W3C home > Mailing lists > Public > public-tracking@w3.org > October 2012

Re: Proposed Text for Local Law and Public Purpose

From: Chris Mejia <chris.mejia@iab.net>
Date: Wed, 24 Oct 2012 13:28:52 +0000
To: Walter van Holst <walter.van.holst@xs4all.nl>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <CCAD58A1.26178%chris.mejia@iab.net>
Walter- your assertion that "online advertising was flourishing before
behavioral advertising came along" is off base.  First, there are many
types of "online advertising" and OBA does not apply (or does not apply
equally) to all forms.  Email marketing for example, saw early success,
but has been less successful lately-- OBA practices not used widely in
email marketing.  OBA plays little to no roll in search advertising or
keyword advertising, both of which have been and continue to be
successful.  OBA does play a critical role today in online display
advertising, which was not so successful until OBA.  The reason that OBA
has elevated online display advertising is because it matches the user's
interest with ads that may be interesting/relevant to the user.  There is
no nefarious purpose here, unless of course you think the age-old practice
of marketing is somehow nefarious?  Maybe that's your point?  That
marketing itself is bad for the world?

Second, it would be helpful if those chiming in on this forum understood
how the business on online marketing actually works (vs the
conspiracy-theory-laden and meritless/fact-less assertions that are often
propagated here).  OBA and retention of data have a limited relationship,
but they are not 1-1.  Most companies that practice OBA do not retain
granular data (in your words: "every little piece of behaviour one can
exhibit on in the online context for any purpose").  They do not retain
granular data because, A) it's of no use to them after it's been processed
for marketing segmentation purposes, and B) because it's very expensive
and thus not cost effective to just keep around for no business reason--
no one I know in business (and I know quite a few) do things that cost
more than they need, as doing so would be fundamentally non-business-like.
 OBA is simply used to segment users into "marketing segments".  Once
segmentation occurs, retention of url data is not required for OBA, and as
such, in the vast majority of cases, is deleted or hashed.  Such data may
be kept for other good reasons (i.e. financial reporting and auditing
requirements), but to be clear, THOSE THINGS ARE NOT OBA.

Marketers have been segmenting potential consumers into "marketing
segments" using observed behavior as a tool for doing so, since the
beginning of consumerism (AD).  If you don't believe me, take trip through
the Advertising Museum in Tokyo (quite a nice museum and research archive
I'll add). What we marketers are doing today is no different-- other than
the scale and speed, which might make it seem scary, but only if you don't
know what your are looking at.  The vast majority of marketers are not
interested in keeping detailed "digital dossiers" of absolutely everything
you do online.  In fact, to me, you are just a number, and quite
anonymously so.  You are grouped together with millions of other numbers
in "marketing segments".  And marketing segments (thousands to millions of
anonymous numbers grouped together) are what marketers buy from publishers
and ad networks, for the sole purpose of showing their product's ads to
folks who might be interested in buying.  In fact, this practice which
pre-dates online, is what fuels modern economy.    So perhaps you have
issue with the idea of marketing-- to me it sounds that way, given your
strident rhetoric?  If so, please avail yourself.  But if your issue is
indeed with the common marketing practice of segmentation, then first take
some time to understand it (how it actually works), so your comments here
are informed and productive, rather than misleading.


Chris Mejia | Digital Supply Chain Solutions | Ad Technology Group |
Interactive Advertising Bureau - IAB





On 10/24/12 8:20 AM, "Walter van Holst" <walter.van.holst@xs4all.nl> wrote:

>On 10/24/12 1:56 PM, David Wainberg wrote:
>
>>>>> the onus is on me to explain privacy risks through examples
>>>> Please do. There continues to be reluctance to specify the exact risks
>>>> we're trying to address with this standard. It would be extremely
>>>>useful
>>>> for us to finally enumerate the problems we're trying to solve so that
>>>> we can zero in on the appropriate solutions. Thanks!
>>> I am sorry David, but we're dealing here with fundamental human rights.
>>> To take a horrible historical analogy: there was much resistance
>>>against
>>> abolition of slavery in the Southern US states for economic reasons.
>> You're comparing online advertising to the enslavement and brutal abuse
>> of a race of people? With respect, I think hyperbole overshadows your
>> point, and some may even find it offensive. Perhaps you can think of a
>> more apt analogy.
>
>The core point stands: mere economic interest does not trump fundamental
>rights. And a society in which every thing you do, read and watch is
>monitored and registered, be it by private or government entities, is as
>close to a perfect prison as you can get. And I am not comparing online
>advertisement with enslavement, I am comparing the collection of every
>little piece of behaviour one can exhibit on in the online context for
>any purpose, be it advertising or something else, to enslavement. Online
>advertising was flourishing before behavioural advertising came along.
>
>
>> Aside from whether this point is hyperbole as well, it is irrelevant.
>> DNT as conceived by this working group will have little to no impact on
>> any Orwellian data collection. First parties online, all sorts of
>> parties offline, and more importantly, governments everywhere will
>> continue to have the ability to collect large amounts of data about all
>> of our behavior online and off. If that's the problem we're trying to
>> solve, we're way off base. Constraining the uses that 3rd parties are
>> allowed to make of data collected online will give no net benefit to
>> users in this regard.
>
>So you're stating that the whole DNT saga is without merit? If the point
>is not to allow users to restrict data collection, then what is it?
>
>> those, that might be a good route. For example, if access to data and
>> misuse of it by governments is a particular issue, let's explore that.
>> It's been mentioned regularly, but has never been approached as a
>> discrete concern we are trying to address.
>
>Governments will (and can in most jurisdictions) access all data
>gathered. Which in itself is justification for having as little data
>around as possible. If anything, may I recommend to have a chat with the
>European telco operators who have been forced to spend vast amounts of
>money on data retention schemes to satisfy the data hunger of
>governments? Without any tangible benefit for society whatsoever and all
>because some of them where keeping that data around anyway for potential
>marketing reasons.
>
>
>>>
>>> Do not forget that a lack of privacy also erodes freedom of expression
>>> by putting barriers to access information.
>> I'm not entirely sure I understand this point, but I think I see it
>> completely opposite. Third party online advertising services make
>> possible a much wider range of content and services than users would
>> have access to otherwise.
>
>Again, you are assuming that I am ranting against any form of third
>party online advertisement. I am fully aware that advertisement based
>business models have greatly contributed to the availability of content.
>What I am opposed to is the correlation of user behaviour over different
>contexts because it results in a collapse of social context.
>
>> This is not how it is in the US. Our law and our culture around these
>> issues are different. Although we have had many conversations in this
>> group about how we can try to craft DNT to suit needs in the EU, I'm not
>> sure there's an appetite here to import European law to the US via this
>> standard. This is the justification for my compliance token proposal:
>> there are significant differences we may not be able to accommodate in a
>> monolithic standard.
>> 
>
>Actually, from a EU perspective this standard as a whole is unnecessary
>because most business practices, at least the one that are publicly
>known, in this field are in violation of EU-law already. Having a
>mechanism for consent in the form of DNT is much more significant in the
>US context than in the EU context. The fact that various EU parties are
>sitting at the table in this process is in itself a sign that the lack
>of appetite by the US to import EU concepts (unlike most other
>democracies on the planet) has been noticed in the EU.
>
>Moreover, please be aware that the successor to the Data Protection
>Directive, the Data Protection Regulation is quite likely to have an
>extraterritorial scope, the unprecedented lobbying efforts by the US
>Department of Commerce notwithstanding.
>
>Regards,
>
> Walter
>
>
Received on Wednesday, 24 October 2012 13:29:52 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:36 UTC