NEWS3 January 2013

Epic data access proposals ‘counter-productive', says MRA

Government North America

US — Giving consumers greater control over the type of information research companies collect about them and how it is used would be expensive and counter-productive, according to the Marketing Research Association (MRA).

In comments filed with the Federal Trade Commission, the industry body warned that giving consumers the right to access all the data a research company holds on them would effectively require research companies to hold individual files on each respondent – exposing them to “much greater threat of harm from data leakage”.

The MRA said that: “Since the research process is interested in broad groups, not individuals, compiling and tracking individual consumer data by the individual would require complex and expensive procedures and infrastructure not currently in use.” Implementing this technology would essentially “empower the kind of consumer tracking” the FTC is looking to avoid.

Research codes already require researchers to “seek tailor-made approaches to transparency with regard to clients, research participants and the public at large that are appropriate to different modes and methods of research,” said MRA. “Research best practices require disclosure of what data is being collected and used, and for what purpose, and that participants be given the opportunity to opt-out.”

MRA’s comments were made in response to several proposals that were put forward by the Electronic Privacy Information Center (Epic) in its own response to the FTC’s settling of charges with web analytics firm Compete. The FTC accused Compete of using tracking software to collect personal data without disclosing the extent of the data it was collecting.

Epic had called for the FTC’s settlement with Compete to go further and “grant consumers a right to access and ensure the accuracy of the data Compete maintains” as part of its efforts to advance the Consumer Privacy Bill of Rights proposal put forward by President Barack Obama.

However, MRA says the cost of access and correction “could potentially be quite onerous” for research companies. It would required systems to be in place to authenticate consumers making access requests, and this would in turn require research companies to collect and check even more data – “which runs counter to Epic and the FTC’s interest in data minimisation and limited data retention”.

MRA also objected to Epic’s call for the FTC to issue a best practice guide to data de-identification, suggesting instead that the FTC should engage in the “broader public debate over de-identification”, and it opposed Epic’s demand that all privacy policy omissions should be categorised as deception under section 5 of the FTC act.

“This clarification will inform companies that they must notify consumers of all privacy policy changes, and that failure to do so will result in a finding of deception,” said Epic. But MRA countered that “notifying consumers of every minute privacy policy change could work counter to the interest of actually informing consumers, since over-notification and excessively lengthy privacy policies already may be causing consumers to stop paying close attention to their own privacy needs and wants”.

  • Howard Fienberg, the MRA’s director of government affairs, contributed to our recent Preview of 2013 feature where he warned that, “The FTC, emboldened by a second term for Obama, might decide that researchers have not adequately and publicly described every piece of data they collect from their online panellists”. Click here for more.