Earlier this month, the privacy group Network Advertising Initiative selected Charles Curran with the express purpose of helping to shape the terms of the political debate on BT.
The key to accomplishing this job, Curran says, is to be ahead of the curve in identifying and defining both the privacy challenges, and the means to respond proactively to them, as well as the positive implications of new behavioral technologies.
"What we've seen over the past two years," he says, "is the development of a whole spate of new technologies and innovations designed to better leverage consumer data. Concern has obviously ramped up about how the guidelines we as an industry have had in place can keep up with new developments -- and how a regulatory framework, ideally a self-regulatory conceptual framework, can keep up with changes."
Although the emergence of behavioral targeting as a political lightning rod and hot button issue in Congress and for the FTC seems like a recent development, Curran emphasizes that it's important to recall the broader historical context of industry dialogue with government on this issue.
"The concern with privacy isn't entirely new," he says. " It's emerged on a higher profile level over the past 18 months, but, for those of us who've been around long enough to remember, it's actually a re-emergence. The issue of privacy and behavioral data first emerged in 2000 in regard to earlier forms of behavioral, or what we might now call 'proto-behavioral' targeting. The benchmark case there obviously was Double Click. NAI was involved at that time in addressing concerns about what kinds of data were being collected without consumer's knowledge and consent. We were involved at that time in close dialogue with the FTC and the issues there were ultimately resolved satisfactorily."
He continues, "The goal all along has been and continues to be pushing for a maximum of level of effective dialogue with the FTC in, first, keeping standards of transparency up to date, and, secondly, obtaining maximum buy-in and participation by everyone in the online community in self-regulating on these issues proactively."
Despite the strong pressure currently coming from the FTC to either implement stronger privacy protections on behavioral targeting or face government-imposed regulations, Curran believes much progress has been made on reaching a consensus which can ultimately form the basis for a self-regulatory regime.
"When the FTC in late 2007 held a town hall to discuss how the older privacy frameworks we had in place could be revamped, NAI responded by saying we were going to work with our members at reopening and enhancing our regulatory principles," he says. "At that time we issued a proposal for public comment from our membership base and beyond, and gave ourselves an April 2008 deadline. We were pretty amazed at the sheer volume and the quality of input."
One key focus of the resulting self-regulatory code published by the NAI in December 2008, Curran says, was more clearly delineating and defining what the categories of sensitive information are, including categories of "sensitive" information that don't entirely fit the definition of personally identifiable information( PII).
Another big topic was also how to commit to reasonable data security for all data collected.
"This went further than anything the FTC had even considered before," Curran says. "The legal discussion thus far has been dominated by PII, but the principles we worked on moved beyond that to the topic of how to set rules around how all browser data is going to be protected. A related concern we also went into was the retention of data. Both the FTC and NAI concurrently have focused on the question of what appropriate standards for storage should be."
While Curran acknowledges that consensus on exactly what constitutes "reasonable" time of storage remains elusive, he believes a unified standard can be voluntarily worked out.
In terms of continuing work, a big focus going forward, Curran says, will be around the issue of consumer education and transparency.
The NAI has already moved a long way, he explains, toward ensuring that it's easy for consumers to find out about exactly what information is being collected about their online behavior and how it's being used, and having a very easy to use, consistent way of opting-out.
As an example Curran cites the NAI's "Consumer Opt-Out" button prominent displayed on the NAI's home page. All NAI member Web sites must provide a link to this master opt-out.
With the specter of a national political debate heating up over behavioral regulation over the next several months, Curran is aware he will have his work cut out for him.
"I'm going to be located in the middle of the Beltway," he says. "On the federal level we see it as our job going forward to make clear how the newer technologies actually work, and also what value they can bring to the consumer experience in increased relevance and free content. The imperative is to continually stay ahead of the curve in anticipating the challenges and opportunities of evolving technology, outlining the public advantages of having a robust and dynamic self-regulatory framework."
The NAI is not alone in this effort. The American Association of Advertising Agencies, the Association of National Advertisers, the Direct Marketing Association , the Interactive Advertising Bureau and The Council of Better Business Bureaus, are also jointly lobbying for the maintenance of a self-regulatory framework.