Data mining in the media economy

It seems things always come in threes. This also holds true in Privacy News. Over the past holiday week, the US saw a series of pieces related to the on-going privacy/targeting debate in the media.  Stories percolated into Business Week and The New York Times related to the regulation/self-regulation discussion of behavioral targeting, while in the UK it was announced that British Telecom was terminating its controversial trials of the Phorm targeting service. What’s different this week? Just maybe the industry trade bodies are finally taking seriously the threat of external regulation? With that there is an escalated need to aggressively pursue a self-regulatory path.

A cross-section of industry groups have now produced 7 guiding principles for behavioral targeting and taken a passable stab at defining it:
“The collection of data online from a particular computer or device regarding Web viewing behaviors over time and across non-affiliate Web sites for the purpose of using such data to predict user preferences or interests to deliver advertising to that computer or device based on the preferences or interests inferred from such Web viewing behaviors. The Principles do not apply to a Web site’s collection of viewing behavior solely for its own uses” ¹

The specificity of the definition is very interesting in that it draws some very specific data practices into question. These relate to specialist companies that aggregate data across sites such as NextAction, Acerno, and data aggregators such as Blue Kai. However it may exclude companies such as Media6Degrees, that makes inferences based on your association to users you are connected to via social media. While such companies are very familiar to interactive advertisers, they are practically anonymous to the consumer and are, as such, clearly in the target area of regulators because they hold an ambiguous and undefined role.  Do we want to go this route and call out companies?

How does this apply and does it also challenge re-targeting and other practices related to data collection?  Re-targeting shares data from advertiser sites with media networks to allow the re-solicitation of visitors to an advertiser site.  You may have experienced this when you visit a site and then almost immediately start to receive ads from that company. A recent article by Wendy Davis in Mediapost shed light on this practice when she reviewed AT&T’s data sharing activities. Greg Neal , VP of Product Strategy at my company, TruEffect, observed in his analysis of the top 500 advertisers that, on average, data is shared through cookies 7-20 times, depending upon the industry.  

“AT&T is by no means unique" said Neal. "In fact they are better than many and have a very clearly articulated privacy statement related to these practices.  We typically see data being shared with between 3 and 10 companies.” What is more concerning for Neal is companies that do not understand how their sharing of data impacts their business and the brands they support.

“When reviewing client data practices it is not unusual to see data they have shared for specific re-targeting to be driving advertisements for competitive advertisers. I think advertisers often over-estimate the control they have of their data. When they share that data with another party, there is little control or regulation over the specific purposes and re-purposes for which the data may be used. It’s also extremely difficult to monitor or track. When the data is gone, it’s gone!”

This is a view shared by Match.com’s Jim McDonald who said, “We have rationalized the range of networks with whom we work based on compliance to our data standards. We have also begun investigating other methodologies such as managing all media within our domain. Users have a relationship with Match not any third party company they’ve never heard of.”

Doug Brown at Bank of America echoed this perspective, “We are actively testing different solutions. Our customers expect us to be stewards of their data but also recognize the relationship we share. The two should not be at odds. Our customers want us to be relevant but not intrusive, secure but accessible.”  Research supports Brown’s view 61% of users expect their interactions to be private but nearly the same number also want advertising to be relevant.

Chris Ahrens of agency Draft/FCB reiterated this sentiment saying, “Draft/FCB has taken a pragmatic approach to the BT area and deployed different technologies when most appropriate.  We were the first to use ad serving without cookies as well as supporting the use of the advertiser option when appropriate”.

Given advertisers have options, is the industry’s response really getting ahead of the issue or simply acknowledging a changed reality?  Behavioral Targeting comprises less than 9.5% of all display media sales² although they do comprise a much larger part of media selection and retargeting.

Nielsen’s Marc Ryan believes that many consumers have already created their own opt-outs. “For quite some time we have been noticing an increasing trend in users managing their data more aggressively, this includes deleting or simply not accepting cookies. Typically we see more than 50% of media being managed in this way by better tools and options in the browser and use of security software.”

