News

Privacy Advocates: Consumer Education Isn't Enough

The efforts of e-commerce sites and online advertisers to educate U.S. consumers about privacy and targeted advertising aren't enough because many consumers won't take the time to understand the issues, privacy advocates said Thursday.

By Grant Gross, IDG News Service (Washington Bureau)

April 18, 2008 —

The efforts of e-commerce sites and online advertisers to educate U.S. consumers about privacy and targeted advertising aren't enough because many consumers won't take the time to understand the issues, privacy advocates said Thursday.

Leaders of the Electronic Privacy Information Center (EPIC) and the Center for Digital Democracy (CDD) called for Congress to pass online privacy regulations during a forum hosted by the Annenberg School for Communication at the University of Pennsylvania and the University of Southern California. And Susan Grant, director of consumer protection at the Consumer Federation of America, suggested the U.S. government should set up a "do-not-track" list, prohibiting advertisers from tracking online activities, modeled after the do-not-call list governing telemarketers.

Many U.S. consumers don't understand online advertising practices because the ways in which online companies use personal data is constantly changing, said Marc Rotenberg, EPIC's executive director. He pointed to a 2005 University of Pennsylvania survey in which only 25 percent of respondents knew that a Web site having a privacy policy doesn't guarantee that the site refrains from sharing customers' information with companies.

"What those privacy policies do is they disclaim responsibility," Rotenberg said. "I don't think people are wrong to believe a privacy policy means that their personal information won't be disclosed to others. I think that's a common-sense understanding of what a privacy policy means. I think businesses are wrong to post a privacy policy and then believe that provides a basis to disclose that information to others."

Officials with Google and AOL talked about their efforts to educate consumers about their privacy. Google uses a short-form privacy policy to cover the basics, in addition to more extensive privacy policies, and it has posted 13 videos on privacy on YouTube. AOL has created a campaign to educate consumers about privacy and online advertising, but only about 1 percent of users have clicked through on a banner ad urging them to check out the campaign, said Jules Polonetsky, AOL's vice president of integrity assurance.

"I don't know fully if this will work," he said.

But Polonetsky said he wasn't sure if a blanket do-not-track list would work, either. Some people may want certain advertisers to deliver contextual ads, and a do-not-track list might not cover privacy practices of social-networking sites, he sad.

Jane Horvath, Google's chief privacy officer, noted that the National Advertising Initiative (NAI), a network of online advertisers, offers an opt-out cookie that allows Internet users to opt out of online tracking by member companies. But she acknowledged some limitations with the cookie -- antispyware software and browsers can clear the cookie, forcing users to have to return to the NAI Web site and opt out again.