Consumer privacy laws are constantly evolving and with the EU ePrivacy Directive coming into effect, as well as the growing focus in the US by the Obama administration, 2012 will be a big year for change. Our recent webinar featuring Forrester Research highlighted what you should know about the changing ePrivacy landscape, available solutions and how tag management can help.
Here Anthony Mullen, Senior Analyst at Forrester Research and Angus Glover Wilson, Chief Privacy Officer at TagMan answer your questions from the presentation on Thursday, March 29, 2012.
Q: Which privacy regulations in Europe will require a different approach to collecting data than the legislation/regulations in the U.S.?
A: Despite the fact that there are different legislative/regulatory regimes in the EU and US, the practical solutions are really quite similar in practice: “Do-Not-Track”, tag management, consent mechanisms, ad choices, industry self-regulation, and end user education, among other solutions.
Q: What is the current state of technology solutions like the government proposed idea of DNT?
A: Both in the UK and the US, the regulators are making noise that Do-Not Track (DNT) can be a viable ePrivacy technology solution.
FTC Release on March 26th: “Do-Not-Track” – The Commission commends the progress made in this area: browser vendors have developed tools to allow consumers to limit data collection about them, the Digital Advertising Alliance has developed its own icon-based system and also committed to honor the browser tools, and the World Wide Web Consortium standards-setting body is developing standards. “The Commission will work with these groups to complete implementation of an easy-to-use, persistent, and effective Do-Not-Track system.”
Q: What do we have to do to comply? And, how do we do so without completely interrupting the user experience?”
A: Browser DNT will likely be a large part of the solution in the medium term. In the immediate term, given the lack of clear unambiguous guidance from regulators, any legitimately reasonable presentation of cookie information and an opt-out mechanism is likely good enough to show necessary good intentions to regulators should they ask.
Q: How much of a problem is it to work with European publishers; could they employ a different type of universal tag in order to comply with the ePrivacy directives that apply to them? Is this technologically possible?
A: Enterprise tag management systems such as TagMan should be able to help their clients manage their tags and cookies on a per domain, per country, per visitor basis. As TagMan is a global provider we can do all this and have been able to manage privacy from the launch of our platform in 2007.
Q: How will a browser-based Do-Not-Track mechanism interact with my tracking for analytics and OBA?
A: If your analytics and OBA vendor, or the tag management system which runs those vendor tags on your website, honor DNT, then you will see ‘blind spots’ in your data within those vendor systems, in direct proportion to the % of your web visitors who have DNT enabled. TagMan currently sees about 1% of our containers served to DNT-enabled Internet users.
Q: When it comes to Do-Not-Track , what does TagMan do that a browser DNT button does not?
A: The ‘missing’ link of DNT is connecting the dots from the Internet user’s desire to “not be tracked” to the website owner’s obligation to honor that desire, according to the relevant laws, regulations that the website owner has to comply with, and therefore the privacy ‘contract’ they make with their site visitors. Tag management systems which observe DNT provide that link by allowing website owners to decide which tags (and therefore cookies) they do and do not serve/drop to DNT-enabled visitors.
Q: Can you explain the integration between tag management solutions and consent solutions like Evidon?
A: With respect to ePrivacy, Tag Management can help control the ‘site-side’ tag/cookie opt-out process, allowing website owners absolute and final control over which tags and cookies they allow to be served to their visitors. Consent solutions such as Evidon control ‘vendor-side’ opt-outs allowing Internet users to control if/how they are tracked in general by tracing companies across the Internet at large (not site-specific). We see these two mechanisms as very much complementary.