Company Answers to House Questions on Internet Privacy Unconvincing
On August 1, The House Energy and Commerce Committee sent letters out to 31 major Internet players to ask whether they track consumer web use to better target online advertising. As of Monday, 25 had answered and the House posted the responses. The exercise had been enough to get Yahoo and Google to announce new opt out procedures, and understandably. The questions were tough and the answers ... interesting. Despite the strongest reassurances, chances are that the House will continue down a path to regulation.
You have to wonder about some of the answers. For example, there was some chest-beating over interest in privacy protection, like this section from Google:
We continue to welcome the opportunity to work together with you and other interested lawmakers on efforts to enact a uniform federal privacy law, as well as your support of industry efforts to establish robust self-regulatory mechanisms for protecting consumers' privacy. In addition, we believe that there are other aspects of individual privacy such as strengthening procedural safeguards for government access to personal information online that very much merit the attention of those who want to bring stronger protections to individual Americans.However, while Google emphasizes that it does not deliver advertising based on inspecting the contents of packets, that may make no difference. An ISP might use deep packet inspection (DPI) to get information on what someone was doing so it could deliver the most appropriate ads. Google and its advertising partners already know what someone is viewing and every click made and link followed.
Yahoo noted its opt-out policies. But according to BusinessWeek, when someone opts out, that doesn't stop the collection of data. Yahoo simply doesn't serve up the ads.
Some answers are succinct to the point of obscurity, like AOL's reply to "Has your company conducted a legal analysis of the applicability of consumer privacy laws to such practice? If so, explain what that analysis concluded?"
AOL's online advertising practices are designed to comply with applicable law.Saying what the design was is different from saying that, after a review, the practices were still found to still be in compliance. Cablevision's basic answer was one of the shortest:
Cablevision has not utilized its network or authorized others to utilize its network to tailor or facilitate the tailoring of Internet advertising to its subscribers based on our customers' search, surfing or other use.However, it does operate sites that offer search and advertising and relies "on unaffiliated third parties for these functions." In other words, yup, it probably does benefit from advertising based on user actions.
Cox Communications said that it puts ads on its own sites and on "error" pages, but "[t]hese activities are not based on a user's search or surfing habits." Charter Communications, which had planned a pilot program for deep packet inspection, emphasized in its letter that it was not moving ahead with DPI "at this time."
The assurances of one letter after another -- and some conspicuously careful wordings, as well as a lack of a speedy answer from Microsoft -- left me with the feeling that suspicion will remain and that more letters, and hearings, are likely. In the first year of a new administration, the popularity of the issue could scuttle self-regulation and spark some new regulations. One of those?
Democratic Rep. Edward Markey, chairman of the House subcommittee on telecommunications and the Internet, said broadband network operators should have to get "opt-in" permission from customers before using sophisticated technology that can track their movements online.That's exactly what the companies do not want, because they depend on better targeting information to obtain higher rates from advertisers. And who will go out of his or her way to opt in to such a program?
Letter to Santa image via Flickr and U.S. Library of Congress, public domain