Herding Cats: Regulating Online Tracking

There was a time, when the World Wide Web was young, that many entrepreneurs counted on the idea they could make money the old-fashioned way–by charging cyber-customers on a per-use basis, the same way they charged traditional brick-and-mortar patrons. Most print magazines, for example, felt they could make a seamless transition from paid print subscriptions to paid Internet subscriptions. Newspapers believed that some of their traditional departments, such as classifieds, would become huge profit centers because they would bring in the same revenue without the cost of all that paper or postage. However, it became clear very quickly that while many would be willing to pay for many physical goods by means of e-commerce, very few seemed terribly enthusiastic about paying for information or entertainment on a per-use basis.

As a result–a very good result in the opinion of many observers–almost all of the information on the Internet, including a great deal of entertainment–is free to all. The trouble, of course, is that creating and posting all that content still costs money, and so, slowly but very surely, much of the Web switched over to supporting content and services by means of advertising, analogous to the broadcast TV model. I believe that a significant number of people wouldn’t use Google or Facebook if they had to pay for it. But unlike broadcast TV, which only talks to you, the great strength of the Internet is its easy interactivity, and these characteristics produced a different kind of advertising strategy–one typically involving the extensive tracking of consumer activity.

[Related Article: Bin Phishin’?]

Google became the burgeoning behemoth that it is today by perfecting the ability to track a user’s movements and tastes, enabling it to target advertising more effectively than could ever have been accomplished in any other medium. Nevertheless, there has always been a yin for every yang. In this case, the bad news is the fact that our personal information has become much more valuable to advertisers than ever before. The lengths to which advertisers go to collect consumers’ information speaks to the larger issue of the widespread information-gathering across all sectors that leaves us all vulnerable to data breaches and identity theft.

The fact of the matter is that tracking data at first glance may seem innocuous enough. It’s essentially your likes and dislikes based upon your activity on the Internet, and maybe you don’t care if people know what sites you frequent, or what kinds of things you buy online. After all, it’s not your birthday or Social Security Number, right? Well, not exactly. For identity thieves, unless and until they acquire your most essential personal identifying information (i.e., name, address, date of birth and SSN), every snippet of information relating to your personal preferences is another piece of the puzzle that when added to the mix brings them a step closer to having the secret sauce that is you–so that they can more effectively masquerade as you.

Get everything you need to master your credit today.

Get started for free

[Free Tool: Obtain your Identity Risk Score from Credit.com]

Enter, slowly, the feds. At this moment there are no fewer than five pieces of legislation that have been introduced on subjects relating to tracking and Internet privacy. Given that the political web in Washington is much more tangled than the Web we surf, no one can predict if, when, or which of these proposals will actually become law. But at least, finally, everyone is getting in on the act. One recent offering, authored by two former presidential candidates on opposite sides of the aisle–John McCain and John Kerry–is called “The Commercial Privacy Bill of Rights.” Although the bill is laudable in many respects, it leaves out what many think is perhaps the most important protection for consumers; that is, a “Do Not Track” option, akin to the “Do Not Call” list codified into law only a few years ago. The FTC agrees, and has lobbied vigorously for such a provision for some time.

Part of the problem is that the issues raised by any legislation in this area are extremely complex, and involve very high stakes. Some legislation has been deemed unconstitutional on First Amendment grounds. A 1998 law known as The Child Online Protection Act (“COPA”–not to be confused with COPPA or CIPA—whew!) was eviscerated in 2008 by a federal court. Although that law didn’t deal with tracking, it serves to illustrate that the federal government’s approach to online privacy has been less than perfect.

Regulating the Dark Side (cont.) »

Image: Kathleen Murtagh, via Flickr.com