ifrah on igaming
image description

A Blog About FTC regulations and happenings

◂ back
April 12, 2011

Do Companies Need to Change the Way They Use Online Consumer Data?

By: Nicole Kardell

The FTC recently entered into an agreement with Internet advertising company Chitika, Inc., settling charges that the company deceptively tracked consumers’ online activities. At issue in the FTC’s complaint was that Chitika’s privacy policy gave consumers the ability to opt out of being tracked by the company’s use of online “cookies,” but that – unbeknownst to consumers who chose to exercise this option – the opt-out lasted for only 10 days. After that, the company would resume tracking consumers’ online activity.

The FTC alleged that the short duration of the opt-out period was deceptive and violated federal law, since the company’s privacy policy did not specify an end to the period. (The company claims the 10-day opt-out duration was a technical glitch.)

One possible take-away from the FTC’s action is that, to avoid interest from government regulators, companies with privacy policies should ensure that those policies are not promising more than they can effectively deliver. After all, Chitika’s alleged violation was that it did not live up to its own privacy policy standards.

But recent legislative and regulatory developments could recommend a different course for companies with a significant online presence. Companies may want to prepare to change their practices when it comes to the collection and use of consumer data obtained through tracking consumers’ online activities.

The announcement of the FTC’s settlement with Chitika comes on the heels of preliminary Senate committee hearings on online consumer privacy. The U.S. Senate Committee on Commerce, Science, and Transportation began hearings in March on the state of online consumer privacy and the potential need for protective statutory measures. The initial hearings, held March 16, focused on how online consumer information is collected, maintained and used.

At the March 16 hearings, FTC chairman Jon Leibowitz testified on the Commission’s December 2010 report on consumer online protections, which outlines the FTC’s Do Not Track program. The program – reflected in enhanced consumer controls of online tracking by Microsoft and Mozilla – would allow consumers to choose not to have their Internet browsing tracked by third parties.

Do Not Track is currently being promoted by the FTC, along with other measures, to inform consumers of safeguards against unwanted collection of personal data. With or without additional legislation, the Commission, according to Leibowitz’s testimony and the December 2010 report, is actively engaging in proactive measures to change consumer and business practices online and to undertake enforcement actions against companies whose data collection and dissemination may violate current laws.

Another significant development with immediate consequences is an E.U. directive taking effect this May. The new E.U. law will require companies to obtain “explicit consent” from consumers before companies can use cookies to track the consumers’ online activities. Whether or not the E.U. law is a sign of tougher requirements to come in the United States is hard to say, as E.U. countries traditionally have had much more stringent data privacy protections.

Regardless, companies should be aware that the days of indiscriminate use of cookies to track consumer behavior may be coming to an end – either by law or by consumer demand. Companies may want to take cues from the likes of Yahoo and others who are preparing for more consumer choice in this important manner.