded by targeted advertising based on the use of information. If revenues from advertising are reduced or if costs increase, then fewer such services will be provided.
3) If consumers have less control over information, then firms must gain and consumers must lose. When firms have better information, they can target advertising better to consumers—who thereby get better and more useful information more quickly. Likewise, when information is used for other purposes—for example, in credit rating—then the cost of credit for all consumers will decrease.
4) Information use is "all or nothing." Many say that firms such as Google will continue to provide services even if their use of information is curtailed. This is sometimes true, but the services will be lower-quality and less valuable to consumers as information use is more restricted.
For example, search engines can better target searches if they know what searchers are looking for. (Google's "Did you mean . . ." to correct typos is a familiar example.) Keeping a past history of searches provides exactly this information. Shorter retained search histories mean less effective targeting.
5) If consumers have less privacy, then someone will know things about them that they may want to keep secret. Most information is used anonymously. To the extent that things are "known" about consumers, they are known by computers. This notion is counterintuitive; we are not used to the concept that something can be known and at the same time no person knows it. But this is true of much online information.
6) Information can be used for price discrimination (differential pricing), which will harm consumers. For example, it might be possible to use a history of past purchases to tell which consumers might place a higher value on a particular good. The welfare implications of discriminatory pricing in general are ambiguous. But if price discrimination makes it possible for firms to provide goods and services that would otherwise not be available (which is common for virtual goods and services such as software, including cell phone apps) then consumers unambiguously benefit.
7) If consumers knew how information about them was being used, they would be irate. When something (such as tainted food) actually harms consumers, they learn about the sources of the harm. But in spite of warnings by privacy advocates, consumers don't bother to learn about information use on the Web precisely because there is no harm from the way it is used.
8) Increasing privacy leads to greater safety and less risk. The opposite is true. Firms can use information to verify identity and reduce Internet crime and identity theft. Think of being called by a credit-card provider and asked a series of questions when using your card in an unfamiliar location, such as on a vacation. If this information is not available, then less verification can occur and risk may actually increase.
9) Restricting the use of information (such as by mandating consumer "opt-in") will benefit consumers. In fact, since the use of information is generally benign and valuable, policies that lead to less information being used are generally harmful.
10)Targeted advertising leads people to buy stuff they don't want or need. This belief is inconsistent with the basis of a market economy. A market economy exists because buyers and sellers both benefit from voluntary transactions. If this were not true, then a planned economy would be more efficient—and we have all seen how that works.
By PAUL H. RUBIN
Mr. Rubin teaches economics at Emory University.
Monday, August 30, 2010
Suit Distinguishes Facebook's Click-Fraud Liability
Facebook's contract with pay-per-click marketers does not completely protect the social networking service from liability for problematic clicks by outside companies, despite a disclaimer stating that Facebook has no responsibility for click fraud, a federal judge has ruled.
But the judge also ruled that Facebook's disclaimer successfully precludes liability for clicks made by outside companies that are seeking to drive up their competitors' ad costs.
The mixed decision, issued this week by U.S. District Court Judge Jeremy Fogel in San Jose, Calif., draws a line between clicks that were "fraudulent" in the sense that the clicker had dubious intentions, and clicks that were improper for other reasons, such as when technical problems prevented users from reaching a landing page.
Fogel ruled that Facebook's disclaimer protects the company only from clicks made by third parties with an intent to defraud, and not clicks that don't go through for more benign reasons.
The ruling left both sides claiming they had scored points in the litigation, which cleared the way for the marketers to obtain evidence from Facebook through the pre-trial discovery process.
"Plaintiffs view it as a significant victory because the judge rejected Facebook's argument that a click fraud disclaimer immunized it against liability for any type of improper third party click," said Jonathan Shub, who represents the marketers. "We believe that the evidence will show that Facebook has immature systems resulting in improper billing of a wide range of clicks for which advertisers should not have been charged."
For its part, Facebook said it was "pleased a number of claims have been dismissed for good." The company added: "We believe the remaining, much narrower, claims are also without merit and will fight them vigorously."
The case dates to last summer, when sports site RootZoo and several other online marketers sued the social networking service, alleging discrepancies between their internal data and the number of clicks they were charged for by Facebook. RootZoo's original complaint alleged that its analytics showed that 300 clicks were generated by Facebook on June 2, 2008, but that Facebook charged the company for 804 clicks.
Facebook asserted that its contract with marketers precluded liability for click fraud because it included the following language: "Facebook shall have no responsibility or liability to me in connection with any third-party click fraud or other improper actions that may occur."
But RootZoo and the other marketers successfully argued that "improper actions" means only clicks made with a harmful intent, and not clicks that are "non-fraudulent but otherwise invalid." Such an invalid click could occur when the same user inadvertently clicks on an ad twice in rapid succession, or clicks on an ad but doesn't actually reach the marketer's site.
Fogel's ruling this week revisited an earlier decision dismissing claims against Facebook stemming from improper clicks by third-party companies. After that decision, the marketers filed amended papers spelling out why they sought to hold Facebook liable for invalid third-party clicks.
But the judge also ruled that Facebook's disclaimer successfully precludes liability for clicks made by outside companies that are seeking to drive up their competitors' ad costs.
The mixed decision, issued this week by U.S. District Court Judge Jeremy Fogel in San Jose, Calif., draws a line between clicks that were "fraudulent" in the sense that the clicker had dubious intentions, and clicks that were improper for other reasons, such as when technical problems prevented users from reaching a landing page.
Fogel ruled that Facebook's disclaimer protects the company only from clicks made by third parties with an intent to defraud, and not clicks that don't go through for more benign reasons.
The ruling left both sides claiming they had scored points in the litigation, which cleared the way for the marketers to obtain evidence from Facebook through the pre-trial discovery process.
"Plaintiffs view it as a significant victory because the judge rejected Facebook's argument that a click fraud disclaimer immunized it against liability for any type of improper third party click," said Jonathan Shub, who represents the marketers. "We believe that the evidence will show that Facebook has immature systems resulting in improper billing of a wide range of clicks for which advertisers should not have been charged."
For its part, Facebook said it was "pleased a number of claims have been dismissed for good." The company added: "We believe the remaining, much narrower, claims are also without merit and will fight them vigorously."
The case dates to last summer, when sports site RootZoo and several other online marketers sued the social networking service, alleging discrepancies between their internal data and the number of clicks they were charged for by Facebook. RootZoo's original complaint alleged that its analytics showed that 300 clicks were generated by Facebook on June 2, 2008, but that Facebook charged the company for 804 clicks.
Facebook asserted that its contract with marketers precluded liability for click fraud because it included the following language: "Facebook shall have no responsibility or liability to me in connection with any third-party click fraud or other improper actions that may occur."
But RootZoo and the other marketers successfully argued that "improper actions" means only clicks made with a harmful intent, and not clicks that are "non-fraudulent but otherwise invalid." Such an invalid click could occur when the same user inadvertently clicks on an ad twice in rapid succession, or clicks on an ad but doesn't actually reach the marketer's site.
Fogel's ruling this week revisited an earlier decision dismissing claims against Facebook stemming from improper clicks by third-party companies. After that decision, the marketers filed amended papers spelling out why they sought to hold Facebook liable for invalid third-party clicks.
Thursday, August 26, 2010
Specific Media Sued Over Flash Cookie Use
Online ad network Specific Media has been hit with a lawsuit for allegedly violating Web users' privacy by using Flash cookies for tracking purposes.
In a complaint filed in U.S. District Court in the Central District of California, six Web users allege that Specific Media failed to provide adequate notice about its online data collection techniques, including Flash cookies. The lawsuit also alleges that Specific Media used Flash cookies -- which are stored in a separate location from HTML cookies -- to recreate HTML cookies that users had deleted so it could "obtain personal identifying information, monitor users, and to sell users' data."
The company's "privacy documents require college-level reading skills for comprehension and include substantial legalese, ambiguous and obfuscated language designed to confuse, disenfranchise, and mislead the users," the lawsuit asserts.
In addition, the use of Flash cookies to recreate deleted HTML cookies "unfairly wrests control from users," the lawsuit alleges.
Specific Media has not yet responded to Online Media Daily's request for comment.
Flash cookies were originally designed to remember users' preferences for Flash-based applications like online video players, but some companies also use such cookies to store the same type of information that is normally found on HTTP cookies. With this type of data, Flash cookies can be used to reconstruct HTTP cookies, even when consumers have deliberately deleted their HTTP cookies to avoid tracking. Because Flash cookies are stored in a different place from HTTP cookies, users who delete the latter don't also shed the former. People can trash Flash cookies via Adobe's online controls, but many users don't appear to be aware of the cookies.
The complaint refers extensively to a report about Flash cookies published last year by researchers at the University of California, Berkeley and other schools. That paper outlined how Flash can be used to circumvent consumers' settings.
After the report was published, some Federal Trade Commission officials said they were concerned about the use of Flash for tracking purposes.
The Web users argue that Specific Media's alleged tracking techniques violate federal and state wiretap laws. They are seeking a class-action lawsuit.
This lawsuit marks the third time this summer that companies have been sued over Flash cookies. Defendants named in the prior two lawsuits include Quantcast, Clearspring, Walt Disney and NBC Universal.
All of the Flash-cookie suits were filed by lawyers David Parisi and Joseph Malley, both of whom are among the attorneys suing defunct behavioral targeting company NebuAd for allegedly violating users' privacy.
In a complaint filed in U.S. District Court in the Central District of California, six Web users allege that Specific Media failed to provide adequate notice about its online data collection techniques, including Flash cookies. The lawsuit also alleges that Specific Media used Flash cookies -- which are stored in a separate location from HTML cookies -- to recreate HTML cookies that users had deleted so it could "obtain personal identifying information, monitor users, and to sell users' data."
The company's "privacy documents require college-level reading skills for comprehension and include substantial legalese, ambiguous and obfuscated language designed to confuse, disenfranchise, and mislead the users," the lawsuit asserts.
In addition, the use of Flash cookies to recreate deleted HTML cookies "unfairly wrests control from users," the lawsuit alleges.
Specific Media has not yet responded to Online Media Daily's request for comment.
Flash cookies were originally designed to remember users' preferences for Flash-based applications like online video players, but some companies also use such cookies to store the same type of information that is normally found on HTTP cookies. With this type of data, Flash cookies can be used to reconstruct HTTP cookies, even when consumers have deliberately deleted their HTTP cookies to avoid tracking. Because Flash cookies are stored in a different place from HTTP cookies, users who delete the latter don't also shed the former. People can trash Flash cookies via Adobe's online controls, but many users don't appear to be aware of the cookies.
The complaint refers extensively to a report about Flash cookies published last year by researchers at the University of California, Berkeley and other schools. That paper outlined how Flash can be used to circumvent consumers' settings.
After the report was published, some Federal Trade Commission officials said they were concerned about the use of Flash for tracking purposes.
The Web users argue that Specific Media's alleged tracking techniques violate federal and state wiretap laws. They are seeking a class-action lawsuit.
This lawsuit marks the third time this summer that companies have been sued over Flash cookies. Defendants named in the prior two lawsuits include Quantcast, Clearspring, Walt Disney and NBC Universal.
All of the Flash-cookie suits were filed by lawyers David Parisi and Joseph Malley, both of whom are among the attorneys suing defunct behavioral targeting company NebuAd for allegedly violating users' privacy.
Friday, August 6, 2010
Legislators Question Web Companies' Privacy Practices
Two senior lawmakers are questioning AOL, Yahoo, MSN and other Web companies about their practice of allowing third-party ad companies to install cookies and other tracking mechanisms on visitors' computers.
In letters to the companies, Reps. Ed Markey (D-Mass.) and Joe Barton (R-Texas) said they were troubled by the notion "that the price of consumers' daily use of the Internet increasingly is surrender of their personal information." The legislators' move comes in response to a recent Wall Street Journal report that the top 50 U.S. Web sites installed an average of 64 pieces of tracking technology -- like cookies or beacons -- onto users' computers.
Web companies often say that such tracking is anonymous, but privacy advocates worry that individuals can be identified if the information that's gathered is sufficiently detailed. Markey and Barton said in their letter that the online data collection now underway "permits web-based enterprises to develop digital dossiers on consumers for a range of purposes, including highly targeted marketing."
They asked the Web sites a host of questions, including how information about users is collected, whether such information is monetized, and if so, how much revenue was associated with that information in the last 12 months.
The letter also asked the sites to provide the names of all ad and analytics companies that have access to visitors' data. The lawmakers also questioned the Web sites about their privacy policies, asking whether consumers are notified about the array of companies that collect data.
The 15 sites to receive letters were Dictionary.com, MSN.com, Comcast.net, AOL.com, Merriam-Webster.com, Photobucket.com, Answers.com; Careerbuilder.com; MSNBC.com, Live.com, Myspace.com, Yahoo.com, Verizonwireless.com, Yp.com, and About.com.
A Verizon Wireless spokesperson said the company was reviewing the request and would get back to Congress.
A Microsoft spokesperson said in a statement that the company "takes seriously our responsibility to protect people's privacy when they are using Microsoft's products and services." The spokesperson added: "We look forward to reviewing the letter and continuing to work with Representatives Markey and Barton on this important issue."
A third company said it had not yet received the letter.
Separately, a coalition of privacy advocates including the Center for Digital Democracy and U.S. Public Interest Research Group asked lawmakers to investigate a report in The Wall Street Journal stating that Microsoft lessened privacy protections in the latest version of its browser in response to concerns raised by the ad industry. The original plan reportedly was to have a setting that automatically rejected tracking technology. Instead, while the browser allows consumers to reject tracking technology, people must activate that setting anew each time they launch the software.
"Microsoft's self-serving action is emblematic of the ad industry's failure to enact meaningful self-regulation," the advocates state in letters sent to Reps. Barton and Waxman (D-Calif.) as well as Sens. Jay Rockefeller (D-W.Va.) and Kay Bailey Hutchison (R-Texas).
Lawmakers currently are mulling two proposals for privacy legislation -- a bill introduced last month by Rep. Bobby Rush (D-Ill.) and a draft proposal floated earlier this year by Rep. Rick Boucher (D-Va.).
By Wendy Davis
In letters to the companies, Reps. Ed Markey (D-Mass.) and Joe Barton (R-Texas) said they were troubled by the notion "that the price of consumers' daily use of the Internet increasingly is surrender of their personal information." The legislators' move comes in response to a recent Wall Street Journal report that the top 50 U.S. Web sites installed an average of 64 pieces of tracking technology -- like cookies or beacons -- onto users' computers.
Web companies often say that such tracking is anonymous, but privacy advocates worry that individuals can be identified if the information that's gathered is sufficiently detailed. Markey and Barton said in their letter that the online data collection now underway "permits web-based enterprises to develop digital dossiers on consumers for a range of purposes, including highly targeted marketing."
They asked the Web sites a host of questions, including how information about users is collected, whether such information is monetized, and if so, how much revenue was associated with that information in the last 12 months.
The letter also asked the sites to provide the names of all ad and analytics companies that have access to visitors' data. The lawmakers also questioned the Web sites about their privacy policies, asking whether consumers are notified about the array of companies that collect data.
The 15 sites to receive letters were Dictionary.com, MSN.com, Comcast.net, AOL.com, Merriam-Webster.com, Photobucket.com, Answers.com; Careerbuilder.com; MSNBC.com, Live.com, Myspace.com, Yahoo.com, Verizonwireless.com, Yp.com, and About.com.
A Verizon Wireless spokesperson said the company was reviewing the request and would get back to Congress.
A Microsoft spokesperson said in a statement that the company "takes seriously our responsibility to protect people's privacy when they are using Microsoft's products and services." The spokesperson added: "We look forward to reviewing the letter and continuing to work with Representatives Markey and Barton on this important issue."
A third company said it had not yet received the letter.
Separately, a coalition of privacy advocates including the Center for Digital Democracy and U.S. Public Interest Research Group asked lawmakers to investigate a report in The Wall Street Journal stating that Microsoft lessened privacy protections in the latest version of its browser in response to concerns raised by the ad industry. The original plan reportedly was to have a setting that automatically rejected tracking technology. Instead, while the browser allows consumers to reject tracking technology, people must activate that setting anew each time they launch the software.
"Microsoft's self-serving action is emblematic of the ad industry's failure to enact meaningful self-regulation," the advocates state in letters sent to Reps. Barton and Waxman (D-Calif.) as well as Sens. Jay Rockefeller (D-W.Va.) and Kay Bailey Hutchison (R-Texas).
Lawmakers currently are mulling two proposals for privacy legislation -- a bill introduced last month by Rep. Bobby Rush (D-Ill.) and a draft proposal floated earlier this year by Rep. Rick Boucher (D-Va.).
By Wendy Davis
Wednesday, August 4, 2010
Intel to change practices in FTC settlement
By Jia Lynn Yang
The Federal Trade Commission is banning tech giant Intel from a slew of practices deemed unfair and deceptive as part of an antitrust settlement over charges the firm exploited its dominance in the chip market to elbow out competitors.
The FTC doesn't have the authority to fine the company — unless it violates the terms of the settlement — but the agency outlined a deal on Wednesday checking Intel's business practices. Officials said the deal would immediately benefit consumers purchasing computers by increasing competition in the chip-making business.
“This is an exceptionally important case,” said FTC Chairman Jon Leibowitz. “And the commission was deeply troubled by Intel's actions.”
The agency investigated Intel's practices going back at least 10 years and found the company “stepped well over the line.” The FTC said Intel told customers it would not sell products to them unless they agreed to stop doing business with Intel's rivals. The agency also says that Intel redesigned its central processing units, or CPUs, to throw off competitors by making it harder for their chips to work with Intel's.
Intel said in a statement Wednesday that the company does not admit to breaking the law as part of the settlement and that the agency's allegations are all false.
“This agreement provides a framework that will allow us to continue to compete and to provide our customer the best possible products at the best prices,” said Doug Melamed, Intel senior vice president and general counsel. “The settlement enables us to put an end to the expense and distraction of the FTC litigation.”
Intel has faced antitrust charges before from rival chipmaker Advanced Micro Devices. Last November the two firms agreed to a $1.25 billion settlement. The European Union has also accused Intel of anticompetitive behavior. In May 2009, the EU fined Intel $1.45 billion and told the company to stop offering customer rebates that the EU thought were coercive.
The Federal Trade Commission is banning tech giant Intel from a slew of practices deemed unfair and deceptive as part of an antitrust settlement over charges the firm exploited its dominance in the chip market to elbow out competitors.
The FTC doesn't have the authority to fine the company — unless it violates the terms of the settlement — but the agency outlined a deal on Wednesday checking Intel's business practices. Officials said the deal would immediately benefit consumers purchasing computers by increasing competition in the chip-making business.
“This is an exceptionally important case,” said FTC Chairman Jon Leibowitz. “And the commission was deeply troubled by Intel's actions.”
The agency investigated Intel's practices going back at least 10 years and found the company “stepped well over the line.” The FTC said Intel told customers it would not sell products to them unless they agreed to stop doing business with Intel's rivals. The agency also says that Intel redesigned its central processing units, or CPUs, to throw off competitors by making it harder for their chips to work with Intel's.
Intel said in a statement Wednesday that the company does not admit to breaking the law as part of the settlement and that the agency's allegations are all false.
“This agreement provides a framework that will allow us to continue to compete and to provide our customer the best possible products at the best prices,” said Doug Melamed, Intel senior vice president and general counsel. “The settlement enables us to put an end to the expense and distraction of the FTC litigation.”
Intel has faced antitrust charges before from rival chipmaker Advanced Micro Devices. Last November the two firms agreed to a $1.25 billion settlement. The European Union has also accused Intel of anticompetitive behavior. In May 2009, the EU fined Intel $1.45 billion and told the company to stop offering customer rebates that the EU thought were coercive.
Monday, August 2, 2010
Judge Rules Site Alleging Copyright Infringement Did Not Send Takedown Notices To Google Properly
A federal judge in Los Angeles has handed Google a significant victory in a copyright infringement lawsuit brought by adult entertainment company Perfect 10.
In a ruling issued earlier this week, U.S. District Court Judge A. Howard Matz largely cleared Google for allegedly displaying links in search results to sites that infringe Perfect 10's copyright. Matz found that in many cases, Perfect 10 had not provided the search company with detailed enough information to be able to easily remove the pirated material.
In general, the Digital Millennium Copyright Act protects search engines from liability for returning copyright images in their results, provided the search engines remove pirated material upon request. Matz said in his ruling that Perfect 10 made at least 83 such takedown requests to Google since 2001, but that most of them were deficient.
Matz elaborated that some of the takedown notices were sent to the wrong address -- webmaster@google.com -- instead of the address that Google had designated. Other takedown notices referred to "dozens or even hundreds of alleged infringing links," but many of those didn't contain enough details about the URLs for Google to be able to determine what material to remove.
Matz said that in other instances, Perfect 10 merely provided Google with a package of a cover letter, spreadsheet and DVDs with electronic files -- and then expected Google to "comb through hundreds of nested electronic folders containing over 70,000 distinct files, including raw image files such as JPEG files and screen shots of Google search results, in order to find which link was allegedly infringing."
While Matz didn't dismiss all of Perfect 10's claims, the ruling seems to put a big dent in the company's case, which has been pending since 2004.
Santa Clara University law professor Eric Goldman says on his blog that the ruling shows that content owners "should not get creative or lazy" with their takedown requests. "Over and over again, we've seen that the big service providers will respond quickly to properly drafted takedown notices; and we've seen judges become increasingly less tolerant of plaintiffs who couldn't bother to follow the statutory roadmap," he writes.
The ruling marks at least the second major recent defeat for Perfect 10. In May, a different federal judge denied Perfect 10's request for an injunction shutting down RapidShare for allegedly contributing to copyright infringement.
In a ruling issued earlier this week, U.S. District Court Judge A. Howard Matz largely cleared Google for allegedly displaying links in search results to sites that infringe Perfect 10's copyright. Matz found that in many cases, Perfect 10 had not provided the search company with detailed enough information to be able to easily remove the pirated material.
In general, the Digital Millennium Copyright Act protects search engines from liability for returning copyright images in their results, provided the search engines remove pirated material upon request. Matz said in his ruling that Perfect 10 made at least 83 such takedown requests to Google since 2001, but that most of them were deficient.
Matz elaborated that some of the takedown notices were sent to the wrong address -- webmaster@google.com -- instead of the address that Google had designated. Other takedown notices referred to "dozens or even hundreds of alleged infringing links," but many of those didn't contain enough details about the URLs for Google to be able to determine what material to remove.
Matz said that in other instances, Perfect 10 merely provided Google with a package of a cover letter, spreadsheet and DVDs with electronic files -- and then expected Google to "comb through hundreds of nested electronic folders containing over 70,000 distinct files, including raw image files such as JPEG files and screen shots of Google search results, in order to find which link was allegedly infringing."
While Matz didn't dismiss all of Perfect 10's claims, the ruling seems to put a big dent in the company's case, which has been pending since 2004.
Santa Clara University law professor Eric Goldman says on his blog that the ruling shows that content owners "should not get creative or lazy" with their takedown requests. "Over and over again, we've seen that the big service providers will respond quickly to properly drafted takedown notices; and we've seen judges become increasingly less tolerant of plaintiffs who couldn't bother to follow the statutory roadmap," he writes.
The ruling marks at least the second major recent defeat for Perfect 10. In May, a different federal judge denied Perfect 10's request for an injunction shutting down RapidShare for allegedly contributing to copyright infringement.
Thursday, July 29, 2010
Congress Doesn't Push To Involve FCC In Retrans
By Sara Jerome
Good morning!
Exclusive: Push to get FCC involved with TV negotiation generates little enthusiasm
The push to get the Federal Communications Commission (FCC) to change "retransmission consent" rules has been slow to gain ground on Capitol Hill so far.
Reps. Steve Israel (D-N.Y.) and Pete King (R-N.Y.) circulated a "Dear Colleague" letter this month promoting changes to retransmission consent rules, a contentious set of regulations governing negotiations between broadcasters and paid distributors such as cable and satellite operators.
The result? Enthusiasm is not exactly spreading like wildfire.
A copy of the final letter obtained by The Hill shows only 13 members of Congress signed on. King is the only Republican on the letter.
Broadcasters would prefer to leave the rules as they are, but cable and satellite distributors want an overhaul. They say television broadcast stations have too much power in the talks because they can pull their content. Broadcasters, meanwhile, argue cable and satellite's dependence on their programming means broadcasters deserve muscle to negotiate their compensation.
Facebook returns to the Hill
For the second day in a row, Facebook is on the Hill to talk about online privacy, this time before the House Judiciary Crime Subcommittee.
The witness is the company's chief security officer Joe Sullivan, a former federal prosecutor and founding member Justice Department’s computer hacking unit.
"We wanted to be part of this hearing because Facebook’s industry-leading safety and security practices can be a model for other companies and can inform policymakers as they examine this important issue," Facebook's Andrew Noyes told the Hill.
(2 p.m., 2141 Rayburn House Office Building).
DHS hesitant to back FCC's D-block auction
At a hearing Tuesday, Greg Shaffer, assistant secretary of the Office of Cybersecurity and Communications at DHS, said DHS is not ready to support the D-block auction until the FCC's plan is better evaluated.
The plan would fund a nationwide broadband network for first responders by auctioning off a chunk of spectrum rather than giving it straight to public safety groups.
"It's not absolutely clear what it's capable of," he said of the technology used on the network.
