The Digital Advertising Alliance (DAA) has announced a new and newly codified set of online data collection principles it says expand "significantly" on its current self-regulatory guidelines for online data collection.
DAA, which includes a number of marketing trade associations -- American Association of Advertising Agencies (4A's), the American Advertising Federation (AAF), the Association of National Advertisers (ANA) among them -- already had guidelines for online behavioral advertising, but says the new ones go beyond those.
The new guidelines apply to "data collected from a particular computer or device regarding Web viewing over time and across non-affiliated Websites."
DAA says the new guidelines reflect the Federal Trade Commission's recommendations on boosting data privacy protections. The guidelines also make it clear that data collected across multiple sites -- advertisers use the info to better target ads to online consumers--should not be used for any "adverse determination" related to "employment, credit, health treatment or insurance eligibility."
"With the addition of these new principles, combined with the fast-growing adoption and online display of the Advertising Option Icon [which allows Web users to opt out of data collections], the business community has taken another step to address concerns of policy makers regarding online data collection and use," said Peter Kosmala, managing director of the DAA, in a statement.
"These new guidelines fail to protect U.S. consumers from having their most sensitive information collected and used without their consent. The ad lobby has purposely crafted definitions that would enable marketers to collect and target consumers for their most sensitive financial and health concerns," said Jeff Chester of the Center for Digital Democracy, which has been a leading proponent of tougher government oversight of behavioral advertising and online privacy. "Teens are also left out of the new statement. The DAA still doesn't get it -- Americans want privacy. We will urge the FTC to reject these principles since it sanctions the kinds of data collection that places consumers at risk."
Congress is still considering comprehensive online privacy protection legislation, which industry is looking to head off through self-regulatory efforts. The FTC has recommended self-regulatory efforts and signaled that if the industry did not do more in that department, legislation might be needed.
Targeted for implementation next year, the new guidelines specifically require:
- Transparency and consumer control for purposes other than OBA -- The Multi-Site Data Principles call for organizations that collect Multi-Site Data for purposes other than OBA to provide transparency and control regarding Internet surfing across unrelated Websites.
- Collection/use of data for eligibility determination -- The Multi-Site Data Principles prohibit the collection, use or transfer of Internet surfing data across Websites for determination of a consumer's eligibility for employment, credit standing, healthcare treatment and insurance.
- Collection/use of children's data -- The Multi-Site Data Principles state that organizations must comply with the Children's Online Privacy Protection Act (COPPA).
- Meaningful accountability -- The Multi-Site Data Principles are subject to enforcement through strong accountability mechanisms.