Today saw the first of at least two Congressional hearings concerning managing privacy on the web in relation to online advertising. The hearing today involved executives from Google, Facebook, Microsoft and startup NebuAd as well as the Federal Trade Commission and two public policy groups. For a complete listing, check out the hearing, although it clocks in at about two hours and is very, very repetitive.
Everyone present agreed that advertising on the web is not bad because it allows for all this wonderful free content; they similarly concurred that consumers are both uncomfortable with some of the data collection that occurs online want information on how they can control that information. After that, though, there was little common ground to be found over issues including self-regulation, the way NebuAd tracks Internet usage for advertising, and how long personally identifiable data is stored on Microsoft’s and Google’s servers.
I was saddened by the FTC’s unwillingness to put forth any meaningful regulations or guidelines related to behavoiral advertising, or to really even get back into the conversation. I was also (and here’s where the hate mail will start) impressed with Bob Dykes of NebuAd and his defense of that firm’s privacy technology (yes I know NebuAd said it would adjust the technology just yesterday to make it more palatable).
While much of what the firm says must be taken at its word (at least until the audit Dykes promised back in May is completed), surfing habits are harder to pinpoint to an identifiable consumer using NebuAd’s technology than search engine data. That isn’t a ringing endorsement, but it’s something. A larger fear about NebuAd’s technology that wasn’t addressed in the hearing is how the startup secures the data from its ISP partners. I trust my ISP very little, and now even less since they’re close to being granted immunity from legal protests related to them sharing phone calls with the government.
And the threat of government prying was by far the most interesting aspect of the entire hearing. In an age of government surveillance, the personal data such as that collected by Google, NebuAd or even my ISP is frightening. If the government chooses, it can find my web surfing information — perhaps stripped of context, but not of my identity. In the worst-case scenario, my searches could end up as evidence against me before a dozen of my peers in a municipal or federal court.
Think I’m crazy, or maybe have something to hide? I would point you to the brush with the government writer Lawrence Wright had researching an article on the Middle East (bottom of page 11), or the fate of those caught in RIAA’s nets. For those less concerned with government interference and more focused on protecting their online privacy, the next Commerce Committee hearing on this topic will focus on ISPs. I can’t wait.