Targeted ads are here to stay. But so is a consumer’s right to privacy.
“The FTC recognizes that targeted advertising benefits consumers,” said the FTC's director for the Bureau of Consumer Protection, Jessica Rich, at AdExchanger’s Industry Preview on Wednesday. “The business model clearly benefits consumers and we have no interest in jeopardizing it.”
While the FTC is fine with the practice of targeting ads, it’s wary about the way advertisers collect and use data. For instance, the FTC knocked
Google for how it used Gmail information for its defunct social network, Google Buzz. It also penalized a flashlight app that sold user data it claimed it would only use internally.
Of course, advertisers still prefer to self-regulate – which Rich supports.
“I am a big fan of self-regulation,” Rich told AdExchanger after her talk. “In part, that’s because self-regulation can be more responsive to market changes. But it’s every important that the current self-regulation cover the different ways that tracking and personalization is happening.”
That means that advertising companies should self-regulate at the pace of technology. New technologies like cross-device tracking, personal identifiers and device IDs – all of which can be more persistent than cookies and pose privacy concerns – need to be addressed by the industry as they occur, she said.
One new technology that might require regulation is
Verizon’s so-called zombie cookie, an identifier inserted into web traffic thatcan supposedly resurrect dead cookies. Rich declined to speak on this issue, saying the FTC doesn’t comment on company practices until it decides to take action.
The FTC evaluates advertising practices based on the benefits and harms for consumers as well as the marketplace at large. The FTC’s Bureau of Economics examines the effects, but for issues of privacy the FTC looks to broader data sources.
It is each company’s own responsibility to make sure claims about how it collects, uses and shares data are “truthful and complete,” Rich said during her presentation. If partners misuse company data, the original company is responsible too.
“This means you will have to work with other companies that handle or share data to make sure their claims are consistent to yours,” Rich said, adding that sharing any sensitive data, like health or financial information, should strictly be opt-in. Additionally, the FTC doesn’t approve of semantic games companies occasionally play, like defining “health information” as hospital records.
For companies that want to keep their customers' trust, regulation can be a far less powerful tool than the voice of the customer. Changes to privacy policies, for example, often earn more ire from users than they do from regulators.
Rich said companies who want to maintain consumer trust should implement privacy by design, transparency and sound data security and disposal.
The same standards apply to advertising technology companies of which most consumers have never heard. Rich noted Acxiom’s consumer-facing website aboutthedata.com, which allows consumers to view the targeting segments associated with them, as a decent start. But those solutions need to keep pace with new technologies that emerge, like device fingerprinting, cross-device tracking and personal identifiers..