Herding Cats: Regulating Online Tracking

But where the U.S. government has had problems creating reasonable rules of the cyber-road, some states have had greater success, a success now threatened by preemption; that is, federal law superseding an effective state law such as California’s “Online Privacy Protection Act” (called–you guessed it–“OPPA”). But perhaps the thorniest issue is what such a “Do Not Track” registry would do to the cornucopia of free services we all receive from companies like Google and Facebook.

Most search and social-network companies seem to support the Kerry-McCain proposal, perhaps precisely because it doesn’t include a “Do Not Track” provision. “The bottom line is that behavioral ad networks sound more scary than they are in practice,” said Mark Hopkins, editor-and-chief of SiliconANGLE, a popular tech blog, “and regulating the fundamentals of that business would knee-cap a large swath of the web. It should go without saying that this is a bad thing.” On the other hand, regardless of the good intentions of an online data collector, the simple fact that data is being collected about all of us puts each of us in harm’s way. Until Internet security is such that we don’t have news of a huge data breach every week, the better part of valor requires less tracking, even if it means less service for those who choose to opt out.

[Article: When You’re the Apple of Their Eye]

From an historical perspective, the World Wide Web is new; Google is new; Facebook is new; and tracking is very new. But in a way, everything old has become new again. After all, advertisers are in the business of finding clever ways of crawling into our pockets. Remember all those “negative options?” You know, where you get the first three issues for free, but you can cancel that 30-year magazine subscription anytime? The tactics that are now being used by web sites–promising greater customization but upping the chances of having personal data exposed–aren’t really so different, are they? The distinction is that however many magazines we may have accumulated on our coffee tables as a result of those negative options, the tactics that may have put them there didn’t threaten our entire financial existence by providing identity thieves with the additional bread crumbs they need to find their way to the back doors of our lives. The digital world has simply magnified the cost, and the likelihood, of abuse by edgy advertising practices.

I believe that until security technology has caught up with tracking and data collection technology, we absolutely need a “Do Not Track” registry. Nowhere on earth has privacy existed without a well-developed means of security. How private can you be if you can’t draw the blinds or lock the door?

Get everything you need to master your credit today.

Get started for free

[Resource: Get your free Credit Report Card]

Instead of introducing haphazard and half-measured legislation about privacy, our elected officials in Washington should be working with industry on something that presents no conflict between the interests of industry and the interests of consumers–real security to prevent the bad guys from getting their hands on our personal information. In tandem, reasonable rules to protect privacy should be enacted to prevent unnecessary intrusions by government, or honest websites, or anybody else. And last but not least (an issue I intend to address in future columns), we need to develop a mechanism to compensate us for use of our data.

In short, you can keep the chickens in the hen house with a fence that’s only 2 feet high, but it won’t keep out the foxes.