Today: Talking about earmarks
The Senate Homeland Security and Governmental Affairs Committee will debate and mark up the Earmark Transparency Act on Wednesday. The bill would create a searchable database on a public website for all congressional earmarks. Sen. Carl Levin (D-Mich.) has expressed criticism of the bill, saying it'd be impractical and difficult for the site to list every single earmark. Bill co-sponsor Sen. Tom Coburn (R-Okla.) has argued the bill meets President Obama’s call in the State of the Union for Congress to create a single, searchable database of all congressional earmark requests. -P.K.
(10 a.m., 342 Dirksen Senate Office Building).
Can't miss news.
Hill notes
Kerry to draft online privacy bill. Sen. John Kerry (D-Mass.) announced Tuesday he will pursue online privacy legislation to complement efforts in the House. Reps. Bobby Rush (D-Ill.) and Rick Boucher (D-Va.) have each drafted privacy legislation to rein in what companies can do with users' personal information.
Executive notes
Conservative ethics group claims new evidence against White House for ties to Google. A conservative group claims it has obtained new evidence that White House deputy chief technology officer Andrew McLaughlin had improper contact with Google, his former employer. The White House has said McLaughlin’s e-mails with Google employees had no effect on policy decisions, but The National Legal and Policy Center (NLPC) on Thursday said it has obtained new evidence that complicates that assertion.
Industry notes
Google develops a Facebook rival. The WSJ reports that Google is in talks with "several makers of popular online games as it seeks to develop a broader social networking service that could compete with Facebook Inc., according to people familiar with the matter." The company is already talking to developers about running their games on the new social networking service.
LG posts record loss from handsets due to iPhone. "LG Electronics Inc. , the world’s third-biggest mobile-phone maker, reported a record loss at its handset business after lagging behind Apple Inc. and smartphone makers in selling models that send e-mails and surf the Internet," Bloomberg reports.
Microsoft: Yahoo, Google partnership plan would 'eliminate' search competition in Japan. Yahoo's plan to partner with Google in Japan will "eliminate" search competition in the country, Microsoft's Dave Heiner, vice president and deputy general counsel, charged in a blog post Tuesday. "Today, Google accounts for about 51 percent of paid search advertising in Japan. Yahoo Japan accounts for 47 percent. Their combined share of natural search results is almost as high," he said. Heiner warned that "if Google is permitted to proceed with its plan … Google alone would decide what consumers in Japan will find, or not find, on the Web."
Schedule.
10 a.m…Senate Homeland Security and Government Affairs markup for a bill to require Congress to establish a unified and searchable database on a public website for congressional earmarks. 342 Dirksen Senate Office Building.
2 p.m...House Armed Services Terrorism Subcommittee hearing on harnessing small-business innovation for national security cyber needs. 2118 Rayburn House Office Building.
2 p.m....House Judiciary Crime Subcommittee hearing on online privacy. 2141 Rayburn House Office Building.
SAID.
"I know you're pulling a pretty heavy load down there."
-Sen. Byron Dorgan (D-N.D.) to FCC Chairman Julius Genachowski at a hearing on Tuesday. He added that he supports what the FCC is doing. He appeared to be referencing broadband reclassification, noting the "controversy" around the proceeding.
WATERCOOLER.
OLD SPICE…The guy in the Old Spice commercials received millions of viral video views "quicker than past hits like Susan Boyle and U.S. President Barack Obama’s election victory speech," Mashable reported on Tuesday. The article argues sales may have even doubled thanks to the campaign.
Good morning!
Exclusive: Push to get FCC involved with TV negotiation generates little enthusiasm
The push to get the Federal Communications Commission (FCC) to change "retransmission consent" rules has been slow to gain ground on Capitol Hill so far.
Reps. Steve Israel (D-N.Y.) and Pete King (R-N.Y.) circulated a "Dear Colleague" letter this month promoting changes to retransmission consent rules, a contentious set of regulations governing negotiations between broadcasters and paid distributors such as cable and satellite operators.
The result? Enthusiasm is not exactly spreading like wildfire.
A copy of the final letter obtained by The Hill shows only 13 members of Congress signed on. King is the only Republican on the letter.
Broadcasters would prefer to leave the rules as they are, but cable and satellite distributors want an overhaul. They say television broadcast stations have too much power in the talks because they can pull their content. Broadcasters, meanwhile, argue cable and satellite's dependence on their programming means broadcasters deserve muscle to negotiate their compensation.
Facebook returns to the Hill
For the second day in a row, Facebook is on the Hill to talk about online privacy, this time before the House Judiciary Crime Subcommittee.
The witness is the company's chief security officer Joe Sullivan, a former federal prosecutor and founding member Justice Department’s computer hacking unit.
"We wanted to be part of this hearing because Facebook’s industry-leading safety and security practices can be a model for other companies and can inform policymakers as they examine this important issue," Facebook's Andrew Noyes told the Hill.
(2 p.m., 2141 Rayburn House Office Building).
DHS hesitant to back FCC's D-block auction
At a hearing Tuesday, Greg Shaffer, assistant secretary of the Office of Cybersecurity and Communications at DHS, said DHS is not ready to support the D-block auction until the FCC's plan is better evaluated.
The plan would fund a nationwide broadband network for first responders by auctioning off a chunk of spectrum rather than giving it straight to public safety groups.
"It's not absolutely clear what it's capable of," he said of the technology used on the network.
Today: Talking about earmarks
The Senate Homeland Security and Governmental Affairs Committee will debate and mark up the Earmark Transparency Act on Wednesday. The bill would create a searchable database on a public website for all congressional earmarks. Sen. Carl Levin (D-Mich.) has expressed criticism of the bill, saying it'd be impractical and difficult for the site to list every single earmark. Bill co-sponsor Sen. Tom Coburn (R-Okla.) has argued the bill meets President Obama’s call in the State of the Union for Congress to create a single, searchable database of all congressional earmark requests. -P.K.
(10 a.m., 342 Dirksen Senate Office Building).
Can't miss news.
Hill notes
Kerry to draft online privacy bill. Sen. John Kerry (D-Mass.) announced Tuesday he will pursue online privacy legislation to complement efforts in the House. Reps. Bobby Rush (D-Ill.) and Rick Boucher (D-Va.) have each drafted privacy legislation to rein in what companies can do with users' personal information.
Executive notes
Conservative ethics group claims new evidence against White House for ties to Google. A conservative group claims it has obtained new evidence that White House deputy chief technology officer Andrew McLaughlin had improper contact with Google, his former employer. The White House has said McLaughlin’s e-mails with Google employees had no effect on policy decisions, but The National Legal and Policy Center (NLPC) on Thursday said it has obtained new evidence that complicates that assertion.
Industry notes
Google develops a Facebook rival. The WSJ reports that Google is in talks with "several makers of popular online games as it seeks to develop a broader social networking service that could compete with Facebook Inc., according to people familiar with the matter." The company is already talking to developers about running their games on the new social networking service.
LG posts record loss from handsets due to iPhone. "LG Electronics Inc. , the world’s third-biggest mobile-phone maker, reported a record loss at its handset business after lagging behind Apple Inc. and smartphone makers in selling models that send e-mails and surf the Internet," Bloomberg reports.
Microsoft: Yahoo, Google partnership plan would 'eliminate' search competition in Japan. Yahoo's plan to partner with Google in Japan will "eliminate" search competition in the country, Microsoft's Dave Heiner, vice president and deputy general counsel, charged in a blog post Tuesday. "Today, Google accounts for about 51 percent of paid search advertising in Japan. Yahoo Japan accounts for 47 percent. Their combined share of natural search results is almost as high," he said. Heiner warned that "if Google is permitted to proceed with its plan … Google alone would decide what consumers in Japan will find, or not find, on the Web."
Schedule.
10 a.m…Senate Homeland Security and Government Affairs markup for a bill to require Congress to establish a unified and searchable database on a public website for congressional earmarks. 342 Dirksen Senate Office Building.
2 p.m...House Armed Services Terrorism Subcommittee hearing on harnessing small-business innovation for national security cyber needs. 2118 Rayburn House Office Building.
2 p.m....House Judiciary Crime Subcommittee hearing on online privacy. 2141 Rayburn House Office Building.
SAID.
"I know you're pulling a pretty heavy load down there."
-Sen. Byron Dorgan (D-N.D.) to FCC Chairman Julius Genachowski at a hearing on Tuesday. He added that he supports what the FCC is doing. He appeared to be referencing broadband reclassification, noting the "controversy" around the proceeding.
WATERCOOLER.
OLD SPICE…The guy in the Old Spice commercials received millions of viral video views "quicker than past hits like Susan Boyle and U.S. President Barack Obama’s election victory speech," Mashable reported on Tuesday. The article argues sales may have even doubled thanks to the campaign.
Wednesday, July 28, 2010
FTC Considers Do-Not-Track List
By Wendy Davis
The Federal Trade Commission is considering proposing a do-not-track mechanism that would allow consumers to easily opt out of all behavioral targeting, chairman Jon Leibowitz told lawmakers on Tuesday.
Testifying at a hearing about online privacy, Leibowitz said the FTC is exploring the feasibility of a browser plug-in that would store users' targeting preferences. He added that either the FTC or a private group could run the system.
Leibowitz said that while Web users on a no-tracking list would still receive online ads, those ads wouldn't be targeted based on sites that users had visited in the past.
Three years ago, a coalition of privacy groups including the World Privacy Forum, Center for Digital Democracy and Center for Democracy & Technology proposed that the FTC create a do-not-track registry, similar to the do-not-call registry. At the time, the online ad industry strongly opposed the idea of a government-run no-tracking list.
Currently, many people who want to opt out do so through cookies, either on a company-by-company basis or through the Network Advertising Initiative's opt-out cookie (which allows users to opt out of targeting from many of the largest companies). But those opt-outs aren't stable because they're tied to cookies, which often get deleted.
The Network Advertising Initiative recently rolled out a browser plug-in that enables consumers to opt out of targeted ads by NAI members.
Leibowitz also told lawmakers that he personally favored opt-in consent to behavioral targeting, or receiving ads based on sites visited. "I think opt-in generally protects consumers' privacy better than opt-out, under most circumstances," he said. "I don't think it undermines a company's ability to get the information it needs to advertise back to consumers."
Online ad companies say that behavioral targeting is "anonymous" because they don't collect users' names or other so-called personally identifiable information, but Leibowitz said that it might be possible to piece together users' names from clickstream data. He told lawmakers about AOL's "Data Valdez," which involved AOL releasing three months' of "anonymized" search queries for 650,000 users. Even though the company didn't directly tie the queries to users' names, some were identified based solely on the patterns in their search queries. Several lawmakers expressed concerns with behavioral advertising during Tuesday's hearing. Sen. Claire McCaskill (D-Mo.) said she was "a little spooked out" about online tracking and ad targeting.
McCaskill said that after reading online about foreign SUVs, she noticed that she was receiving ads for such cars. "That's creepy," she said, likening it to someone following her with a camera and recording her moves.
She added that if an "average American" were to learn that someone was trailing him around stores with a camera, "there would be a hue and cry in this country that would be unprecedented."
Sen. Jay Rockefeller (D-W. Va.) and Sen. John Kerry (D-Mass.) both expressed concern that privacy policies weren't giving Web users enough useful information about online ad practices.
Rockefeller proposed that some companies were burying too much information in lengthy documents that consumers don't read. "Some would say the fine print is there and it's not our fault you didn't read it," he said, adding, "I say, that's a 19th-century mentality."
Kerry added that he didn't know that consumers understood how companies use data. "I'm not sure that there's knowledge in the caveat emptor component of this," he said.
The Federal Trade Commission is considering proposing a do-not-track mechanism that would allow consumers to easily opt out of all behavioral targeting, chairman Jon Leibowitz told lawmakers on Tuesday.
Testifying at a hearing about online privacy, Leibowitz said the FTC is exploring the feasibility of a browser plug-in that would store users' targeting preferences. He added that either the FTC or a private group could run the system.
Leibowitz said that while Web users on a no-tracking list would still receive online ads, those ads wouldn't be targeted based on sites that users had visited in the past.
Three years ago, a coalition of privacy groups including the World Privacy Forum, Center for Digital Democracy and Center for Democracy & Technology proposed that the FTC create a do-not-track registry, similar to the do-not-call registry. At the time, the online ad industry strongly opposed the idea of a government-run no-tracking list.
Currently, many people who want to opt out do so through cookies, either on a company-by-company basis or through the Network Advertising Initiative's opt-out cookie (which allows users to opt out of targeting from many of the largest companies). But those opt-outs aren't stable because they're tied to cookies, which often get deleted.
The Network Advertising Initiative recently rolled out a browser plug-in that enables consumers to opt out of targeted ads by NAI members.
Leibowitz also told lawmakers that he personally favored opt-in consent to behavioral targeting, or receiving ads based on sites visited. "I think opt-in generally protects consumers' privacy better than opt-out, under most circumstances," he said. "I don't think it undermines a company's ability to get the information it needs to advertise back to consumers."
