SCN: Privacy

[Steve]

x-no-archive: yes

==========================

(Tom Weber, Wall Street Journal)---When your personal privacy is at 
stake online, would you prefer to be left alone except when you 
grant permission? Or are you comfortable having your movements 
tracked unless you specifically object?  

Beneath all the fuss about cookies and databases, the debate about 
Internet privacy comes down to two very different approaches. In 
privacy jargon, the first is known as "opt in." Marketers agree not to 
collect or use personal data unless you affirm that you want to 
participate in their programs. "Opt out" takes the opposite tack, 
assuming you want to participate unless the site hears otherwise. 
So far, the Net is primarily an opt-out world. When the Federal Trade 
Commission examined popular Web sites earlier this year, it found 
75% had opt-out policies.  

Now proposals to mandate Web privacy are circulating in Congress, 
and both methods are in play. Meanwhile, dot-com companies are 
readying new services that raise fresh privacy questions. As 
concerns mount, the choices companies and their customers make 
will shape the future of personal privacy.  

"The default should be that you have privacy," says opt-in advocate 
Pamela Samuelson, a professor at the University of California at 
Berkeley. Opt-out policies are better than no choice at all, she says. 
But she argues that because of the complexity of Web tracking 
systems and the difficulty of making an informed choice, consumers 
should have the benefit of privacy without the hard work.  

Click onto most Web privacy policies and you'll see what Prof. 
Samuelson means. Yahoo's statement is two pages long and 
packed with links to other pages you need to read to fully 
comprehend it. It's also sprinkled with euphemisms. Yahoo says it 
draws on its data to "customize" ads -- in other words, it uses what it 
knows about you to try to sell you things you'll be tempted to buy.  

Yahoo's policy also highlights the burden placed on consumers who 
want to opt out of Web tracking efforts. Sixteen paragraphs in, users 
learn that Yahoo doesn't vouch for the advertising networks that 
insert ad banners onto its pages. Those networks place their own 
tiny "cookie" files onto your computer, and they have their own 
privacy policies. So if you use Yahoo and want to opt out of such 
tracking, you'll need to visit the Web sites of every ad network 
Yahoo works with -- all 19 of them.  

The fact is, much of the Web's underlying technology is designed to 
collect information about users, silently and automatically. The opt-
out procedure at online ad network DoubleClick underscores how 
tough it can be to curb the Web's natural instincts. You can't 
actually tell DoubleClick to keep its cookies off your computer. 
Instead, you must ask for a special DoubleClick cookie that says, 
effectively, ignore me. "Currently it's the only way to do it," says 
Jules Polonetsky, DoubleClick's chief privacy officer. "Otherwise we 
would not recognize you as someone who has opted out."  

Most privacy safeguards on the Net represent voluntary efforts by 
site operators. But lately privacy has become such a hot-button 
issue that legislators are floating proposals that would regulate how 
Web sites gather personal data. South Carolina Democrat Ernest 
Hollings introduced a Senate bill that would bar sites from tracking 
personal data unless users opt in. Other bills would regulate Web 
privacy but allow sites to use opt-out procedures. America Online, 
among other big Internet companies, is supporting one of the opt-out 
bills.  

Larry Ponemon, the top privacy guru at PricewaterhouseCoopers, 
says most companies want to stick with opt out. But he advises 
clients to seriously consider opt in. "There are real business 
advantages," he says. "Consumers are starting to view privacy as a 
loyalty ingredient." More stringent regulations are inevitable, he 
says, so companies might as well adopt policies now that will allow 
them to score points with consumers.  

Should consumers be worried? So far, much of the privacy firestorm 
has centered on tracking data from cookies, which reveal 
information about which Web pages a consumer visits. But with the 
growth of e-commerce, information about purchasing behavior is 
potentially more valuable.  

A visit to the front page of Amazon.com shows just how much the 
bookseller knows about you, or at least thinks it does. (Note to Jeff 
Bezos: My recent purchase of a few "Blue's Clues" books for my 
two-year-old daughter does not mean you should keep 
recommending "Blue's Lost Backpack" as my next book purchase.)  

The real privacy challenges are yet to come. Personal video 
recorders like ReplayTV and TiVo and the boom in online music 
raise the possibility that marketers will monitor what we watch and 
listen to. Continued interest in so-called dynamic pricing suggests 
that an individual's penchant for buying Madonna CDs might tempt a 
Web merchant to "customize" the price on her next release by an 
extra buck or two. And wireless Web services will eventually be 
able to pinpoint your location in the real world as well as the virtual 
one.  

DoubleClick's Mr. Polonetsky says that in the case of data that 
wireless systems gather about your physical location, his company 
favors an opt-in approach. "That's something sensitive," he says. 
Meanwhile, to learn more about how to opt out, visit the Center for 
Democracy & Technology's guide at opt-out.cdt.org.  

Copyright 2000 Dow Jones & Company, Inc.  





* * * * * * * * * * * * * *  From the Listowner  * * * * * * * * * * * *
.	To unsubscribe from this list, send a message to:
majordomo at scn.org		In the body of the message, type:
unsubscribe scn
==== Messages posted on this list are also available on the web at: ====
* * * * * * *     http://www.scn.org/volunteers/scn-l/     * * * * * * *