Everyone who’s been in the Internet privacy game a while knows Ray Everett. I first met Ray in the late 1990s when I was writing about the scourge of email spam and Everett was the co-founder of the Coalition Against Unsolicited Commercial Email, which was working hard to pass anti-spam legislation.
Everett was the first executive to carry the title of Chief Privacy Officer when he joined online marketing company AllAdvantage in 1999, which was the first Internet company to pay Web surfers for the use of their eyeballs. AllAdvantage succumbed to the dot com crash in 2001, but Everett has soldiered on, first as an independent privacy consultant and now as director of privacy services at Keynote Systems, a global leader in mobile and website cloud testing and monitoring.
Keynote is in the process of rolling out a Privacy Monitoring service to help Web publishers comply with Do Not Track rules, which means that once again Everett is in the thick of a raging battle over Internet privacy. I caught up with Ray recently and threw a few barbed questions at him via email. What follows is a lightly edited version of our conversation.
1. Let's start by talking about Do Not Track and where Keynote fits in.
2. So what are the biggest privacy challenges facing consumers today?
The biggest challenges are the myriad ways mobile and web apps are trying to make money. The industry calls this “monetization.” What that really means is how efficiently they can turn your use of a game, an app, or a visit to a Web site into revenue in their pockets.
This isn’t inherently a bad thing. You’re getting to play a fun game or a handy tool on your smartphone in exchange for them throwing some advertising at you. Some will argue that you’re getting a thing of value in exchange for giving up something of value – a bargained-for exchange. But the only way such an exchange can be considered fair is if all the parties in the exchange are aware that it’s happening and are able to make an informed decision about it. And it’s seldom the case that consumers have a complete view of what they’re giving up, much less having an opportunity to exercise any form of decision-making around that exchange.
3. What, if anything, can consumers do about it?
The most important thing is for people to become more sophisticated consumers of Internet and mobile content. Sadly, the age of innocence on the Internet is over. There’s a saying that everyone should remember: If you’re not paying for a product, that means YOU are the product being sold. In other words, that free app or that free Web site are only free because they’re making money from how many eyeballs they can attract to their content.
Again, it’s not a bad thing, except to the extent that people may not be able to make decisions about their online experiences, either from naiveté, a lack of knowledge, or -- in the worst cases -- through some sort of deceptive behavior by an unscrupulous Web site.
4. Do you believe we'll see meaningful Do Not Track standards emerge over the next year? If so, what do you think they'll look like?
There’s a vigorous debate going on within the industry around the Do Not Track standards, which will give Web site visitors an ability to control how they’re tracked through simple controls in the Web browser. Microsoft has announced that it will turn the DNT setting “on” by default in the new version of Internet Explorer, and advertisers are rightly concerned that such a default will sharply limit their revenue opportunities. Technology providers are lining up on both sides of the argument, weighing in with a lot of reasonable positions. Meanwhile, the US Federal Trade Commission is keeping pressure on the industry to move towards a resolution despite some pretty fundamental differences. Ultimately, I think the threat of government regulation will drive the industry to reach common ground. Whether that solution will make any meaningful difference for consumers is another matter altogether.
5. How does Keynote's DNT compliance monitoring work, and how does that compare with what companies like Evidon or Truste are doing?
In the current version of Keynote’s Privacy Monitoring solution, Web site publishers can see whether a third-party advertiser has made a public promise to honor the Do Not Track standard. Granted, since the details of the standard and what constitutes compliance are still murky, it’s not something publishers can place much faith upon until the industry has sorted out its differences. Once standards are agreed upon and see wide-spread adoption, then Privacy Monitoring solutions like Keynote’s can add some real teeth to its ability to uncover violations.
Companies like Evidon, TRUSTe, and others are approaching compliance in very different ways. Keynote’s strength is in its global monitoring network, which comprises more than 7000 monitoring computers in more than 200 locations around the world, checking Web sites under real-world conditions on a 24/7 basis. Nobody else offers that kind of monitoring methodology, and it makes a real difference in our ability to uncover hidden privacy violations.
6. We've seen what happens when Congress tries to regulate Internet problems like spam. (Too little, too late.) Do you see any hope for future privacy legislation that might actually work?
Congress continues to talk about privacy regulations, but for better or worse most legislators recognize that technology is a moving target and that the problems can grow and evolve faster than Congress could ever act. There’s an old quote attributed to Mark Twain: “A lie can travel halfway round the world while the truth is putting on its shoes.” The same is true of privacy problems and regulation – a problem can become pervasive before regulators can even get logged in. So it’s incumbent upon lawmakers in the US and around the world to establish strong privacy principles and to create frameworks of rights within which innovators can innovate. Otherwise, you run into regulations that miss the mark and muddy the waters without even achieving their goals.
7. On a related note, what's your take on the Obama administration's Consumer Privacy Bill of Rights?
This is exactly the sort of statement of principles and a framework of rights I’m referring to. A Consumer Privacy Bill of Rights sets baselines, creates expectations, and gives guideposts from which innovators can take their cues. This kind of approach, assuming the administration and lawmakers resist the urge to get overly granular and prescriptive, can actually have an empowering effect within the tech industry by making it easier to plan and develop knowing what expectations will be.
8. What's your best advice for consumers who are concerned about their online activities being tracked? What steps should they take to protect themselves?
Consumers who are concerned with their online activities being tracked should learn to use the ‘private browsing’ features of their favorite Web browser. Internet Explorer, Chrome, and Firefox all offer private browsing modes that erase cookies and can complicate the ability of trackers to follow you. But they’re not fool-proof. For example, the sites may still capture any data you enter on their page, or they may keep a record of your IP address and what pages you visit. So get familiar with how to block cookies, either using browser settings or plugins like Privacy Choice’s TrackerBlock.
Ultimately, though, consumers need to understand that advertising is an important part of what makes today’s Internet work and it’s what keeps many of our favorite sites online. Life is all about these tradeoffs and as long as you’re aware, appropriately skeptical, and use the tools available to you, you can take back some measure of control.
9. There is no question number nine.
The answer is 42.
10. Anything else you'd like to add?
Got a question about social media? TY4NS blogger Dan Tynan may have the answer (and if not, he’ll make something up). Visit his snarky, occasionally NSFW blog eSarcasm or follow him on Twitter: @tynanwrites. For the latest IT news, analysis and how-to’s, follow ITworld on Twitter and Facebook.
Now read this: