Senator rips self-regulatory do-not-track efforts

Online businesses have no reason to push forward with do-not-track promises, Rockefeller says

The U.S. online advertising industry has not lived up to a promise to stop the online tracking of Internet users who ask advertisers to do so, a senior U.S. senator said Wednesday.

Senator John "Jay" Rockefeller, a West Virginia Democrat, blasted the online advertising industry for not meeting its promised deadline to implement a do-not-track program by the end of 2012. The Digital Advertising Alliance, a coalition of online advertising groups, committed in February 2012 to honor do-not-track requests by the end of the year, but advertisers and data brokers appear to be "dragging their feet," Rockefeller said during a Senate Commerce, Science and Transportation Committee hearing.

Consumers are still waiting for a do-not-track system that works across the Internet, said Rockefeller, the committee chairman.

"I personally have long expressed skepticism about the ability, or the willingness, of companies to regulate themselves on behalf of consumers when it effects their bottom line," said Rockefeller, sponsor of a bill that would create do-not-track regulations. "I do not believe that companies with business models based upon the collection and monetization of personal information will voluntarily stop these practices if it negatively affects their profit margins."

The DAA offers a program that allows Web users to opt out of receiving targeted, or behavioral, advertising based on online tracking. But the DAA Ad Choices program does not require websites and online advertising networks to stop tracking users.

Under the DAA program, "companies continue to collect vast amounts of consumer information and only promise to not use this information for specific purposes, such as targeted advertising," Rockefeller said.

DAA managing director Lou Mastria defended the Ad Choices program, saying it represents the only "end-to-end" service that allows consumers to opt out of targeted advertising. Mastria blamed Mozilla and Microsoft for implementing their own do-not-track functionality in their browsers and sidetracking the February 2012 agreement announced by President Barack Obama's administration.

Mastria called on the browser makers and other interested groups to recommit to a do-not-track standard negotiation at the World Wide Web Consortium (W3C).

Consumers should make the do-not-track choice, Mastria said. With do-not-track functionality available for Firefox and Internet Explorer users, "the browsers are making that choice, not the consumer," he said. "We are the ones that deliver consumer choice day in and day out."

Firefox's do-not-track functionality is off by default, noted Harvey Anderson, general counsel at Mozilla. The online ad industry will continue to resist change in standards for online tracking, he said. "We should question whether protecting business models that lack transparency is actually protecting competition," he added.

Some Republican members of the committee questioned whether do-not-track regulations are necessary, as Rockefeller suggested.

Online businesses have an incentive to meet consumer privacy expectations, said Senator John Thune, a South Dakota Republican. Lawmakers should be careful not to hurt small online businesses, he said.

Thune questioned whether there were "specific and identifiable harms" resulting from online tracking.

Harms are hard to define, with some consumers saying targeted advertising is "creepy," said Adam Thierer, senior research fellow at the Mercatus Center at George Mason University. "It's hard for me to find a real harm with creepiness," he said. "I think a lot of my neighbors are creepy, but I don't think they're harmful."

The issue is more about consumer preference, said Justin Brookman, director of the Project on Consumer Privacy at the Center for Democracy and Technology. "If a couple walks into a restaurant and says, 'hey, can I have a private booth?' the maître d' doesn't turn around and shout, 'what's the harm?'" he said. "They try to accommodate them."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is

Join the CSO newsletter!

Error: Please check your email address.

Tags e-commerceJohn ThunelegislationinternetprivacymozillaJohn "Jay" RockefellersecurityLou Mastrial Justin BrookmanMicrosoftDigital Advertising AllianceAdam ThiererCenter for Democracy and TechnologyGeorge Mason UniversitygovernmentWorld Wide Web ConsortiumadvertisingU.S. Senate

More about IDGMicrosoftMozillaTechnologyTransportationW3CWestWorld Wide Web Consortium

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts