Messaging News - August 2008 - (Page 14) PRIVACY & MESSAGING was not worried about emails being intercepted, except in certain countries where they would not put it past the government to intercept email in order to get involved with (business) negotiations. In those countries, Exxon said it avoided using email for communications with the local people.” Maybe employee privacy at the corporate level has not been lost, because in truth, perhaps it never existed in the first place. According to Crosley, “I don’t think that there has been much change in the past few years in terms of the level of privacy that employees actually enjoy. What I think has changed is employee attitudes and expectations.” Crosley notes that in 2004, their survey findings were surprising— even shocking—to many. “But even at that time, those findings really just confirmed what many employees had always suspected. When I would discuss these findings with people, it used to take some time to explain the legal/financial/regulatory risks that were motivating companies to monitor outbound communications (either with technology or with manual processes).” Crosley says that along with the high profile data loss events that has continued to occur over the years and with more and more individuals having first-hand experience of identity theft; of being personally notified of data breaches involving their personal information; and as employees have become more personally familiar with regulations such as HIPAA; people have become much more personally aware of the impact of data loss. “I think this has changed their attitudes about monitoring,” summarizes Crosley. “That is, as a consumer, as a customer of other large enterprises that have substantial amounts of their valuable financial/healthcare/ identity information under their control people now understand the risks.” Notification and Opt-Out Privacy advocates agree that much of what concerns them is the users’ lack of awareness that their information is being tracked and monitored. “Consumers’ behavioral advertising profiles may incorporate many different kinds of data that are not personally identifiable by themselves,” says Harris. “Many networks avoid linking profiles to what has traditionally been considered ‘personally identifiable information’ (PII)—names, addresses, telephone numbers, email addresses, and other identifiers. But as the comprehensiveness of consumer advertising profiles increases, the ability to link specific individuals to profiles is growing. The risk of supposedly non-personally identifying data being used to identify individuals has spurred several ad networks to take extra steps to de-identify or remove personal information from their data storage.” Along with the need for awareness campaigns for consumers to learn more about what information is being harvested about them, many believe that a more obvious opt-out should exist. “If I was to read tea leaves, I’d say in the future we will be looking at a broader, more effective opt-out opportunity for consumers,” says Maier. “I think that there will be some interesting examples of notice, where consumers will be asked or be able to see why they got this ad. The ad choice program from eBay is a good example of this. My personal opinion is that I do not think advertisers should be afraid of opt-outs, I do not think that many people will do it, and I think that if advertisers make a clear statement of what they are collecting and how they are using it, consumers will understand the value proposition.” Maier believes that left unexplained behavioral targeting can seem threatening. She also thinks that there might be more opportunities for consumers to become anonymous. “I think the biggest thing is that consumers are going to have the opportunity to make a decision and make a choice and through that choice extend control over their profile, their person and the whole bit.” Ponemon findings support that consumers want control over the privacy of information they share with online marketers. “Consumers actually prefer personalization when it is relevant and it actually provides interesting content.” The key Ponemon suggests is to ensure the opt-in appears desirable. “Survey research shows that when consumers see the word ‘cookie’ they are less likely to opt in. It has this negative connotation, especially when it’s in a policy.” Ponemon does say that while people hate cookies and permissions, people actually like the idea of having someone spend the time trying to understand what they’re interested in. “Consumers are willing to share more and better personal information about themselves when they have a trusted relationship with a marketer. Consumers want to rule over their online experience and 84 percent want to have more control over the types and frequency of Internet ads that they receive.” When it comes to employees, Crosley believes that, “Companies should be clear with employees about the fact that employee email is often made public.” He points to the increasing use of email as a rich source of evidence in both civil and criminal cases. “This is one of the biggest changes we’ve seen in the past five years. In 2004, only 10 percent of companies surveyed said that employee email had been subpoenaed in the past year, but in 2008, that number had jumped to 24 percent.” So even employees could do with an awareness campaign. Risks and Rewards As Maier points out, has there been any actual harm done by behavioral targeting? Does collecting the data by its nature invade privacy? “Most of this information is anonymous and is not personally identifiable,” states Quaresima. “It is a different type of data. It is generally not your name or social security number or that type of data. They do know your IP address, so they associate a set of behaviors to a computer, but 14 MESSAGING NEWS AUGUST 2008
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.