People who endorse marketers for a fee on Twitter could disclose the payment by adding a hashtag like "#paid ad" or "#ad" to their tweets, the Federal Trade Commission said this week. That was just one piece of new advice from the FTC about how to interpret its revised guides to testimonials and endorsements, issued last October.
The guides are not in themselves enforceable, but indicate the type of activity the FTC will consider deceptive. They specifed that bloggers should reveal "material connections" to marketers -- including the receipt of free review copies -- when consumers would be surprised to learn of the connections.
This week, the FTC published additional material about the guides, including answers to frequently asked questions. One of the questions addressed concerned how Web users could make adequate disclosures on Twitter, where posts are limited to 140 characters. The FTC suggested using a hashtag like "#paid ad," noting that it only required eight characters. (The FTC incuded the space in its suggested hashtag.)
The FTC also reiterated this week that its focus is on advertisers, not bloggers. The agency says it has no intention of monitoring bloggers; even if they come to its attention. Instead, the commission says, its focus "will be on advertisers, not endorsers -- just as it's always been."
The new advice typically suggests that people resolve any ambiguities by making more rather than fewer disclosures. For instance, one question considers whether individuals who say on Facebook that they work for a company must also make disclosures when they tout that company's products. The FTC says that doing so is "a good idea."
In addition, the FTC suggests that even token perks, like $1 coupons, should be disclosed. "While getting one item that's not very valuable for free may not affect the credibility of what you say, sometimes continually getting free stuff from an advertiser or multiple advertisers is enough to suggest an expectation of future benefits from positive reviews," the commission says.
When the guides came out last year, some industry observers criticized them for treating bloggers differently than writers for more traditional media. For instance, while the FTC recommended that bloggers tell readers about the receipt of free review copies, the agency didn't recommend that newspapers, magazines or Internet news sites make similar disclosures.
The FTC continues to make that distinction in its new document, on the theory that consumers have different expectations for blogs than news media. "For a review in a newspaper, on TV or on a website with similar content, it's usually clear to the audience that the reviewer didn't buy the product being reviewed," the FTC says. "But on a personal blog, a social networking page, or in similar media, the reader may not expect the reviewer to have a relationship with the company whose products are mentioned."
But the FTC doesn't spell out why it believes that consumers make different assumptions about reviews depending on where they appear -- an omission that troubles some observers like Santa Clara University law professor Eric Goldman. "It's an empirical statement that they have no support for," he says.
Jeff Greenbaum, an advertising and marketing lawyer with Frankfurt Kurnit Klein & Selz, adds that marketers who were awaiting additional guidance might be "surprised, and perhaps even disappointed," by the FTC's latest advice. "One of the major concerns that people had about the guides was that any time you provided a free product to a blogger, disclosure would be required," he says. The new material "really reinforces the FTC's position that almost anything you provide to a blogger will require disclosure."
By Wendy Davis
Friday, June 25, 2010
Tuesday, June 22, 2010
Careful: The European Union Is Messing With Your Cookie Jar
Europe sometimes steers its own course when it comes to privacy matters. I’ve written about the European privacy gaffes before. Some countries like Germany, France and Italy really take a firm stand on privacy matters when it comes to search engines. These countries take aggressive positions with Google and other search engines. Other countries, however, seek to regulate a much larger target: the entire web. Here’s what’s been going on in the privacy debate in Europe recently, specifically when it comes to cookies.
Last November the European Union agreed on a new telecom rule which could have a tremendous effect on the way we work online in Europe. The rule was intended to strengthen consumer rights, an open internet, a single European telecoms market and high-speed internet connections for all Europeans. The rule however is also meant for protection of consumers when it comes to personal data breaches and spam.
Part of the rule is that users have to be better-informed about what is going on “behind the scenes,”—in other words, you have to tell visitors to your website when you are placing cookies. But the actual rule is even slightly more onerous if you read it carefully:
“The subscriber or user concerned has given his or her consent, having been provide with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia about the purposes of the processing.”