Webtrends, a leading web analytics company, saw similar trends.  “We believe about 28%-33% of users now manage how their data is used in media.  Consumers are ok with sharing data with companies they know (and trust).  They are often a little more savvy than the industry gives them credit for or wants to admit as it impacts measurement accuracy and performance.  In site-side analytics we saw this a number of years ago and made adjustments by working in the domain of the advertiser. We see the same trend in media and believe companies such as TruEffect offers solid alternatives to current practices.”

– Martin Smith
¹ Self Regulatory Principles for Online Behavioral Advertising
² eMarketer, June 2008

Would you want this job?

While "Terminator Salvation," sans "Governator" plays in theaters nationwide, President Obama declares that cyberspace is actually a real place, and gives it its own security force. To protect us from hackers, international terrorists, and even SkyNet Research, Obama announced today the creation of a new government post - Cybersecurity Coordinator. Sure, this is not a job most of us would want, but his speech announcing the post certainly underscores the importance of this virtual space we've created and adopted in droves over the past two decades.

He reminds us that the internet is not just about our growing personal communication and entertainment uses, saying "... make no mistake:  This world -- cyberspace -- is a world that we depend on every single day.  It's our hardware and our software, our desktops and laptops and cell phones and Blackberries that have become woven into every aspect of our lives. It's the broadband networks beneath us and the wireless signals around us, the local networks in our schools and hospitals and businesses, and the massive grids that power our nation.  It's the classified military and intelligence networks that keep us safe, and the World Wide Web that has made us more interconnected than at any time in human history. So cyberspace is real.  And so are the risks that come with it."

As geeks around the country rejoice at the administration's plans are to keep this virtual world "open and free," we wonder if the continued emphasis on technology and security will fuel even more government attention to consumer privacy concerns around online advertising and behavioral targeting?  Time will tell.

– Layne Salter

It's a Brave New World

It's easy to forget how new the internet actually is. A lot of recent coverage is devoted to following the ins and outs of the new presidential administration's use of the internet to build the national community it promised during the election. Not since Kennedy bested Nixon in the 1960 television debates, has the use of technology been so prominent in politics.

It's hard to imagine that it was only about a decade ago that Clinton ushered the White House into the online world with the creation of Whitehouse.gov, and a mandate that all federal agencies get online. David Almacy, Bush's Internet Director said, "Clinton was the first Web president. Bush is the first digital president, and Obama is the first online social networking president." Even Congress is tiptoeing in the waters of YouTube, though it may take better directing to 'whip' our representatives into a believable presentation. Maybe Oliver Stone is available.

Digital Technology - faster than the speed of....
uh, the latest fast thingy?
It's not surprising that technology leaders, advertisers, marketing professionals, and privacy officers around the globe seem to always be playing catch up. This week an eMarketer report showed the first Direct Mail drop in over 60 years - no big surprise here. But the prior week they also published a report showing that Google, for the first time, is losing, rather than gaining, share in Search. And the hits just keep coming. This week brought us a new Nielsen Report on Social Networking's New Global Footprint that shows "member communities have overtaken personal email." If that's not enough to raise your eyebrow, how about the fact that time spent on Facebook last year not only increased by 566%, its greatest global growth comes from people aged 35 - 49? Even the strongest advocates for social media must be astounded by this speed of adoption.

Couple all these lightning fast changes with a recession spawning massive budget cuts, and I'm sure many marketing professionals feel the need for a long vacation (of the paid variety of course). We've talked about simplifying a lot in the past, but with this schizophrenic environment, it's more imperative than ever. TruEffect does its part by continuing to help advertisers make sense of the digital advertising landscape. It's all about forging meaningful relationships with customers, while spending less time and money on it and, of course, keeping kosher with online privacy regulations.

