Private data and its relationship to the ad revenue that drives some of the world’s largest businesses are among the day’s most contentious topics.
In the midst of controversies surrounding the collection, leveraging and sale of consumer data to advertisers by Facebook, Google and other platforms, can the ad industry itself be trusted to help Congress devise legal solutions for American consumers?
For many observers and analysts, the answer is no.
On April 8, trade groups including The Association of National Advertisers (ANA), American Association of Advertising Agencies (4A’s), National Advertising Initiative (NAI) and the Interactive Advertising Bureau (IAB) announced a new coalition called Privacy for America. They have already begun lobbying lawmakers as Congress considers whether to write federal data legislation that would supersede the GDPR-style California Consumer Privacy Act, which will become law in 2020.
“We realized that a 50-state policy patchwork was going to cause major disruption in the online experiences of everyone in this country,” said Dave Grimaldi, evp of public policy at IAB, whose group sat in on meetings of the California State House as it debated the CCPA.
“There is absolutely bipartisan support for a national standard federal bill,” he added, with Democrats concerned about the sort of “eligibility gaming” that led the U.S. Department of Housing and Urban Development (HUD) to charge Facebook with discrimination last month. Meanwhile, Republicans are focused on the effects GDPR and CCPA could have on “the mom and pop company that survives because of online advertising.”
Grimaldi also argued that the California bill does not represent the true will of the public, describing it as a “privately-written initiative.” California State Assemblyman Ed Chau and Senator Robert Hertzberg, both Democrats who represent Los Angeles County, were the main authors of CCPA. A law that could “affect the entire country” should have more input from academia and industries including, but not limited to, advertising, Grimaldi said. Accordingly, the members of Privacy for America have been working on straw legislation for several months.
Facebook CEO Mark Zuckerberg wrote that “the internet needs new rules” in a recent Washington Post op-ed, and the groups behind this effort similarly say they are ready to participate in the process of drawing up those rules. CEO of 4A’s, Marla Kaplowitz, argued that self-regulation has largely been effective in determining responsible advertising practices in relation to data usage but that government regulation would now ensure the proper oversight and accountability.
Key suggestions in the group’s mission statement include creating a new FTC division to oversee data privacy and strengthen its regulatory powers, prohibiting discriminatory practices like those Facebook stands accused of, restricting certain unspecified types of data from being used to target ads and requiring laws to protect against data breaches.
Missing from the proposal is a consumer opt-in/opt-out requirement, a key element of both GDPR and CCPA that would either call for consumer consent before data collection begins or allow all parties to turn that option off before using a given site or platform. CCPA specifically allows consumers to opt out of the sale of their personal data but not its distribution, and in February, State Assemblywoman Buffy Wicks, D-Calif., introduced a new amendment to the bill called Privacy for All, which would do exactly that.
“This is a maturation story. This is a story of an industry maturing to a point where it becomes too complex for the simple solutions that worked in the beginning,” said Dick O’Brien, evp, government relations at 4A’s. “We need the government to work with us to put together the rules that will result in the responsible use of data.”
Those outside the ad industry, however, are less receptive.
A lingering issue of trust
“Unfortunately, the bodies that have come together to form Privacy for America are the very institutions who have failed to listen to consumer voices in the past and instead came up with self-regulatory schemes that have no teeth,” said Forrester vp, principal analyst Fatemeh Khatibloo. “Remember, the ad-tech coalition decided not to honor the Do Not Track browser headers, which, had they come up with a standard … eight years ago, would have left the whole industry in a much better position today.”
Some had even harsher words for the initiative.