There is a battle brewing between the Federal Trade Commission and digital advertisers over a system designed to help people control their data called "Do Not Track." On the one hand, you have the FTC saying this:
An effective Do Not Track system should go beyond simply opting consumers out of receiving targeted advertisements; it should opt them out of collection of behavioral data for all purposes other than those that would be consistent with the context of the interaction.
That seems like a pretty airtight definition. Do Not Track means, "Do not collect information about me unless it's needed to show me content that I want to see." That makes sense, no?
Well, it doesn't make sense to the online ad industry as represented by the members of the Digital Advertising Alliance. They define 'Do Not Track' as something closer to "Do Not Target." That is to say, the industry's companies want to continue to collect data even after you've said, "Do not track me." Their only concession is that they won't show you ads that have been constructed with your data in mind. Here's the summary of their position in the New York Times:
The advertising group, however, defines it as forbidding the serving of targeted ads to individuals but not prohibiting the collection of data.
One member of the group, adopting language the advertisers have stuck with for months, told the Times that defining 'Do Not Track' as prohibiting data collection "was like moving the goal posts." Ok. But what if that move sets the posts where they should be?
The industry definition of 'Do Not Track' is based on the opt-out language they used in a previous self-regulatory effort. Unfortunately, as I've mentioned before, no one understands the industry's definition because it deviates so far from the standard english definition of the word 'track.'
Stanford's Aleecia McDonald found that 61 percent of people expect that clicking a Do Not Track button should shut off *all* data collection. Only 7 percent of people expected that websites could collect the same data before and after clicking a 'Do Not Track' button. That is to say, 93 percent of people do not understand the industry's definition of DNT.
Which totally makes sense! Who would ever think saying, "Do not track me," actually means, "It's fine to collect data on me, but don't show me any signs that you're doing so." Simply because the industry itself has defined 'Do Not Track' in an idiosyncratic way doesn't mean their self-serving decision should be the basis for all policy and practice in this field.
In fact, if the industry is putting up this kind of consumer-unfriendly fight over what DNT should mean, how are we supposed to trust the other self-regulatory moves the industry says it will make to protect consumer privacy?