Privacy

Facebook’s Interesting Week

Phillip Nones Uncategorized , , , , , , , , , , , , , , ,

Facebook's_first_day_of_tradingBy now most people have heard all of the news reports about Facebook’s initial public offering, and how the world now has a new crop of instant millionaires and billionaires.

But the news last week wasn’t all roses for Facebook. For one thing, it became clear as Day 1 of trading ground on that Facebook shares weren’t going to increase in value. Indeed, it took the underwriters stepping in with institutional buying to keep the share price (barely) above the initial offering price of $38 per share.

And there was the news of GM dissing Facebook by announcing that it is dropping its paid advertising program with the social network … evidently due to Facebook’s failure to convince GM marketing execs of the effectiveness of its program.

But there was even more. Consider this news report: Facebook was hit with a $15 billion privacy lawsuit on the very first day of public trading. Filed on behalf of a number of Facebook’s users, the class action suit claims that Facebook invaded personal privacy by tracking users’ web usage.

The lawsuit cites a bevy of case law and regulations as part of the briefing documentation, including the Federal Wiretap Act, the Computer Fraud & Abuse Act, the Stored Communications Act, and various California statutes.

Consider the implications if this suit is at all successful:  Now that it is a public company, Facebook is under increased pressure to increase its advertising revenues rapidly – which means collecting yet more user data to help it target paid advertising effectively and thus command premium pricing.

But if the lawsuit is successful, it could prevent Facebook from collecting the very data it uses to serve up advertising based on relevant audience targets.

On the other hand, similar cases brought against Facebook in recent years have been thrown out of court because browser cookies haven’t been viewed as “wiretaps.” Moreover, plaintiffs have had difficulty in proving any “harm” as a result.

Of course, there was some additional very good news this past week for Facebook – at least for CEO Mark Zuckerberg: He got married.

… Which in the end may turn out to deliver far more happiness and fulfillment than all the money in the world ever could do.

Good marriages are like that … so let’s all hope for the very best for Mr. Zuckerberg.

The European Union Versus Marketers

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

EU e-Privacy Initiative attacks ad tracking via cookiesI wonder how many marketers are focused on what’s happening in Europe on the digital marketing front? While companies here are busily engaged in making sure ad tracking is being done to the nth degree, in the UK and Continental Europe, new legal restrictions on advertising tracking threaten to upend a lot of these efforts, particularly for multinational brands.

In short, the EU’s e-Privacy Directive restricts the use of “cookies” and virtually all other digital ad tracking methods. And the legal frameworks set up around this directive would require any marketer with users in any EU country to be subject to EU-wide and country-specific privacy legislation.

The new privacy initiatives are far more restrictive than the present US-EU “safe harbor” agreement, which merely requires American companies to notify users when cookies are used on a website. The new regs covering web pages, web apps and mobile apps would require giving notice each time a cookie is used, thereby setting up a flurry of endless notifications that promises to seriously degrade the online browsing experience.

The seemingly reasonable compromise of adding information to a “terms of use” agreement isn’t acceptable to the EU either, unless all users are issued the new agreement and they certify their acceptance.

And just to make sure everyone knows how serious all of this is, the new regs call for the imposition of financial and/or criminal penalties for the non-compliant use of cookies. But for the moment at least, only two relatively small countries besides the UK – Estonia and Denmark – have implemented controls to enforce the EU directives.

Here in the United States, privacy legislation slowly wends its way around Congress, with many legislators understanding that the key to successful commerce online is the ability for marketers to match marketing messages to interested consumers. It’s in Europe where governments appear more than willing to cripple the ability of marketers to do the job they’ve sought to do for decades: Target their audiences with as much precision as possible.

As a result, some European businesses are making noises about abandoning Europe for the United States. The problem is, in the digital age with so much of the branding and commerce blurred between countries, it’s impossible for restrictive moves in one region not to cause negative repercussions somewhere else.

Google: The Company Everyone Loves to Hate?

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , ,

Google, the company people love to hate?What is it about Google that gets people so riled up? After all, it’s a company that has revolutionized the ease in which we find and process information, not to mention the way we consume video content.

If that seems like an overstatement, just think back 15 years or so to how you once researched questions or searched for information … like trudging to the public library or placing “wish-and-wait-for” phone calls to other offices or government agencies.

Maybe we get frustrated with Google because even though the company’s informal slogan is “Don’t be Evil” … every time we turn around, it seems the company is saying or doing something to (deliberately?) engender consumer dissatisfaction.

Consider the comments of Eric Schmidt, Google’s CEO, who speaks often about the role of Google and how it relates to the personal privacy of consumers. There he goes, wandering from media outlet to media outlet, dropping bon mots — others might call them “verbal bombshells” — like these:

 “[Google is] building an augmented version of humanity, building computers to help human do the things they don’t do well, better.”

 “We know where you are. We know where you’ve been. We can, more or less, know what you’re thinking about.”

 “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”

What’s more, Mr. Schmidt seems to be digging in his heels on Google Maps. I’ve blogged before about this controversial initiative, as it began to become evident that Google was collecting more than just photos of people’s homes.

Just this past week, Google finally admitted that its Street View vehicles had been scooping up a lot more than just “meaningless fragments” of information from unsecured WiFi networks as it sweeps through neighborhoods. The digital harvest has included full e-mail addresses and passwords.

Alan Eustace, Google’s senior vice president of engineering and research, seemed apologetic. “We are mortified by what happened,” he said.

But Eric Schmidt may have revealed the true feelings of the company when he suggested on CNN’s Parker-Spitzer program that the people who don’t like Google’s Street View vehicles taking pictures of their homes “can just move.”

Of course, complaining about Google is a great armchair activity that may be little more than petting grousing. I know of few (if any) people who would be willing to forego the benefits that Google’s vaunted information and content engine delivers.

Going forward, it does appear that Google may be a bit more receptive to the concerns people have expressed. This past Friday, the company announced that it has appointed a new “director of privacy” across its engineering and product management. Reportedly, Alma Whitten, the person appointed to this position, will be focusing on building privacy controls into products and internal practices.

We’ll see how that goes.

The Big Dig: Scraping and Scooping the Web

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Data ScrapersI’ve blogged before about how the Internet is making people’s lives pretty much an open book.

Most people who are online are pretty aware of how their reputation can be affected by their Facebook or MySpace pages and other public or quasi-public online information. But The Wall Street Journal has been publishing a series of stories on how much more pervasive than that digital snooping has become.

The series is titled “What They Know” … and it’s well-worth checking out. The most recent article appeared on the front page of the October 12, 2010 edition of the WSJ, and focuses on the phenomenon of “data scraping.”

For those who aren’t familiar with the term, “scraping” is a method by which sophisticated software is used to access and scoop up information that has been posted anonymously on sites that are supposed to be closed to prying eyes. One example cited in the WSJ article of a site that has been scraped is PatientsLikeMe, which has message boards and forums dealing with mental disorders, depression and other issues that most people would prefer to keep private.

People who post on discussion forums like these do so using pseudonyms, and the identity of the posters is carefully guarded by the host sites.

But it turns out that these sites are little match for the sophisticated IT capabilities of companies like Nielsen and PeekYou, who are in the business of matching psychographics as well as demographics to individual people for purposes of serving up relevant advertising — and goodness knows what else.

Think of it as the “lifestyle” direct mail lists of yesteryear – but now on steroids.

