Web Advertisers Make Promises on Privacy

Some e-commerce companies may soon have to change their online privacy policies and practices as a result of a recent agreement between large network advertisers and the Clinton administration regarding online data collection.

In a landmark pact announced late last month, DoubleClick and eight other network advertisers, which collectively own more than 90% of the market, agreed to follow a set of self-regulatory guidelines for the collection of online data. The guidelines will ultimately affect e-commerce sites through new contract terms they will get from the network advertisers.

Federal officials said the advertisers will raise the bar on online privacy for e-commerce sites. The advertisers said they hope the guidelines will slow efforts in Congress to pass privacy legislation. Other observers said they aren't sure what the effect will be.

"I'm not convinced that this will change anything in the near term," said Jordan Rosner, director of new media marketing at Pfizer Pharmaceuticals Group in New York. The guidelines will improve the practices of some big companies, he said, but there are still going to be firms "willing to take the risk of public backlash" over their privacy practices.

The U.S. Federal Trade Commission (FTC) applauded the self-regulation agreement developed by the nine network advertisers, known collectively as the Network Advertising Initiative. But the FTC said privacy legislation will still be needed to ensure that advertisers that aren't part of the group comply.

Network advertisers supply banner advertisements but may also collect data on browsing habits largely through the use of cookies - unique identification tags placed on end users' computers. The agreement requires the consent of end users to collect that data.

But the agreement also opens the door to the most controversial aspect of online profiling: the merging of personal information, including names and addresses, with Web browsing habits - and sharing that information with third parties. Under the agreement, e-commerce sites that take this route will have to offer "robust" and explicit notification and give end users the ability to remain anonymous.

This provision has alarmed privacy advocates who say they fear that end users, who don't understand the implications of advertiser data-sharing agreements, would trust one advertiser with personal data, then find it spread among many others.

"Clearly, if you read any advertising statement, they're not exactly neutral," said Andrew Shen, a policy analyst at the Electronic Privacy Information Center in Washington.

But the FTC can enforce the guidelines, said legal experts. If a company doesn't follow its privacy policy, it risks legal action for deceptive trade practices. "If a company posts a privacy policy, it better be accurate," said John Bentivoglio, a former chief privacy officer at the U.S. Department of Justice who is now an attorney at Arnold & Porter in Washington.

DoubleClick says it has no plans to begin merging personally identifiable data.

In March, the New York-based company backed off plans to combine such data with information on Web surfing habits after facing wide-ranging criticism.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Department of JusticeDoubleClickElectronic Privacy Information CenterFederal Trade CommissionFTCPfizer AustraliaProvision

Show Comments