AOL’s inadvertent release of the search histories of 650,000 members recently sparked an uproar among the media and consumers and renewed the debate on ethical data collection, use and storage among the Internet business community.
The breach was more egregious than, say, releasing anonymous financial records because it revealed intimate information that could be traced to individual consumers. Also, it was vastly less anticipated by a public who, up to that time, was largely unaware their search queries were being warehoused in the first place.
Yet, putting aside the debate on the value of collecting, storing and targeting on search histories per se, I believe some facts on the commercial use of online consumer data are getting lost amid the din.
With watchdog groups calling for legislation over the AOL incident, the Internet business community again finds itself wrestling with how to “self-regulate” before the government does it for us. Before we run around like chickens with our heads chopped off, I would implore my colleagues in the industry to recognize that this is not a new debate. Look to the past for simple guidance: specifically, the 1973 Code of Fair Information Practice.
Developed by a government committee as a recommendation on how the government should handle citizens’ data in its computer databases, the FIP code has been the basis for a litany of federal legislation in the past 30-plus years, including the Privacy Act of 1974 and the Electronic Communications Privacy Act of 1986.
Though the code was intended to instruct on how the government should conduct itself, its basic principles can and should serve as guidelines for the private sector’s treatment of online consumer data. To paraphrase these principles, they state:
• Data should be collected with the consumer’s consent through lawful means.
• There should be no secret databases of consumer information.
• Consumers have the right to know what information is collected and how it is used, as well as the ability to correct errors.
• Data collected should be used only for purposes stated at the time of collection and should not be used for other purposes without consent.
• Data collectors must take security precautions to prevent unintended disclosure or misuse of the data.
In other words: Get the consumer’s consent, be open about your database and the information you collect, use the data only for the purposes the consumer consented to, and protect the data.
This is a sensible, realistic code of conduct that marketers can live by without great debate or additional laws. Adhering to this code would go a long way to allay consumer privacy concerns, which, justified or not, I fear are being shaped largely by the ominous, Big Brother-themed media coverage of the AOL incident and other well-publicized data lapses.
What the news stories and op-ed pieces fail to grasp are the extensive benefits of the commercial use of data for consumers and marketers alike. Consider the home mortgage industry. The enhanced use of consumer data lets mortgage providers gain an in-depth knowledge of consumers and extend credit to individuals with a greater degree of accuracy than ever before. While the value for providers is obvious, one benefit for consumers is that the percentage of homeowners in the United States is higher today than ever.
Given the interactive nature of Internet technology, online advertising/commerce is inherently more rooted in consumer data than most industries. By targeting advertising to individuals on their permission-based demographic, behavioral and transactional data, online marketers can increase the relevancy of their message, cut through the glut of advertising and media that besieges the average person and drive better results.
For consumers, this means advertising that for the first time enhances rather than interrupts their media experience because it presents messages that are far more likely to be useful.
The Internet business community needs to preserve these benefits for all by working to ensure consumers’ confidence in our use and safekeeping of their data. Adopting a code of fair information practices is a crucial first step.