PeekYou has applied for a patent on a system whereby it matches real people to the pseudonyms used on forums, blogs, Twitter and other social media outlets. Taking a “peek” at the company’s patent application reveals the great lengths their systems go to ferret out and cross-analyze small, innocuous bits of information that, taken together, find the “needle in a haystack” match to the actual individual:

 Birthday match
 Age match
 First name match
 Nickname match
 Middle name match
 Middle initial match
 Gender match
 e-Mail address match
 Phone number match
 Physical address match
 Username match

When you consider that the same type of powerful computers that are used to analyze and process search engine queries are the ones processing millions or billions of information bits and instantaneously testing and slotting them based on relational patterns … it’s not hard to understand how, over time, eerily accurate portraits of individuals can be drawn that not only correctly reflect the “demographics” of the person, but also a host of psychographic and behavioral aspects such as:

 Shopping habits
 Recreational pursuits
 Personal finance profile
 Health information
 Political leanings
 Hobbies and interests
 Spirituality/religiosity
 Sexual preference or sexual proclivities

The WSJ articles detail how web sites are attempting to stay one step ahead of the “scrapers” by employing software that alerts them to suspicious “bot” activity on forums and other password-protected areas. It’s often a losing battle … and is that particularly surprising?

These days, not even the Orthodox monks at Mount Athos are protected, probably!

An About-Face on Facebook?

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , , , , , ,

Facebook logoThis past week, social networking site Facebook trumpeted the fact that is signed up its 500 millionth member. That’s an impressive statistic — and all the more so when you realize that Facebook had only about 100 million registrants just two short years ago.

And the site is truly international these days, with ~70% of Facebook users living someplace other than the USA.

But there are some interesting rumblings in cyberspace these days that suggest the bloom may be off the rose for Facebook. After having climbed to the #1 perch in terms of registrations and site traffic, there are some intriguing new signs that all is not well in Farmville – or elsewhere in the land of Facebook.

Inside Facebook, an independent research entity that tracks the Facebook platform for developers and marketers, is reporting new Facebook registrations dropped in June to ~250,000. That may still seem like a lot of people, but it’s a far cry from the ~7.7 million new registrants in May.

Furthermore, looking at age demographics, Inside Facebook has concluded that in the critical 26-34 age group, the total number of U.S. users active on Facebook actually declined during the month of June.

Are these people being swayed by the privacy debate that’s happening concerning how much visibility Facebook postings are being given on Google and other search engines?

That may be one explanation for the decline, but there could be other forces at work as well. The latest American Customer Satisfaction Index report from ForeSee Results, a web research and consulting firm, places Facebook’s ranking near dead-last on a list of 30 major online web sites in terms of customer satisfaction with site design and utility.

Who scored highest? Dowdy old Wikipedia. Even boring government sites like the IRS scored better.

It’s evident the issue goes far beyond privacy concerns. There’s also confusion or irritation with Facebook’s ever-changing user interface. As Aaron Shapiro wrote recently in Media Post’s Online Media Daily:

“The truth is, Facebook isn’t fun to use anymore. It’s become a chore, just one more place that busy people have to log in to stay up-to-date. And Facebook is making the goal of staying up-to-date harder and harder to achieve. There are so many apps like Farmville producing status updates, as well as people using Facebook as their repository for passing thoughts and private/public conversations, I have to sort through tons of what I don’t want to read before I get to something I want or need to know.”

Back in its early days, the beauty of Facebook was that it provided such an easy framework to stay connected with family and friends. It was a way to share photos and other personal information quickly – and almost effortlessly – with far-flung contacts all over the world.

Those attributes seem to have gotten buried in all of the “spammy” hi-jinks and gimmicks that characterize so much of today’s Facebook.

Considering the growing dissatisfaction with Facebook, ranging from things like privacy (mis)management and ubiquitous advertising to confusion with the site’s ever-changing design and irritating lack of utility, some industry watchers are predicting that users will begin seriously looking at alternatives. Despite Facebook’s huge presence and large pool of registrants, they may find simpler, purer sites out there that are more to their liking. Several that could be beneficiaries of the “Facebook fall-off” are Diaspora and Collegiate Nation.