Online ad companies say that behavioral targeting is "anonymous" because they don't collect users' names or other so-called personally identifiable information, but Leibowitz said that it might be possible to piece together users' names from clickstream data. He told lawmakers about AOL's "Data Valdez," which involved AOL releasing three months' of "anonymized" search queries for 650,000 users. Even though the company didn't directly tie the queries to users' names, some were identified based solely on the patterns in their search queries. Several lawmakers expressed concerns with behavioral advertising during Tuesday's hearing. Sen. Claire McCaskill (D-Mo.) said she was "a little spooked out" about online tracking and ad targeting.
McCaskill said that after reading online about foreign SUVs, she noticed that she was receiving ads for such cars. "That's creepy," she said, likening it to someone following her with a camera and recording her moves.
She added that if an "average American" were to learn that someone was trailing him around stores with a camera, "there would be a hue and cry in this country that would be unprecedented."
Sen. Jay Rockefeller (D-W. Va.) and Sen. John Kerry (D-Mass.) both expressed concern that privacy policies weren't giving Web users enough useful information about online ad practices.
Rockefeller proposed that some companies were burying too much information in lengthy documents that consumers don't read. "Some would say the fine print is there and it's not our fault you didn't read it," he said, adding, "I say, that's a 19th-century mentality."
Kerry added that he didn't know that consumers understood how companies use data. "I'm not sure that there's knowledge in the caveat emptor component of this," he said.
Privacy Lawsuit Targets Net Giants Over ‘Zombie’ Cookies
A wide swath of the net’s top websites, including MTV, ESPN, MySpace, Hulu, ABC, NBC and Scribd, were sued in federal court Friday on the grounds they violated federal computer intrusion law by secretly using storage in Adobe’s Flash player to re-create cookies deleted by users.
At issue is technology from Quantcast, also targeted in the lawsuit. Quantcast created Flash cookies that track users across the web, and used them to re-create traditional browser cookies that users deleted from their computers. These “zombie” cookies came to light last year, after researchers at UC Berkeley documented deleted browser cookies returning to life. Quantcast quickly fixed the issue, calling it an unintended consequence of trying to measure web traffic accurately.
Flash cookies are used by many of the net’s top websites for a variety of purposes, from setting default volume levels on video players to assigning a unique ID to users that tracks them no matter what browser they use. (Disclosure: The last time we reported on this issue, we found that Wired.com used one to set video preferences.)
The lawsuit (.pdf), filed in U.S. district court in San Francisco, asks the court to find that the practice violated eavesdropping and hacking laws, and that the practice of secretly tracking users also violated state and federal fair trade laws. The lawsuit alleges a “pattern of covert online surveillance” and seeks status as a class action lawsuit. The lawsuit was filed by Joseph Malley, a privacy activist lawyer who also played key roles in other high profile privacy lawsuits, including a $9.5 million settlement earlier this year from Facebook over its ill-fated Beacon program and a settlement with Netflix after the company gave imperfectly anonymized data to contestants in a movie recommendation contest.
“The objective of this scheme was the online harvesting of consumers’ personal information for Defendants’ use in online marketing activities,” wrote Malley, who called the technique “as simple as it was deceptive and devious.”
Unlike traditional browser cookies, Flash cookies are relatively unknown to web users, and they are not controlled through the cookie privacy controls in a browser. That means even if a user thinks they have cleared their computer of tracking objects, they most likely have not.
Adobe’s Flash software is installed on an estimated 98 percent of personal computers, and has been a key component in the explosion of online video, powering video players for sites such as YouTube and Hulu.
Websites can store up to 100 kilobytes of information in the plug-in, 25 times what a browser cookie can hold. Sites like Pandora.com also use Flash’s storage capability to pre-load portions of songs or videos to ensure smooth playback.
QuantCast was using the same user ID in its HTML and Flash cookies, and when a user got rid of the former, Quantcast would reach into the Flash storage bin, retrieve the user’s old number and reapply it so the customer’s browsing history around the net would not be cut off.
Quantcast’s behavior stopped last August, after Wired.com reported on the research from then-grad student Ashkan Soltani.
Quantcast is used by thousands of sites to measure the number of unique visitors and to get information on the kinds of people visiting their site — athletic, older, interested in food, etc.
The lawsuit seeks unspecified damages and a court order requiring the companies to delete data collected, stop the practice in the future and provide an easy way to opt out.
All modern browsers now include fine-grained controls to let users decide what cookies to accept and which to get rid of, but Flash cookies are handled differently. These are fixed through a web page on Adobe’s site, and the controls are not easily understood (There is a panel for Global Privacy Settings and another for Website Privacy Settings — the difference is unclear). In fact, the controls are so odd, the page has to tell you that it actually is the control for your computer, not just a tutorial on how to use the control.
Firefox users can prevent or delete Flash cookies using a free add-on called BetterPrivacy.
Scribd, Hulu, and ESPN both declined to comment, saying they had not yet been served with the lawsuit.
Quantcast and MTV’s parent company, Viacom, did not respond to requests for comment.
The case number is 10-CV-5484, U.S. District Court for the Northern District of California.
By Ryan Singel, wired.com
At issue is technology from Quantcast, also targeted in the lawsuit. Quantcast created Flash cookies that track users across the web, and used them to re-create traditional browser cookies that users deleted from their computers. These “zombie” cookies came to light last year, after researchers at UC Berkeley documented deleted browser cookies returning to life. Quantcast quickly fixed the issue, calling it an unintended consequence of trying to measure web traffic accurately.
Flash cookies are used by many of the net’s top websites for a variety of purposes, from setting default volume levels on video players to assigning a unique ID to users that tracks them no matter what browser they use. (Disclosure: The last time we reported on this issue, we found that Wired.com used one to set video preferences.)
The lawsuit (.pdf), filed in U.S. district court in San Francisco, asks the court to find that the practice violated eavesdropping and hacking laws, and that the practice of secretly tracking users also violated state and federal fair trade laws. The lawsuit alleges a “pattern of covert online surveillance” and seeks status as a class action lawsuit. The lawsuit was filed by Joseph Malley, a privacy activist lawyer who also played key roles in other high profile privacy lawsuits, including a $9.5 million settlement earlier this year from Facebook over its ill-fated Beacon program and a settlement with Netflix after the company gave imperfectly anonymized data to contestants in a movie recommendation contest.
“The objective of this scheme was the online harvesting of consumers’ personal information for Defendants’ use in online marketing activities,” wrote Malley, who called the technique “as simple as it was deceptive and devious.”
Unlike traditional browser cookies, Flash cookies are relatively unknown to web users, and they are not controlled through the cookie privacy controls in a browser. That means even if a user thinks they have cleared their computer of tracking objects, they most likely have not.
Adobe’s Flash software is installed on an estimated 98 percent of personal computers, and has been a key component in the explosion of online video, powering video players for sites such as YouTube and Hulu.
Websites can store up to 100 kilobytes of information in the plug-in, 25 times what a browser cookie can hold. Sites like Pandora.com also use Flash’s storage capability to pre-load portions of songs or videos to ensure smooth playback.
QuantCast was using the same user ID in its HTML and Flash cookies, and when a user got rid of the former, Quantcast would reach into the Flash storage bin, retrieve the user’s old number and reapply it so the customer’s browsing history around the net would not be cut off.
Quantcast’s behavior stopped last August, after Wired.com reported on the research from then-grad student Ashkan Soltani.
Quantcast is used by thousands of sites to measure the number of unique visitors and to get information on the kinds of people visiting their site — athletic, older, interested in food, etc.
The lawsuit seeks unspecified damages and a court order requiring the companies to delete data collected, stop the practice in the future and provide an easy way to opt out.
All modern browsers now include fine-grained controls to let users decide what cookies to accept and which to get rid of, but Flash cookies are handled differently. These are fixed through a web page on Adobe’s site, and the controls are not easily understood (There is a panel for Global Privacy Settings and another for Website Privacy Settings — the difference is unclear). In fact, the controls are so odd, the page has to tell you that it actually is the control for your computer, not just a tutorial on how to use the control.
Firefox users can prevent or delete Flash cookies using a free add-on called BetterPrivacy.
Scribd, Hulu, and ESPN both declined to comment, saying they had not yet been served with the lawsuit.
Quantcast and MTV’s parent company, Viacom, did not respond to requests for comment.
The case number is 10-CV-5484, U.S. District Court for the Northern District of California.
By Ryan Singel, wired.com
Friday, July 23, 2010
IAB, Consumer Advocates Weigh In On Privacy Laws
A senior Republican lawmaker expressed concern on Thursday that a privacy bill introduced by Rep. Bobby Rush (D-Ill.) could impose too many restrictions on businesses.
"We must craft legislation that creates an incentive for businesses to subscribe to the very best practices," Rep. Cliff Stearns (R-Fla.) said at a hearing on Rush's proposal. Stearns criticized several aspects of Rush's bill, including that it would allow consumers to bring lawsuits against companies that violate the law, and that it delegates too much power to the Federal Trade Commission.
Stearns had signed on to an earlier proposal floated in May by Rep. Rick Boucher (D-Va.), which differs in a few key ways from Rush's bill the Best Practices Act (H.R. 5577).
Rush's measure would require Web companies to obtain users' explicit permission before sharing their personal information with third parties, unless those companies participate in a "universal opt-out" program operated by a self-regulatory program and overseen by the Federal Trade Commission. Rush also would allow consumers to sue privately for up to $1,000 per violation, with damages capped at $5 million per incident.
Boucher's slightly different proposal would require ad networks that track people and collect personal information for ad purposes to obtain users' opt-in consent, unless the networks provide prominent notice through an icon and also allow people to view and edit their profiles. Boucher also would ban private lawsuits.
Rush's bill, like Boucher's, doesn't just cover personally identifiable information like names and addresses, but also applies to supposedly anonymous information, including Web users' marketing profiles that are associated with cookies on their computers. But unlike Boucher's proposal, Rush's measure also tasks the FTC with further defining the type of data that is covered by the bill.
At Thursday's hearing, Rep. Ed Whitfield (R-Ky.) asked whether the collection of anonymous browsing activity should "require the same level of consent" as collecting material like names and financial account numbers.
Two privacy advocates on the panel, Ed Mierzwinski, program director of the U.S. Public Interest Research Group, and Leslie Harris, president and CEO of the Center for Democracy & Technology, indicated they believed the answer was yes, because of the possibility that people could be identified based on "anonymous" information.
"We're concerned that de-identified or supposedly anonymous information can be repackaged back together," Mierzwinski said.
But the Interactive Advertising Bureau's Vice President for Public Policy Mike Zaneis said that Congress shouldn't try to legislate about activity that was only theoretical. He said that it isn't the "predominant business model" to connect clickstream data to personally identifiable information.
Whitfield also asked whether requiring users' opt-in consent to data collection would hinder online businesses.
Federal Trade Commission Consumer Protection Chief David Vladeck said that the most important consideration isn't whether companies obtain opt-in or opt-out consent, but whether they are adequately notifying consumers about data collection. "The goal ought to be to keep consumers well-informed," he said. "Clarity and ease of use ought to be the key metrics."
"We must craft legislation that creates an incentive for businesses to subscribe to the very best practices," Rep. Cliff Stearns (R-Fla.) said at a hearing on Rush's proposal. Stearns criticized several aspects of Rush's bill, including that it would allow consumers to bring lawsuits against companies that violate the law, and that it delegates too much power to the Federal Trade Commission.
Stearns had signed on to an earlier proposal floated in May by Rep. Rick Boucher (D-Va.), which differs in a few key ways from Rush's bill the Best Practices Act (H.R. 5577).
Rush's measure would require Web companies to obtain users' explicit permission before sharing their personal information with third parties, unless those companies participate in a "universal opt-out" program operated by a self-regulatory program and overseen by the Federal Trade Commission. Rush also would allow consumers to sue privately for up to $1,000 per violation, with damages capped at $5 million per incident.
Boucher's slightly different proposal would require ad networks that track people and collect personal information for ad purposes to obtain users' opt-in consent, unless the networks provide prominent notice through an icon and also allow people to view and edit their profiles. Boucher also would ban private lawsuits.
Rush's bill, like Boucher's, doesn't just cover personally identifiable information like names and addresses, but also applies to supposedly anonymous information, including Web users' marketing profiles that are associated with cookies on their computers. But unlike Boucher's proposal, Rush's measure also tasks the FTC with further defining the type of data that is covered by the bill.
At Thursday's hearing, Rep. Ed Whitfield (R-Ky.) asked whether the collection of anonymous browsing activity should "require the same level of consent" as collecting material like names and financial account numbers.
Two privacy advocates on the panel, Ed Mierzwinski, program director of the U.S. Public Interest Research Group, and Leslie Harris, president and CEO of the Center for Democracy & Technology, indicated they believed the answer was yes, because of the possibility that people could be identified based on "anonymous" information.
"We're concerned that de-identified or supposedly anonymous information can be repackaged back together," Mierzwinski said.
But the Interactive Advertising Bureau's Vice President for Public Policy Mike Zaneis said that Congress shouldn't try to legislate about activity that was only theoretical. He said that it isn't the "predominant business model" to connect clickstream data to personally identifiable information.
