Companies pledge more openness about Web tracking

Jul 3, 2009 - Companies that track consumer behavior online for advertising purposes are vowing to make their practices more transparent and to give people a way to decline being shadowed.

It's unclear how much of an effect the new policies will have. One consumer group said the changes don't go far enough, and that extensive profiles of people still will be collected without their complete consent.

The new guidelines, which were due to be unveiled Thursday, represent the industry's attempt at self-regulation as Congress and the Federal Trade Commission have been examining online behavioral advertising.

Companies can track consumers as they visit different Web sites, conduct searches and buy things. Over time, profiles of consumer interests can be sold to advertisers who want to pitch their products only to people most likely to be interested in them. The information collected can include a best guess at someone's ethnicity, income, educational level, age and hobbies.

The new guidelines recommend that companies tell consumers more clearly when they're being tracked, educate them on how Web tracking works and give them an easy way to opt out of being followed. According to the new policies, industry groups will monitor whether companies are breaking the guidelines and report violators to federal agencies, starting next year.

These guidelines are coming from trade associations that represent 5,000 companies. The consortium comprises the American Association of Advertising Agencies, Association of National Advertisers, Direct Marketing Association, the Interactive Advertising Bureau and the Better Business Bureau. Their members are some of the nation's largest companies, including Google Inc., General Electric Co., Microsoft Corp., Coca-Cola Co. and Procter & Gamble Co.

The groups say they are developing uniform links or a clickable icon that will take consumers from a Web site or an ad itself to a disclosure page.

The guidelines also call for companies to provide "reasonable" security for the data they collect and to limit how much data they retain. The companies are advised to get consumer approval before making material changes that would erode privacy protections. In particular, certain sensitive data such as children's personal information, financial data and medical records must have more protection.

"We think it's a very big leap forward," said Stu Ingis, a partner at Venable LLP, the law firm hired by the groups to undertake this effort.

Jeff Chester, executive director of the Center for Digital Democracy, said the online ad industry's promise to regulate itself through the new guidelines is designed to undercut the federal government's increased interest in overseeing online behavioral advertising.

"The online ad industry is terrified that finally regulators and lawmakers have woken up from a deep slumber that people's data are being collected without them being aware and in control of it," he said.

Chester said the groups should not only protect children's private information, but also teens'. And he said all health and financial data should be covered, rather than just certain kinds.

"Congress needs to create fair rules (under which) online marketing can thrive but consumers have greater control on how the information collected is being used," Chester said.

<< Back to Top

US wants privacy in new cyber security system

Jul 3, 2009 - The Obama administration is moving cautiously on a new pilot program that would both detect and stop cyber attacks against government computers, while trying to ensure citizen privacy protections.

The pilot program, known as Einstein 3, was supposed to launch in February. But the Department of Homeland Security is still pulling the plan together, according to senior administration officials.

Einstein 3 has triggered debate and privacy concerns because the program will use National Security Agency technology, which is already being employed on military networks.

Any involvement of the NSA — the agency oversees electronic intelligence-gathering — in protecting domestic computer networks worries privacy and civil liberties groups who oppose giving such control to U.S. spy agencies.

Officials, who spoke on condition of anonymity because the program is still being finalized, said that while the technology will come from the NSA, the program will be managed and run by the Department of Homeland Security. The monitoring would be limited to government systems and any Internet traffic moving in and out of them.

The latest developments in the Einstein 3 program were first reported Thursday on The Washington Post's Web site.

"The NSA will provide technical assistance," Homeland Security Secretary Janet Napolitano told reporters. "We absolutely intend to use the technical resources, the substantial ones that NSA has."

Einstein 1, which is currently in use by DHS, is an automated program designed to detect intrusions into government networks, and Einstein 2, which is now being put in place, is a more advanced system for detection. It is being used now by about five of the higher risk government agencies, one senior official said.

Einstein 3 would be designed to not only detect intrusions, but to stop them — preventing any malicious computer codes from getting into government networks and stopping any data theft from those systems. The key, said officials, is that the focus of the monitoring and prevention program is not the content of e-mails, but any codes attached to e-mails that could infect the system or steal information.

Ari Schwartz, a vice president of the Center for Democracy and Technology, said Thursday that privacy advocates want to ensure that as the government begins to more aggressively protect its computer systems, it follows the law, and does not look into private systems.

"There are a number of concerns that come with this process, the main one being how do you go about protecting the system in a way that insures you're not monitoring private systems," said Schwartz. "I don't have a full answer to that question. But the president made that pledge. That makes me more comfortable that it won't happen."

The planned deployment of the new Einstein 3 program was noted in the administration's recently released cyber security review. The 60-day review said the government would continue to consult with privacy and civil liberties groups as the program moves forward.

Obama released the review saying that cyber threats are one of the most serious economic and national security challenges faced by the nation. And he said he will name a new cyber coordinator for the federal government.

<< Back to Top

Jay Leno wins cybersquatting case

Jul 3, 2009 - GENEVA (Reuters) -

Comedian and talk show host Jay Leno has won a cybersquatting case against a Texas man found by a U.N. agency to have misused the domain name thejaylenoshow.com to direct Internet users to a real estate website.

In a ruling issued on Thursday, the World Intellectual Property Organization (WIPO) said Leno had common law trademark rights to his name after a 30-year career in entertainment, even though Guadalupe Zambrano registered the site in 2004.

Furthermore, real estate agent Zambrano did not have any legitimate rights to the disputed web address and had registered it in "bad faith," according to the ruling by William Towns, an independent arbitrator appointed by the Geneva-based agency.

Towns ordered the domain name transferred within 10 days to Leno, who will be hosting a new comedy show on NBC in September after a 17-year run at "The Tonight Show" which ended last May.

The new prime-time talk show will be called "The Jay Leno Show" from September 14, according to an NBC announcement last week.

Oprah Winfrey, Larry King and Martha Stewart are among other television hosts who have filed domain name cases under WIPO's fast-track arbitration and mediation center.

(Reporting by Stephanie Nebehay, editing by Paul Casciato)

<< Back to Top