WASHINGTON, D.C. -- Google, Microsoft, and Facebook joined a host of other Web companies in Washington Thursday to argue that they already fully protect users' privacy interests, and said that
additional regulations could harm the online advertising industry.
"Billions of dollars of services and information are provided today for free, or nearly free, because of online
advertising," Google deputy general counsel Nicole Wong told the FTC at the first day of a town hall meeting about privacy and behavioral targeting.
Wong, along with other industry executives,
faced off against consumer advocates on a host of privacy-related issues ranging from the implications of behavioral targeting to why companies store search queries to allegations of Facebook
employees spying on users.
Representatives from the online publishing and ad industry argued that companies already had robust privacy protections, while consumer and privacy advocates like the
World Privacy Forum and the Center for Democracy & Technology took the position that collecting and storing data creates the potential for misuse.
For instance, Pam Dixon, executive director of
the World Privacy Forum, proposed that a Web surfer who discloses a medical condition online might end up being denied health insurance coverage if that information got into the wrong hands.
But
Web company executives stressed that they have privacy policies and teams of employees to make sure that individual users aren't identifiable or otherwise compromised. In Google's case, that would
include Wong--plus a general privacy counsel, senior privacy counsel, and 16 "embedded" attorneys.
When a privacy compromise does happen--as allegedly occurred recently at Facebook, where an
employee reportedly hacked into a user's profile--it's a breach of protocol and the company takes action, said Chris Kelly, chief privacy officer and head of global public privacy at Facebook.
"There have to be people at companies that have access to users' accounts," Kelly said, in response to a question about a data breach at Facebook. "There are rules around that access. Sometimes those
rules are violated."
The FTC's town hall meeting came on the heels of a flurry of activity surrounding online privacy and behavioral targeting--specifically, the ability to track Web users online
via cookies and serve them ads based on the sites they've visited. AOL Wednesday announced a new ad campaign aimed at educating users about cookies and behavioral targeting.
Also, the Center for
Democracy & Technology led a coalition of privacy groups in asking the FTC to create a do-not-track registry for Web users who want to opt-out of behavioral targeting.
Internet industry groups
like the Network Advertising Initiative, Online Publishers Association and Interactive Advertising Bureau oppose additional government regulation. They say that the largest ad networks already give
people the ability to opt-out of behavioral targeting, and that government regulation would stifle continued growth.
"Government must be prudent," warned IAB President and CEO Randall
Rothenberg, stressing that new laws could curb the recent "extraordinary pattern of innovation and consumer benefit."
The Web companies and industry groups also argue that any profiles that are
compiled based on Web sites visited are anonymous; while those profiles are tied to a cookie, they're not tied to a specific email address, name or other personally identifiable information.
But
privacy advocates say that the absence of a user's name doesn't necessarily render the information private. In papers filed with the FTC Thursday morning, the Center for Digital Democracy and U.S.
Public Interest Research Group argue that the profiles being compiled are so detailed, it's nearly irrelevant that marketers haven't also collected email addresses or other personally identifiable
information.
"The right hand of online marketing continues to hide behind the myth of anonymity, even while the left hand of Web analytics constructs remarkably detailed mosaics out of
innumerable shards of purportedly 'non-personally identifiable information,' " they argued.
FTC Commissioner Jon Leibowitz indicated the agency might take another look at the type of information
that should be included in Web companies' privacy polices to make sure consumers have adequate notice of ad practices.