Internet privacy legislation: What are the implications?

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Internet privacyThe issue of online privacy – the degree to which publishers are allowed to capture and use information derived from consumer online behavior – has been an undercurrent of concern since the very early days of the Internet. What is the right balance that allows the web to be used for marketing and commerce … but that also allows for an acceptable degree of consumer privacy?

The privacy issue has gathered steam in recent years. Today, proposed legislation affecting EU countries would dictate that web cookies (snippets of computer code) cannot be placed on a user’s computer unless it is strictly necessary for the purposes of enabling the use of a service explicitly requested by the user.

If such legislation is enacted, the implications for web publishers would be far-reaching. After all, cookies are currently used for many purposes, including web analytics, session management, content management, personalization, managing preferences, and calculating advertising revenues.

Cookies are the means by which all of these functions give the web its commercial foundation and functionality. Without them, the web would be little more than another broadcast medium for viewing non-customized information on a computer screen instead of on paper or on a TV screen.

And now those same privacy discussions are beginning to happen among U.S. lawmakers. Legislation is being crafted in Congress that may restrict the use of cookies along with other forms of “personally identifiable” information.

Is this a good development, or not?

It’s certainly true that some unscrupulous web sites and publishers have used cookies as a means to engage in nefarious behavior. But in an attempt to eliminate those exceptions, is it wise for legislation to wipe away all of the very real benefits web users derive from services that utilize cookies as the means to deliver them?

It’s pretty clear that one of the obvious impacts privacy legislation would have is on publishers who earn revenues from advertising. The inability to utilize cookies when serving online ads would affect the way the ads perform. Without cookies, ad servers are unable to perform the most basic functions such as fraud analysis and frequency capping (limiting the number of ads shown to a viewer).

In addition, publishers would lose the ability to measure “conversion” rates – tracking specific actions tied to ad revenue calculation such as downloading a white paper or to make a purchase – that is the foundation for many ad compensation packages. Or to serve a specific ad to someone who has expressed prior interest in a topic or product.

The data that these and other cookie-enabled actions provide is the basis of most online advertising programs. Without cookies, advertisers would have to purchase far more impressions served to swaths of people who may or may not be interested. Web analytics would also become more challenging; third-party services such as Web Trends and Google Analytics tap into cookies as a way to provide information and answers.

The claim that without legislation, people don’t have ways to limit the proliferation of cookies on their computers is just not accurate. Not only do many publishers provide ways for consumers to opt out of targeting techniques, surveys show that a significant proportion of Internet users — perhaps one third — routinely delete cookies from their computers. And ~10% have them permanently blocked.

It’s good for lawmakers to be looking at the privacy implications of the Internet. After all, the web continues to evolve at a quick pace, with new functionalities coming to the fore every day that may have implications on consumer privacy. But at the same time, it’s important to really think through the full ramifications of laws that, while well intentioned, would have negative consequences on everyone if enacted.

Google’s Wi-Fi Data Collection Snafu

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , ,

One of the news items that’s been bounding about the web and on the airwaves in recent days concerns an admission by Google that it “screwed up” by gathering private wireless data while taking pictures for its Street View mapping initiative.

The mishap came to light first in Australia, where Google was caught capturing 600 gigabytes worth of wi-fi data from personal and business wireless networks without owners’ permission. Google has since been accused of unauthorized interception of user personal data including e-mails, audio and video, which potentially could be linked to specific addresses.

Google insists that the personal data were “inadvertently” collected during the street sweeps by its large fleet of vehicles cruising cities in more than 30 countries.

[For those who are unfamiliar with Google’s Street View mapping tool, you can view an example here by vicariously sauntering down quaint, quiet Robinwood Avenue in Detroit’s North End – home of the late, lamented Marabel Chanin, the most famous inner city resident you’ve never heard of.]

