• United States



by Leon Fayer

Is ad personalization a threat to privacy?

Jun 05, 20129 mins
Data and Information SecurityIdentity Management SolutionsPrivacy

Mining and analyzing online behavior for internet marketing is here to stay, according to Leon Fayer of OmniTI. So how can those concerned about privacy protect themselves?

Last week, I was doing some research about my upcoming trip to Tanzania. I was browsing the web, looking for good deals on trip packages, reading feedback and comments from people who went on a similar trip, checking prerequisites (shots, visas) —-basically general research anyone would do when going on a trip to a place where they’ve never been, or looking to buy a new product and trying to choose from the selections.

Later that week I was checking my Gmail account, and, what do you know? The news ticker above the email showed me: NYT Travel — Next Stop: Off Tanzania, Serene Mafia Island. Obviously the article was targeted specifically to me, based upon my research over the few previous days, and it did provide me with some new information. But, is it a valuable service that companies provide, or an invasion of privacy — an abuse of the collected data that was never meant to be public?

[4 tips for Facebook from security and privacy experts]

Over the past few years, the issue of online privacy has become more acute. With the emergence of social web and data services, such as geolocation of web users, more and more information about the user is transparently available for web pages and applications. And, as always, the companies that can directly utilize the data available (and frankly those who benefit from it the most) are marketing and advertising companies. Personalized ads have become a common occurrence, and that scares some users. People believe that anonymity is a core benefit of Internet, and behavioral advertisement violates the privacy that users are expecting.But let’s look at the facts. Multiple studies have been done to assess users’ response to targeted behavior ads. Despite all of the concerns, the numbers are still pretty overwhelming.

Personally, I don’t fully understand people who cling to the idea of anonymity online for a couple of reasons. First, it sounds a little naive to argue against, for example, having your location available to the ad services when anyone can find out a ridiculous amount of “public” information about any given person. Nowadays anyone, with a few clicks of the mouse, can find out where you live and work, what you eat, who is in your immediate and extended family, how much you paid for your house, and much, much more. In perspective, disclosing your current location doesn’t sound like a big deal by comparison. Secondly, people don’t correlate the same actions on —and off-line because, even still, they view the Internet as completely anonymous channel, often with no repercussions for their actions.

However, online marketing is not much different from its ancestral, offline counterpart. You are being targeted for advertisement daily, based upon your “personal” information. When you are walking down the street, the shoe shiner will not ask you if you need his services if you’re wearing tennis shoes or flip flops. You are being targeted, based upon what you wear. New Chinese restaurant staff may not leave their menu at your door handle if you live outside of a 10 mile radius from the restaurant. You are being targeted, based upon where you live. If you are a male and walking through the mall, the staff will not ask you to try a new perfume. You are being targeted, based upon your gender. There are many more examples of daily targeting, based upon profile or behavior, yet those instances are tolerated much better than similar advertisements presented online.

Perhaps the issue lies in the fact that online data collection goes far beyond what can be derived from the information available outside of it. The Internet allows users to seamlessly switch between different activities in single browser. Average users spend more and more time on the Internet watching movies, doing research, shopping, reading news and much more. Here is a breakdown for an average U.S. user, condensed into one hour.

  • More than 70 percent of users admitted to being influenced by personalized offering at least sometimes.
  • 78 percent of users expressed interest in personalized content.
  • 65 percent of women are receptive to offers that provide them products that they are interested in.
  • 88 percent of women indicated that they would like to receive tailored offerings from the brands they trust.
  • 39 percent of users indicate that they are more likely to click on an ad if it is personalized based upon their tastes and interests.
  • 58 percent of frequent shoppers —those who shop online at least serveral times a month —-are more likely to click on personalized ads.
  • 41 percent will pay more attention to advertising, based upon their interest.

All the activities listed provide valuable data points that can be correlated into a “user profile,” and if analyzed properly, allowing very accurate assumptions about the products and services that will interest that particular user. Amazon can be considered a pioneer in creating their related products section, which enjoys a very high conversion rate, based upon users’ past purchasing and browsing history. Facebook’s targeted advertisements analyze user preferences, likes and comments to promote products and services to match that user’s interests. And although these services provide valuable offerings, some people argue that online advertising is unnecessary, and ads diminish the value of the content or service that companies provide, because they distract from, or are irrelevant to, the main content.

[Drive-by download attack on Facebook used malicious ads]

Internet advertising has to exist in order for companies to provide free, quality content. This is an axiom. In order for the advertisement to be effective and attract customers, it must be relevant. In order for marketing to be relevant, appropriate messaging must be communicated to the target audience. And, in order to assemble an appropriate message, a company must know the audience being targeted.

There are two types of targeted advertisements that have been adopted on the web: contextual and behavioral. Contextual ads market products based upon the content that is being presented to the user. For example, if a visitor is looking at user-submitted images on National Geographic My Shot, presenting an ad for Nikon camera would probably yield a higher click through rate than a generic “You have been selected to win an iPod” ad, that so many people have come to hate, as this approach assumes that people viewing the content on this particular page would be uniformly interested in a random product.

Contextual ads target a particular group of people with a common interest, and bank on the similarities within the target group. Behavioral ads are targeted by using the historical data collected while the user views multiple pieces of content. Companies that employ behavioral advertisements collect data from various sources and preferences of a user —-on average several hundred times a month — and use that information to tailor the offering to an individual user viewing the content. This is where users concern about privacy violation comes in.

There is no question that available information can be abused. On the other hand, users may not want some of their Internet activity associated with their profile. They may look for advice for their real-life problems or diseases without wanting to expose themselves, or having that information being associated with their profile (which may contain unique information identifying them).

At the end of the day, the issue comes down to the mission, values and reputation of the company running the campaigns. A company collecting data and using it to provide a better user experience for its users, is much different from a company purchasing profile data from other places and using it to exploit or trick users. “Find [something] in [your city], [state]” is the most common example of deceiving people into registering for questionable services.

Unfortunately, there is no silver bullet for the problem. The Internet went through the same process when companies began to require an email address in order to register for, well, pretty much anything online. Volumes of spam increased exponentially, and it took years for ESPs to devise sound, anti-spam solutions. However, it required users also to make a responsible decision about which services were reputable enough, and to provide their personal information. Behavior targeting, if proven successful, will have to go through a similar trial-and-error process before it matures. We can only hope that the cycle will be quicker, as companies and users alike are more educated regarding online operations than they were 10 years ago.

So the marketing expansion can’t (and based upon marketing survey responses, shouldn’t) be stopped. However, with all the data available for consumption, there are steps that must be taken to maintain a necessary privacy level for concerned consumers, and a lot of major companies are taking steps toward implementing those policies. AOL, for example, lets users opt out of some targeted advertisements; Google lets users edit the search histories that are linked to their profiles; Microsoft says it does not link any of its visitors’ behavior to their user names, even if those people are registered; and Mozilla released a proposed “Do Not Track” header to provide users with a deeper understanding of, and control over, the flow of personal information online.

The bottom line is: The Internet is evolving, expanding and becoming its own ecosystem, and behavioral marketing on the Internet is here to stay. If you are happy to receive relevant advertising that may even give you new, useful information, be happy. If you fall on the other side of the privacy coin and you don’t want your surfing habits tracked, you can employ available tools and methods to restrict the outgoing information.

Leon Fayer is Vice President, Business Development for OmniTI, a provider of web infrastructures and applications.