1 / 25

Online Privacy An Oxymoron? The Risks of Online Behavioral Advertising

Online Privacy An Oxymoron? The Risks of Online Behavioral Advertising. Introductions. MODERATOR: Michael W. Born, Esq., Senior Vice President - Underwriting Manager, ThinkRisk Underwriting Agency, LLC PANELISTS: Jim Adler , Chief Privacy Officer & General Manager, Data Systems

xenos
Download Presentation

Online Privacy An Oxymoron? The Risks of Online Behavioral Advertising

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Online Privacy An Oxymoron?The Risks of Online Behavioral Advertising

  2. Introductions MODERATOR: • Michael W. Born, Esq., Senior Vice President - Underwriting Manager, ThinkRisk Underwriting Agency, LLC PANELISTS: • Jim Adler, Chief Privacy Officer & General Manager, Data Systems • Laura D. Berger, Esq., Senior Attorney, Federal Trade Commission, Division of Privacy and Identity Protection • Joe DePaul, Senior Vice President, A.J. Gallagher Risk Management Services • Dominique R. Shelton, Esq., Partner, Wildman Harrold Allen & Dixon, LLP • Adam Sills, Vice President, E&O, Allied World Assurance Company

  3. Agenda • Technology of Online Behavioral Advertising • Legality of Gathering Online Behavioral Information • Risks Associated with the Tracking of Users Internet Activity • Risk Management Solutions for Advertisers • Predictions • Questions

  4. ARS Polling Question • How familiar are you with how Online Behavioral Advertising works? • I am very familiar with OBA and how it works. • I know what OBA is but I don’t know how they do it. • I have heard of OBA but don’t know exactly what it is or how it works. • I thought OBA stood for On Base Average.

  5. What Is OBA and How Do They Do It? Online Behavioral Advertising • Advertisers use of information collected on an individual's web-browsing behavior, such as thepages they have visited or the searches they have made, to select which advertisements to display tothat individual. How Do They Track Such Information? • Cookies, Flash Cookies, Zombie Cookies,Ever Cookies • What is the new technology that is causing concern? • Is the average consumer aware of this? Do they care?

  6. What Are They Looking Forand How Do They Use It • Typical information gathered by new online tracking devices: • Computer’s IP address • Browsing history including search terms used, items viewedand websites visited • User name or user ID? • What about personally identifiable information? • What do they do with that information? • Aggregate and use to determine geographical and demographical trends • Direct targeted advertising to the user or at least his/her IP address • Sell to other companies that wish to do the same

  7. What is at Stake • US online ad spending was projected to reach $25.8 billion in 2010 (actual was $26 billion), to pass $30 billion in 2012 and $40 billion in 2014.

  8. ARS Polling Question • Now that you know a little more about how Online Behavioral Advertising works, how concerned are you about being tracked online? • I am very disturbed and would like for all online tracking to be illegal. • I am somewhat concerned and would like the option to opt-out of being tracked. • I am okay with being tracked so long as my personal identifying information is not disclosed. • You have zero privacy anyway, get over it.

  9. Legal Implications of the Collection and use of Internet User’s Information • December 1, 2010, FTC released its preliminary staff report, “Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policy Makers.” • Issues with current privacy models • Suggested new framework • (1) Privacy by Design; • (2) Simplification of consumer choice; and • (3) Greater transparency • December 16, 2010, the Department of Commerce Internet Policy Task Force released a privacy green paper, “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework.” • March 16, 2011, Assistant Secretary of Commerce Lawrence E. Strickland called for national consumer data privacy legislation and FTC to enforce.

  10. Regulatory and Legislative Efforts • FTC Do Not Track Proposal: • Persistent Cookie that “blocks” tracking • Enforcement Provision • Compare EU e-Privacy Directive (2002/58/EC) update effectiveMay 26, 2011: • Prior consent to collect consumer info via cookies or other tech • Implementation details still being developed • See www.allaboutcookies.org • The Commercial Privacy Bill of Rights Act of 2011 - Kerry-McCain Bill Opt-out (Except especially sensitive information, then Opt-in) • No Private Cause of Action • The Do Not Track Online Act of 2011 – Rockefeller Bill • Basically follows FTC Do Not Track framework

