Your company needs to know this
(Editor's note: This is the first of two parts.)
The Internet is a wonderfully measurable place. Businesses are able to use online data to drive strategy and measure return on investment. However, the wealth of data that makes the online world a prime space for analysis is also leading to consumer concerns over privacy. Facebook privacy controls, data capture, ad targeting and mobile applications have all been the subject of privacy discussions in the media.
A recent survey by USA Today and Gallup suggests that only 35 percent of respondents believe that "the invasion of privacy involved [in behaviorally targeted online ads is worth it to allow free access to websites," with younger respondents (40 percent) being more willing to accept this than older respondents (31 percent). However, while only 14 percent would allow all companies to target ads to them, another 47 percent would be willing to allow the advertisers they choose to target ads.
With so many concerns out there about data capture and privacy, what is a company to do to ensure their behavior and data practices are not called into question - or made front-page news?
What kind of data does your company use?
First, your company needs to differentiate between types of data capture, understand what you are leveraging, and the current climate around different types of data use.
Understanding the current landscape
Recently, the Federal Trade Commission released their draft report on Consumer Privacy. The FTC's report distinguished first and third party data capture, with different views as to what consent and regulation should be required for each.
First party data includes web analysis done through tools such as Google Analytics, Webtrends and Adobe Omniture, for the purpose of improving consumers' online experience and a company's profitability online. First party data use also includes
first-party marketing: a company recommending products or services based on a consumer's previous purchases. The FTC recommended that this type of data capture not require specific consent, as these are considered commonly accepted business practices.
Third party data capture, however, is considered separately. This includes companies that deal in the buying and selling of information. For example, ad networks who buy and sell data to allow delivery of highly-targeted advertising. The FTC's main concern regarding third party tracking is not banning the practice, but rather, allowing for informed consumer choice. While the FTC declined to declare opt-in or opt-out as the appropriate method for expressing consumer choice, the FTC did call for a Do Not Track mechanism, enforced through either legislation or industry self-regulation.
Legislative vs. Self-Regulatory approaches
The FTC's recommendations open the door for potential legislation of online privacy and data capture. However, the Commerce Department has recently recommended self-regulation.
The Commerce Department disfavored prescriptive rules, noting the need for an approach that allows for rapid evolution and innovation, while enhancing trust. The Department called for voluntary but enforceable codes of conduct that promote transparency in data collection and use, and recommended enlisting the "expertise and knowledge of the private sector" in this regard.
The web analytics industry in fact recommended this very thing back in September 2010. A voluntary code of ethics for web analytics practitioners was proposed and drafted by Eric T. Peterson and John Lovett of Web Analytics Demystified, in conjunction with the Web Analytics Association, and a second initiative has begun regarding consumer education.