Whitfield also asked whether requiring users' opt-in consent to data collection would hinder online businesses.
Federal Trade Commission Consumer Protection Chief David Vladeck said that the most important consideration isn't whether companies obtain opt-in or opt-out consent, but whether they are adequately notifying consumers about data collection. "The goal ought to be to keep consumers well-informed," he said. "Clarity and ease of use ought to be the key metrics."
Thursday, July 22, 2010
Google Takes FTC to Task Over Journalism’s Future
There’s a lot of hand-wringing about the future of journalism, but does that mean the government should step in?
The Federal Trade Commission last month issued a “discussion draft” paper that proposed things like legislation to limit news aggregators, and tax breaks and antitrust exemptions for news organizations. Other reports, like one from Columbia University, also have suggested that the government take a bigger role in supporting journalism. This week, tech giant Google put in its two cents — or 20 pages, to be exact — questioning the FTC draft proposals and saying that “business problems require business solutions” rather than regulation.
The problem, Google says, is that newspapers have failed to keep up with the times. To back up its argument, Google quotes the former editor of the Rocky Mountain News on lessons he learned from the paper’s failure, including that the company made a mistake by seeing its website as relatively unimportant.
Google points out that search engines and services like Google News allow news organizations to find new audiences. And it says the Internet has increased the opportunity for new publishers — like bloggers — to enter the market. Meanwhile, the FTC draft focuses on newspapers and mentions the word “blog” only once in 35 pages, as City University of New York journalism professor Jeff Jarvis pointed out on his blog.
Google also argues that journalists should not have a copyright on so-called “hot news” or scoops, given that journalists have long reported the work of others and that facts shouldn’t be copyrighted. (It’s no surprise that Google comes down on the side of news aggregators, since Google itself operates one, but this brief uses tougher language than Google has in the past.)
The tech giant comes out strongly against breaks for news organizations and journalists, pointing out that historically the FTC has opposed such exemptions.
But there’s still a consensus that journalism is an important part of democracy. The question is whether that part of its role will survive. Other ideas proposed in the FTC document included increasing access to government data and starting a journalism division of AmeriCorps.
The Federal Trade Commission last month issued a “discussion draft” paper that proposed things like legislation to limit news aggregators, and tax breaks and antitrust exemptions for news organizations. Other reports, like one from Columbia University, also have suggested that the government take a bigger role in supporting journalism. This week, tech giant Google put in its two cents — or 20 pages, to be exact — questioning the FTC draft proposals and saying that “business problems require business solutions” rather than regulation.
The problem, Google says, is that newspapers have failed to keep up with the times. To back up its argument, Google quotes the former editor of the Rocky Mountain News on lessons he learned from the paper’s failure, including that the company made a mistake by seeing its website as relatively unimportant.
Google points out that search engines and services like Google News allow news organizations to find new audiences. And it says the Internet has increased the opportunity for new publishers — like bloggers — to enter the market. Meanwhile, the FTC draft focuses on newspapers and mentions the word “blog” only once in 35 pages, as City University of New York journalism professor Jeff Jarvis pointed out on his blog.
Google also argues that journalists should not have a copyright on so-called “hot news” or scoops, given that journalists have long reported the work of others and that facts shouldn’t be copyrighted. (It’s no surprise that Google comes down on the side of news aggregators, since Google itself operates one, but this brief uses tougher language than Google has in the past.)
The tech giant comes out strongly against breaks for news organizations and journalists, pointing out that historically the FTC has opposed such exemptions.
But there’s still a consensus that journalism is an important part of democracy. The question is whether that part of its role will survive. Other ideas proposed in the FTC document included increasing access to government data and starting a journalism division of AmeriCorps.
Google To Government: Keep Your Hands Off Journalism
Google just published a response to some ideas recently floated by the FTC on how to rescue journalism.
Google's message: "business problems require business solutions rather than regulatory ones."
The FTC document outlines the crisis facing, in particular, print media, and expresses doubt that any new online business model will emerge that can support original journalism. It then goes on to outline a number of possible policy solutions, including:
Google, of course, has a powerful financial motive for opposing any new regulation of online news consumption. But if there is a serious case in favor of government-supported journalism, we haven't seen it yet.
By Nick Saint
Google's message: "business problems require business solutions rather than regulatory ones."
The FTC document outlines the crisis facing, in particular, print media, and expresses doubt that any new online business model will emerge that can support original journalism. It then goes on to outline a number of possible policy solutions, including:
- Reducing search engines' and aggregators' fair use rights to news content.
- Creating an antitrust exemption that would allow newspapers to form a paywall cartel, and to charge search engines and aggregators for access to their content.
Google, of course, has a powerful financial motive for opposing any new regulation of online news consumption. But if there is a serious case in favor of government-supported journalism, we haven't seen it yet.
By Nick Saint
DoubleVerify Launches Fraud Detection Lab
Digital media-verification company DoubleVerify on Wednesday debuted a research arm to uncover fraudulent sites, as well as malware, spyware, adware and other forms of fraudulent online ads. The Advertising Fraud Detection Lab will investigate ad fraud in real-time and raise awareness of deceptive scams taking place online.
"Marketers are often unaware when compliance is at risk due to rogue publishers acting inappropriately on ad networks and exchanges, and most ad networks don't typically have the capabilities to verify the problem in real-time," said Oren Netzer, CEO of DoubleVerify. "We created the Virtual Visitors technology specifically to combat this problem."
In an initial test, the Lab identified several examples of fraudulent publisher schemes that waste ad spend and put advertisers in danger of severe punishment from the government, regardless of whether they were aware of it taking place or not.
Common -- yet deceptive -- types of fraud observed include misplacing or stealing ad tags, whereby organizations sign up as a legitimate publisher and then re-place the tag onto an inappropriate site for advertisers. Affiliate fraud is another in which publishers using an affiliate program in order to accumulate more traffic upload affiliate sites in hidden iFrames, which users can't see.
Invisible ads, meanwhile, occur when ads are on micro-sized iFrames that are essentially hidden to users because they can't see them even if they are prominently placed on the page.
Launched in May 2008, DoubleVerify launched its real-time verification solution for online ad transactions last May. In March, the startup raised a $10 million series B financing round led by Institutional Venture Partners.
Presently, DoubleVerify's platform and technology verify over 20 billion monthly impressions on behalf of marketers in a range of verticals, including telecom, pharma, retail, finance, CPG, and entertainment.
Late last year, video ad network Tremor Media tapped DoubleVerify for increased accountability and transparency of video ad campaigns. Tremor serves in-stream and in-banner video ads across a network of over 1,500 mid-tier and premium sites including WWE.com and WSJ.com.
The new lab will encourage collaboration between advertisers, ad networks and publishers to fight malicious activities that harm brands, legitimate publishers and users, and negatively affect the industry overall.
In the fall, the group plans to publish a white paper detailing findings from the first few months of its inception and recommending actions to mitigate publisher fraud risk.
"Marketers are often unaware when compliance is at risk due to rogue publishers acting inappropriately on ad networks and exchanges, and most ad networks don't typically have the capabilities to verify the problem in real-time," said Oren Netzer, CEO of DoubleVerify. "We created the Virtual Visitors technology specifically to combat this problem."
In an initial test, the Lab identified several examples of fraudulent publisher schemes that waste ad spend and put advertisers in danger of severe punishment from the government, regardless of whether they were aware of it taking place or not.
Common -- yet deceptive -- types of fraud observed include misplacing or stealing ad tags, whereby organizations sign up as a legitimate publisher and then re-place the tag onto an inappropriate site for advertisers. Affiliate fraud is another in which publishers using an affiliate program in order to accumulate more traffic upload affiliate sites in hidden iFrames, which users can't see.
Invisible ads, meanwhile, occur when ads are on micro-sized iFrames that are essentially hidden to users because they can't see them even if they are prominently placed on the page.
Launched in May 2008, DoubleVerify launched its real-time verification solution for online ad transactions last May. In March, the startup raised a $10 million series B financing round led by Institutional Venture Partners.
Presently, DoubleVerify's platform and technology verify over 20 billion monthly impressions on behalf of marketers in a range of verticals, including telecom, pharma, retail, finance, CPG, and entertainment.
Late last year, video ad network Tremor Media tapped DoubleVerify for increased accountability and transparency of video ad campaigns. Tremor serves in-stream and in-banner video ads across a network of over 1,500 mid-tier and premium sites including WWE.com and WSJ.com.
The new lab will encourage collaboration between advertisers, ad networks and publishers to fight malicious activities that harm brands, legitimate publishers and users, and negatively affect the industry overall.
In the fall, the group plans to publish a white paper detailing findings from the first few months of its inception and recommending actions to mitigate publisher fraud risk.
Wednesday, July 21, 2010
Report: Consumers Prefer Receiving Credit Card Information Via Email, Targeted Approach Best For New Business
Marketers able to mount multichannel, highly targeted ad campaigns are well positioned to capture a piece of the lucrative credit card business, according to new research from direct marketing agency Epsilon.
"Consumers want and expect to receive information that is relevant and personal, especially when it comes to financial services marketing," said Michael Penney, EVP of Epsilon's Strategic & Analytic Consulting Group. "In order to engage consumers and create unique experiences, marketers need to focus on asking questions and understanding what consumers want and how to engage with them."
More than half of consumers surveyed were unsure of what credit card company they were going to use when opening up a new account. Only 34% of consumers surveyed definitely knew which company they would go with, while over four in ten consumers chose a company with which they already had accounts.
The most influential sources of information were friends and family, followed by a financial advisor, brand Web sites, and product review Web sites.
"A multichannel approach that speaks directly with the individual consumer can create long-lasting relationships," Penney added.
Meanwhile, the primary reason why consumers selected a credit card company was the rewards program, while interest rates and recommendations from friends and family were also driving forces. The preferred channel for receiving information about credit cards was email, followed by postal mail and company Web sites.
Consumers also expressed interest in receiving rate changes and sales/discount offers from credit card companies, while nearly one-third also chose information tailored to their interests as one of their top two selections.
Loyalty programs were identified as another critical component of a successful retail banking marketing strategy.
The survey included responses from over 180 consumers who recently opened up a new credit card. It was part of a listening exercise designed to explore the concept of Customer Experience Marketing, an approach to deliver relevant interactions that anticipate and respond to the many ways that consumers want to engage, shop and buy today.
"Consumers want and expect to receive information that is relevant and personal, especially when it comes to financial services marketing," said Michael Penney, EVP of Epsilon's Strategic & Analytic Consulting Group. "In order to engage consumers and create unique experiences, marketers need to focus on asking questions and understanding what consumers want and how to engage with them."
More than half of consumers surveyed were unsure of what credit card company they were going to use when opening up a new account. Only 34% of consumers surveyed definitely knew which company they would go with, while over four in ten consumers chose a company with which they already had accounts.
The most influential sources of information were friends and family, followed by a financial advisor, brand Web sites, and product review Web sites.
"A multichannel approach that speaks directly with the individual consumer can create long-lasting relationships," Penney added.
Meanwhile, the primary reason why consumers selected a credit card company was the rewards program, while interest rates and recommendations from friends and family were also driving forces. The preferred channel for receiving information about credit cards was email, followed by postal mail and company Web sites.
Consumers also expressed interest in receiving rate changes and sales/discount offers from credit card companies, while nearly one-third also chose information tailored to their interests as one of their top two selections.
Loyalty programs were identified as another critical component of a successful retail banking marketing strategy.
The survey included responses from over 180 consumers who recently opened up a new credit card. It was part of a listening exercise designed to explore the concept of Customer Experience Marketing, an approach to deliver relevant interactions that anticipate and respond to the many ways that consumers want to engage, shop and buy today.
Tuesday, July 20, 2010
New Privacy Bill Released, House To Consider Thursday
By Wendy Davis
Rep. Bobby Rush (D-Ill.) unveiled a privacy bill on Monday that would require companies to obtain people's opt-in consent before disclosing their personal information to third parties in some circumstances.
A version of the bill seen by Online Media Daily appears to be similar to a draft measure floated in May by Rep. Rick Boucher (D-Va.), chairman of the Subcommittee on Communications, Technology and the Internet, but with some key differences.
Both bills follow a notice-and-choice framework, and both require users' consent for online behavioral advertising, or tracking users across sites in order to serve targeted ads. Both also allow companies to obtain opt-out consent rather than opt-in, but under slightly different circumstances.
Rush's measure would require Web sites to obtain users' explicit permission before sharing their personal information with third parties, unless those companies participate in a "universal opt-out" program operated by industry groups, like the Network Advertising Initiative, and overseen by the Federal Trade Commission.
Boucher's draft proposal, by contrast, would require ad networks that track people and collect personal information for ad purposes to obtain users' opt-in consent, unless the networks provide prominent notice through an icon and also allow people to view and edit their profiles.
Rush's bill also defines third-party broadly, saying that companies are considered third parties to each other if consumers would not expect reasonably them to be related. For instance, a publisher that owns an unbranded network of blogs could be considered a third party to those blogs.
