Ever since Netscape started storing cookies in its browsers, there has been a Jekyll-and-Hyde nature to the web. The Jekyll web promised a more personalized experience, with sites serving ads for products and services that you would actually be interested in — ads that are more like useful information and less like glaring interruptions. The Hyde web wanted sites to stalk you, recording little bits of data about your online life until they knew more than you’d be comfortable sharing even with some friends.
Internet media companies have long grappled with that contradiction inherent in targeted ads, and have had, at best, mixed success at resolving it. But it’s looking like they’ll need to solve it soon — or regulators will do it for them. This week, two House subcommittees queried executives from Google, Yahoo and Facebook on their efforts to protect the personal data collected from consumers. With talk of digital shadowing and polls showing privacy concerns, the tone was clearly in favor of tightening existing practices.
For now, a bill regulating online privacy seems unlikely. Threats of one are more a way to prod companies into their own solution. The Federal Trade Commission has been favoring an approach in which online advertisers regulate themselves. But as critics like the World Privacy Forum have pointed out, self-regulation has only progressed under regulatory pressure. So harsh rhetoric and threats of new laws will continue.
Given Congress’ past comments on the topic, its solution would be oversimplified and procrustean. Rep. Rick Boucher (D-Va.), who chairs the House Subcommittee on Communications, Technology and the Internet, proposed a system that allows consumers to be tracked by a site unless they opt out, while third parties won’t be able to track them unless they opt in. Many users may be comfortable with that, but for advertisers it greatly hampers the ability to target customers with ads they might respond to — in other words, Jekyll wins. And Hyde loses.
The problem gets trickier when you realize that the issues behind behavioral targeting and online privacy are complex, but the solution needs to be as simple and intuitive as Google’s home page. Some people may be delighted to customize when and how their online activities can be tracked, but not many. The majority of the online crowd will find it a chore. Deciding what personal data to share will make many feel safer online, but it requires a lot of extra work. Many will decide that the fastest, easiest solution is to not share any data at all.
So while online media companies must be relieved that the task of solving the privacy problem is, for now, up to them, they can’t be happy about how daunting that task is. It means responding to competing pressures from consumers, regulators and advertisers — none of which it would be smart to ignore. Privacy protection policies will need to:
- be simple enough for consumers to feel comfortable with,
- have enough substance to placate regulators and silence criticism from privacy advocates, and
- keep ads targeted enough so that big advertisers believe that online ads have a big advantage over TV, print and other media.
The answer may lie in allowing consumers to have control over privacy settings while offering incentives for them to share personal data they’re comfortable with sharing. But whatever the solution is, it will need to come soon. After stabilizing in March, April and May, online ad spending appears to be softening in June.
What can Internet media companies do right now? Leading by example is a small first step. It’s always been more than ironic that companies like Google, which zealously guards its metrics and financial data, and Facebook, which rarely reveals details of its financial performance, are so keen on gathering personal data from their customers. It’s a lesson that everyone learned in kindergarten: If you want others to share, learn to share first. Well, everyone except Mr. Hyde.