In an opinion adopted on December 8, the EU Article 29 Working Party again rebuffed the Online Behavioral Advertising industry’s self-regulatory proposal, continuing to hold firm that European law requires affirmative, opt-in consent prior to the placement of any cookie for tracking purposes. The Working Party broke down the OBA industry proposal, and then–in a rebuttal of the industry’s contention that the opinion will result in the proliferation of dreaded browser pop-up windows–offered up a number of methods of obtaining consent not involving pop-ups.
The Federal Trade Commission yesterday announced settlements with two online companies for deceptively collecting personal information from consumers, including its first enforcement action against the use of “Flash cookies” and an enforcement action against a social network that collected children’s information without parental consent. As a result, businesses whose websites (or vendors) utilize Flash cookies, HTML5, or ETags to track user browsing should reexamine their privacy disclosures.
On December 13, 2010 a Federal District Court in Montana dismissed many of the claims brought against an ISP in connection with the ISP’s use of NebuAd monitoring technology. The court held that users had validly consented to the monitoring technology. The NebuAd case usefully focuses on the issue of user consent, rather than on technological distinctions between ISPs and service providers at the edge.
This blog entry contains a link to an interview with Forbes of the Hogan Lovells Privacy and Information Management practice leader Chris Wolf, touching on current hot topics in the area.
Two national newspapers today included items on targeted advertising, a further indication that online tracking remains a hot topic. In an article on the front page of the New York Times entitled “Retargeting Ads Follow Suffers to Other Sites” the reporters note that “[b]ehavioral targeting has been hotly debated in Washington, and lawmakers are considering various proposals to regulate it. A Wall Street Journal opinion piece by Emory University Economics Professor Paul Rubin paints a very different picture from the New York Times article. The piece is entitled “Ten Fallacies About Web Privacy” and in summary form, we present Professor Rubin’s list of privacy fallacies with excerpts of why he thinks the propositions are false. The debate over online tracking, self-regulation and the need (or not) of government regulation will heat up when legislators and policy influencers refocus after Summer vacations.
On July 19, Rep. Bobby Rush (D-Ill.), chairman of the House Energy and Commerce Subcommittee on Commerce, Trade, and Consumer Protection, introduced a privacy bill that would codify certain fair information principles into law for certain “covered entities” that collect, maintain, use, and transfer to third parties any “covered information” (consisting of personally identifiable information as well as any “unique identifier,” including IP addresses).
On June 22, the Article 29 Working Party published an opinion clarifying the EU legal framework for those involved in online behavioral advertising. While it put forth strict guidelines for behavioral advertising in the EU, the working partypraised certain privacy-enhancing practices incorporated into behavioral advertising today and specifically encouraged industry to develop technical means to comply with the framework and “to exchange views” with the working party regarding such means.
On May 4, Representatives Rick Boucher (D-Va.) and Cliff Stearns (R-Fl.) of the House Subcommittee on Communications, Technology, and the Internet published a discussion draft of long-anticipated privacy legislation that would restrict companies’ online collection and use of personal information and online activity, including use for the purpose of targeted online advertising. This blog post contains some observations about the draft bill, in its current form.
Details regarding the FTC’s recently released agenda for the first of three privacy round tables it will hold over the course of the next few months.
In the United States, regulators and policy makers are taking a close look at the issues surrounding behavioral advertising and how to protect the privacy of consumers. A vigorous debate is occurring over self-regulation versus the asserted need for legislation or regulation. So it is interesting to see what is going on in Europe in the realm of self-regulation.
Readers of the Hogan & Hartson Chronicle of Data Protection are invited to a complimentary teleconference on October 6th with the authors of a recently-published and widely-reported analysis of consumer feelings towards online tracking for tailored advertising.