• by Dave Morgan , Featured Contributor, September 25, 2008

There has been a lot of talk lately about our industry and the protection of consumer privacy. If you are tired of it, that's too bad, because I think that we going to hear a lot more about privacy before we hear less.

Privacy is a big issue because digital marketing is a data-rich business and our market participants have the capacity to collect, store and act on an extraordinary volume of consumer information, much that is private and sensitive. Virtually all of this occurs, paradoxically, in both real-time and at great geographic distance. This is unprecedented, except for possibly within the telecommunications industry, which is highly regulated.

So far, we have seen privacy manifest itself in a pretty big way several times in this industry. First, with the DoubleClick purchase of Abacus in the late 1990s and its announced plans to merge online browsing data with offline purchase data. This set off a firestorm, which was ultimately solved only with masterful work in Washington, D.C., and the creation of the Network Advertising Initiative (NAI) to help self-regulate online ad networks doing profile-based ad targeting.

Second, a few years ago, when browsers everywhere were inundated with malicious "spyware," software was downloaded onto their desktops -- many through subterfuge -- that tracked their keystrokes or browsing patterns and displayed annoying targeted pop-up ads.

This led to the introduction of a number of bills in Washington (some seeking to regulate or outlaw the routine use of cookies), a number of government hearings and town hall meetings, and some very aggressive enforcement efforts by the Federal Trade Commission (FTC). This chapter is not yet over.

Third, over the past year, we have seen several companies begin to deploy consumer tracking technology at Internet Service Providers (ISP's) to build targetable profiles for the delivery of ads. One or more of these companies moved forward with deployments without either publicly disclosing their ISP partners or informing the impacted consumers of the tracking. This has led to more outrage in Washington (justified, in my mind), more hearings, and, unfortunately, the movement of this issue onto a more permanent "front burner" for legislators and regulators around the world.

While many regulators may have been willing to take a "wait and see" approach in the past about imposing new regulations in this area, the emerging thinking among a number regulators (and a larger number of legislators and consumer advocates) is that our industry can't be trusted on our own, and intervention is required.

Anticipating these moves, a number of industry trade associations, including the Interactive Advertising Bureau (IAB), the Association of National Advertisers (ANA), the American Association of Advertising Agencies (AAAA), and the Online Publishers' Association (OPA),including the NAI, have begun to talk to their membership and each other about working on a comprehensive self-regulatory framework for protecting consumer privacy in digital marketing. In my view, it is crucial that we all support these efforts and get out in front of this issue. Here is why:

*Fix it ourselves, or have it fixed for us. It is that simple. Either we do it, or Washington will do it for us. If Washington does it, the only thing that we can be sure of is that they will get it wrong. We didn't fix the Spyware problem when we could, and we have paid the penalty. Let's not do it again.

*FTC wants us to. The FTC wants us to self-regulate. They have said it a number of times in a number of forums. They have plenty of laws already to enforce in this area. They are not out front asking Congress to make them micro-managers of the digital marketing industry.

*We need to support our trade associations' efforts. Effective self-regulatory programs are hard to create and even harder to operate. We can't do this ad hoc. We can't afford to get it wrong. We need to work with our trade associations to do it and have them help find experts to put in place to develop and implement an effective regime.

*Throwing grenades in D.C. isn't the answer. Let's clean up our own mess in a proper way and focus on protecting the consumer rather than trying to execute a "scorched earth" strategy in Washington, hoping to win by being the last man standing on the issue. Those tactics have worked well for tech companies slugging it out on the West Coast fighting for software market share over the past two decades. While they may play inside the Beltway, too, we will alienate Madison Avenue and Main Street in the process.

*Time is against us. This is happening now. We can expect this issue to be among those at the top of the agendas of the new president and the new Congress. That is all the time that we have. If we're not making significant progress in six months, it will be made for us. Call your trade associations. Donate to their Political Action Committees (PACs).

I am hopeful that we will be successful in implementing self-regulation here, that we can become effective and professional self-regulators on an important consumer protection issue. It is a crucial test in our ability mature as an industry. What do you think?