So the user actually has to acknowledge that he knows you are placing a cookie on his computer. That caused quite the uproar at first. Having to ask for a consent on each and every cookie placed would have made browsing the web almost impossible. You would have gotten pop ups asking for your permission after every link you click. That probably would have meant a change in structuring of websites.
Luckily the European Union slightly adjusted the rule:
“Where it is technically possible and effective, in accordance with the relevant provisions of Directive 95/46/EC, the user’s consent to processing may be expressed by using the appropriate setting of a browser or other application.”
This means that cookie acceptance can be handled on the browser level, meaning you will only have to “accept” cookies once in your browser settings and you are done.
So, that was close, we were almost caught in a cookie-loophole there. Case closed. Right?
Wrong.
The European Union is not like the United States. The European Union does set the rules for its member countries. In this case member countries must implement the new rule by May 25th 2011.
But here’s where things get complicated: each country can decide for itself how it wants to implement the rule. Which means each country can decide whether to require cookie acceptance on a browser level or on website level.
For example, in the Netherlands the Minister of Economic Affairs was the one deciding on this rule. And she decided to take a step away from the general European direction taken. She wants the “opt-in” to be at a browser level.
This of course caused a lot of uproar amongst Dutch internet marketers. Several organizations have already opposed the Minister’s move. So far she hasn’t decided on whether or not the Dutch government will make changes to the decision. Some of my sources say chances are there are going to be new changes to the ruling in the Netherlands, which will probably make it easier to work with.
So what should you do?
Of course you would like to know how this will affect your business in Europe and how you should act on that. Chances are at first you won’t notice very much about this issue since many countries will most probably opt for the most user friendly way. But you never know how different countries might act on it. And in addition to cookie disclosure rules, Europe will probably be looking into more privacy-related measures over the coming months, so its a smart idea to keep yourself informed if you plan on targeting Europe.
Some things you can do now:
Take a good look at the rulings in different countries
Offer users in countries with a “cookie-problem” another option
Don’t trust your analytics too much
If you see a decrease in traffic in a specific country be sure to investigate whether or not this country has specific rulings
Keep an eye on the European regulations
Last November the European Union agreed on a new telecom rule which could have a tremendous effect on the way we work online in Europe. The rule was intended to strengthen consumer rights, an open internet, a single European telecoms market and high-speed internet connections for all Europeans. The rule however is also meant for protection of consumers when it comes to personal data breaches and spam.
Part of the rule is that users have to be better-informed about what is going on “behind the scenes,”—in other words, you have to tell visitors to your website when you are placing cookies. But the actual rule is even slightly more onerous if you read it carefully:
“The subscriber or user concerned has given his or her consent, having been provide with clear and comprehensive information, in accordance with Directive 95/46/EC, inter alia about the purposes of the processing.”
So the user actually has to acknowledge that he knows you are placing a cookie on his computer. That caused quite the uproar at first. Having to ask for a consent on each and every cookie placed would have made browsing the web almost impossible. You would have gotten pop ups asking for your permission after every link you click. That probably would have meant a change in structuring of websites.
Luckily the European Union slightly adjusted the rule:
“Where it is technically possible and effective, in accordance with the relevant provisions of Directive 95/46/EC, the user’s consent to processing may be expressed by using the appropriate setting of a browser or other application.”
This means that cookie acceptance can be handled on the browser level, meaning you will only have to “accept” cookies once in your browser settings and you are done.
So, that was close, we were almost caught in a cookie-loophole there. Case closed. Right?
Wrong.
The European Union is not like the United States. The European Union does set the rules for its member countries. In this case member countries must implement the new rule by May 25th 2011.
But here’s where things get complicated: each country can decide for itself how it wants to implement the rule. Which means each country can decide whether to require cookie acceptance on a browser level or on website level.
For example, in the Netherlands the Minister of Economic Affairs was the one deciding on this rule. And she decided to take a step away from the general European direction taken. She wants the “opt-in” to be at a browser level.
This of course caused a lot of uproar amongst Dutch internet marketers. Several organizations have already opposed the Minister’s move. So far she hasn’t decided on whether or not the Dutch government will make changes to the decision. Some of my sources say chances are there are going to be new changes to the ruling in the Netherlands, which will probably make it easier to work with.