Rush's measure also tasks the FTC with further defining "third party" within 18 months.
Like Boucher's proposal, Rush's bill would apply to data that is traditionally considered "personally identifiable" -- such as names and addresses -- as well as information sometimes deemed "anonymous," like marketing profiles associated with particular computers.
Rush's bill provides that IP addresses would be covered if used to create marketing profiles, but not when used to send ads dynamically. As with the definition of third party, Rush delegates to the FTC the task of further defining personal information.
Also similar to Boucher's measure, Rush's bill requires companies to obtain users' affirmative consent before collecting or sharing sensitive information -- but provides a more sweeping definition of that term. Rush says that sensitive data includes information about people's medical history or health, race or ethnicity, religious beliefs and affiliation, sexual orientation or sexual behavior, as well as certain financial data. Precise geolocation information would be considered "sensitive" if associated with other data like names or profiles. Rush also says FTC may modify the definition of sensitive information through a rulemaking.
Boucher, by contrast, defined sensitive information as medical records, race or ethnicity, religious beliefs, sexual orientation, financial records and precise geolocation information.
One key area that differs from Boucher's proposal involves consumers' ability to sue. Rush would allow individuals to sue companies that don't follow the measure for up to $1,000 per violation. Boucher's bill would completely bar consumers from bringing private lawsuits.
Rush, chairman of the House Energy and Commerce Subcommittee on Commerce, Trade and Consumer Protection, did not have a co-sponsor for the bill as of Monday afternoon. A hearing on Rush's proposal is slated for Thursday.
Some consumer advocates reacted more favorably to Rush's proposal than to Boucher's. Privacy advocate Jeff Chester, executive director of the Center for Digital Democracy, said Rush's proposal "significantly advances the privacy debate in Congress."
Chester added, "By empowering the FTC to engage in additional rule-makings on privacy, it creates a framework to better address consumer privacy concerns -- online and off."
Leslie Harris, president of the digital rights group Center for Democracy & Technology, said Rush's bill "establishes a forward looking and flexible framework for protecting consumer privacy."
Harris is expected to testify at a hearing on Thursday addressing privacy legislation.
Rep. Bobby Rush (D-Ill.) unveiled a privacy bill on Monday that would require companies to obtain people's opt-in consent before disclosing their personal information to third parties in some circumstances.
A version of the bill seen by Online Media Daily appears to be similar to a draft measure floated in May by Rep. Rick Boucher (D-Va.), chairman of the Subcommittee on Communications, Technology and the Internet, but with some key differences.
Both bills follow a notice-and-choice framework, and both require users' consent for online behavioral advertising, or tracking users across sites in order to serve targeted ads. Both also allow companies to obtain opt-out consent rather than opt-in, but under slightly different circumstances.
Rush's measure would require Web sites to obtain users' explicit permission before sharing their personal information with third parties, unless those companies participate in a "universal opt-out" program operated by industry groups, like the Network Advertising Initiative, and overseen by the Federal Trade Commission.
Boucher's draft proposal, by contrast, would require ad networks that track people and collect personal information for ad purposes to obtain users' opt-in consent, unless the networks provide prominent notice through an icon and also allow people to view and edit their profiles.
Rush's bill also defines third-party broadly, saying that companies are considered third parties to each other if consumers would not expect reasonably them to be related. For instance, a publisher that owns an unbranded network of blogs could be considered a third party to those blogs.
Rush's measure also tasks the FTC with further defining "third party" within 18 months.
Like Boucher's proposal, Rush's bill would apply to data that is traditionally considered "personally identifiable" -- such as names and addresses -- as well as information sometimes deemed "anonymous," like marketing profiles associated with particular computers.
Rush's bill provides that IP addresses would be covered if used to create marketing profiles, but not when used to send ads dynamically. As with the definition of third party, Rush delegates to the FTC the task of further defining personal information.
Also similar to Boucher's measure, Rush's bill requires companies to obtain users' affirmative consent before collecting or sharing sensitive information -- but provides a more sweeping definition of that term. Rush says that sensitive data includes information about people's medical history or health, race or ethnicity, religious beliefs and affiliation, sexual orientation or sexual behavior, as well as certain financial data. Precise geolocation information would be considered "sensitive" if associated with other data like names or profiles. Rush also says FTC may modify the definition of sensitive information through a rulemaking.
Boucher, by contrast, defined sensitive information as medical records, race or ethnicity, religious beliefs, sexual orientation, financial records and precise geolocation information.
One key area that differs from Boucher's proposal involves consumers' ability to sue. Rush would allow individuals to sue companies that don't follow the measure for up to $1,000 per violation. Boucher's bill would completely bar consumers from bringing private lawsuits.
Rush, chairman of the House Energy and Commerce Subcommittee on Commerce, Trade and Consumer Protection, did not have a co-sponsor for the bill as of Monday afternoon. A hearing on Rush's proposal is slated for Thursday.
Some consumer advocates reacted more favorably to Rush's proposal than to Boucher's. Privacy advocate Jeff Chester, executive director of the Center for Digital Democracy, said Rush's proposal "significantly advances the privacy debate in Congress."
Chester added, "By empowering the FTC to engage in additional rule-makings on privacy, it creates a framework to better address consumer privacy concerns -- online and off."
Leslie Harris, president of the digital rights group Center for Democracy & Technology, said Rush's bill "establishes a forward looking and flexible framework for protecting consumer privacy."
Harris is expected to testify at a hearing on Thursday addressing privacy legislation.
Wednesday, July 7, 2010
Click-Fraud Rates Remain At Record Level
The average "innocuous invalid rate" in Anchor Intelligence's network declined to 29.8% in the second quarter of 2010, representing a 36.1% sequential decrease. That means the invalid traffic rate dropped to less than 1% from 7% in the prior quarter, according to the company's Traffic Quality Q2 2010 report released Monday. But the decrease does not necessarily mean good news for advertisers.
Anchor analyzes multiple types of advertising, but predominantly driven by CPC, search ads. While the decrease presents an interesting trend, it does not represent a decline in malicious activity across the Web, but rather a decline in robot traffic such as Web site crawlers and spiders designed to index Web sites as well as a sharp decrease in internal testing traffic like test clicks from ad networks and search engines. The report suggests that since innocuous invalid traffic is generally pre-filtered by ad providers, it rarely impacts an advertiser's ad budget.
While neither the innocuous-invalid rate or the attempted click-fraud rate bode well for advertisers, the malicious intent of the click-fraud invalids generally are worse "because in those instances you're dealing with groups of bad actors who spend lots of time, money, energy, and resources to steal money from the advertising community," says Ken Miller, Anchor's chief executive officer. "Whereas the innocuous is more of an annoying occurrence that many companies can manage, the malicious activity requires systems that are as good as those built by the bad guys, and most companies aren't equipped to do that."
The attempted click-fraud rate remained nearly unchanged, decreasing from 29.2% in Q1 to 28.9% in Q2, but year-on-year the percentage jumped 26%. The Traffic Quality Report aims to provide online advertisers with insights into the magnitude of traffic quality issues observed by Anchor, while providing clear and accurate definitions for the statistics provided.
Another trend that Anchor identified points to targeting smaller, less established ad networks and search engines that may on average become more vulnerable to attacks. It has become apparent that some customers consistently record increases in volume while also experiencing decreases in attempted click-fraud rates. This trend indicates that advertisers are seeing improved performance on ad networks and search engines that defend networks and sites against click fraud.
Anchor also measures click fraud by country. Of the top 30 countries, Vietnam took No. 1 at 37.3% in Q2 when it comes to attempted click fraud, up from 35.4% sequentially. Anchor attributes this to automated, high-velocity traffic from a distinct number of IP addresses as well as traffic from users displaying historically suspicious behavior.
Vietnam's Internet infrastructure is more vulnerable to attack than those of other countries because most computers run on outdated operating systems and Web browsers. Furthermore, the click-fraud attempts originating out of Vietnam in Q2 were believed to be a result of machines that were compromised during politically motivated cyber attacks against blogs criticizing mining projects in Vietnam.
Australia and the United States remain at No. 1 and No. 2, respectively, when it comes to the highest attempted click-fraud rates. The click-fraud rate in Australia increased from 35.2% in Q1 to 36.4 in Q2, and the attempted click-fraud rate in the U.S. decreased from 35.0% to 34.0%.
Click fraud is not the only malicious online activity advertisers need to keep an eye on. Video as a promotional advertising tool will begin to attract more mischief by those who want to exploit the Web and its content.
Anchor has successfully tested its ClearMark technology on video ads, but they don't make up a large percentage of the ads the company monitors, mainly because client demand has not yet reached the medium, Miller says. It likely will eventually.
Hackers took advantage of a cross-site scripting (XSS) vulnerability on Google's YouTube Sunday, hitting sections where users post comments, according to Network World, an IDG News site. The hack focused on clips related to pop star Justin Bieber. It didn't involve malware, but the code did affect YouTube pages so visitors saw tasteless messages or redirected to external sites with adult content.
Anchor analyzes multiple types of advertising, but predominantly driven by CPC, search ads. While the decrease presents an interesting trend, it does not represent a decline in malicious activity across the Web, but rather a decline in robot traffic such as Web site crawlers and spiders designed to index Web sites as well as a sharp decrease in internal testing traffic like test clicks from ad networks and search engines. The report suggests that since innocuous invalid traffic is generally pre-filtered by ad providers, it rarely impacts an advertiser's ad budget.
While neither the innocuous-invalid rate or the attempted click-fraud rate bode well for advertisers, the malicious intent of the click-fraud invalids generally are worse "because in those instances you're dealing with groups of bad actors who spend lots of time, money, energy, and resources to steal money from the advertising community," says Ken Miller, Anchor's chief executive officer. "Whereas the innocuous is more of an annoying occurrence that many companies can manage, the malicious activity requires systems that are as good as those built by the bad guys, and most companies aren't equipped to do that."
The attempted click-fraud rate remained nearly unchanged, decreasing from 29.2% in Q1 to 28.9% in Q2, but year-on-year the percentage jumped 26%. The Traffic Quality Report aims to provide online advertisers with insights into the magnitude of traffic quality issues observed by Anchor, while providing clear and accurate definitions for the statistics provided.
Another trend that Anchor identified points to targeting smaller, less established ad networks and search engines that may on average become more vulnerable to attacks. It has become apparent that some customers consistently record increases in volume while also experiencing decreases in attempted click-fraud rates. This trend indicates that advertisers are seeing improved performance on ad networks and search engines that defend networks and sites against click fraud.
Anchor also measures click fraud by country. Of the top 30 countries, Vietnam took No. 1 at 37.3% in Q2 when it comes to attempted click fraud, up from 35.4% sequentially. Anchor attributes this to automated, high-velocity traffic from a distinct number of IP addresses as well as traffic from users displaying historically suspicious behavior.
Vietnam's Internet infrastructure is more vulnerable to attack than those of other countries because most computers run on outdated operating systems and Web browsers. Furthermore, the click-fraud attempts originating out of Vietnam in Q2 were believed to be a result of machines that were compromised during politically motivated cyber attacks against blogs criticizing mining projects in Vietnam.
Australia and the United States remain at No. 1 and No. 2, respectively, when it comes to the highest attempted click-fraud rates. The click-fraud rate in Australia increased from 35.2% in Q1 to 36.4 in Q2, and the attempted click-fraud rate in the U.S. decreased from 35.0% to 34.0%.
Click fraud is not the only malicious online activity advertisers need to keep an eye on. Video as a promotional advertising tool will begin to attract more mischief by those who want to exploit the Web and its content.
Anchor has successfully tested its ClearMark technology on video ads, but they don't make up a large percentage of the ads the company monitors, mainly because client demand has not yet reached the medium, Miller says. It likely will eventually.
Hackers took advantage of a cross-site scripting (XSS) vulnerability on Google's YouTube Sunday, hitting sections where users post comments, according to Network World, an IDG News site. The hack focused on clips related to pop star Justin Bieber. It didn't involve malware, but the code did affect YouTube pages so visitors saw tasteless messages or redirected to external sites with adult content.
Friday, June 25, 2010
FTC Offers Broad Interpretation (Extending All The Way To Twitter) Of Its Endorsement Guides
People who endorse marketers for a fee on Twitter could disclose the payment by adding a hashtag like "#paid ad" or "#ad" to their tweets, the Federal Trade Commission said this week. That was just one piece of new advice from the FTC about how to interpret its revised guides to testimonials and endorsements, issued last October.
The guides are not in themselves enforceable, but indicate the type of activity the FTC will consider deceptive. They specifed that bloggers should reveal "material connections" to marketers -- including the receipt of free review copies -- when consumers would be surprised to learn of the connections.
This week, the FTC published additional material about the guides, including answers to frequently asked questions. One of the questions addressed concerned how Web users could make adequate disclosures on Twitter, where posts are limited to 140 characters. The FTC suggested using a hashtag like "#paid ad," noting that it only required eight characters. (The FTC incuded the space in its suggested hashtag.)
