A leading international consumer group has called on the U.S. Federal Trade Commission and the European Union's main body for data protection, the Article 29 Working Group, to reject self-regulation of online behavioral advertising.
In a letter to lawmakers, the Trans-Atlantic Consumer Dialogue (TACD) said it was deeply concerned about the E.U. position on how Internet users are tracked online and their Internet data then sold on to advertisers. The group, which represents Internet users' interests, is alarmed at moves by the advertising industry to have Internet users' Web paths defined as "non-personal data."
"The E.U. should not accept the advertising industry's attempts to redefine people's internet usage as 'non-personal data.' It's certainly personal and a clear line should be drawn as this billion dollar industry is now the currency of the Digital Age. The current icon program gives a false impression of fairness," said Monique Goyens, director general of the European Consumers' Organization (BEUC).
The self-regulation system uses an icon to provide notice of data collection practices, but TACD says that research shows very few users ever click on it. "Yet the icon is the foundation of what's supposed to be a robust program of 'best' practices that can effectively empower users to make critical choices about their online privacy," points out Julian Knott, TACD head of secretariat, in his letter.
"Consumers who may click on the icon are initially dissuaded from taking appropriate measures to safeguard their privacy, as they confront an array of information that online profiling is primarily about providing them with 'appropriate' advertising, is non-personal and supports their access to a 'free' Internet," he continues.
"Under both the E.U. and U.S. self-regulatory regimes, sensitive data, such as involving consumers' health or finances, can be collected without ensuring that they have real opportunities to proactively protect how such information is used," Knott said.
Online behavioral advertising is conducted primarily through cookies, tiny pieces of software installed on the user's computer to remember preferences relating to a particular website. The law governing cookies in the E.U. is the revised ePrivacy Directive, which became law in May and requires companies to obtain "explicit consent" from Web users before storing cookies.
However, the vast majority of E.U. member states failed to implement the law amid confusion about how to define "explicit consent." The European Commission recently started legal action against the 20 countries that failed implement the new rules protecting consumers' data online.
Representatives of the online advertising industry and the Article 29 Working Group will meet to discuss the how best to manage online behavioral advertising next Wednesday.