So what should you do?
Of course you would like to know how this will affect your business in Europe and how you should act on that. Chances are at first you won’t notice very much about this issue since many countries will most probably opt for the most user friendly way. But you never know how different countries might act on it. And in addition to cookie disclosure rules, Europe will probably be looking into more privacy-related measures over the coming months, so its a smart idea to keep yourself informed if you plan on targeting Europe.
Some things you can do now:
Take a good look at the rulings in different countries
Offer users in countries with a “cookie-problem” another option
Don’t trust your analytics too much
If you see a decrease in traffic in a specific country be sure to investigate whether or not this country has specific rulings
Keep an eye on the European regulations
Monday, June 7, 2010
Barack's People Strike At 'Heart And Soul Of Today's Internet Offerings'
Potential privacy legislation being floated by Rep. Rick Boucher "would fundamentally change online information and online advertising practices to the detriment of consumers," the Interactive Advertising Bureau said Friday in written comments to lawmakers.
"We believe that self-regulation, which is inherently more flexible and better suited to govern a dynamic environment than legislation, is the best approach to help ensure that consumers receive transparency and choice online," the IAB wrote to Boucher, chairman of the House Energy and Commerce Committee, and Rep. Cliff Stearns, ranking member of the committee.
The IAB sent the letter in response to draft privacy legislation, circulated last month by Boucher, that would require ad networks that track people to obtain users' consent. The proposal specifically calls for opt-in consent unless companies notify consumers via an icon and also allow people to view and edit their profiles. (Some ad companies, including Google, Yahoo and BlueKai, already allow users to access and revise their profiles.)
The IAB objected to that idea, arguing that companies should be able to target users by default, without moving to a system that allows consumers to manage their profiles. "Requiring consumers to opt-in to transfers to third parties would drastically reduce the free flow of information that is the heart and soul of today's Internet offerings," the group writes.
The organization adds that even though a few companies now allow users to edit their targeting preferences, "it is too soon in the experimentation of these practices to codify managed preference profiles into federal legislation."
The IAB also took issue with several other terms in the draft bill. Among the most significant, Boucher's bill requires that consumers consent to the collection of information that has not traditionally been considered "personally identifiable," such as IP addresses or pseudonyms.
The IAB argues that collecting such data shouldn't require explicit consent. "The mere fact that information could identify a computer or device does not necessarily raise privacy issues," the group argues. "If such information becomes identifying information -- where it is actually tied to a person's name -- at that point it could be subject to the higher standard."
The IAB's letter, authored by vice-president for public policy Mike Zaneis, highlights the industry's recent self-regulatory efforts, including the guidelines issued last year by a coalition including itself, the American Association of Advertising Agencies, the Association of National Advertisers, the Direct Marketing Association, and the Council of Better Business Bureaus. Those guidelines generally call for companies to notify consumers about behavioral targeting and allow them to opt out.
Some consumer advocates also are not happy with the draft bill. In a letter to Boucher and Stearns, Consumer Reports publisher Consumers Union criticizes the proposal for relying too heavily on a notice-and-choice system. "Consumers Union hopes that as the legislation progresses, it will include other methods of privacy protection, such as principles addressing data collection minimization, data quality, purpose specification, extensive security safeguards, individual participation, and accountability," the group said in a letter to Boucher and Stearns.
A coalition of 10 advocacy organizations including the Center for Digital Democracy, Electronic Frontier Foundation and World Privacy Forum also weighed in. Those groups said they favored a system that would allow marketers to collect non-sensitive information by default, but would also require them to obtain explicit consent to keep the data for longer than 24 hours.
"We would also like to challenge the conventional wisdom that privacy legislation that is based on an opt-in approach is not feasible," they wrote to Boucher and Stearns. "It is ironic that while many in the business community profess to want to offer consumers real and meaningful control over the collection and use of their data, these same companies and associations are unwilling to provide the most effective means of control for consumers -- opt-in."