The FTC also reiterated this week that its focus is on advertisers, not bloggers. The agency says it has no intention of monitoring bloggers; even if they come to its attention. Instead, the commission says, its focus "will be on advertisers, not endorsers -- just as it's always been."
The new advice typically suggests that people resolve any ambiguities by making more rather than fewer disclosures. For instance, one question considers whether individuals who say on Facebook that they work for a company must also make disclosures when they tout that company's products. The FTC says that doing so is "a good idea."
In addition, the FTC suggests that even token perks, like $1 coupons, should be disclosed. "While getting one item that's not very valuable for free may not affect the credibility of what you say, sometimes continually getting free stuff from an advertiser or multiple advertisers is enough to suggest an expectation of future benefits from positive reviews," the commission says.
When the guides came out last year, some industry observers criticized them for treating bloggers differently than writers for more traditional media. For instance, while the FTC recommended that bloggers tell readers about the receipt of free review copies, the agency didn't recommend that newspapers, magazines or Internet news sites make similar disclosures.
The FTC continues to make that distinction in its new document, on the theory that consumers have different expectations for blogs than news media. "For a review in a newspaper, on TV or on a website with similar content, it's usually clear to the audience that the reviewer didn't buy the product being reviewed," the FTC says. "But on a personal blog, a social networking page, or in similar media, the reader may not expect the reviewer to have a relationship with the company whose products are mentioned."
But the FTC doesn't spell out why it believes that consumers make different assumptions about reviews depending on where they appear -- an omission that troubles some observers like Santa Clara University law professor Eric Goldman. "It's an empirical statement that they have no support for," he says.
Jeff Greenbaum, an advertising and marketing lawyer with Frankfurt Kurnit Klein & Selz, adds that marketers who were awaiting additional guidance might be "surprised, and perhaps even disappointed," by the FTC's latest advice. "One of the major concerns that people had about the guides was that any time you provided a free product to a blogger, disclosure would be required," he says. The new material "really reinforces the FTC's position that almost anything you provide to a blogger will require disclosure."
By Wendy Davis
The guides are not in themselves enforceable, but indicate the type of activity the FTC will consider deceptive. They specifed that bloggers should reveal "material connections" to marketers -- including the receipt of free review copies -- when consumers would be surprised to learn of the connections.
This week, the FTC published additional material about the guides, including answers to frequently asked questions. One of the questions addressed concerned how Web users could make adequate disclosures on Twitter, where posts are limited to 140 characters. The FTC suggested using a hashtag like "#paid ad," noting that it only required eight characters. (The FTC incuded the space in its suggested hashtag.)
The FTC also reiterated this week that its focus is on advertisers, not bloggers. The agency says it has no intention of monitoring bloggers; even if they come to its attention. Instead, the commission says, its focus "will be on advertisers, not endorsers -- just as it's always been."
The new advice typically suggests that people resolve any ambiguities by making more rather than fewer disclosures. For instance, one question considers whether individuals who say on Facebook that they work for a company must also make disclosures when they tout that company's products. The FTC says that doing so is "a good idea."
In addition, the FTC suggests that even token perks, like $1 coupons, should be disclosed. "While getting one item that's not very valuable for free may not affect the credibility of what you say, sometimes continually getting free stuff from an advertiser or multiple advertisers is enough to suggest an expectation of future benefits from positive reviews," the commission says.
When the guides came out last year, some industry observers criticized them for treating bloggers differently than writers for more traditional media. For instance, while the FTC recommended that bloggers tell readers about the receipt of free review copies, the agency didn't recommend that newspapers, magazines or Internet news sites make similar disclosures.
The FTC continues to make that distinction in its new document, on the theory that consumers have different expectations for blogs than news media. "For a review in a newspaper, on TV or on a website with similar content, it's usually clear to the audience that the reviewer didn't buy the product being reviewed," the FTC says. "But on a personal blog, a social networking page, or in similar media, the reader may not expect the reviewer to have a relationship with the company whose products are mentioned."
But the FTC doesn't spell out why it believes that consumers make different assumptions about reviews depending on where they appear -- an omission that troubles some observers like Santa Clara University law professor Eric Goldman. "It's an empirical statement that they have no support for," he says.
Jeff Greenbaum, an advertising and marketing lawyer with Frankfurt Kurnit Klein & Selz, adds that marketers who were awaiting additional guidance might be "surprised, and perhaps even disappointed," by the FTC's latest advice. "One of the major concerns that people had about the guides was that any time you provided a free product to a blogger, disclosure would be required," he says. The new material "really reinforces the FTC's position that almost anything you provide to a blogger will require disclosure."
By Wendy Davis
Tuesday, June 22, 2010
Careful: The European Union Is Messing With Your Cookie Jar
Europe sometimes steers its own course when it comes to privacy matters. I’ve written about the European privacy gaffes before. Some countries like Germany, France and Italy really take a firm stand on privacy matters when it comes to search engines. These countries take aggressive positions with Google and other search engines. Other countries, however, seek to regulate a much larger target: the entire web. Here’s what’s been going on in the privacy debate in Europe recently, specifically when it comes to cookies.
Last November the European Union agreed on a new telecom rule which could have a tremendous effect on the way we work online in Europe. The rule was intended to strengthen consumer rights, an open internet, a single European telecoms market and high-speed internet connections for all Europeans. The rule however is also meant for protection of consumers when it comes to personal data breaches and spam.
Part of the rule is that users have to be better-informed about what is going on “behind the scenes,”—in other words, you have to tell visitors to your website when you are placing cookies. But the actual rule is even slightly more onerous if you read it carefully:
“The subscriber or user concerned has given his or her consent, having been provide with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia about the purposes of the processing.”
So the user actually has to acknowledge that he knows you are placing a cookie on his computer. That caused quite the uproar at first. Having to ask for a consent on each and every cookie placed would have made browsing the web almost impossible. You would have gotten pop ups asking for your permission after every link you click. That probably would have meant a change in structuring of websites.
Luckily the European Union slightly adjusted the rule:
“Where it is technically possible and effective, in accordance with the relevant provisions of Directive 95/46/EC, the user’s consent to processing may be expressed by using the appropriate setting of a browser or other application.”
This means that cookie acceptance can be handled on the browser level, meaning you will only have to “accept” cookies once in your browser settings and you are done.
So, that was close, we were almost caught in a cookie-loophole there. Case closed. Right?
Wrong.
The European Union is not like the United States. The European Union does set the rules for its member countries. In this case member countries must implement the new rule by May 25th 2011.
But here’s where things get complicated: each country can decide for itself how it wants to implement the rule. Which means each country can decide whether to require cookie acceptance on a browser level or on website level.
For example, in the Netherlands the Minister of Economic Affairs was the one deciding on this rule. And she decided to take a step away from the general European direction taken. She wants the “opt-in” to be at a browser level.
This of course caused a lot of uproar amongst Dutch internet marketers. Several organizations have already opposed the Minister’s move. So far she hasn’t decided on whether or not the Dutch government will make changes to the decision. Some of my sources say chances are there are going to be new changes to the ruling in the Netherlands, which will probably make it easier to work with.
So what should you do?
Of course you would like to know how this will affect your business in Europe and how you should act on that. Chances are at first you won’t notice very much about this issue since many countries will most probably opt for the most user friendly way. But you never know how different countries might act on it. And in addition to cookie disclosure rules, Europe will probably be looking into more privacy-related measures over the coming months, so its a smart idea to keep yourself informed if you plan on targeting Europe.
Some things you can do now:
Take a good look at the rulings in different countries
Offer users in countries with a “cookie-problem” another option
Don’t trust your analytics too much
If you see a decrease in traffic in a specific country be sure to investigate whether or not this country has specific rulings
Keep an eye on the European regulations
Last November the European Union agreed on a new telecom rule which could have a tremendous effect on the way we work online in Europe. The rule was intended to strengthen consumer rights, an open internet, a single European telecoms market and high-speed internet connections for all Europeans. The rule however is also meant for protection of consumers when it comes to personal data breaches and spam.
Part of the rule is that users have to be better-informed about what is going on “behind the scenes,”—in other words, you have to tell visitors to your website when you are placing cookies. But the actual rule is even slightly more onerous if you read it carefully:
“The subscriber or user concerned has given his or her consent, having been provide with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia about the purposes of the processing.”
So the user actually has to acknowledge that he knows you are placing a cookie on his computer. That caused quite the uproar at first. Having to ask for a consent on each and every cookie placed would have made browsing the web almost impossible. You would have gotten pop ups asking for your permission after every link you click. That probably would have meant a change in structuring of websites.
Luckily the European Union slightly adjusted the rule:
“Where it is technically possible and effective, in accordance with the relevant provisions of Directive 95/46/EC, the user’s consent to processing may be expressed by using the appropriate setting of a browser or other application.”
This means that cookie acceptance can be handled on the browser level, meaning you will only have to “accept” cookies once in your browser settings and you are done.
So, that was close, we were almost caught in a cookie-loophole there. Case closed. Right?
Wrong.
The European Union is not like the United States. The European Union does set the rules for its member countries. In this case member countries must implement the new rule by May 25th 2011.
But here’s where things get complicated: each country can decide for itself how it wants to implement the rule. Which means each country can decide whether to require cookie acceptance on a browser level or on website level.
For example, in the Netherlands the Minister of Economic Affairs was the one deciding on this rule. And she decided to take a step away from the general European direction taken. She wants the “opt-in” to be at a browser level.
This of course caused a lot of uproar amongst Dutch internet marketers. Several organizations have already opposed the Minister’s move. So far she hasn’t decided on whether or not the Dutch government will make changes to the decision. Some of my sources say chances are there are going to be new changes to the ruling in the Netherlands, which will probably make it easier to work with.
So what should you do?
Of course you would like to know how this will affect your business in Europe and how you should act on that. Chances are at first you won’t notice very much about this issue since many countries will most probably opt for the most user friendly way. But you never know how different countries might act on it. And in addition to cookie disclosure rules, Europe will probably be looking into more privacy-related measures over the coming months, so its a smart idea to keep yourself informed if you plan on targeting Europe.
Some things you can do now:
Take a good look at the rulings in different countries
Offer users in countries with a “cookie-problem” another option
Don’t trust your analytics too much
If you see a decrease in traffic in a specific country be sure to investigate whether or not this country has specific rulings
Keep an eye on the European regulations
Monday, June 7, 2010
Barack's People Strike At 'Heart And Soul Of Today's Internet Offerings'
Potential privacy legislation being floated by Rep. Rick Boucher "would fundamentally change online information and online advertising practices to the detriment of consumers," the Interactive Advertising Bureau said Friday in written comments to lawmakers.
"We believe that self-regulation, which is inherently more flexible and better suited to govern a dynamic environment than legislation, is the best approach to help ensure that consumers receive transparency and choice online," the IAB wrote to Boucher, chairman of the House Energy and Commerce Committee, and Rep. Cliff Stearns, ranking member of the committee.
The IAB sent the letter in response to draft privacy legislation, circulated last month by Boucher, that would require ad networks that track people to obtain users' consent. The proposal specifically calls for opt-in consent unless companies notify consumers via an icon and also allow people to view and edit their profiles. (Some ad companies, including Google, Yahoo and BlueKai, already allow users to access and revise their profiles.)
The IAB objected to that idea, arguing that companies should be able to target users by default, without moving to a system that allows consumers to manage their profiles. "Requiring consumers to opt-in to transfers to third parties would drastically reduce the free flow of information that is the heart and soul of today's Internet offerings," the group writes.
The organization adds that even though a few companies now allow users to edit their targeting preferences, "it is too soon in the experimentation of these practices to codify managed preference profiles into federal legislation."
The IAB also took issue with several other terms in the draft bill. Among the most significant, Boucher's bill requires that consumers consent to the collection of information that has not traditionally been considered "personally identifiable," such as IP addresses or pseudonyms.
The IAB argues that collecting such data shouldn't require explicit consent. "The mere fact that information could identify a computer or device does not necessarily raise privacy issues," the group argues. "If such information becomes identifying information -- where it is actually tied to a person's name -- at that point it could be subject to the higher standard."
The IAB's letter, authored by vice-president for public policy Mike Zaneis, highlights the industry's recent self-regulatory efforts, including the guidelines issued last year by a coalition including itself, the American Association of Advertising Agencies, the Association of National Advertisers, the Direct Marketing Association, and the Council of Better Business Bureaus. Those guidelines generally call for companies to notify consumers about behavioral targeting and allow them to opt out.
Some consumer advocates also are not happy with the draft bill. In a letter to Boucher and Stearns, Consumer Reports publisher Consumers Union criticizes the proposal for relying too heavily on a notice-and-choice system. "Consumers Union hopes that as the legislation progresses, it will include other methods of privacy protection, such as principles addressing data collection minimization, data quality, purpose specification, extensive security safeguards, individual participation, and accountability," the group said in a letter to Boucher and Stearns.
