New Technologies

Online Behavioural Advertising: Balancing Privacy and User Experience

Monitoring internet surfing can give a detailed picture of a person’s online life.

In the con­text of a gen­er­al pub­lic sen­si­tiv­i­ty to sur­veil­lance of activ­i­ty and behav­iour, there is much debate on leg­is­la­tion gov­ern­ing behav­iour­al tar­get­ed adver­tis­ing.

What is behavioural targeted advertising?

In prin­ci­ple, it is the kind of online adver­tis­ing that is dis­played dif­fer­ent­ly to the user depend­ing on his inter­ests. So, unlike a news­pa­per ad, which is seen by all read­ers irre­spec­tive of their spe­cif­ic inter­ests and pro­file, some ads dis­played on a web­site may be seen only by cer­tain users based on their online pro­file of inter­ests and con­cerns.

Usu­al­ly, the pro­file is drawn by using data col­lect­ed from cook­ies. These data, in prin­ci­ple, do not offer infor­ma­tion that allows iden­ti­fi­ca­tion of the user, but are use­ful to cre­ate a gen­er­al pro­file of inter­ests.

Most inter­net users have installed cook­ies, which pri­mar­i­ly make web brows­ing eas­i­er and are used to dis­play behav­iour­al tar­get­ed adver­tis­ing.

There are a num­ber of rules on the use of cook­ies, includ­ing the user’s: (i) right to be clear­ly informed, (ii) right to choose whether his behav­ior is tracked online by offer­ing an express con­sent and the pos­si­bil­i­ty to with­draw it, and (iii) option to access and change his inter­est cat­e­gories. If these rules are fol­lowed, the con­sumer should not be affect­ed.

When does behaviourally targeted advertising become sensitive?

Typ­i­cal­ly, con­cerns come from the fol­low­ing three areas.

The lev­el of detail and analy­sis of online behav­iour

The more col­lect­ed and processed infor­ma­tion is detailed and indi­vid­u­alised, the high­er the anx­i­ety lev­el.

This cat­e­go­ry includes stor­age and pro­cess­ing by inter­net providers of (almost) all sub­scriber data traf­fic, and detailed analy­sis of these data to pro­vide pro­fil­ing and behav­iour­al tar­get­ed adver­tis­ing.

These tech­niques, known as “deep pack­et inspec­tion”, are gen­er­al­ly used in part­ner­ship with a com­pa­ny to which all user traf­fic is trans­mit­ted. The inter­net provider usu­al­ly earns from the ulti­mate adver­tis­ing ben­e­fi­cia­ry a cer­tain sum per user.

Roman­ian leg­is­la­tion requires pri­or express and informed con­sent from the user and oth­er addi­tion­al oblig­a­tions designed to pro­tect him.

How­ev­er, there is an intense debate at the Euro­pean lev­el on the impact of these ser­vices on pri­va­cy. Basi­cal­ly, both inter­net providers and the coun­ter­par­ty are giv­en access to “inspect” the entire online activ­i­ties of users who have agreed to it. Although it is not intend­ed to find out the users’ per­son­al iden­ti­fi­ca­tion, so much infor­ma­tion is gath­ered that it is easy to iden­ti­fy the user.

Penal­ties for breach­ing laws relat­ed to data pro­tec­tion can reach 2% of the turnover of the inter­net provider.

How­ev­er, a cru­cial ques­tion is how many users real­ly under­stand, even after read­ing the infor­ma­tion pro­vid­ed by sup­pli­ers, the impli­ca­tions to pri­va­cy from ben­e­fit­ing from the respec­tive ser­vices.

The sen­si­tiv­i­ty lev­el of the col­lect­ed infor­ma­tion 

Few users would be affect­ed if a shoe man­u­fac­tur­er cre­at­ed an anony­mous user to fol­low a forum dis­cus­sion about beach san­dals.

But the user’s com­fort lev­el would fall if, for exam­ple, a man­u­fac­tur­er of milk pow­der for chil­dren suf­fer­ing from dis­ease cre­at­ed a user to anony­mous­ly track a pri­vate forum of dis­cus­sions between the par­ents of the chil­dren.

Labelling a user’s activ­i­ty

A rel­e­vant exam­ple for this case is the assign­ment to smart phone users of a unique iden­ti­fi­ca­tion code and track­ing their activ­i­ty on web­sites, social media plat­forms, and appli­ca­tion stores to pro­vide behav­iour­al tar­get­ed adver­tis­ing.

The infor­ma­tion col­lect­ed via mobile phones is extreme­ly valu­able to adver­tis­ing agen­cies, but it has stirred up so much debate among con­sumers the smart phones pro­duc­ers are look­ing for ways to give up this tech­nol­o­gy.

