The FTC is being asked to investigate the regulation of data collection via the Internet

I was sifting through my email and I noticed that the Center for Digital Democracy and the US Public Interest Research Group are petitioning the US Federal Trade Commission to stop Microsoft from developing technology for its AdCenter online advertising platform. While the petition largely focuses on Microsoft, a wide variety of technologies are being targeted.

From the petition (PDF, available here, emphasis mine):

The Center for Digital Democracy and the U.S. Public Interest Research Group, two of the leading public-interest advocacy groups working on behalf of a more diverse, open, and competitive online environment, call on the FTC to undertake an immediate, formal investigation of online advertising practices, focusing on five areas of concern:

• User Tracking/Web Analytics
• Behavioral Targeting
• Audience Segmentation
• Data Gathering/Mining
• Industry Consolidation

Collectively, these five areas represent the foundations of an entirely new online environment, one in which engagement gives way to entrapment, in which personalization impinges on privacy. It is an online environment, in short, that threatens to turn the traditional media equation on its head–a media that consumes us.

At fifty pages this document requires a pretty deep read to understand exactly what risks this petition creates for the web analytics industry. Several analytics vendors are specifically cited including Clicktracks, Deepmetrics, Unica and Coremetrics, but none appears to bear the brunt of these groups fearmongering more so than Omniture.

From the petition:

The key to Omniture’s data mining lies in its collection of so-called “xographic” data, a scientific-sounding neologism that masks the serious breach of privacy that results when online and offline data are combined. The Omniture blog provides ample evidence of such practices …

The petition then goes on to cite from recent blog posts made by Omniture’s Matt Belkin which describes SiteCatalyst’s ability to incorporate personal information into the Omniture Datawarehouse based on a unique customer ID. To be fair, Omniture is far from alone in their ability to integrate this type of information, nor in their marketing efforts to evangelize multi-channel data integration.

The document then cites a passage from Omniture’s 10-Q filing that describes how governmental regulation could negatively impact the companies ability to collect information, following up with this statement:

Omniture’s corporate self-interest notwithstanding, the kind of privacy environment it fears–one in which consumers must give their permission before surrendering personal data online–is one that FTC policy should mandate.

The document presents the following conclusions (emphasis mine):

The U.S. digital media system is at a crossroads. Over the next few years, as the distinctions between online and “old” media blur still further, there will be a ubiquitous interactive environment. So, too, in this fluid, new environment, with all manner of data compiled and analyzed, will the distinction between anonymous and personally identifiable information disappear. For these reasons it is critical that the FTC act now to protect the interests of the public. The FTC must require notice of all information collected, and full disclosure of how that data will be used. The commission should ask Congress to pass federal legislation requiring affirmative consent for all data used–which must be regularly updated and re-approved by users. An all-embracing opt-in should be the minimum standard. All data collection and e-commerce marketing techniques must be unbundled, disclosed, and given affirmative consent by users. Indeed, the commission should also strive to have industry develop meaningful codes of conduct related to marketing that go beyond these basic principles.

The document’s authors are apparently proposing that web sites explicitly ask visitors for permission to track their activities. The implied alternative is that sites cease using web analytics and behavioral targeting tools.

Obviously this is a really big deal, essentially the moment many of us have been waiting for (and hoping would not arrive.) The regulation proposed in this petition, if adopted, would make all of us long for the good old days where cookie blocking and deletion was the extent of our problems. This regulation is the “scary moment” that Bob Page of Yahoo! hypothesized at Emetrics in Santa Barbara in April of this year.

The Web Analytics Association needs to get involved in this issue right away.

This is not the kind of petition that can be dropped on the world and not addressed by the closest thing the web analytics industry has to a lobby or public voice. Given the companies present in the corporate membership, companies that include Google, Yahoo! and Deepmetrics (the web analytics technology specifically cited in the Microsoft portion of the petition), in my humble opinion, the WAA needs to draft a public response to the assertions and allegations made in this petition.

As has been suggested before, ironically most recently on October 6th in a thread in the Yahoo! group titled “Web Analytics and Data Privacy” started by Jim Newsome of GA-Experts, the WAA needs to move quickly to establish some type of meaningful code of conduct for data collection and data storage. Given that this is something that Bob brought up months ago and that consistently stays on the radar screen (see Avinash’s challenge #5), this is an issue that absolutely needs to be addressed as a community, not as a handful of companies that at times is incapable of seeing beyond the next RFP response.

I welcome your comments and am willing to lend whatever hand and/or voice I can to protect our industry and every companies investment in web analytics technology.