Online Privacy: The Path to Common Ground - Page 2

Page 2 of 2

Let the debate begin

To begin, each panelist was given five minutes for prepared remarks.

After a quick thank you to the Annenberg Schools for putting the event together, she jumped on message. "At Google we believe transparency and choice are fundamental to privacy protection. And privacy protection of course is fundamental to consumer trust. We believe if we lose consumer trust, people are one click away from leaving our service."

She then suggested that the traditional online privacy policy might not be the most effective way to reach out to consumers with information about how their data is collected and used, and spent her remaining four minutes showing a clip from the YouTube privacy channel.

AOL's strategy was similar. In his opening remarks, Polonetsky showcased AOL's latest privacy-education initiative: banner ads featuring a cartoon penguin that direcs users to PrivacyGourmet.com, where they can find a high-gloss overview of cookies and IP addresses.

The CDD's Chester doesn't have much time for AOL's penguin. I first informed him of the forthcoming ad campaign last month; he wrote back the next day thanking me for the tip and sent a link to his latest blog post, which began as follows:

"The senior management over at Time Warner must be 'in treatment' with some of their Looney Toon characters. How else to explain the ludicrous use of cartoon penguins that will soon be deployed to really misinform consumers about how and why their data and personal information are being collected and harvested for microtargeting purposes. It’s really shameful that the Time Warner, its Platform A targeting service and the AOL division are hiding behind these well-liked creatures."

Chester may have softened a little bit about the penguin campaign, but to him and his fellow privacy advocates, the effort is too simplistic to effectively convey the real harm that behavioral targeting poses to consumers.

In his opening remarks Chester implicated devious banner advertisers in the subprime mortgage collapse and in "promoting obesity in children and teens." He's not one to give much ground on issues of consumer harm.

Polonetsky, a former New York state legislator, defended the penguin campaign as an early effort in the evolving educational approach to the privacy issue being undertaken by responsible corporate citizens.

Polonetsky is all too aware of the criticism that the penguin has incurred for its alleged inability to really deliver the necessary message to consumers.

So in a preemptive defense, Polonetsky tried to defuse those criticisms by flipping the argument, using some of his critics' charges in his own support.

"We'll test different creatives. If the marketers and advertisers are as good as people think they are at being able to communicate and sell stuff …" Sensing he'd made his point, Polonetsky, in his amicable stop-start manner of speaking, made a quick mention of TNS, the market research company AOL has enlisted to advise on ad campaigns, before making a conclusion about whether it is enough for companies to educate consumers about online privacy:

"I think the jury is out. Clearly we're obligated to do so. It's not a substitute for rules or standards or regulations or other activities, but we all better be doing it because otherwise we're not having the right kind of conversation with the users that we're obligated to have."

Indeed. A politician, still.

So the debate, such as it was, at least illuminated the agreement of each side that more needs to be done to inform consumers about what's being done with the tracks they leave across the Internet. With their immense stores of consumer data, Web companies (at least those represented at the Annenberg panel), recognize that the gold mine they are sitting on has the potential to become a land mine.

Recall 2006, when AOL inadvertently published the search histories of more than half a million users and The New York Times showed how quickly anonymized data could be un-anonymized.

The worst thing for them would be the passage of some law that would try to pin down just what types of data could be collected, how long they could be stored, and what purposes they could be used for.

So they continue to roll out educational initiatives to prove they're acting in good faith. Until a catastrophe comes -- say, Google's server logs are breached and the untold billions of data points therein become available to the public -- the industry advocates will continue to claim that legislation would be a solution in search of a problem, the privacy folks will continue to sound the alarm and the discussion will continue.