• by Steve Smith , Staff Writer @popeyesm, December 18, 2009

The crushing irony of digital privacy is that all attempts to address user and government concerns over data handling only serve to dramatize just how thorny, complex and consumer un-friendly the issue is going to become next year. To wit, the weird Facebook privacy setting "reforms" that only exacerbated concerns over social networks and the motives of publishers.

When Facebook prompted me weeks ago to revisit my privacy settings, even this social media dunderhead knew that its "simplified" system was veering me towards revealing more about myself to more people than I would like. Suddenly a "service" became a pushy "salesman" that was nudging me towards the items that rendered him a better commission. The end result was that suddenly I was suspicious of the motives of a provider that I had regarded as relatively benign up to this point.

But Facebook's problem is pretty much everyone's problem. In order to engage consumers with the privacy issue, ad networks and publishers first have to expose just how much diverse tracking they have been doing all along.

As my colleague Laurie Sullivan noted earlier this week, only about 6,600 people per week seem to be opting out of Google's ad targeting via its new ad preferences dashboard. According to the Zachary Rodgers ClickZ post that first discussed this issue, Google says that four times as many people adjust their settings in the dashboard as do opt-out.

I think it's a mistake to take these numbers as indicative of consumer disinterest, however. 

Among the many boilerplate predictions being spewed left and right this week by all vendors and publishers, there was one from eMarketer that stood out. "In 2010, we will see more Websites let users know what data is being kept about them and give them options to remove data or prevent it from being accumulated. However, such transparency alone will undermine online advertising efforts."

If I read behind that prediction, I assume eMarketer means that many people will recoil once they are made aware of the dense network of cookies and beacons that track them. One of the problems with using Rodgers' figures about Google opt-outs is that Google is not doing much to push people to its ad preferences page. Moreover, the real recoil among consumers comes when they see the density of tracking mechanisms and multiple vendors at work on a common branded media site.

Earlier this year, when we looked at the research that Pace University Professor Cathy Dwyer was doing on the number of trackers on popular sites, she told us how her supposedly digital-savvy students respond to seeing how the sausage is made. "I do this with 18-, 19- and 20-year-olds, and once they find out this is going on they go ballistic. A few of them in one of my classes canceled their Facebook accounts," she told me.

In my experience with Google's Ad Preferences dashboard, there wasn't much opportunity to be taken aback by its tracking because it didn't seem to register much about me. Likewise the new Yahoo "Ad Interest Manager" has me down for music and games interest despite all my diverse travels on the site. Put in these terms, the tracking seems innocuous, and perhaps too patchy or incompetent anyway to worry a consumer much. But when a major media brand starts talking to a reader about the 20 or so ad networks and exchanges they never heard of who are tracking the consumer from the front door, I suspect there will be more cookie-shock than we have seen thus far. 

There is still loads of room for consumers to be surprised and confused by the level of tracking that has become de rigeur for publishers and advertisers online. According to research that PrivacyChoice.org filed with the FTC in advance of its recent roundtable in Washington, only 27% of ad targeting companies surveyed enumerated policies that excluded their tracking from sensitive health and financial matters. The same study found that 55% of policies stipulate that anonymous profiles information is shared with partners.

Only 13% of firms state that they delete information on a user that is over 12 months old, and 65% have no declared deletion period at all. And despite the efforts of third party and association privacy groups like TRUSTe and the NAI, only about a fifth of targeting companies are overseen by one or the other. While oversight groups likely have a greater reach than that one-fifth statistic suggests, PrivacyChoice also found that of the 4.4 ad targeting companies present on the average site, less than half (2.1) were NAI members.

The full report is available at the PrivacyChoice.org blog.

Assuming user disinterest about privacy and tracking is a big mistake, in large part because the full and honest discussion hasn't even begun yet. This is going to be more like having the sex talk with your kid. You need to inform without shocking, be accurate without getting icky, be complete without overwhelming them with more than they can handle.

Admittedly, my analogy has a central flaw, in that publishers and ad tech companies shouldn't be treating consumers like children. But like the big sex talk, the privacy talk is going to involve exposing consumers to the digital plumbing, which gets complicated and invites a knee-jerk response among many that's similar to first hearing about sex: "Well, I'm  not going to do that!"

It's almost a year after the FTC released its initial guidelines for self-policing of behavioral targeting.  Amazingly, an industry distinguished by its ability to communicate and persuade -- the media -- seem to be as tongue-tied on addressing privacy with its customers as a parent is when trying to explain birds and bees.