FEATURE6 June 2009

Behavioural targeting’s insight failure

Government News Privacy

They can see everything we do online… but they still don’t get why people don’t like them

Eight months after it announced it was putting its behavioural targeting plans on hold amid a backlash over privacy, NebuAd has shut down.

Bizarrely for a company claiming to offer new insights into people’s behaviour, the firm owes its demise in large part to a failure to understand and deal properly with the public’s concerns.

NebuAd got as far as conducting tests with a number of internet service providers in the US, but they all walked away as pressure grew from campaigners and lawmakers over the perceived privacy threat posed by the company’s tracking technology.

The firm insisted that it had no interest in identifying individuals and that the data it gathered was anonymous. Critics said this supposed anonymity was an illusion, as NebuAd would have access to enough information to build up detailed profiles of individuals.

NebuAd’s mistake was to underestimate the importance of public trust that they would handle data responsibly. Instead of asking the public ‘Do you trust us?', they seem to have asked themselves ‘Should the public trust us?’ and decided that the answer was yes. But no matter how virtuous you believe you are, you can't just tell the public that you're doing something for their own good.

NebuAd isn't the first company that has had to deal with these challenges. Facebook faced controversy in 2007 over its Beacon system (which shared information about users’ online purchases with their Facebook friends) and was forced to change it to an opt-in service. In February this year the site backtracked on a fairly innocuous change to its terms of use, because some people interpreted it to mean Facebook would ‘own your profile forever even if you deleted it'. Whether or not it was true didn't really matter – the point is the public didn't trust them.

NebuAd obtained people’s “consent” to watch what they were doing online using an opt-out system. In other words, you would have to visit your ISP’s website and check through its lengthy privacy policy on a regular basis to see if they were tracking you.

The company argued that this was in line with industry practices – but anyone who has ever used the internet knows it is not a meaningful way of informing anyone of anything. Congressman Ed Markey said he was “troubled” by the idea that an opt-out was appropriate for “sweeping data gathering” of this kind. The Federal Trade Commission has also voiced concern, and announced yesterday that it is backing a research project to develop new ways of informing internet users about how their data might be collected and used.

In the UK, internet provider BT didn't even bother offering an opt-out when it ran secret tests of Phorm’s behavioural targeting system, prompting legal action against the UK by the European Commission over its implementation of privacy rules.

Major publishers like Amazon and Wikimedia have responded to public concerns about Phorm by requesting that it does not scan their websites.

You'd think all this experience would add up to something that proponents and critics of behavioural targeting could learn from, but the debate only gets more polarised and less sensible by the day.

Phorm has just launched a new website, stopphoulplay.com, to hit back at the “smear campaign” that it says is being run by “privacy pirates”. Rather than seeking to calm public fears, the site picks a fight with the campaigners, and, predictably enough, has met with anger and more legal threats. Everyone is accusing everyone else of spreading misinformation, and the cycle goes on.

Meanwhile, NebuAd may yet be reborn under a new name. Its UK phone number is now answered as ‘Insight Ready’ and the privacy campaigners (proving themselves to be as proficient at online snooping as the companies they hate so much) have already tracked down company addresses, domain name registrations, IP addresses and unpublished web pages relating to the new business.

Amid all the sound and fury, an important opportunity is slipping away. The whole point of behavioural targeting is to offer people better, more relevant online content, and to make the internet a more useful, enjoyable, and profitable place for advertisers, publishers and users. But the companies pushing it on the public risk spoiling things for everyone if they don't first earn their trust.

The wider research industry should sit up and take notice too – the Marketing Research Association has warned that any new laws to restrict behavioural targeting could have serious implications for advertising research in general, due to the broad view that policymakers and privacy advocates take of the practice. The lack of understanding over the issue does not bode well for those hoping to convince legislators to narrow their definitions.

NebuAd’s experience shows that, no matter how right you think you are, you can't take the public’s approval for granted. And what an irony it would be if the Achilles heel of behavioural targeting turned out to be a failure to understand its audience.

Author: Robert Bain

Related links:

NebuAd first casualty of online privacy backlash

Congress unimpressed by Embarq’s web tracking ‘opt-out'

‘Anonymous’ web tracking is nothing of the sort, Senate hears

BT threatened with legal action over online tracking