Reflections On Web Publishers, Privacy, & Consumer Preference

Posted 03.28.2012

These are interesting times for anyone operating on the consumer web.  On Monday the Federal Trade Commission released its final privacy report (PDF).  Last month the European Union released its draft regulation on privacy, and the White House published the Consumer Privacy Bill of Rights.  It’s clear that policy makers worldwide have Internet privacy on their mind. 

From day one at Krux, we knew that we were operating in a space that was long on rules but short on tools.

Internet privacy is on our mind at Krux, too.  From day one, we knew that we were operating in a space that was long on rules but short on tools.  We made it our mission to build tools that help all web operators put consumer data to work serving up web experiences that are more relevant and valuable, but not creepy.  By weaving consumer privacy and preference controls into data fabric for large and small websites, we believe it’s possible to de-creepify the Internet one cookie, one ad call at a time.  That is why we established privacy last year as one of the five defining criteria of a best-in-class data management platform.

In all of these regulatory and legislative machinations, the recurring themes that really stick with me are transparency and informed consent regarding how and when data is collected and put to use.  Perhaps more important, from the FTC report in particular, is the clear intent to pull the covers back on the so-called ‘data brokers,’ the broad (and only loosely defined) category of players whose role in the data ecosystem – online and off – is entirely unknown to consumers themselves.

There is no question that insight derived from consumer data signatures is incredibly valuable.  But on today’s Internet, a disproportionate amount of the consumer tracking and targeting is conducted by third parties, as our forthcoming update to last year’s CIS shows.  First-party web publishers and marketers – principals who earn and maintain trusted relationships with consumers – account for a much smaller share of the consumer tracking that so vexes regulators.

For too long now, web publishers have been faced with a binary decision when it comes to putting data to work for their advertising, content, and commerce businesses.

For too long now, web publishers have been faced with a binary decision when it comes to putting data to work for their advertising, content, and commerce businesses.  Option One is to basically do nothing, largely due to the fundamental limitations of the legacy advertising and publishing systems they rely on.  Option Two is to outsource, relying on third-parties to do most of the work for them.  That second option provides simplicity, efficiency, and near term revenue, but it comes at a cost.  The publisher loses control over its data, delivering valuable data segments to its competitors and incurring liabilities if any of the third-parties they deploy use creepy or even illegal data collection practices.

Option One is increasingly untenable for web businesses that need to build data-driven, audience-aware offerings to survive and thrive.  And Option Two is less appealing by the day given the inherent risks, as privacy regulations such as the EU cookie directive put publishers on the hook for all data collection on their site, even when it's collection that is happening without their awareness or approval.  

At Krux, we believe there’s a Third Way:  Put intelligence and technology into the hands of the first-party sites so they can exert control over their own data.  This is no-regrets from a strategic perspective (consumer web data fuels more valuable advertising, content, commerce, selling, and marketing), but it’s also attractive in the face of a fast-evolving privacy regime.  Krux’s cloud-based data management infrastructure gives first-party publishers the ability to capture and connect data, but with the controls to ensure that data moves only on the terms and times of the publisher’s choosing – and according to the terms of their stated privacy policy.  Perhaps most importantly, we are hardwiring capabilities into the platform that allow publishers to understand and manage consumer privacy signals – such as our responses (here and here) to the Do Not Track specification under development at the W3C. 

With the mounting decisions and decrees coming from regulatory bodies, the need for integrated privacy and preference management is more urgent, its enabling technology increasingly more complex.

With the mounting decisions and decrees coming from regulatory bodies, the need for integrated privacy and preference management is more urgent, its enabling technology increasingly more complex.  While the web may be borderless, the idea of ‘geography’ perfectly illustrates this growing complexity.  Absent a single global privacy standard, soon every web interaction will need to ’know’ the country in which a company operates, the location of the user on the other end of the browser, and in some cases, even the countries in which the publishers data centers reside.  This kind of multi-dimensional decision framework – considering geography alone – would need to be operationalized in every single web-based consumer interaction.

I am in constant dialogue with all types of web operators, and I know they are all focused on developing rational, appropriate, and cost-effective ways to comply with the crop of government regulations and proposals on Internet privacy.  And with each new policy decision or proposed regulation, there are always new concerns.  But we have carefully observed the exchanges that have led to these recent policy announcements and tailored our products and services for this day.  There were many times we could have made different design choices, but we always kept our Third Way in mind.  I’m gratified to see these recent announcements affirming the strong design commitments we made to privacy and transparency many months back – and I’m looking forward to continuing this conversation in the months ahead.