Online Marketers Need to Police Privacy Before the Feds Step In

As new behavioral targeting technologies allow marketers to deliver their messages to more finely divided segments of potential customers, businesses must take a more serious approach to protecting consumer privacy if they want to avoid burdensome new regulations, according to Gartner analyst Andrew Frank.

In a presentation at the research firm's annual security and risk management summit, Frank urged marketers to firm up their privacy policies and achieve compliance with the Digital Advertising Alliance (DAA), an industry-led self-regulatory organization focused on educating consumers about how their information is collected and used and providing options for limiting tracking.

The likely alternative, Frank said, is more rigorous oversight of the industry at the hands of federal regulators.

"By now it's clear there are no easy solutions to the problem of how to reconcile marketing imperatives with privacy," he said. "You don't want regulatory practices to go and start to replace the self-regulatory practices, and this will happen if people aren't complying voluntarily."

The DAA, whose members include several of the leading advertising and marketing trade associations and the Council of Better Business Bureaus, has been working to spread its privacy framework throughout the industry in a bid to convince lawmakers and regulators that self-regulation is a viable path to protecting consumers.

Frank, a fan of the self-regulatory model, is advocating that businesses engaged in behavioral targeting sign onto the model backed by the DAA, which he described as a "serious" organization.

Many privacy advocates, however, have challenged whether the DAA model goes far enough, calling for an expanded government role in policing the sector and more tools to allow users to escape tracking systems.

Lawmakers have made efforts at passing legislation to authorize federal regulators to enforce rules for protecting consumer privacy online in the last several sessions of Congress, but so far each has stalled. Frank expects that pattern to hold.

"I personally think that privacy legislation is a losing proposition for most politicians, because whatever you do you're not going to make everyone happy," he said. "Either the powerful Silicon Valley lobby will come down on you as they have, for instance, in prior attempts to legislate piracy. Or you'll be accused of making toothless laws that don't protect anyone. So it's really a no-win situation."

"I certainly don't think that this congress is going to do anything, and if I were a gambling man I would bet that the next congress won't either," he added.

In addition to signing onto the DAA privacy framework, Frank advised firms to work to bring together the privacy and marketing teams, noting that they often work at cross purposes.

Acknowledging that data is in essence a form of currency in the marketing operation, and that the business case for maintaining detailed customer profiles is compelling, Frank nonetheless urged privacy officers to involve themselves in the development of any data-collection program. By speaking on behalf of the consumers, in-house privacy advocates could challenge their marketing counterparts to implement reasonable limitations on their data-collection efforts, setting caps on how long data would be retained and minimizing the gathering of personally identifiable information, for example.

The "best thing privacy officers can do is bring the customer's voice into the marketing process," he said. "What marketing really needs on this stuff is a conscience."

Kenneth Corbin is a Washington, D.C.-based writer who covers government and regulatory issues for

Follow everything from on Twitter @CIOonline, on Facebook, and on Google +.

Read more about government in CIO's Government Drilldown.

Join the CSO newsletter!

Error: Please check your email address.

More about Andrew Corporation (Australia)Better Business BureausFacebookGartnerGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Kenneth Corbin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts