RealTime IT News

Q&A: Jules Polonetsky, Chief Privacy Officer, AOL

James Polonetsky
Jules Polonetsky, AOL's chief privacy officer
Source: AOL
Many of the largest companies on the Web are using ad dollars to pay their power bills, so much so that advertising -- particularly when based around targeted ads -- has become the engine of the modern Internet economy. Google's empire was built on ad dollars. Microsoft's effort to purchase Yahoo was about bringing in more ad revenue. Internet pioneer AOL is pegging its entire future on plans to transform itself into an ad-supported media and content company.

Through a string of acquisitions, AOL has built the largest ad network on the Web. According to comScore, ads placed by Platform A reach more than 90 percent of the online population.

But that also means that AOL business units have access to information about the activities of nine out of 10 Internet users. What happens to all that information? How is it used? Just how much do Internet companies know about what we do online?

Watchdog groups aren't the only ones asking these questions. Increasingly, many lawmakers are wondering if it might be time to set some limits on how Internet companies collect and use data.

In December, the Federal Trade Commission issued a set of self-regulatory guidelines about behavioral targeting for the concerned parties to consider and offer comments. Predictably, the feedback saw many Web companies complain that the principles were too restrictive, and consumer advocacy groups gripe that they did not go far enough.

These groups charge that Web companies, left to their own devices, cannot be trusted to adequately protect consumer privacy.

As a result, groups like the Center For Digital Democracy have lobbied -- unsuccessfully -- for legislation to protect consumer privacy online. In New York State, Assemblyman Richard Brodsky has introduced a bill that would curb significantly current online data collection practices.

Against strenuous objection from industry groups, the bill, loosely based on principles drafted by the Network Advertising Initiative (NAI) in 2002, is now pending in the New York legislature.

Recently, InternetNews.com had a chance to sit down with Jules Polonetsky, AOL's chief privacy officer, while he was in town for a debate about online privacy at the National Press Club in Washington, D.C.

Polonetsky's career prior to joining AOL included a stint as chief privacy officer at DoubleClick, the online ad giant recently acquired by Google, and terms as a New York State legislator and New York City Consumer Affairs Commissioner.

Q: A lot of the discussion around behavioral targeting concerns whether we need government regulation to protect consumers. The FTC has opted for a policy of self-regulation. Privacy advocates on one end say that is not enough. On the other side, we have the [Interactive Advertising Bureau, or IAB], of which AOL is a member, saying that no one has been able to prove that there is a legitimate harm to consumers. Is there a harm to consumers?

I think the key thing for both consumers and businesses is that there are clear rules in place that so it's obvious to consumers what's happening, and make clear rules for businesses about what's appropriate and what's not appropriate. Don't use sensitive profiles. Don't keep data forever. Give people the ability to opt out.

I think it's hard to envision a law that solves all of the issues in one neat box. Who knew years ago that people would want to be broadcasting information about themselves to their 800 friends? Despite my snafu of inadvertently spamming all my friends with an "I love you" message intended for my wife, I generally enjoy the ability to share my pictures with people and to connect with my friends.

[cob:Special_Report]So I think the range of consumer perceptions of what they actually want and the kind of controls that are needed are still evolving.

Years ago, when I was the chief privacy office at DoubleClick, people said, "Look, we'll have a law and regulate this." Who was even thinking about Web 2.0? And who was thinking about mashable widgets and programs that plugged into each other and social networking?

We would have completely missed the boat, so by the time we finished nailing the right definitions, we would be five years out of date.

So I think what businesses and consumers need in the privacy arena now is clear standards. Businesses will compete -- and do quite well -- as long as there's a level playing field. Consumers, as long as they understand and feel in control of their experience, will be satisfied with their interactions.