The watchdog groups also opposed a provision in Boucher's draft that would ban individual consumers from suing companies who violated the privacy standards. "The FTC does not have the resources to pursue all or even most privacy violations occurring on the Internet today," Consumers Union wrote. "Giving individuals a private right of action against companies who violate the law will have a greater deterrent effect and give individuals some control over the way their personal information is used."
"We believe that self-regulation, which is inherently more flexible and better suited to govern a dynamic environment than legislation, is the best approach to help ensure that consumers receive transparency and choice online," the IAB wrote to Boucher, chairman of the House Energy and Commerce Committee, and Rep. Cliff Stearns, ranking member of the committee.
The IAB sent the letter in response to draft privacy legislation, circulated last month by Boucher, that would require ad networks that track people to obtain users' consent. The proposal specifically calls for opt-in consent unless companies notify consumers via an icon and also allow people to view and edit their profiles. (Some ad companies, including Google, Yahoo and BlueKai, already allow users to access and revise their profiles.)
The IAB objected to that idea, arguing that companies should be able to target users by default, without moving to a system that allows consumers to manage their profiles. "Requiring consumers to opt-in to transfers to third parties would drastically reduce the free flow of information that is the heart and soul of today's Internet offerings," the group writes.
The organization adds that even though a few companies now allow users to edit their targeting preferences, "it is too soon in the experimentation of these practices to codify managed preference profiles into federal legislation."
The IAB also took issue with several other terms in the draft bill. Among the most significant, Boucher's bill requires that consumers consent to the collection of information that has not traditionally been considered "personally identifiable," such as IP addresses or pseudonyms.
The IAB argues that collecting such data shouldn't require explicit consent. "The mere fact that information could identify a computer or device does not necessarily raise privacy issues," the group argues. "If such information becomes identifying information -- where it is actually tied to a person's name -- at that point it could be subject to the higher standard."
The IAB's letter, authored by vice-president for public policy Mike Zaneis, highlights the industry's recent self-regulatory efforts, including the guidelines issued last year by a coalition including itself, the American Association of Advertising Agencies, the Association of National Advertisers, the Direct Marketing Association, and the Council of Better Business Bureaus. Those guidelines generally call for companies to notify consumers about behavioral targeting and allow them to opt out.
Some consumer advocates also are not happy with the draft bill. In a letter to Boucher and Stearns, Consumer Reports publisher Consumers Union criticizes the proposal for relying too heavily on a notice-and-choice system. "Consumers Union hopes that as the legislation progresses, it will include other methods of privacy protection, such as principles addressing data collection minimization, data quality, purpose specification, extensive security safeguards, individual participation, and accountability," the group said in a letter to Boucher and Stearns.
A coalition of 10 advocacy organizations including the Center for Digital Democracy, Electronic Frontier Foundation and World Privacy Forum also weighed in. Those groups said they favored a system that would allow marketers to collect non-sensitive information by default, but would also require them to obtain explicit consent to keep the data for longer than 24 hours.
"We would also like to challenge the conventional wisdom that privacy legislation that is based on an opt-in approach is not feasible," they wrote to Boucher and Stearns. "It is ironic that while many in the business community profess to want to offer consumers real and meaningful control over the collection and use of their data, these same companies and associations are unwilling to provide the most effective means of control for consumers -- opt-in."
The watchdog groups also opposed a provision in Boucher's draft that would ban individual consumers from suing companies who violated the privacy standards. "The FTC does not have the resources to pursue all or even most privacy violations occurring on the Internet today," Consumers Union wrote. "Giving individuals a private right of action against companies who violate the law will have a greater deterrent effect and give individuals some control over the way their personal information is used."
Wednesday, June 2, 2010
Google Sued For Click Fraud For First Time In Five Years
A Seattle locksmith has sued Google for click fraud for allegedly charging the company for clicks on paid-search ads that it believes were made by a competitor.
In a complaint filed in King County state court last week, 123 Lock & Key argues that Google breached its contract and also violated Washington state laws by charging for allegedly questionable clicks.
This lawsuit appears to be the first of its kind in more than five years, when Google settled a class-action click-fraud lawsuit.
