Q&A: Jules Polonetsky, Chief Privacy Officer, AOL - Page 3

Page 3 of 5

Q: So in the case of Tacoda, is there a technical barrier between the data it accesses and the personal information of the AOL portal?

Primarily, Tacoda's business is serving ads on thousands of independent Web sites that AOL doesn't own. Its ad tags are set up to capture nonpersonal information. Its contracts with its publishers specifically say, "Don't send us personal information. We don't want it; we don't use it." The products that it sells to advertisers do not claim or use personal information, and their privacy policy holds them legally liable for that.

I think there's a good structure to ensure their business model does what it does when they serve ads on AOL, which they do -- we are a member of their network just like other Web sites. My people need to understand that any of the data we may have, [just] because we recognize you personally, may not be linked to the Tacoda cookie.

So I just sent out cookies [real ones] to the entire company with a little "recipe" for proper [Web browser] cookie use -- "Recipe No. 1 for Proper Cookie Use." In it, I gave a number of cookie practices.

For instance, I say, "Why would you be setting a cookie that expires in 30 years? Do you expect to have a cookie that lives for 30 years? Has a consumer ever had a computer for 30 years? Has any cookie ever lived for 30 years? They get deleted, they get opted out, you change your preferences ... Why would you set a 30-year cookie? Stop doing it. Make sure it expires in two years, because there's no way you're going to need on for anywhere near that long, so do that."

One of the other pieces in this recipe that went along with this nice, black-and-white cookie that they all got is: "Remember, our ad-serving divisions -- Adtech, Ad.com, Tacoda -- have made commitments that their ad serving is not personal, that they do not connect personal information to any of their ad activity. Remember that you must keep your personal AOL data separate from that ad data."

Part of it is expecting our people to read the privacy policies, but we also promote it and educate people about it. There is a privacy lead in each of those divisions. They're charged with making sure that that barrier is kept. I have technical people on my team who actually test and self-audit and run cookie scans. I have a cookie registry where I have developers across the company registering their cookies with me, telling me what they do so I can check them and say, "Sure."

Q: These are all internal controls.

They're internal but these are things that are visible. There's often discussion that a lot of this is invisible. I would submit that most of the rest of data collection that happens in the rest of the world is somewhat invisible. I use my discount card at the supermarket -- I don't see the data flowing from my finger into the computer into wherever it goes.

Technically, I agree that the average consumer isn't sophisticated [enough] to go ahead and learn [how their data are being collected and used], but lots of reporters are, lots of advocates are, lots of techno-experts are, and if you do something that's out of line and you're high-profile, you're going to get caught. You can't get away with it. The openness of most of the technology does create a policing [mechanism].

One of the things I'm trying to do on Privacy Gourmet [a corporate blog] is give some of those technical users an explanation of some of the nuts and bolts so they can do their work -- their exposing and their discussing, because that will help police the system as well.

So Jeff [Chester, executive director of the Center for Digital Democracy] plays a key role and Marc [Rotenberg, executive director of the Electronic Privacy Information Center] plays a key role in helping internal privacy officers say, "You can't do this."

There are people out there who will bring the wrath of God down on you.