Online
advertising is not necessarily better than traditional media advertising
at reach (how many people see your ad) or frequency (how often they
see it). But it is a winner on specificity -- the ability to deliver
the right advertising message to the right person at the right time.
To do that
in a way that truly takes advantage of the medium, marketers have to
know something about the person they are reaching. And there are oh,
so many ways to gather (and use and combine with other databases ...
and sell to others) that information.
There are
cookies, there are all sorts of spyware, there are tracking tools,
there are myriad data harvesting and data mining technologies.
Really, the ways that information
about each
of us can be and is collected are vast and ingenious.
The rub,
of course, is the cost to us in lost privacy. |
Of
course, those tools -- and more -- are used not just by legitimate
marketers with legitimate products or services to sell to people who
might, indeed,
be interested in them. They also are popular with various lowlifes,
from spammers to phishers, or online identity thieves.
To
take an example from a legitimate marketer first: Amazon.com
is a trailblazer in tracking its
customers' habits and using that information
to market additional products to them.
Among
other things, amazon.com:
*
Has, since 2000, shared personal information with companies
from whom it buys products or with whom it partners. (Check
their privacy
policy to read more about it.)
|
| *
Collected detailed information about what its customers buy,
consider
buying, browse for but never buy, and recommend to others. |
| *
Used this information to recommend new purchases, direct
your
searches toward products it thinks you're most likely to
want, and even stop the absent-minded from
buying the same book they bought five years ago. |
Recently,
amazon.com has added yet more twists to a marketing plan already
built on knowing as much about you as it possibly can. It has
...
*
Recently
received a patent for technology that tracks information,
such as age and preferences, about the people for whom
its customers
buy gifts -- that is, not the purchasers
but the recipients of
the gifts.
|
| *
Launched a search engine, called A9,
that can remember everything you've searched for. (And Amazon
reserves the right to
share that info with its retailing arm.) |
*
Funded a Web site called 43
Things that seeks to link people
with
similar goals, such as getting out of debt.
43
Things is the company's entry into social networking
(think The Facebook), a
place for people to list personal goals and find others
who share
them.
Many
other companies, including Yahoo! and Google, are investing
in similar community-building technology.
Amazon wants to build that same feeling around selling
stuff. |
(This
information comes from a
recent article in
E-Commerce
Times, a nice source if you're interested in this
topic.) |
Of
course, plenty of people out there are interested in such
information -- and more -- for illegitimate purposes, too.
The
data-collection business is booming, and it includes some names
you know and
use regularly. Some companies that collect
data on enormous numbers of users are at least arguably legitimate
but are vulnerable to breaches by others with disreputable intentions.
For
instance,
LexisNexis collects a lot of info about its users ... 310,000
of whom recently
were
victims of identity theft. The company now admits its databases
were fraudulently breached at least 59 times, with the intruders
using stolen passwords to gain access to addresses, Social Security
numbers and more. In
this context, the recent case of ChoicePoint, a company based
in Georgia, is illustrative:
ChoicePoint
is a data giant. It collects, stores, analyzes and sells
billions of demographic, marketing and criminal records
(the latter to police departments and other government
agencies that might otherwise be criticized for collecting
such
information about citizens without their knowledge or consent).
Included
in these records are everything from motor vehicle records
to credit information, drug screenings to DNA identification,
and much more, according to an EPIC report. |
| ChoicePoint
claims to protect people from identity theft. Yet
its database was recently penetrated (apparently with little
difficulty)
by a group that stole dossiers on at least 145,000 people
across the country. |
The
company has promised to
discontinue the sale of information products that contain
sensitive consumer data ... except
"where there is a specific consumer-driven transaction
or benefit, or where the products support federal, state
or local government and criminal justice purposes."
|
|
|
The
Internet offers the ultimate "panopticon," as
the Issues book describes.
Nothing you do online is private -- not the sites you visit, the content
you download (and, technically, just visiting a site downloads it to
your computer), the e-mail you send ... nothing.
|
Once again, the law is of relatively little
help. Lots of folks, including your boss, have a legal right to monitor
every aspect of your office computer use.
Even spammers
are hard to stop, either technically (as the article in the Living book
describes) or legally. The existing U.S. law regarding spam is called,
apparently without irony, the CAN-SPAM Act
(short for Controlling the Assault
of Non-Solicited Pornography
and Marketing
Act of 2003). CAN-SPAM, which took effect in January 2004:
*
Bans false or misleading header information. An e-mail's "from," "to," and
routing information – including
the originating domain name and e-mail address – must be
accurate and identify the person who initiated the e-mail.
|
*
Prohibits deceptive subject lines. The subject line cannot
mislead the recipient about the contents or subject matter of
the message.
|
*
Requires that e-mail recipients be given an opt-out method, allowing
them to ask not to receive future messages at that e-mail address.
After receiving an opt-out request, the e-mailer has 10 business
days to stop sending e-mail to that address.
|
| *
Requires that commercial e-mail be identified as an advertisement
and include the sender's valid physical postal address. |
That sounds nice, but really, the Act does little to prevent spam. A
report released this month by the Pew
Internet & American Life Project indicates that more
people report they are getting MORE spam that before the Act
than the number who report they are getting less spam.
Critics
say the
Act doesn't really do much. It asks
spammers to identify themselves, but it doesn't prevent them from spamming
in
the first place. In fact, the FTC only just last
month got around to trying to define just who a spammer even
is -- as opposed to who a legitimate marketer is.
In the meantime,
related proposals to stop the spam tide haven't gotten very far. Last
summer, for instance, there were calls for a
national "Do
Not E-Mail" registry,
similar to the effective "Do Not
Call" registry implemented to let people block most telemarketing
calls. The FTC told Congress that such a list would be both ineffective
an unenforceable, largely because it would be extremely difficult
to separate spammers
from legitimate
marketers.
In general,
regulatory agencies such as the FTC and the FCC have taken a hands-off
approach (perhaps, as the Issues book suggests, for political
reasons). They
have largely
left
it up to the marketing industry to regulate itself, for instance through
such voluntary organizations as TRUSTe.org.
Consumers,
in the meantime, have turned mostly to technological solutions, such
as spam
blockers, as you know. As you also know, such solutions are only temporarily
effective; newer technologies can always beat them. |