– Layne Salter

Facebook loses battle with consumer privacy

 This week we can add Facebook to the online privacy debacles of late. A change in their terms of service got users in such an uproar, I'm surprised it didn't bring down the Twitter servers.  Mark Zuckerberg tried to calm the masses in a blog post  on Monday explaining that they didn't actually want to own all our data forever.

Then, on Tuesday, it was reported that the Electronic Privacy Information Center (EPIC) was preparing to file a complaint with the Federal Trade Commission. Now, if you've read the FTC Staff Report on Self Regulatory Principles for Behavioral Advertising, Principle 3 talks about "material changes to existing privacy promises" and states, "A company must keep the promises it makes with respect to how it handles data. If it wants to make a ‘material’ change in how the data is used, it must obtain ‘affirmative express consent’ from the affected customers." Whether EPIC was making this connection is not known. 

Not surprising, Facebook did an about face today , rolling back their terms of service to the previous version.  It's like a Privacy Tsunami created by millions of pissed off Facebook users. Hmmm....Perhaps the online ad industry needs to take a harder look at that FTC Staff Report.  Even if you don't fear potential privacy legislation, the instantaneous public consumer outrage, courtesy of social media, is enough to keep you up at night.   

– Layne Salter

FTC Staff fires privacy shot across the bow

While I would like to think “everyone” cares as much about online advertising, behavioral targeting and consumer privacy as I do, my gut says most advertising folks didn’t gallop over to the Federal Trade Commission website to download and pour over the Staff Report on behavioral advertising last Thursday.  Based on that assumption, we’re going to devote a bit of effort to getting the word out because the implications of this report are far greater than may be apparent at first glance.  With this report, and, perhaps more importantly, the two concurring letters from Commissioners Pamela Jones Harbour and Jon Leibowitz, the FTC has fired their warning shot to each of us whose business exists because of online advertising.  The call-to-action starts with the first two words in the title – “self-regulatory”. 

Full disclosure – we’ve built our company on the belief that advertisers own their relationship with consumers, and the information defining that relationship should belong to them, not to some third-party technology company or ad network.  For that reason, I was pretty excited when the FTC explicitly validated our approach to data and behavioral targeting.  Their endorsement of the ‘first-party’ model as “more likely to be consistent with consumer expectations, and less likely to lead to consumer harm, than practices involving the sharing of data with third parties or across multiple websites,” profoundly confirms our position.  But as this warm glow of self-satisfaction waned, and we read further into the report, another message became clear – ignore this report at your own peril.   

To offer some perspective, since the 1990s, the FTC has kept a careful eye on the online advertising space, but has refrained from directly regulating.  They’ve consciously allowed all of us to go about our business and figure out models that bring value to consumers, and revenue to our top line.  The FTC Town Hall early this decade was the impetus for the formation of the Network Advertising Initiative and is as close to imposing regulation that they’ve come.  Now that we’ve developed more sophisticated methods of collecting data and targeting online ads, and a track record that includes the rise of über-data hound Google and the AOL search debacle in 2006, the FTC no longer feels they can stay on the sidelines.  Commissioner Harbour goes so far as to layout a timeline “directing staff to complete, by Summer 2010, a report that evaluates the efficacy of self-regulation in the realm of behavioral advertising.”  To stoke the fires even further, Commissioner Leibowitz warns all of us to keep our promises regarding the use of consumers’ information.  “If they fail to do so – whether first party or third party, online or offline – we will go after them.”  

I’ve been calling for advertisers to actively engage in this process since before I gave a presentation to the FTC’s Town Hall on eHavioral Advertising in November, 2007.  But companies whose business models are dependent upon the development of third-party profiling databases and targeting solutions are likely to not heed the FTC’s call sufficiently to prevent the drafting of regulation or even legislation.  The folks controlling the media budgets must insert themselves by helping to define acceptable practice.  Already, advertisers are struggling to allocate more of their (dwindling) media budgets to online, failing even to keep up with consumer adoption.  (Only 8% of media dollars are flowing online, even though we consume 28% of media from the internet - Forrester Research, January 2008.)  If regulation or legislation is forced down our throats, further impairing a brand’s ability to make the most of every media dollar, we will only see that gap widen.

