By Mark Schiefelbein, Wakoopa
Online privacy problems have frequently made international headlines. Facebook rolled out yet another change to its settings that made previously private data public without users’ consent. And the next major retailer was stripped of passwords or credit card details stored without encryption.
The EU ePrivacy Directive – Well Intentioned but Impractical
Not surprisingly, this has gotten the attention of lawmakers who are responding with numerous initiatives aimed at protecting the privacy of consumers, most notably the 2009 amendment of EU ePrivacy directive which is now being turned into individual laws by the member states.
The directive is stringent to say the least, often described as well intentioned but impractical. Milica Antic (@milica_antic) of Amsterdam law firm SOLV does a good job of explaining the issues in her white paper “Cookies Under Control” .
Cookies – The Good, The Bad and The Ugly
Industry Self-Regulation – As Impractical As the Law
Critics of the directive quickly point to industry self-regulation as an alternative. In an ideal world it would provide the required privacy protection while maintaining high levels of user experience. Unfortunately the self-regulation efforts usually fall way short of their targets. Quite ironically, these initiatives are often characterized by bureaucracy much more reminiscent of the lawmakers who are so dreaded by the industry than the innovation it prides itself with.
The IAB initiative “your online choice” http://www.youronlinechoices.com is an example. It is not very well known amongst consumers, full of long and complex texts, only applicable for participating companies, devoid of any feedback on whether or not it is working and, worst of all, it doesn’t work for more than half the companies using cookies (in dark grey below) blaming the problem on the consumers’ supposedly slow Internet connection.
Mozilla Collusion – Privacy Protection As Innovation
The industry will only be able to convince lawmakers of friendlier laws if it can demonstrate that its initiatives lead to complete privacy protection. To do so, it will need to be relentlessly transparent in its operations, providing an accurate and truthful briefing as users opt-in, clear and continuous full disclosure while storing and processing data and a safe exit that allows consumers to leave without leaving any traces (‘The Right to be Forgotten’).
This is a serious challenge that needs to be addressed. Rather than by regulation, be it governmental or industry, as Internet entrepreneurs we believe it will be tackled by innovation. If nothing else, the EU directive has created an opportunity. Sparked by the fear of adverse legal effects, companies will find solutions to address these issues, and consumers will choose the most appropriate ones.
One of the first promising efforts we have seen is Mozilla Collusion (http://www.mozilla.org/en-US/ collusion/), an experimental add-on for Firefox that allows you to see all the third parties that are tracking your movements across the Web. It allows consumers to take control of their data and see the big picture. Collusion records each cookie that is placed as well as the the site responsible for the placement. While following a user’s online journey, it then clearly visualizes the formerly hidden links where information from cookies was shared by Internet marketing firms.
It’s an eye-opener, showing the layman how the innocuous Facebook ‘like button’, that is present all over the web, can be used to provide information to sites never visited before, or how ad targeting firms unknown to even savvier users pull the strings behind mainstream publication. It’s not surprising that this innovation comes from a browser vendor. These vendors have realized that privacy protection is an opportunity and are trying to capitalize on it!
At Wakoopa (www.wakoopa.com) we also see privacy protection as an opportunity to set us apart from other vendors. Wakoopa provides tools to track users’ online behavior that are used by major market research companies like TNS or Ipsos.
Not surprisingly, we are under intense scrutiny with regards to privacy. But rather than relying on lawyers, we work with consumers to make them feel comfortable about our tools. Our trackers require an explicit user opt-in, give the user feedback on what is being tracked, put the user in control with options like a pause button and a black list of sites that won’t be tracked, and let the user easily uninstall the tracker if it’s no longer wanted; technology to put the consumer back in the driving seat.