  11. FTC Privacy and Data Security Cases

  12. FTC v. Chitika – March 2011 • FTC Puts an End to Tactics of Online Advertising Company That Deceived Consumers Who Wanted to "Opt Out" from Targeted Ads • Chitika Inc.’s Opt-Out Expired After Only 10 Days • The settlement bars Chitika from making misleading statements about data collection • Requires that every targeted ad include a hyperlink to anopt-out page • Requires Chitika to destroy all prior user information collected

  13. Enter the Class Action Bar –Privacy Litigation • Green v. Cable One, Inc. (N.D. Ala, filed February 3, 2010); Re-filed as Reeves v. Cable One, Inc.(March 2011) • Complaints allege that Cable One permitted NebuAd (now defunct) to install “ISP-based spyware” on users’ computers to track their “communications” and online conduct • Mortensen v. Bresnan Communications(D. Montana 2/16/10) • TOS and PP language matters! • Valdez v. Quantcast, MTV, NBC Universal et al (C.D. Cal. July 23, 2010) • Class action against ABC, MTVNetworks, NBC Universal andQuantcast for use of flash cookies onplaintiffs’ websites • White v. Clearspring Technologies,(C.D. Cal. August 10, 2010) • NBC and Warner Bros Records sued dueto widgets

  14. Even More Litigation • Ringleader Digital mobile-web advertising company sued in CDCA over its use of HTML5 to track iPhone and iPad users • 6/20/11 Confidential Settlement (not on a class basis) • Interclick class action lawsuit over “history sniffing” re-spawning flash cookies and hidden code to monitor online users. • CFAA dismissed b/c no quantification of $ damages • No $ damage required under NY Bus 349 due to misleading practices • Trespass still requires harm to value but sufficiently plead • Dismissed contract claims for failure to allege denied benefit of contracted • Advertiser Defendants Dismissed for failure to state any wrongful acts

  15. Most Recently Freeman v. AppleLalo v. AppleAcosta v. Apple and Diaz v. Apple The suits stem from a WSJ investigation that revealed several iOS and Android applications were transmitting age, gender, location and device identifier (UDID) information to third-party advertising companies. • Sept 1, 2011 Microsoft Suit (Federal Court Seattle) re Windows Phone 7 Smartphones tracking when camera is on • Arkansas State Computer Trespass Cases(December 30, 2010- January 10, 2011) • 17 consumer class actions

  16. Are There Any Damages? • Quantcast and Clearspring Flash Cookie Class Action Settlement: $2.4 million

  17. Self-Regulation • Effort to develop common practices for OBA activities across the Internet is being led by a coalition of the nation’s largest media and marketing trade associations: • Association of National Advertisers (ANA) • American Association of Advertising Agencies (AAAA) • American Advertising Federation (AAF) • Direct Marketing Association (DMA) • Interactive Advertising Bureau (IAB) • The self-regulatory program for online behavioral advertising includes several important components: • Advertising Option Icon • Consumer Choice Mechanism • Accountability and Enforcement • Educational Campaign • To learn more, visit www.aboutads.info.

  18. ARS Polling Question • How Should Online Privacy Issues be Regulated? • Through governmental agencies, such as the FTC • By means of consumer protection statutes that support private litigation • Self-regulation by online companies with regulatory oversight • All of the above • Online privacy should not be regulated

  19. Risk Management • Privacy Policies and Terms of Use or Terms of Service • Compliance’ doesn’t mean risk-free • Clearly marked ‘opt-out’ • Web 2.0 • If its ok in U.S., doesn’t mean its ok in EU • What are the goals of the marketing? • Do your customers understand what you are doing with the information?

  20. Insurance Solutions How Does Insurance Apply to These Risks? • General liability advertising injury coverage • Professional liability for advertisers • Media or content liability policies • Privacy and Network SecurityPolicies

  21. Predictions and Key Take-Aways • What will be the important online privacy statutes and regulations implemented in 2011 and beyond? • How will the courts apply these new rules and regulations? • Will OBA cease to exist or become more commonplace and accepted? • Will insurance products evolve to provide or exclude coverage for online privacy violations?

  22. ARS Polling Question • How Did You Like This Panel? • I loved it! • It was the best presentation I have ever attended! • I laughed, I cried, I wish it weren’t over! • I thought Tony Blair was supposed to be on this panel!

  23. Questions & Answers

  24. Many thanks to … • Jim Adler • Laura Berger • Michael Born • Joe DePaul • Dominique Shelton • Adam Sills

More Related