Next week I’ll be participating in a workshop hosted by the Future of Privacy Forum in Washington D.C.  This will be a great opportunity to learn from some of the leaders in our industry.  Perhaps one of the most encouraging aspects of the event is the fact that some of the largest advertisers in the world are planning to participate.  Perhaps they’re taking “self-regulatory” more seriously this time around.

– Scott Nelson

Grownups say the darndest things

Americans love the First Amendment. But what happens when it intersects blogging, Twitter and other social media? A morning jaunt that began with an industry newsletter with the headline "ValueClick whacked over email; commentors gleeful," took me on a brief, but crazy ride.

First, a no doubt, well meaning, Media Development Manager at ValueClick (no, I won't mention his name and create yet another Search result for his faux pas) was publicly chastised by Jeremy Schoemaker on his ShoeMoney blog, and on his Twitter account. He called a sales email "spam" and implied it was in violation of the Canned Spam Act, simply because the sender made a copy and paste mistake and did not delete a previous form email to another prospective client. The onslaught of comments further raked the guy over the coals. Most of us understand that the Canned Spam Act  is for commercial emailers, not poor sales schlubs trying to do their job. Also, the fact that it was a cut and paste error implies that the solicitations were being sent individually, not as a mass email anyway. If we're going to blast others for spam, (no pun intended) let's at least understand our definitions.

From here, I was led to another article, "Virgin sues Adrants over fake Hudson River crash ad."  The ad, which turned out to be fake, said, "The Hudson River Crash: Just one more reason to fly Virgin."  The blog post even mentions that the source of the print was suspect, but what the heck. It's just a blog, right?  And from AdRants, after all, already known for its over the top commentary on advertisements. Is this libel, or simply a joke in poor taste gone bad?

From there, I wound up back at the ShoeMoney blog, and out of curiosity scrolled through some other posts, and came across a Fox news video outing the owner of the Lafayette French Pastry shop in New York. The bakery, said to be a celebrity favorite and used in "Sex and the City" is selling a chocolate cookie called "drunken negro heads." The baker says he has the right to name his pastries however he sees fit, but critics believe he's crossed the line between freedom of expression and blatant racism. Oddly, critics and journalists alike have failed to critique the actual cookie. I'm just wondering if the baker thought its wonderful taste warranted his flagrant disregard for political correctness? And Fox News – responsible journalism, or free advertising for the bakery?

By writing this, am I adding to the publicity cycles of things that should never have made headlines in the first place? Or simply expressing an opinion on the state of social networking?  Regardless, only time will tell if court intervention will propagate new legislation on our latest communication phenomenon.

Or, perhaps the economic slump has simply resulted in people having too much time on their hands? Nah, it's always been this way.

– Layne Salter

The calm before the storm: Relevant advertising meets privacy concerns

As the country unwinds from Inaugural festivities, we once again hear rumblings about internet consumer privacy, and what the new administration might bring to the table. The Obama administration continues the digital love affair that started with the campaign and continues with the President forging new security territory by insisting on keeping his Blackberry and email, and granting YouTube a free cookie pass on Whitehouse.gov, which previously prohibited persistent cookies.

Jules Polonetsky, co-chair of the Future of Privacy Forum said, "With this administration, how data is handled is going to be far more central than ever before. We have people enthusiastically interacting with the government -- wanting Barack to be our Facebook friend -- yet we don't have an accountable figure to help shape information policy." Another article predicts a renewed FTC focus on online advertising and privacy if Jon Leibowitz is elected FTC chairman. Industry organizations are reported to be seriously reviewing the self-regulatory guidelines proposed by the FTC in 2007.

While recent focus has been around regulating behavioral targeting, it's only the tip of the iceberg when we look at how online targeting products compile, share and utilize data in derivative works. Every time advertisers place a technology or media provider's pixel on their page, they literally hand over their data to third parties. This not only may violate a site's privacy policy, but the data may also be used to benefit competitors.