Conclusion

Giv­en the above ques­tions and con­cerns, the Euro­pean Commission’s con­cern to mon­i­tor and restrict access oppor­tu­ni­ties to data users is under­stand­able. With the adop­tion of the new Euro­pean Reg­u­la­tion on the pro­tec­tion of indi­vid­u­als in the pro­cess­ing of per­son­al data and on the free move­ment of such data, reg­u­la­tions and (espe­cial­ly) sanc­tions are like­ly to sig­nif­i­cant­ly increase.

At the same time, if cor­rect­ly used and only for the declared pur­pose, these data are extreme­ly use­ful for the adver­tis­ing indus­try. Also, the tech­nol­o­gy is pro­gress­ing so fast that, for any legal restric­tion of today, a new tech­nol­o­gy will come out tomor­row that will like­ly not be cov­ered by the exist­ing reg­u­la­to­ry frame­work

The question remains: What is the right balance between regulation and ensuring freedom of movement in an industry that progresses very quickly?

Publicitatea online comportamentală: Echilibrul intre viata privata și experiența utilizatorului

Monitorizarea navigarii pe internet poate oferi o imagine detaliată a vieții on-line a unei persoane.

In con­tex­tul unei sen­si­bil­i­tati gen­erale a pub­licu­lui cu privire la mon­i­tor­izarea activ­i­tatii si com­por­ta­men­tu­lui, exista o mul­ti­tu­dine de dez­ba­teri cu privire la cadrul leg­isla­tiv care regle­menteaza pub­lic­i­tatea tar­ge­ta­ta com­por­ta­men­tal.

Ce este publicitatea targetata comportamental?

De prin­cip­iu, este acel gen de pub­lic­i­tate care este afisa­ta in mod difer­en­ti­at uti­liza­toru­lui, in func­tie de intere­se­le sale. Deci, spre deose­bire de recla­ma din­tr-un ziar, pe care o vad toti citi­torii ziaru­lui respec­tive indifer­ent de intere­se­le lor speci­fice si de pro­fil, pe un site este posi­bil ca anu­mite reclame sa fie vazute doar de anu­mi­ti uti­liza­tori, in func­tie de pro­filul lor de interese si pre­ocu­pari online.

De cele mai multe ori pro­filul este real­izat prin inter­medi­ul datelor colec­tate pe baza cook­ie-urilor. Aces­te date, de prin­cip­iu, nu ofera infor­matii con­crete de iden­ti­fi­care a respec­tivu­lui uti­liza­tor, ci sunt utile doar pen­tru crearea unui pro­fil gen­er­al de interese.

Majori­tatea uti­liza­to­rilor de inter­net au insta­late cook­ie-uri, care in primul rand le fac nav­i­garea pe Inter­net mai usoara si care, in al doilea rand, sunt folosite pen­tru afis­area de pub­lic­i­tate tar­ge­ta­ta com­por­ta­men­tal.

Exista si o serie de reg­uli cu privire uti­lizarea cook­ie-urilor, print­re care: (i) uti­liza­torul sa fie in mod clar infor­mat cu privire la cook­ies, (ii) uti­liza­torii sa aiba posi­bil­i­tatea de a alege daca com­por­ta­men­tul lor este urmar­it online, prin expri­marea unui acord expres in acest sens si prin oferirea posi­bil­i­tatii de a‑si retrage acor­dul (iii) posi­bil­i­tatea uti­liza­to­rilor de a acce­sa si a schim­ba cat­e­gori­ile lor de interese. In cazul in care sunt respec­tate aces­te reg­uli, con­suma­torul nu ar tre­bui sa fie afec­tat.

Cand devine publicitatea targetata comportamental un subiect extem sensibil?

De obi­cei, pre­ocupările provin din urmă­toarele trei domenii.

Nivelul de detal­iu si anal­iza a com­por­ta­men­tu­lui online

Cu cat infor­mati­ile colec­tate si proce­sate sunt mai detal­i­ate si mai indi­vid­u­al­izate cu atat nivelul de anx­i­etate creste.

In aceas­ta cat­e­gorie intra sto­carea si pre­lu­crarea de catre furni­zorii de ser­vicii de inter­net a tutur­or sau a celei mai mari par­ti a datelor de traf­ic ale abon­atilor si anal­iza detal­i­a­ta a aces­tor date in scop­ul, intre altele, a pro­fi­larii si furnizarii de pub­lic­i­tate tar­ge­ta­ta com­por­ta­men­tal.

Aces­te tehni­ci, den­u­mite in indus­trie “deep pack­et inspec­tion”, sunt uti­lizate in gen­er­al in partene­r­i­at cu o fir­ma catre care este trans­mis intreg­ul traf­ic al uti­liza­to­rilor. In acest fel, furni­zorul de inter­net cas­ti­ga de obi­cei o anu­mi­ta suma cal­cu­la­ta pe uti­liza­tor de la ben­e­fi­cia­rul final al pub­lic­i­tatii.

