For this two-part Q&A, Behavioral Insider talked at length with Goldman about privacy issues, the implications of recent legislation for behavioral targeting, and how marketers can better cope with the sometimes long arm of the law.
Behavioral Insider: Typically, when people in the online ad world discuss legal issues, they're referring to privacy rights. In the case of behavioral targeting, privacy is an issue that gets lots of attention. What's your assessment of the way online marketers, Web publishers and technology firms are dealing with privacy issues?
Goldman: Let's talk about the word "privacy" for a moment. Part of the problem with the word is that it's a multi-faceted term. And that means privacy manifests itself in the policy arena in lots of different ways.BI: How about when it comes to tracking and collecting information about users' online behavior and then using that information to serve them advertising that's supposedly better targeted to those individuals?
Goldman: Data collection is kind of an inchoate problem. Before it matures into a real problem, we have to talk about what happens next, after the data's collected.... For the most part when you talk about privacy in the behavioral realm, the problem isn't with data collection per se, it's with what happens after that. The problem that consumers are wrestling with the most is they don't know. And that uncertainty is causing a lot of concern about privacy.
....Take the spyware problem. It's a Big Brother snooping problem. Spyware sounds scary. A lot of what I do, at least on the academic side, is clean up definitions.... When people talk about spyware, usually they're talking about things that really aren't spying, but it's big and scary.
BI: How can marketers best deal with this concern?
Goldman: It's all about the value proposition to consumers. You'll see this over and over again: consumers are willing to part with their personal data if they get good value in exchange. Part of that is a trust factor and part of it is the value proposition. In this context, I'll include... the prospect of being snooped on even when there's nothing that can be personally-identifiable there. If marketers can show this data is going to bring value for you, I think consumers would be for that. When it doesn't, there's this perception, 'You took something of mine, give me something in return.'
I think that part of the problem is the privacy advocates have created this us vs. them mentality. And I think the more that mentality gets reinforced, the more it feels like the marketers are doing something that [consumers] shouldn't want them to do. And that's just garbage. Marketers and consumers have aligned interests; they want to make socially beneficial matches. Consumers want a match that's going to help them find what they're looking for, and marketers want to cater to consumers' needs.
But, my work in theory is that the best behavioral targeting is still irrelevant to a majority of people who see the ads. Maybe the shotgun advertisers screw up the perception of the industry, but I'm working on the theory that even the best state-of-the-art technology today is still delivering irrelevant ads to the majority of the people... and that taints the pool for everyone.
BI: What's going on in the world of law and legislation in response to privacy concerns, whether they're legitimate or not?
Goldman: I think the response is really confused policy-making because we can't nail down what the problem is. An invasion of privacy is a really soft harm. It's not really tangible. We're not even sure exactly where the harm is. So, we see really confused responses, normally under the banner of privacy protection. You see the concerns that cookies are spyware, and it's just technologically nonsensical....
Going back to the state anti-adware laws, these are regulations of behavioral targeting, and let me explain how. Both Utah and Alaska have passed laws where the fundamental goal was to prohibit the dissemination of client-side software that uses trademarks [a.k.a. brand names or other brand identifiers] to trigger pop-ups. So the theory would be that a vendor cannot distribute software that would reside on the client computer, watch for the term Coca-Cola, and if it saw it, trigger a pop-up ad. So, the reason why I'm so grumbly about these laws is because the law prohibits consumers from deciding that's software they want.
BI: But the way legislators and privacy advocates typically present this stuff to the average consumer is, 'Look what we did for you. You didn't even know this was happening. We're saving you--from yourself, essentially.'
Goldman: That was definitely the case in Utah, where, for example, the law was called the Spyware Control Act, even though what it described was adware. There was nothing about keystroke logging or reporting the information back to home base. It was simply about watching behavior and triggering a pop-up ad. And there is no way for consumers to consent to that software being on their desktop. The law has taken that choice out of the hands of consumers.
Let's assume for a moment there's this weird, wacky consumer who actually thinks it would be helpful to be notified about other products or services when they're searching the Internet.
BI: That's not such a weird, wacky consumer since people sign up for newsletters everyday and say, 'Yeah, send me information about X,Y and Z,' right?Goldman: I don't think it's weird at all, but let's assume for a moment that in this legislator's mind, there's this weird, wacky consumer who defies all logic and was willing to have pop-up ads served to them because they thought that was the best way for them to discover the information that they found valuable. They still can't do it - that consumer has no choice. These anti-adware laws are the things that behavioral targeting folks should be up-in-arms about.