With so much attention focused on the technical complexity of behavioral targeting as it affects consumers, you might not realize how the same issues challenge the daily dealings among companies in the advertising ecosystem. You can see this in new guidelines announced today by ad-industry trade groups, who have revised the standard contractual template used by website publishers and advertisers for ad-insertion contracts. As a technical matter, the operational interactions involved in fulfilling these contracts often involve an unavoidable exposure of targeting information that is proprietary to one party or the other. As explained in a summary on Mediapost:
Among other changes, the updated terms and conditions restrict advertisers’ ability to retarget users based on information collected at publishers’ sites. That is, advertisers (and their agencies) can’t now decide to send a second ad to users simply because they already viewed a first ad at a particular publisher’s site.
“The fear is, agencies have been harvesting this data for free — or want to — and that’s not part of the current business model,” [Jeremy] Fain [of the Interactive Advertising Bureau] says. “If an agency wants to buy the data from a media company, that’s fine, but it has to do so in a separate negotiation.”
The new terms and conditions also state that media companies can’t create profiles based on how users interact with particular advertisers. “If, for example, it is known that a media company has only one auto brand advertising on its site and it develops a behavioral targeting segment called ‘auto enthusiasts’ based solely or substantially on user interactions with ads from that one auto brand, it would be a breach of contract,” the guide to the new terms says.
These business-to-business issues have parallels in the business-to-consumer world. Websites and advertisers would agree that even though they each may record and store valuable targeting information belonging to the other, they will use it only for the specified purposes. Likewise, ad targeting firms make promises to consumers in the form of privacy policies, such as commitments to segregate behavioral information from personally identifiable information or restricting how long it can be retained. In either case, a great deal of trust is required, since it is practically very difficult to verify compliance when the information is stored and used via complex back-end systems.
The trust level required only increases as advertisers become more directly involved in ad targeting (a trend we see in the PrivacyChoice database of third-parties present on top sites), and as ad exchanges and demand-side networks increase the number of players at the table in the ad marketplace. The good news may be that, to the extent technology and auditing practices evolve to validate B2B compliance in advertising contracts, they also may offer ways to better assure consumers that they too can count on privacy policies to be enforced.