A coalition of 10 advocacy organizations including the Center for Digital Democracy, Electronic Frontier Foundation and World Privacy Forum also weighed in. Those groups said they favored a system that would allow marketers to collect non-sensitive information by default, but would also require them to obtain explicit consent to keep the data for longer than 24 hours.
"We would also like to challenge the conventional wisdom that privacy legislation that is based on an opt-in approach is not feasible," they wrote to Boucher and Stearns. "It is ironic that while many in the business community profess to want to offer consumers real and meaningful control over the collection and use of their data, these same companies and associations are unwilling to provide the most effective means of control for consumers -- opt-in."
The watchdog groups also opposed a provision in Boucher's draft that would ban individual consumers from suing companies who violated the privacy standards. "The FTC does not have the resources to pursue all or even most privacy violations occurring on the Internet today," Consumers Union wrote. "Giving individuals a private right of action against companies who violate the law will have a greater deterrent effect and give individuals some control over the way their personal information is used."
"We believe that self-regulation, which is inherently more flexible and better suited to govern a dynamic environment than legislation, is the best approach to help ensure that consumers receive transparency and choice online," the IAB wrote to Boucher, chairman of the House Energy and Commerce Committee, and Rep. Cliff Stearns, ranking member of the committee.
The IAB sent the letter in response to draft privacy legislation, circulated last month by Boucher, that would require ad networks that track people to obtain users' consent. The proposal specifically calls for opt-in consent unless companies notify consumers via an icon and also allow people to view and edit their profiles. (Some ad companies, including Google, Yahoo and BlueKai, already allow users to access and revise their profiles.)
The IAB objected to that idea, arguing that companies should be able to target users by default, without moving to a system that allows consumers to manage their profiles. "Requiring consumers to opt-in to transfers to third parties would drastically reduce the free flow of information that is the heart and soul of today's Internet offerings," the group writes.
The organization adds that even though a few companies now allow users to edit their targeting preferences, "it is too soon in the experimentation of these practices to codify managed preference profiles into federal legislation."
The IAB also took issue with several other terms in the draft bill. Among the most significant, Boucher's bill requires that consumers consent to the collection of information that has not traditionally been considered "personally identifiable," such as IP addresses or pseudonyms.
The IAB argues that collecting such data shouldn't require explicit consent. "The mere fact that information could identify a computer or device does not necessarily raise privacy issues," the group argues. "If such information becomes identifying information -- where it is actually tied to a person's name -- at that point it could be subject to the higher standard."
The IAB's letter, authored by vice-president for public policy Mike Zaneis, highlights the industry's recent self-regulatory efforts, including the guidelines issued last year by a coalition including itself, the American Association of Advertising Agencies, the Association of National Advertisers, the Direct Marketing Association, and the Council of Better Business Bureaus. Those guidelines generally call for companies to notify consumers about behavioral targeting and allow them to opt out.
Some consumer advocates also are not happy with the draft bill. In a letter to Boucher and Stearns, Consumer Reports publisher Consumers Union criticizes the proposal for relying too heavily on a notice-and-choice system. "Consumers Union hopes that as the legislation progresses, it will include other methods of privacy protection, such as principles addressing data collection minimization, data quality, purpose specification, extensive security safeguards, individual participation, and accountability," the group said in a letter to Boucher and Stearns.
A coalition of 10 advocacy organizations including the Center for Digital Democracy, Electronic Frontier Foundation and World Privacy Forum also weighed in. Those groups said they favored a system that would allow marketers to collect non-sensitive information by default, but would also require them to obtain explicit consent to keep the data for longer than 24 hours.
"We would also like to challenge the conventional wisdom that privacy legislation that is based on an opt-in approach is not feasible," they wrote to Boucher and Stearns. "It is ironic that while many in the business community profess to want to offer consumers real and meaningful control over the collection and use of their data, these same companies and associations are unwilling to provide the most effective means of control for consumers -- opt-in."
The watchdog groups also opposed a provision in Boucher's draft that would ban individual consumers from suing companies who violated the privacy standards. "The FTC does not have the resources to pursue all or even most privacy violations occurring on the Internet today," Consumers Union wrote. "Giving individuals a private right of action against companies who violate the law will have a greater deterrent effect and give individuals some control over the way their personal information is used."
Wednesday, June 2, 2010
Google Sued For Click Fraud For First Time In Five Years
A Seattle locksmith has sued Google for click fraud for allegedly charging the company for clicks on paid-search ads that it believes were made by a competitor.
In a complaint filed in King County state court last week, 123 Lock & Key argues that Google breached its contract and also violated Washington state laws by charging for allegedly questionable clicks.
This lawsuit appears to be the first of its kind in more than five years, when Google settled a class-action click-fraud lawsuit.
A Google spokesperson said the company had not yet been served with the lawsuit and couldn't comment on 123 Lock's allegations. But he said Google has "devoted significant resources to protect advertisers from invalid clicks." He added that the company "will continue to fight click fraud and work with our advertisers to investigate every click fraud claim and credit them retroactively, as appropriate."
123 Lock says in its court papers that it began advertising with Google last October, at which time it received around 15 clicks a day -- a figure that remained stable through March. Between October and March, around 80% of the people who clicked through followed up with a phone call, according to the lawsuit.
Last March, however, 123 Lock began receiving between 100 and 150 clicks a day. "123 would often receive a flurry of clicks within a single minute," the lawsuit alleges. "These clicks never converted into phone calls. Because of the click fraud, 123 was forced to cease advertising on Google."
123 Lock owner Guy Aloni said through a spokesman that he informed Google he suspected that the uptick in clicks was the result of actions by a competitor, but that Google did not satisfactorily respond.
The lawsuit alleges that Google's AdWords agreement with marketers provides that Google has sole discretion over whether to offer a refund for suspected click fraud. But 123 Lock's lawyer, Aric Bomsztyk, argues that Google still has to exercise that discretion in good faith.
Several years ago, allegations of click fraud frequently drew headlines. But in 2006, Google settled a class-action click-fraud lawsuit by agreeing to provide ad credits to marketers that had been charged for improper clicks. The agreement called for up to $60 million in total ad credits.
Since then, Google has faced several cases challenging its placement of paid-search ads on supposedly low-quality sites, but hasn't faced other lawsuits by marketers that alleged that a competitor was driving up search costs by clicking on ads on the main search results page.
In July of 2006, Google began offering a reporting feature that tells marketers how many clicks are being filtered out of Google's system. Overall, Google says it currently filters out less than 10% of clicks. The company estimates that undetected click-fraud accounts for less than .02% of clicks.
By Wendy Davis
In a complaint filed in King County state court last week, 123 Lock & Key argues that Google breached its contract and also violated Washington state laws by charging for allegedly questionable clicks.
This lawsuit appears to be the first of its kind in more than five years, when Google settled a class-action click-fraud lawsuit.
A Google spokesperson said the company had not yet been served with the lawsuit and couldn't comment on 123 Lock's allegations. But he said Google has "devoted significant resources to protect advertisers from invalid clicks." He added that the company "will continue to fight click fraud and work with our advertisers to investigate every click fraud claim and credit them retroactively, as appropriate."
123 Lock says in its court papers that it began advertising with Google last October, at which time it received around 15 clicks a day -- a figure that remained stable through March. Between October and March, around 80% of the people who clicked through followed up with a phone call, according to the lawsuit.
Last March, however, 123 Lock began receiving between 100 and 150 clicks a day. "123 would often receive a flurry of clicks within a single minute," the lawsuit alleges. "These clicks never converted into phone calls. Because of the click fraud, 123 was forced to cease advertising on Google."
123 Lock owner Guy Aloni said through a spokesman that he informed Google he suspected that the uptick in clicks was the result of actions by a competitor, but that Google did not satisfactorily respond.
The lawsuit alleges that Google's AdWords agreement with marketers provides that Google has sole discretion over whether to offer a refund for suspected click fraud. But 123 Lock's lawyer, Aric Bomsztyk, argues that Google still has to exercise that discretion in good faith.
Several years ago, allegations of click fraud frequently drew headlines. But in 2006, Google settled a class-action click-fraud lawsuit by agreeing to provide ad credits to marketers that had been charged for improper clicks. The agreement called for up to $60 million in total ad credits.
Since then, Google has faced several cases challenging its placement of paid-search ads on supposedly low-quality sites, but hasn't faced other lawsuits by marketers that alleged that a competitor was driving up search costs by clicking on ads on the main search results page.
In July of 2006, Google began offering a reporting feature that tells marketers how many clicks are being filtered out of Google's system. Overall, Google says it currently filters out less than 10% of clicks. The company estimates that undetected click-fraud accounts for less than .02% of clicks.
By Wendy Davis
Tuesday, May 18, 2010
FTC Asked To Probe Alcohol Marketing Online
Wendy Davis, May 17, 2010 10:12 PM
Consumer watchdogs are questioning whether alcohol companies inappropriately target Web users under age 21 via online video, games, social media and other digital platforms.
"Today, alcohol brands (like other major advertisers) are promoting their products across a wide spectrum of new platforms -- from social networks to mobile phones to immersive, virtual communities," the groups state in a new report that details how alcohol companies are using online social games, viral video ads and other digital marketing techniques.
The report, by American University professor Kathryn Montgomery, Center for Digital Democracy director Jeff Chester, and Berkeley Media Studies Group's Lori Dorfman, calls for the Federal Trade Commission to investigate the use of digital marketing by alcohol companies. The groups are specifically urging the FTC and state attorneys general to probe whether liquor companies are using behavioral targeting techniques -- including creating profiles of Web users -- to reach users who aren't yet legally allowed to drink.
"The FTC and other regulators need to determine whether alcohol beverage ad targeting is reaching specific young people and their networks, providing a complete picture of the industry's online data collection practices -- including whether their privacy policies are accurate," the report states.
Currently, alcohol industry self-regulatory standards call for ads to run in media where at least 70% of the audience are adults over 21. But the watchdogs say that such standards are outdated in the age of YouTube, when clips that go viral -- like Smirnoff's Tea Partay -- draw millions of hits. "Marketing is now fully integrated into daily communications and social relationships, not cordoned off in a special category of 'advertising,'" the report states.
The report also faults alcohol companies for using online age verification procedures that rely on people entering their birthdates -- a system that youngsters can bypass by providing a fake date.
Johns Hopkins associate professor David Jernigan says the study raises troubling issues. "Internet marketing immerses the audience in a world that has a single message -- and the message in this case is: It's good to drink," he says. "We need the FTC to use its power and, failing that, for the state attorneys general to use their power to start inquiring about what the industry is doing."
The self-regulatory group Distilled Spirits Council of the U.S. says that member companies "adhere to a rigorous set of content and placement guidelines for advertising and marketing materials in all media including online and digital communications channels." The organization adds that the industry's "longstanding commitment to responsible advertising regardless of the medium has been commended by the FTC and industry watchdogs."
Consumer watchdogs are questioning whether alcohol companies inappropriately target Web users under age 21 via online video, games, social media and other digital platforms.
"Today, alcohol brands (like other major advertisers) are promoting their products across a wide spectrum of new platforms -- from social networks to mobile phones to immersive, virtual communities," the groups state in a new report that details how alcohol companies are using online social games, viral video ads and other digital marketing techniques.
The report, by American University professor Kathryn Montgomery, Center for Digital Democracy director Jeff Chester, and Berkeley Media Studies Group's Lori Dorfman, calls for the Federal Trade Commission to investigate the use of digital marketing by alcohol companies. The groups are specifically urging the FTC and state attorneys general to probe whether liquor companies are using behavioral targeting techniques -- including creating profiles of Web users -- to reach users who aren't yet legally allowed to drink.
"The FTC and other regulators need to determine whether alcohol beverage ad targeting is reaching specific young people and their networks, providing a complete picture of the industry's online data collection practices -- including whether their privacy policies are accurate," the report states.
Currently, alcohol industry self-regulatory standards call for ads to run in media where at least 70% of the audience are adults over 21. But the watchdogs say that such standards are outdated in the age of YouTube, when clips that go viral -- like Smirnoff's Tea Partay -- draw millions of hits. "Marketing is now fully integrated into daily communications and social relationships, not cordoned off in a special category of 'advertising,'" the report states.
The report also faults alcohol companies for using online age verification procedures that rely on people entering their birthdates -- a system that youngsters can bypass by providing a fake date.
Johns Hopkins associate professor David Jernigan says the study raises troubling issues. "Internet marketing immerses the audience in a world that has a single message -- and the message in this case is: It's good to drink," he says. "We need the FTC to use its power and, failing that, for the state attorneys general to use their power to start inquiring about what the industry is doing."
The self-regulatory group Distilled Spirits Council of the U.S. says that member companies "adhere to a rigorous set of content and placement guidelines for advertising and marketing materials in all media including online and digital communications channels." The organization adds that the industry's "longstanding commitment to responsible advertising regardless of the medium has been commended by the FTC and industry watchdogs."
Subscribe to:
Posts (Atom)