Keeping Track of 'Do Not Track'6 Jun, 2011 By: Gregory J. Sater
It’s easy to lose track of the “Do Not Track” debate, given the barrage of legislative activity on the subject and flurry of related industry-driven voluntary initiatives.
First, for anyone who doesn’t understand what this is all about, let’s recap the impetus for all this: Certain privacy advocates (and the legislators who want their votes) are concerned that online advertisers and ad networks are placing cookies on people’s computers in order to collect information about their online habits. The reason this is being done, of course, is to be able to serve up ads that are relevant to what those people, based on their prior online behavior, seem to be most interested in.
That’s why, if you visit a website looking for, say, hotels in San Diego, and then a few days later you visit a different and unrelated site, that second site may already know that you’re someone who has shown an interest in traveling and may serve up banner ads for airlines. It also may know what city and state you’re in – and a whole lot more!
This is because your computer’s prior online behavior has been tracked by cookies. While this makes for better and more relevant advertising, privacy advocates worry about it for many reasons, one of which is that it’s not difficult to take anonymous information like a computer’s IP address and later combine it with personally identifying information that’s been obtained from the consumer who has used that computer. Once that information has been combined, it’s easy for advertisers to know that a particular computer IP address belongs to particular person.
Several pieces of legislation are pending on this subject that, if passed in one form or another, could greatly affect the future of online advertising. They include:
• The Do Not Track Online Act of 2011, introduced in the U.S. Senate by Sen. Jay Rockefeller (D-W.V.), which among other things would create a “Do Not Track” registry, not unlike the current “Do Not Call” registry, where consumers could elect not to be tracked online. Tracking them after they’ve registered (with some exceptions) would be unlawful.
• The Commercial Privacy Bill of Rights Act of 2011 introduced in the U.S. Senate by Sens. John Kerry (D-MA) and John McCain (R-AZ), which would require advertisers to let consumers opt out of the collection of information about their online activities if the information would be used for behavioral advertising or would be shared with third parties. The bill also contemplates a safe harbor program to be administered by a non-governmental organization. Because of that, and because it would not create a “Do Not Track” registry, it is seen as more favorable to advertisers than Rockefeller’s, although the language of the bill is subject to change.
• The Best Practices Act, introduced in the U.S. House of Representatives by Rep. Bobby Rush (D-IL), which, among other things, would require an opt-out mechanism regarding the gathering and use of covered information of consumers and in some instances would require express affirmative consent.
• The Do Not Track Kids Act of 2011, which would amend the Children’s Online Privacy Protection Act and, among other things, would prevent the collection of certain information from children for use in online behavioral advertising, including geo-location information, and would require verifiable parent consent for collection, use or disclosure thereof.
• The Do Not Track Me Online Act, introduced in the U.S. House of Representatives by Rep. Jackie Speier (D-CA).
• A bill in the California state Senate, introduced by Democratic State Sen. Alan Lowenthal, which if passed would apply to any company doing business in California and collecting or using any online data containing “covered information” (which would include a computer’s IP address) from a California consumer. The bill would require an opt-out mechanism.