A Google spokesperson said the company had not yet been served with the lawsuit and couldn't comment on 123 Lock's allegations. But he said Google has "devoted significant resources to protect advertisers from invalid clicks." He added that the company "will continue to fight click fraud and work with our advertisers to investigate every click fraud claim and credit them retroactively, as appropriate."
123 Lock says in its court papers that it began advertising with Google last October, at which time it received around 15 clicks a day -- a figure that remained stable through March. Between October and March, around 80% of the people who clicked through followed up with a phone call, according to the lawsuit.
Last March, however, 123 Lock began receiving between 100 and 150 clicks a day. "123 would often receive a flurry of clicks within a single minute," the lawsuit alleges. "These clicks never converted into phone calls. Because of the click fraud, 123 was forced to cease advertising on Google."
123 Lock owner Guy Aloni said through a spokesman that he informed Google he suspected that the uptick in clicks was the result of actions by a competitor, but that Google did not satisfactorily respond.
The lawsuit alleges that Google's AdWords agreement with marketers provides that Google has sole discretion over whether to offer a refund for suspected click fraud. But 123 Lock's lawyer, Aric Bomsztyk, argues that Google still has to exercise that discretion in good faith.
Several years ago, allegations of click fraud frequently drew headlines. But in 2006, Google settled a class-action click-fraud lawsuit by agreeing to provide ad credits to marketers that had been charged for improper clicks. The agreement called for up to $60 million in total ad credits.
Since then, Google has faced several cases challenging its placement of paid-search ads on supposedly low-quality sites, but hasn't faced other lawsuits by marketers that alleged that a competitor was driving up search costs by clicking on ads on the main search results page.
In July of 2006, Google began offering a reporting feature that tells marketers how many clicks are being filtered out of Google's system. Overall, Google says it currently filters out less than 10% of clicks. The company estimates that undetected click-fraud accounts for less than .02% of clicks.
By Wendy Davis
In a complaint filed in King County state court last week, 123 Lock & Key argues that Google breached its contract and also violated Washington state laws by charging for allegedly questionable clicks.
This lawsuit appears to be the first of its kind in more than five years, when Google settled a class-action click-fraud lawsuit.
A Google spokesperson said the company had not yet been served with the lawsuit and couldn't comment on 123 Lock's allegations. But he said Google has "devoted significant resources to protect advertisers from invalid clicks." He added that the company "will continue to fight click fraud and work with our advertisers to investigate every click fraud claim and credit them retroactively, as appropriate."
123 Lock says in its court papers that it began advertising with Google last October, at which time it received around 15 clicks a day -- a figure that remained stable through March. Between October and March, around 80% of the people who clicked through followed up with a phone call, according to the lawsuit.
Last March, however, 123 Lock began receiving between 100 and 150 clicks a day. "123 would often receive a flurry of clicks within a single minute," the lawsuit alleges. "These clicks never converted into phone calls. Because of the click fraud, 123 was forced to cease advertising on Google."
123 Lock owner Guy Aloni said through a spokesman that he informed Google he suspected that the uptick in clicks was the result of actions by a competitor, but that Google did not satisfactorily respond.
The lawsuit alleges that Google's AdWords agreement with marketers provides that Google has sole discretion over whether to offer a refund for suspected click fraud. But 123 Lock's lawyer, Aric Bomsztyk, argues that Google still has to exercise that discretion in good faith.
Several years ago, allegations of click fraud frequently drew headlines. But in 2006, Google settled a class-action click-fraud lawsuit by agreeing to provide ad credits to marketers that had been charged for improper clicks. The agreement called for up to $60 million in total ad credits.
Since then, Google has faced several cases challenging its placement of paid-search ads on supposedly low-quality sites, but hasn't faced other lawsuits by marketers that alleged that a competitor was driving up search costs by clicking on ads on the main search results page.
In July of 2006, Google began offering a reporting feature that tells marketers how many clicks are being filtered out of Google's system. Overall, Google says it currently filters out less than 10% of clicks. The company estimates that undetected click-fraud accounts for less than .02% of clicks.
By Wendy Davis
Subscribe to:
Posts (Atom)