The Network Advertising Initiative (NAI), a coalition of online ad network operators and ad servers, Tuesday released guidelines for how Web sites and marketers should use “Web bugs” or “Web beacons,” small graphics files used to track user activity on a Web site.
The standards mostly mandate the industry’s preferred opt-out approach, instead of privacy advocates’ opt-in approach for user data. The Federal Trade Commission (FTC) issued a staff opinion supporting the standards, and NAI signed up TRUSTe to incorporate them in its seal of approval program.
If a Web beacon transfers sensitive information — generally defined as health, financial, sexual, or political data — to a third party, it must then get users to opt-in.
“We hope these guidelines will standardize this technology in the marketplace, so businesses feel more comfortable and consumers feel more comfortable with this technology being used,” said Trevor Hughes, NAI’s executive director.
Web bugs have a variety of uses. Web publishers use them to track site traffic, unique visitors, and personalization features. Also, ad technology companies use Web bugs to track the performance of Web and e-mail ad campaigns.
Web bugs have caused controversy because of their data collection uses in marketing, and because of their use by spammers to record whether an e-mail has been opened, thereby verifying that an address is valid. Microsoft’s upcoming release of its Outlook e-mail client reportedly plans to address this issue, because the program would, by default, prevent Web beacons from loading in the preview pane.
Hughes said the guidelines make a clear distinction between an agent, a technology provider using Web bugs to serve a Web site, and a third party, which would use Web bugs to collect information for other purposes, such as marketing.
“If the service provider has no secondary use for the data, we determined that’s basically the same as the Web site doing it themselves,” Hughes said.
The Cleveland-based NAI is an online advertising industry consortium whose membership includes ad servers like Atlas DMT, 24/7 Real Media, and DoubleClick, as well as the companies such as the US Postal Service, Verizon, Microsoft, and others.
In the works for over a year, the NAI guidelines are meant to address how the dilemma of how online advertising delivers effective advertising while respecting consumers’ rights to privacy. Web bugs, as invisible files, are not apparent to the user, but can be crucial to a marketers tracking response patterns to online promotions and publishers seeking to compile visitor traffic patterns.
“Web beacons are a small, but critical technology,” said Hughes.
As part of its efforts to gain widespread consumer acceptance of Web bugs, the NAI brought its guidelines to the FTC for review. The FTC, which in May 2001 sided with the industry’s opt-out approach to online privacy, issued a staff opinion calling the guidelines helpful.
“We think these are a useful self-regulatory effort to guide the development of Web beacons,” said Bethany Matz, an FTC spokeswoman. ” In general, we like to encourage self-regulatory efforts.”
In addition, the NAI signed on TRUSTe to incorporate the Web bugs best practices into its network of 1,500 certified Web sites. The guidelines will begin as a recommended best practice, but the group said it would move to incorporate the guidelines into requirements for TRUSTe members. The Better Business Bureau Online also endorsed the guidelines.
“With the release of the guidelines, we believe that industry is making progress in building trust with consumers by creating transparency and accountability,” said Fran Maier, TRUSTe’s executive director.
Hughes said the endorsements of TRUSTe and Better Business Bureau was a big help for getting the standards accepted quickly.
“It means we don’t rebuild a compliance program,” he said.
Richard Smith, the Privacy Foundation’s chief technical officer, said the guidelines were a step in the right direction.
“It’s better than nothing,” he said. “It’s good to see they’re recognizing that they need to talk about this issue.”
Smith said he was disappointed the NAI did not take a simpler approach, such as making the Web bugs visible for users to click on to find out what they’re tracking.