In my previous posts on personal data, I’ve talked about users’ desires to “own” and control their data, the difference between anonymous preference data and PII, and the need to separate specific technologies like cookies from the real question: what is OK and what is not OK to do with personal data?
Here I’d like to dive more deeply into this last question; so in light of those previous posts, the more specific question is “when are third party tracking cookies spyware?” This is probably best asked in the larger context of the question “when does marketing become spying?” And I think one way to address these questions without being distracted by technical issues is to think about a physical interaction rather than a virtual one on the web.
OK, so…say you walk into a store in a mall. This store has a lot of salespeople who watch what you’re doing and try to help out. This certainly can’t be a problem, that’s what salespeople are paid to do! But these salespeople have really good memories and work 24 hours a day, so if you come back to the store sometime later, they’ll recognize you and remember what you did last time you were there. At least for me, it’s hard to see this as a problem; this is essentially how stores strive to operate today.
Now let’s say you buy something at the store with a credit card. The salesperson now knows your name and other personal data, as well as having insight into your likes and dislikes from watching you in the store. You might even now be greeted by name when you come back later, and pointed to a new item the salesperson thinks might interest you. Again, this is an idealized version of how stores operate now, so it’s hard for me to see a problem; that being said, if it was possible I’d probably prefer it if my card went through without the salesperson looking at or remembering my info.
But what if, as you walked in, an iris scanner identified you via a third party database like in the movie “Minority Report,” or equivalently, the salesperson snapped your photo and faxed it to a third party service that sent back your name and other personal data. To me, this is definitely a violation of my privacy: the salespeople are free to watch me in their store all they want, but unless I decide to offer it, they should not know who I am.
Even worse, imagine that the store has the salespeople write down everything they know about you, then send it to a third party who puts it in a file under your name along with the reports from various other stores. This third party now sells your file to anyone who cares to pay for it. At least for me, this is the ultimate privacy violation: I’ll never live down the time I went to buy medicine for jock itch, the FBI will stake out my house after I buy rolling papers, and prospective landlords will reject my application when they find out that I buy a lot of powerful stereo gear.
OK, so now we’ve established some boundaries to what is definitely acceptable and not acceptable (at least to me; I’d be interested to hear from anyone with different ideas). Translating back to cookies:
– Tracking cookies are OK if they’re from the site I’m visiting
– Merging cookie data with PII I provide as part of a purchase or registration on the site seems hard to avoid and so is probably OK (although best avoided)
– If I don’t offer my PII, I should be assured of my anonymity, i.e. it is *not* OK for anyone to share the PII I provide with any third party
Now we get to the interesting part. What if, as you enter the mall, someone hands you a clipboard to carry around. Each time you leave a store, the salesperson scribbles down what they think you were interested in by watching your actions and puts it on your clipboard. Each time you enter a store, the salesperson takes your clipboard and reads it to learn what you might be interested in.
To me, this doesn’t raise a big privacy issue, but that’s because I’m assuming several things based on the physical metaphor:
– I know about the clipboard
– I can be sure that no salesperson will put any PII on my clipboard
– I can read through the clipboard and see what has been written about me
– I can throw away the clipboard anytime I want, and no one else has a copy
So mapping back to cookies, this means that to meet the above idea of acceptability, the following should be true of third party tracking cookies:
(1) I should know they’re present, and who can access them
(2) They should never contain or be merged with PII
(3) I should be able to review their content
(4) I should be able to delete them
Another relevant issue is (5) Why should I accept the clipboard? Imagining the scene at the mall, realistically there’d have to be some incentive for me to accept the clipboard beyond “better service” — I expect good service anyway, I’d have to be enticed by discounts, like for example Safeway and other supermarkets do with their “Club Cards.”
Wrapping all this up, it seems to me that a reasonable proposal regarding third party tracking cookies would be to essentially follow the above numbered points:
(1) A site should clearly notify users that it uses third party tracking cookies. Exactly how this is done is debatable, but the notification should be hard to miss, and should link to an up-to-date list of the other sites at which the cookie is active (the other stores that are “in the mall”).
(2) Users should be guaranteed that tracking data will never contain or be merged with PII. Whether this should be encoded in law or implemented via industry agreement is debatable.
(3) Third party tracking cookies contents should be reviewable by the user. This is *not* true now: even though you can examine the cookies on your computer, the contents are usually not human-readable. Third party cookie vendors should provide a consumer service that allows these cookies to be reviewed, and sites should link to these services, ideally as part of the notification in (1).
(4) The ability to delete is not an issue, cookies can always be deleted.
(5) Users should somehow benefit from accepting tracking via third party cookies.
This last item, (5), requires the most creativity; some ideas off the top of my head are:
– Sites could provide special or premium content to users who allow third party tracking cookies
– Third party tracking cookie vendors (network advertisers) could entice users to participate by offering input into marketing decisions or recommended product and services
– Advertisers could offer explicit discounts to users who allow third party cookies and who then click through the ads that use the resulting tracking data.
I’d love to hear any thoughts from others regarding these ideas. In the end, I think the goal should be for users to remain in complete control of their personal data, with any disbursement of this valuable data explicit and above-board. If this respect is afforded consumers, marketers will be able to do their job in a more effective and cooperative environment, so that the free content we all enjoy can be paid for.