Visit the Amazon.com site to buy a book online and your welcome page will include recommendations for other books you might enjoy, including the latest from your favorite authors, all based on your history of purchases. Most customers appreciate these suggestions, much the way they would recommendations by a local librarian.
But, what if you visited an investment site, only to find advertising messages suggesting therapies for your recently diagnosed heart condition? Chances are that you would experience what Fran Maier calls the “creepiness” factor, a sense that someone has been snooping into a part of your life that should remain private.
Maier is the Executive Director of TrustE, a nonprofit that sets guidelines for online privacy and awards a seal of approval to companies meeting those guidelines. She was a speaker at the recent Supernova conference, an annual technology event in San Francisco.
The creepiness factor is a risk inherent in so-called behavioral targeting. This practice is based on marketers anonymously observing a user’s behavior on the Internet and then putting together a personal profile based on interests and behavior — sites visited, searches conducted, articles read, even emails written and received. Based on their profiles, users receive advertising targeted specifically to them, regardless of where they travel on the web.
Consumer advocates worry that online data collection and tracking is going too far. But marketing executives say that consumers benefit from seeing advertising relevant to their interests and argue that providing some personal data is a reasonable trade-off for free access to Internet content.
Underlying these concerns about individual privacy is the speed with which Internet technology has moved into everyday life over the last decade or two. “Everything we do online creates a transaction record and all that data has some value,” said Bruce Schneier, a well-known security expert and chief technology officer at BT Counterpane, a provider of enterprise security solutions. “As data storage and processing costs drop to virtually free, the data we would normally toss we save instead.”
Such data storage and data mining — the process of finding patterns among dozens of fields in large databases — enables more and more detailed forms of tracking and profiling.
Yet Schneier, Maier and others argue that most people, whatever their age, don’t really understand just how much information is being collected and analyzed, nor have they thought much about the possible negative results of such activities, such as the increased potential for cyber-stalking and identify theft.
Recent data suggests that consumers prefer targeted ads from advertisers they know and trust, and, given the opportunity, they would use online tools to control online tracking of their information. Maier said the data gives “a solid indication that consumers want us to find a way to get them the advertising that is relevant to them. In order to do this, behavioral targeting is one of the most promising methods, but at the very least, it has to be made more transparent, provide choices and deliver real value.”
The Right Balance
Maier and her fellow panelists at Supernova acknowledged that both consumers and marketers have yet to figure out the right balance between data collection and user privacy, and the best ways for targeted advertising to serve the needs of advertisers as well as users.
Take, for example, the case of Facebook, the popular social networking site. Last year, it introduced a system called Beacon that tracked members’ purchases on other sites and shared the information with each user’s social circle. Within a month, outraged users had forced Facebook to reconsider its unannounced initiative. The company apologized, then introduced new privacy options that require users to “opt in” to the Beacon program.
As in so many areas, technology’s ability to support web tracking is moving faster than society’s ability to manage it. Current public policies on privacy go back to 1973 and may not be sufficient for today’s collect-everything-everywhere web environment. A national privacy law, say experts, may be in the distant future.
In the meantime, there is no denying the huge appetite of companies for more and more information about web users because of the strong financial incentives. As Jonathan Swartz, Sun Microsystems chief executive officer, said, “You do want to collect everything about users you can, every micro item. But you want to make sure the user knows what you’re collecting. You need to be transparent — being even a little sneaky can be disastrous.”