US House of Representatives warms to online privacy law

A survey carried out by the Committee on Energy and Commerce at the US House of Representatives has revealed that many internet firms use cookies and advanced tracking techniques for targeted advertising. Concerned by reports that some access providers monitor all of their customers' data traffic via deep packet inspection, representatives wrote to 33 providers and network businesses in early August and asked for details about the methods used for tracking internet users for marketing purposes. The answers received so far show that almost all of the companies surveyed have collected and evaluated personal usage data without their customers' permission.

Edward Markey, Democrat representative for Massachusetts, considers this a just reason for Congress to respond with legislation. In an interview with the Washington Post he said "Our responsibility is to make sure that we create a law that, regardless of the technology, includes a set of legal guarantees that consumers have with respect to their information". Together with his colleagues, the committee member therefore plans to draft something like an online privacy Bill of Rights for introduction into the US Congress next year.

Markey envisages that consumers should in future actively opt in to the tracking of their online behaviour and the collection and sharing of their personal data. He said, this is necessary because there are hardly any technological limits as to what a company can do in terms of collecting information and then selling it as a commodity to other providers. Republican representative Cliff Stearns (Florida), on the other hand, responded with more reserve to the potential need for legislation, cautioning that such legislation could damage the economy. He said, small companies in particular should not be prevented from reaching their customers via targeted internet marketing.

In their letters, access providers Knology and Cable One admitted that in the past, they have tested systems for deep packet inspection, by vendors like NebuAd, to spy out their users' online behaviour. Such systems scan every web page visited by a tracked user, collect the key words found there and then use these key words to establish interest profiles. This is done to directly serve customers banners that are specifically tailored to their interests. Both companies emphasised that no identifiable personal data were used and that the trials have ended. Cable One added that it has no plans to adopt the technology.

Alan Davidson, Google's director of public policy and government affairs, stated that Google has not focused on analysing user behaviour for advertising purposes yet. However, he didn't keep it a secret that, since its merger with the DoubleClick advertising network, the search engine provider has added a new cookie to browsers for tracking users across several web pages. Google's marketing experts previously explained in the company's blog that the recent $3.1 billion merger with DoubleClick provides advertisers with "insight into the number of people who have seen an ad campaign".

For Jeffrey Chester of the US civil rights organisation Center for Digital Democracy (CDD) this is a clear indicator that Google is slowly embracing a full behavioural targeting approach across its wide network of services and sites. He said, no company knows more about consumers than the search engine provider, with its vast data collection and sophisticated data analysis tools. Yahoo disclosed that it already engages in some form of behavioural targeting, but said that it plans to give users the option to turn off targeted advertising. Microsoft has yet to respond to the committee. It is already known that Redmond uses targeted advertising to some degree and employs the techniques required for behavioural tracking.

(Stefan Krempl)

(trk)