Leg­is­la­tia noas­tra prevede ca furni­zorul de ser­vicii de inter­net are oblig­a­tia de a obtine con­sim­ta­man­tul expres pre­al­a­bil si infor­mat al uti­liza­toru­lui in acest sens, pre­cum si o serie de alte oblig­atii supli­menta­re menite sa‑l pro­te­jeze pe uti­liza­tor.

Cu toate aces­tea, exista dez­ba­teri intense la niv­el Euro­pean, cu privire la efectele aces­tor ser­vicii asupra pro­tec­tiei intim­i­tatii uti­liza­toru­lui. Prac­tic, atat furni­zoru­lui de inter­net cat si parteneru­lui con­trac­tu­al al aces­tu­ia li se da access la “inspectarea” intregii activ­i­tati online a uti­liza­to­rilor care au con­simtit la furnizarea aces­tui ser­vi­ciu. Chiar daca nu se urmareste iden­ti­fi­carea per­son­ala a uti­liza­to­rilor, sunt adunate atat de multe infor­matii, incat iden­ti­fi­carea devine posi­bi­la si rel­a­tiv facila.

Sanc­tiu­nile pen­tru nere­spectarea preved­er­ilor legale cu privire la furnizarea aces­tui tip ser­vi­ciu pot atinge pana 2% din cifra de afac­eri a furni­zoru­lui de inter­net.

O intre­bare esen­tiala insa este cati uti­liza­tori inte­leg cu ade­varat, chiar dupa ce citesc infor­mati­ile puse la dis­poz­i­tie de catre furni­zori, ce pre­supune con­simtirea la furnizarea aces­tui tip de ser­vi­ciu.

Gradul de sen­si­bil­i­tate a infor­mati­ilor colec­tate

Prob­a­bil ca o mare parte din uti­liza­tori ar fi destul de putin afec­tati in cazul in care un pro­d­u­ca­tor de pantofi ar crea un user pen­tru a urmari dis­cu­tii pe un forum, pub­lic sau pri­vat, despre san­dale de pla­ja.

Nivelul de dis­com­fort al uti­liza­toru­lui s‑ar putea insa sa creas­ca sem­ni­fica­tiv daca, spre exem­plu, un pro­d­u­ca­tor de lapte praf pen­tru copii ce sufera de anu­mite boli, isi creaza un user pen­tru a urmari in mod anon­im un forum pri­vat de dis­cu­tii al par­in­tilor aces­tor copii.

Etichetarea activ­i­tatii unui uti­liza­tor

Un exem­plu in acest sens este atribuirea uti­liza­to­rilor de tele­foane mobile inteligente a unui cod unic de iden­ti­fi­care si urmarirea activ­i­tatii aces­to­ra pe site-uri, plat­forme de socializare, in mag­a­zine de apli­catii, in scop­ul furnizari­ii de pub­lic­i­tate tar­ge­ta­ta com­por­ta­men­tal.

Intra-ade­var, infor­ma­tia colec­ta­ta in acest fel prin inter­medi­ul tele­foanelor mobile este extrem de pre­tioasa pen­tru agen­ti­ile de pub­lic­i­tate dar a star­nit insa multe con­tro­verse in ran­dul con­suma­to­rilor, ast­fel incat pro­d­u­ca­torii de tele­foane inteligente cau­ta solu­tii pen­tru a renun­ta la aceas­ta tehnolo­gie.

Concluzii

In con­tex­tul intre­bar­ilor si ingri­jorar­ilor prezen­tate mai sus este de inte­les pre­ocu­parea per­ma­nen­ta a Comisiei Europene de a mon­i­tor­iza si restric­tiona cat mai mult posi­bil­i­tatile de acces la datele uti­liza­to­rilor. Oda­ta cu adoptarea noului Reg­u­la­ment Euro­pean privind pro­tecția per­soanelor fiz­ice refer­i­tor la pre­lu­crarea datelor cu car­ac­ter per­son­al și lib­era cir­cu­lație a aces­tor date reg­ulile dar mai ales sanc­tiu­nile aplic­a­bile in dome­niu prob­a­bil vor creste sem­ni­fica­tiv.

In ace­lasi timp insa, in masura in care sunt uti­lizate in mod corect si exclu­siv in scop­urile declarate, aces­te date sunt extrem de utile pen­tru indus­tria de pub­lic­i­tate. In plus, tehnolo­gia pro­gre­seaza intr-un aseme­nea ritm, incat pen­tru orice restric­tie de azi, apare o tehnolo­gie noua maine care este nu cuprin­sa de cadrul de regle­mentare exis­tent.

Ramane intrebarea permanenta: Care este echilibrul optim intre reglementare si asigurarea libertatii de miscare intr-o industrie care progreseaza extrem de rapid.

roadmap 14
schoenherr attorneys at law / www.schoenherr.eu

http://roadmap2014.schoenherr.eu/online-behavioural-advertising-balancing-privacy-user-experience/