• by Mark Naples , May 6, 2005

For any among you who've been under a rock for the past week, New York Attorney General (AG) Eliot Spitzer sued Intermix, an Internet marketing company on April 28.

The New York AG office's petition uses the terms "adware" and "spyware" interchangeably. Interestingly, it also never accuses Intermix of any privacy invasions. I say interestingly for two reasons - one is that Spitzer's office has been positioning him as consumerist at every opportunity, especially as pertains to online commerce. His office has previously sued Victoria's Secret and Barnes & Noble, among others, about their privacy statutes. He has also proposed legislation to prohibit all movement of e-mail addresses or other personally identifiable information (PII) without "affirmative consent." (A term I'll return to later.)

But, this is not a privacy lawsuit, this Intermix mess. It's more of a disclosure lawsuit, which is why so many people in the privacy community have been scratching their heads about it.

See, Intermix's disclosure language is almost identical to the disclosure language of just about every other company in their space. So, why go after Intermix? If the attack is on spyware, why not go after a range of companies that have similar business practices?

"It's a warning shot across the bow to the entire industry," said Eric Howes of Spyware Warrior. Adjunct to his efforts with Spyware Warrior, Howes is a graduate student and instructor in library science at the University of Illinois.

"He's not going after companies he regards as the worst in the space. After all, their disclosures were hardly atypical. In fact, they were similar to what 90 percent of the players in the space use. What he's doing here is more about establishing his authority."

So, why not pick a company that few people had on their radar - and happened to be publicly traded?

Anyone who reads this space knows I'm no fan of spyware practices. Responsible legislators have changed the Spy Act to reflect this thinking too - that it's not about what's spyware or adware - it's about certain behaviors. One thing I'm also not a fan of is government playing a punitive role in our industry - especially when it's the same government that plays in the grey areas itself.

I wrote more than a year ago that many influential people would misunderstand privacy and that it would matter to our industry. Last fall, I wrote about Rep. Mary Bono's (R-CA) Spy Act that was speeding its way through Congress and seemed bent on changing the way much online measurement occurs. These columns were cautions to all of us that probably made me appear like a digital chicken-little to some. The idea is a simple one though, and it's the same as what I was conveying in last week's screed about Ad:Tech booth "talent."

Perception is reality, see - especially when it comes to how politicians do what they do. Spitzer is grandstanding - sure. But, that's what politicians do and our industry has become a suitable target for them. It's not about any individual's ambitions. It's about how the rest of the world views our industry. It's about why we have to make certain that all disclosures are clear and complete, and why privacy policies need to be simple - and complete. If you're interested in this suit and what it could mean to your company, read the actual complaint on the N.Y. AG's site. Then take a moment to discern who his office will be targeting next. Some industry-watchers are speculating that it could be Yahoo!, since many adware companies leverage what used to be Overture keyword buys. After all, what Spitzer's office calls "affirmative consent" is what people in our industry used to call "opt-out." Opt-out was the standard for years, both online (where many people now call it "co-registration") and in the bricks-and-mortar world. In fact, one of the great ironies of the U.S. Federal Trade Commission's (FTC) "Do Not Call" list is that the U.S. Government has been in the business of monetizing consumer PII for years. So, opting out via the FTC also means opting out from government profiting from your PII.

In the bricks-and-mortar world, major companies like Visa, American Express, and Time-Warner have made millions from the sale and brokerage of PII that is obtained via opt-out standards through magazine subscriptions and card accounts. What happens in this world is far more robust than what happens online. It just doesn't happen as quickly, and the notice is usually simpler. In the real world, the U.S. Postal Service plays the part that Yahoo! plays online - they're the delivery system.

Agitation regarding how swiftly this happens online drove regulators and legislators to make disclosure more direct and simple in the bricks-and-mortar world. Now, one of the companies that was in the middle of the pack - in terms of disclosure - has been made an example of by the N.Y. AG. I'd be very surprised if they are the only company, and even more surprised if they were the largest company targeted. I'd hate to see it happen, and as much as we want our industry to be better regarded by the general population, we should all watch it and learn as much as we can from it.