Operating in New York, we like to keep the tabs on local politics that might affect us, both personally and business wise. The New York Times reported last week that one of our representatives up in Albany (strictly speaking, he represents Westchester county, while we work in NYC) is taking the sword to devious internet data collection and marketing practices that violate the privacy of consumers and serve no good purpose.
Here is the bill in beautiful legal code: http://assembly.state.ny.us/leg/?bn=A09275&sh=t
Assemblyman Richard Brodsky isn’t your average internet hater or privacy advocate. Rather, he’s pushed through multiple bills on cyberspace security. He’s also an active proponent of environmental legislation and business reform in telecommunications. This bill is one of the first one’s of its kind. It bars companies from linking certain targeting data that they collect and linking it to personally identifiable information ie. your name and address. Most consumers don’t know just how much their behavior is being tracked on the Web. When you consider all this aggregated information, it adds up to quite a bit. From a few cookies and IP address readers, advertising networks and their data partners probably know your name, address, phone number, date of birth, gender, race, income level, education, email address(es), recent web history, overall pattern of browsing behavior, overall content of your emails or instant messages and more.
Using this information solely for targeting purposes is more or less benign in nature, but when advertising companies and their clients start to interact with consumers or judge them on information which visitors may not want to be associated with, a violation of personal privacy occurs. The implications of linking all this information is one of the major problems, though. This data is stored on a server by a marketing company who has built the physical computer server to be fast and reliable, not secure and resistant to threats. Hackers will be able to access this data and use it for their own schemes. Companies could look into the web behavior of a potential employee and could misinterpret the findings. Rival corporations could purchase contextual scans of web pages visited by employees of their competitors, potentially getting access to sensitive internal memos and emails.
This bill isn’t perfect, by all means. Brodsky is debating whether or not to include the IP address as a form of PII. IP addresses are essentially anonymous when they aren’t linked to other information, and are vital to the continuing operation of the internet. Services such as PayPal use IP addresses to block fraud. Ad companies use IP’s for, say, frequency capping popunders so they won’t be so annoying. But this legislation is definitely a good start to appropriate and fair regulation of data collection.
Mar 29
This entry was posted on Saturday, March 29th, 2008 at 1:19 amand is filed under General. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Leave a Reply
You must be logged in to post a comment.