After a concerted outreach effort to the Hill by online advertising companies, the Congressional subcommittee considering anti-spyware bill H.R. 29 proposed editing it to clarify that companies do not need consent from consumers before installing cookies on their computers.
At the time, many in the online world, including the Online Publishers Association, said online advertisers had won a major battle. But now, some online players--including the Advertising Research Foundation, the Network Advertising Initiative, and research company comScore--have raised additional concerns. The Network Advertising Initiative says the bill is still too broad, while comScore is afraid of being stigmatized unless Congress distinguishes comScore's practice of installing monitoring software on panel members' computers for research purposes from companies that install software to serve ads.
On Feb. 17, The Advertising Research Foundation laid out some of its objections in an "open letter" posted on its Web site. "We are concerned that Section 3 of HR 29 may cause unintended consequences on market research businesses that measure and report on statistics regarding Internet usage," stated the ARF. Section Three requires companies to get permission from consumers before collecting certain types of information.
But research industry watchdog CMOR says the bill isn't likely to have a adverse effect on Internet advertising or research. "Fundamentally, we find it sound," said Brian Dautch, director of government affairs for CMOR, the nonprofit Council for Marketing and Opinion Research, established by the American Marketing Association, Advertising Research Foundation, Council of American Survey Research Organizations, and Marketing Research Association.
Initially, CMOR was very concerned about whether consent requirements would apply to cookies--and, says Dautch, "lobbied like heck, along with some other groups, to get cookies pulled out of it."
comScore privacy officer Chris Lin says her company's concern is that the bill treats all tracking software the same. "We don't believe that we're spyware because we get user permission to download software and collect information," Lin says.
The bill does not forbid companies to install tracking software, but requires them to get consumer permission first--which comScore already does. Therefore, the potential impact on comScore's current practices is limited; Lin says comScore possibly might have to change the wording of the notice and consent it gives panel members.
But, she says, there might be other, more intangible consequences. "The label 'spyware' carries with it significant negative consequences," Lin says. Reportedly, some security companies that offer technology to strip adware and spyware programs already consider comScore a possible threat; HR 29 doesn't attempt to regulate the anti-adware/spyware industry.
Trevor Hughes, executive director of the Network Advertising Initiative, complains that the bill shouldn't focus on the installation of software, but rather on the "fraudulent and deceptive practices that we can all point to."
Hughes says that definitions of "install" and "software" are loose enough that the bill could apply to activity such as sending HTML to a user's computer. But others say that the FTC and the courts would never define those terms so expansively; otherwise, the bill would be absurdly broad, touching on almost every activity on the Internet.
Congressional watchers expect the bill to sail through the House Energy Committee, perhaps as early as this week.