Silence ≠ 'yes', watchdog tells lustful ad-biz bakers

An independent EU advisory body is worried about what it describes as an "illusory" method employed by online behavioural advertising (OBA) when seeking consent to track individual users on the interwebs.

The Article 29 Data Protection Working Party outlined its concerns in a letter to the Interactive Advertising Bureau and the European Advertising Standards Alliance written earlier this month but only published today.

A meeting is taking place in September to discuss the self-regulatory Framework for OBA.

"The mechanisms proposed by the EASA/IAB code enable people to object to being tracked for the purposes of serving behavourial advertising ... However, tracking and serving ads takes place unless people exercise the objection," noted the Article 29 group.

"While this mechanism is welcome and constitutes an improvement to the current situation, it does not meet the requirement to obtain ... informed consent."

The group added the method offered no clear indication of a web surfer's wishes, especially when individuals have failed to object to being tracked.

"[S]uch absence of action cannot be presumed to indicate consent," the data protection body argued.

That's a concern that has been raised previously by groups that are worried about how the OBA industry will implement its own regulations.

The group called on browser-makers to set up a default setting that rejects third-party cookies. It advised "affirmative action" could then be required if an individual wanted to provide such consent.

"The Working Party realised that in the last year, browser providers have made important efforts. However, all the solutions so far continue relying on default options that accept cookies," it said.

The body went on to lambast the icon to be used under the EASA/IAB code, which it considered to "mean very little to users".

It said much clearer information should be displayed online to alert individuals when their browsing habits are being tracked.

The Working Party also labelled a website created by the industry bodies as "ambiguous" and said the site lacked "detailed information on the procedure of profiling".

In April the IAB said the self-regulatory framework backed by the likes of Microsoft, Google and Yahoo! "outlines good practice aimed at enhancing transparency and consumer control".

At the time, the IAB bigged up its icon, which will appear in or around display adverts to give netizens the option of stopping advertisers from tracking their moves online.

However, it also admitted that it only covers the "activities of website operators that are limited to their own sites or sites controlled by them" and "contextual advertising, which is advertising based on the content of the web page being visited, a consumer's current visit to a web page, or a search query."

Which was the IAB's way of confessing that all areas of online advertising wouldn't be subject to the new framework.

In May this year almost the entire EU missed a deadline for the implementation of a European law on cookies, as part of a set of measures laid out in the revised legislation for the e-Privacy Directive.

Here in the UK the David Cameron-led Coalition has been in talks with browser vendors to work out a "technical solution" via a browser setting. ®