Last week, Mozilla made a gorilla of a decision. It announced its new version of Firefox would automatically dump third-party cookies, essentially rendering the browser persona non grata to all but the largest of marketers. Despite the dedicated efforts on the part of the Digital Advertising Alliance (DAA) to make it go away, Do Not Track (DNT) will not. At the Direct Marketing Association’s (DMA) DC conference last week, a panel on the subject resulted in a refreshingly open exchange between Stuart Ingis, legal counsel for the DAA, and internet privacy activist Joseph Lorenzo Hall of the Center for Democracy and Technology (CDT). Following are excerpts from the session (not presented in sequential order) that we offer up to marketers in the interests of sanity, or insanity, as each may apply.
WHAT THE HECK IS IT?
Ingis: I think the CDT coined Do Not Track without knowing what it meant. I would argue it was to be provocative and try and push a privacy agenda that would raise attention. I’m not sure they realized there would be this much negative attention. The W3C (World Wide Web Consortium) has failed to define the problem they were trying to solve or any harm resulting from the data collection. And they haven’t to date been able to define a solution to DNT.
Hall: We did not mean the term that to have any weight other than as an analogy to “do not call.” The thing is, right now, I think that marketers have a real problem. Evidon came out with their global tracking report from 2012, and over one year there’s been a 50% increase in the amount of third-party cookies dropped in the browsers in the top 500 websites. What that means is that, if you go to Dictionary.com, you get 300 individual cookies. They come from not just what a publisher puts there, but from people as many as 10 hops away. It sounds a lot like a collateralized debt obligation, where people are cutting up each CPM amongst a whole bunch of people to wring out all the value they can.
Ingis: I don’t view 30 cookies from Dictionary.com as a bad thing at all. You’re getting content from all over the place. I used to have my big red dictionary and my thesaurus and now I get it all off my phone. Do people want to get rid of that? I don’t think they do.
WHAT TO DO ABOUT IT?
Ingis: What Mozilla has claimed its going to do and what Microsoft has done in turning the default on would really undercut the ecosystem for collection in a responsible way that our members do with clickstream data. [Marketers] benefit consumers by advertising. In my mind, what DNT is going to have to mean is to not collect and store a dossier of URLs that haven’t taken on certain protections. We’ll have to find technological ways [for marketers to] reach consumers by knowing their interests and reach them with an identifier without knowing who they are. Or you have to have a standard that talks about uses: advertising and marketing is permitted and other things are not. If there is going to be progress, it’s going to have to take one of those two approaches.
Hall: On the web right now, it’s very difficult [for users] to know what information you give off. It’s very hard to control. It’s not just cookies. The trick is that cookie controls are very limited. If you saw the way I browse you would freak out because I block out all Java script, all third party interactions. Once I close my browser, which I do every two days, they’re completely wiped out. If what you’re doing is replacing a cookie value with a streamlined opt-out so that all your opt-outs are like one opted-out user, that’s better way to deal with your data. DNT is a preference expression mechanism. It’s a little flag that says I’d appreciate it if you didn’t track me. If there’s an arms race between [marketers and] users like me employing all these sophisticated technical tools and trackers, then users are going to lose. Information asymmetry people have more knowledge on the tracking side than users. The Mozilla and Microsoft [moves] are decisions they’re making on behalf of their users.
DOES ANYBODY OUT THERE EVEN CARE?
Hall: Do Not Track is not only still relevant, but is crucial. We need to come up with an agreed-upon way that allows us to set these mechanisms. If you look at browser fingerprinting, there are no controls for that. What you have installed creates a unique fingerprint of your browser. The only way for consumers to avoid that is with an anonymizing browser. Otherwise, you wouldn’t be able to have any bookmarks, plug-ins, anything . For the longer user experience, it’s more crucial than ever.
Ingis: Consumers are not clamoring for this. I talk to congressmen all the time and ask them if they’re getting a lot of calls on this and they’re not. This is a fabricated thing being pushed by extreme viewpoints. The DMA and the DAA have done more to promote privacy for consumers in the last decade than anyone. I think we have to be very careful before we endorse something that would have devastating effects on something the public loves, the internet.