We wouldn't give our customer email list to a competitor, and yet it's common practice to use targeting technologies that produce a similar outcome, albeit at the anonymous level. When a campaign drives a customer to a site, targeting pixels can pick up data about a consumer's visit, including such information as what they put in their shopping cart. This data is then aggregated with other advertisers' campaign data to create targeting parameters that may be used by others, including our competitors. For instance, if you're Best Buy, that visitor might be labeled as "electronics aficianado" and that information then used to target an ad from Dell. Research shows that larger online retailers may have as many as 10 to 15 ad pixels on their site at a given time. Multiply that by the millions of ad impressions they purchase, and we are quickly into billions of data points compromised. Does this make sense?

Between privacy concerns and the economic downturn, time is ripe for innovation in online advertising. Look for change to come, and not just from Washington D.C.

– Layne Salter

Privacy vs. Advertising - It's personal.

This summer's been a virtual ice cream sundae of consumer privacy concerns — a double scoop of Google's court order to disclose YouTube user logs, topped with TorrentSpy's $115 million fine for destroying user information, sprinkled with ISP's under fire for affiliations with consumer web-surfing behavior technologies like NebuAd, and a big fat cherry of a FaceBook class action suit for its Beacon program. Add to that a decade of malicious spyware, viruses, spam and pop-ups to stoke both government and consumers' fears, and it might just sound like a good time to give up ice cream... but wait.

With online ad spend consistently growing, and consumers flocking to the internet to both buy and to research offline purchases, forward thinking online advertisers look to innovative technologies to helpbridge the gap. Is it possible to bring the relevant and personalized advertising experience consumers demand, while at the same time safeguarding their privacy? We think so.

There is growing body of evidence to support the fact that users not only respond better to, but actually prefer, a more personalized advertising experience. Earlier this year, a Harris Interactive study disclosed that 55% of U.S. adults indicated they would be comfortable with companies using information about their online activities in order to provide customized advertising or content. But on the other side of the fence, support is building for a Congressional measure, dubbed the"Online Privacy Bill of Rights" that would force companies to obtain consumers' consent prior to gathering their web-surfing patterns.

The right solutions will provide both privacy AND relevance to the consumer. If the CAN-SPAM act was any indication, government intervention may not be the answer. Courting consumers' trust might wind up lying squarely on the shoulders of the known and trusted brand advertiser, rather than the not-so-private aggregation of web-surfing patterns by 3rd party behavioral targeters.

The current debate is focusing on the ISP's and targeting companies, without addressing the real issues. For the industry to prosper, we must take a leadership role in being the stewards of our own industry.

– Layne Salter

Reactions to Proposed FTC Regs Run the Gamut

Here's an interesting article that ran recently in DM News this week. Response to FTC Proposed Principles The reporter, Ellen Keohane, gathered a variety of perspectives on the FTC'€™s proposed self-regulatory principles for the online behavioral advertising industry. Although not entirely surprising, the responses to the proposed regulations varied greatly: The advertisers interviewed stated that these standards were already being followed by all of the major players, while the Executive Director for the Center for Digital Democracy said that the guidelines were far too vague and depended on the goodwill of an industry whose first priority is to collect and harvest as much user data [as possible]

This dichotomy of perspectives is just another example of how complex it will be to find a balance between consumer privacy and access to content supported by online advertising.  In a series of forums recently, one very clear point of agreement resonated with me.  Some people may use the technology in an unscrupulous and harmful way and both sides of the debate agree to a great extent what many of those practices include.  Profiling based upon personal health conditions, religious affiliation and sexual preference to name a few, is not acceptable to the vast majority of consumers. Let'€™s look for those areas of agreement and start developing ways to address the truly egregious practices first. In securing some "€œeasy wins"€, we can learn more about how to tackle the gray areas of behavioral targeting more productively.

- Scott