Feeds

Campaign launched to teach consumers about ad-stalking

Ad body produces guide to online behavioural advertising

Intelligent flash storage arrays

An organisation representing US marketing bodies has launched a new advertising campaign to raise consumer awareness of online behavioural advertising (OBA).

The Digital Advertising Alliance (DAA) campaign, called 'Your AdChoices', consists of banner advertising designed to drive users towards "educational videos" and controls over how adverts are personalised to them, it said.

The DAA, which comprises four marketing bodies including the Internet Advertising Bureau (IAB) and Direct Marketing Association, said the initiative would help inform internet users about the way OBA works, but a privacy group told Out-Law.com that the campaign would not address privacy concerns over how consumer data was collected and used.

In 2010, the DAA published a self-regulatory code on OBA requiring advertisers and website operators signed up to the scheme to provide internet users with certain information about the personalisation of ad content.

One of the rules of the code requires OBA companies to post an interactive icon that indicates that ads have been served through personalised targeting. The icon links through to a website that contains information on how data collected from individuals is used to serve personalised ads. The website also enables users to manage controls over what data individual operators can collect about them.

Publishers and advertising networks use cookies to track user behaviour on websites in order to target adverts to individuals based on that behaviour.Companies use cookies to track user activity and build up a picture of that person's interests, so that they can try to publish advertising towards goods and services they think the person will respond to.

"With widespread industry adoption of the DAA’s self-regulatory principles, the DAA remains committed to informing consumers about interest-based advertising, online data collection and use, and the simple way they can exercise control over their web viewing data," Peter Kosmala, managing director of the DAA, said in a statement. "This highly creative public education campaign is an important step in that ongoing process."

"The initial stage of this multi-phase online campaign includes banner advertising that directs consumers to the DAA’s Icon and links to a new, information website, www.youradchoices.com, which features three educational videos and a user-friendly consumer choice mechanism," the DAA statement said.

The interactive icon features on 900 billion "ad impressions" every month and more than 400 companies, including American Express, Microsoft and Disney, are signed up to observe the OBA code, the DAA said. Earlier this month, the IAB said that companies signed up to the OBA framework should display the interactive icon, along with almost every ad that is served.

Last year IAB Europe issued guidelines on what website operators signed up to the voluntary OBA framework should do to comply with the rules. Posting an interactive icon, complete with accompanying explanatory language, is just one of the rules set out in the code.

Website operators must also give users access to any easy method for turning off cookie tracking on their own site, and must make it known to users that they collect data on them for behavioural advertising, the regulations stipulate. Websites adhering to the regulations also have to publish details of how they collect and use data, including whether personal or sensitive personal data is involved. Details of which advertisers or groups of advertisers they make the data available to also have to be published.

The code has been criticised by EU privacy watchdog the Article 29 Working Party, which has said the methods used for displaying information to users and allowing them to opt out of behavioural tracking are insufficient on their own to confer user consent to being tracked, as required by EU law.

Nick Pickles, director of privacy and civil liberties group Big Brother Watch, told Out-Law.com that although the DAA's consumer education drive was a "positive step", it was still "far from clear" whether self-regulation could deliver privacy for internet users.

"Internet users need to be confident that if the law is not being adhered to, there is a proper regulator who can take up their complaint and deliver an effective remedy. For UK web users, it is far from the case that they have such a regulator to protect their interests. Consumers still remain largely in the dark about just how much information is being collected about them online for advertising purposes, not just in browsing habits but also social networking and email scanning," Pickles said.

Under the EU's Privacy and Electronic Communications Directive storing and accessing information on users' computers is only lawful "on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information … about the purposes of the processing".

An exception exists where the cookie is "strictly necessary" for the provision of a service "explicitly requested" by the user – so cookies can take a user from a product page to a checkout without the need for consent, for example.

The Directive takes its definition of 'consent' from EU data protection laws, which state that consent must be "freely given, specific and informed". The new laws were implemented into UK law in May. The amended Privacy and Electronic Communications Regulations state that website owners must obtain "informed consent" to tracking users through cookies. The UK's Information Commissioner's Office has the power to impose penalties of up to £500,000 on websites that breach the new regulations.

In June 2011, the EU Commissioner Neelie Kroes gave EU companies a year to standardise the way internet users could opt out of being tracked. She said the companies could learn from the advertising sector's self-regulatory rules.

However, the European Data Protection Supervisor criticised Kroes' recommendation of the OBA code and said the self-regulatory rules "failed to implement the new consent requirement".

The IAB has insisted that its OBA code was not designed to be compliant with the EU Directive, but that it could be used alongside other methods in order to obtain consent.

Randall Rothenberg, IAB president and chief executive told Out-Law.com that the DAA's advertising campaign will help users gain control over the things they see online.

“The power of digital is in its ability to give people exactly what they want when they want and where they want it," Rothenberg said.

"Now, alongside the DAA, the entire interactive industry has come together to strengthen our commitment to consumers – first, by self-regulating to assure their privacy rights and expectations are served; second by providing resources to allow them to understand and manage the use of their personal data; and third, to guide them toward the advertising, news, information, and entertainment that is most relevant to their interests," he said.

Copyright © 2012, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Beginner's guide to SSL certificates

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
Assange™ slumps back on Ecuador's sofa after detention appeal binned
Swedish court rules there's 'great risk' WikiLeaker will dodge prosecution
prev story

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.