Responsible data collection is possible – and it’s good for businesses and consumers alike, says Will Carty, the Network Advertising Initiative’s newly appointed VP of public policy.
“The benefit to businesses is not in conflict with the benefit to consumers – in fact, they’re actually completely aligned,” said Carty, who joined the industry group after five years as Twitter’s director of public policy for the US and Canada.
“Consumer data is extremely important to businesses and there is a clear responsibility that comes along with that,” he said. “It’s our job to educate businesses on how to do it right. This is the public policy of business.”
The NAI is comprised of ad tech companies that agree to adhere to the initiative’s code of conduct, which outlines a series of self-regulatory principles related to privacy, data governance, data collection and notice and choice. Member companies are required to provide an easy-to-use means of opt-out for interest-based advertising.
Carty, who prior to Twitter spent more than 10 years in Washington, DC, serving most recently as a policy director on the Senate Commerce Committee, plans to focus primarily on education in his new role.
“Small and mid-size companies in particular sometimes don’t have the resources to craft a proper privacy policy,” he said. “We’re here to help them be thoughtful about privacy and make that information easily available to their users or customers.”
AdExchanger caught up with Carty, whose resume also includes a stint as a professional skier, during his first week on the job.
AdExchanger: Education is a key remit for you. Who needs it the most: your membership, consumers or legislators?
WILL CARTY: It’s very much a case-by-case thing with companies. We’re interacting with them on a weekly or monthly basis to ensure that the code makes sense and that we’re keeping the code relevant and up to date. The bigger guys in this space are well-educated, but some of the smaller companies may need to be schooled.
In terms of consumers, there is often this perception that business is bad, but the irony is that the companies that gather data are usually doing it because they want to benefit the consumer and they’re very aware of how important it is to protect privacy.
Regarding legislation, self-regulation is what we need here, because we can do what Congress is unable to do. That’s not a criticism, it’s just the nature of the beast. They can’t keep pace with tech innovation because regulation is rigid. Pass something tomorrow and you’re going to have to pass something else next week.
Even so, there’s been a recent push for more regulation of online advertising.
A rush to regulation doesn’t usually end with good consequences. Fake news, Russian bots, all of those things I think are a little overblown, but the people who are in the best position to deal with this stuff are the companies themselves in concert with self-regulatory organizations.
We’re in constant communication with these companies and they become accountable when they don’t adhere to our code. Our code also be adjusted annually or biannually based on the technology challenges we’re facing at the time. The government and the laws that I focused on for years – they’re just not as nimble.
How is NAI thinking about the General Data Protection Regulation in Europe?
Leigh [Freund, president and CEO of the NAI,] has been actively engaged on this issue long before I came on board. We want to make sure that our members understand it and that have a voice, particularly when it comes to implementation.
What do you want the European regulators to know?
That there are business benefits. Consumers don’t want their privacy invaded, but they also don’t want stupid ads. If the industry can provide good ads that people like, then it’s good for consumers and it’s good for business.
Consent is one way to lawfully process data under GPDR. What should consent look like so you’re not clobbering consumers with too many boxes to tick?
Maybe there’s a second tick after the first to ask, “Are you sure?” It’s very hard to say. Transparency and full disclosure are critical even once someone has already clicked to say that they accept. They always need to be able to easily and clearly access the terms of service and the privacy policy still needs to be prominent.
The whole industry is grappling with this, as is the government. Although a lot of consumers say they care about this issue, they don’t actually care that much. But there are people who care – and those people care a lot. The industry needs to be held to that highest standard.