Some observers may be content to take Google management at its word that personal data were “mistakenly” gathered during its street sweeps – despite the fact that this blunder was evidently repeated in Germany, Italy, France, Denmark, Austria, Ireland, Belgium, Spain, Switzerland and the Czech Republic … as well as here in the U.S. in states like Connecticut and Missouri.

Consumer Watchdog calls Google’s action “a flagrant intrusion into consumers’ privacy.” And the Connecticut and Missouri attorneys general are now weighing in as well with their own investigations.

Perhaps the biggest takeaway from this story is not whether Sergey Brin, Larry Page and the other honchos at Google might or might not have nefarious plans for the use of personal wi-fi data. It’s the realization that such information can be collected at all.

And the next time, it might not be by such a benign organization.

What’s the latest news in this juicy story? Google reports that it has deleted only the personal data it collected in Ireland, Denmark and Austria. For the time being, it’s holding onto the rest.

The End of Privacy

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

An article by technology author Steve Lohr published last week in The New York Times caught my eye. Titled “How Privacy Vanishes Online,” it explores how conventional notions of “privacy” have become obsolete over the past several years as more people engage in cyber/social interaction and web e-commerce.

What’s happening is that seemingly innocuous bits of information are being collected, “read” and reassembled by computers to build a person’s identity without requiring direct access to the information.

In effect, technology has provided the tools whereby massive amounts of information can be collected and crunched to establish patterns and discern all sorts of “private” information.

The proliferation of activity on social networking sites such as Flickr, Facebook and LinkedIn is making it easier than ever to assemble profiles that are uncanny in their accuracy.

Pulling together disparate bits of information helps computers establish a “social signature” for an individual, which can then be used to determine any number of characteristics such as marital status, relationship status, names and ages of children, shopping habits, brand preferences, personal hobbies and other interests, favorite causes (controversial or not), charitable contributions, legal citations, and so on.

One of the more controversial experiments was conducted by MIT researchers last year, dubbed “Project Gaydar.” In a review of ~4,000 Facebook profiles, computers were able to use the information to predict male sexual preference with nearly 80% accuracy – even when no explicit declaration of sexual orientation was made on the profiles.

Others, however, have pointed to positive benefits of data mining and how it can benefit consumers. For instance, chain grocery stores can utilize data collected about product purchases made by people who use store loyalty cards, enabling the chains to provide shoppers relevant, valuable coupon offers for future visits.

Last year, media company Netflix awarded a substantial prize to a team of computer specialists who were able to develop software capabilities to analyze the movie rental behavior of ~500,000 Netflix subscribers … and significantly improve the predictive accuracy of product recommendations made to them.

To some, the Netflix program is hardly controversial. To others, it smacks of the “big brother” snooping that occurred in an earlier time during the Supreme Court confirmation hearings for Robert Bork and Clarence Thomas, when over-zealous Senate staffers got their hands on movie store rental records to determine what kind of fare was being watched by the nominees and their families.

Indeed, last week Netflix announced that it will not be moving forward with a subsequent similar initiative. (In all likelihood, this decision was influenced by pending private litigation more than any sort of altruism.)

Perhaps the most startling development on the privacy front comes courtesy of Carnegie Mellon University, where two researchers have run an experiment wherein they have been able to correctly predict the Social Security numbers for nearly 10% of everyone born between 1989 and 2003 – almost 5 million people.

How did they do it? They started by accessing publicly available information from various sources including social networking sites to collect two critical pieces of information: birthdate, plus city or state of birth. This enabled the researchers to determine the first three digits of each Social Security number, which then provided the baseline for running repeat cycles of statistical correlation and inference to “crack” the Social Security Administration’s proprietary number assignment system.

So as it turns out, it’s not enough anymore merely to be concerned about what you might have revealed in cyberspace on a self-indulgent MySpace page or in an ill-advised newsgroup post.

Social Security numbers … passwords … account numbers … financial data. Today, they’re all fair game.