Groupon expects to roll out a revamped mobile app.
It could cost U.S. e-retailers $80 billion over five years, NetChoice says.
A recent settlement between Google Inc. and the Federal Trade Commission regarding how to address consumer privacy in the Google Buzz social networking service could cost online marketers $80 billion in lost revenue over the next five years if the terms of the settlement are extended to all online marketers, the trade group NetChoice says.
The FTC settlement with Google, a copy of which was obtained by Internet Retailer, specifies that before Google can change how it shares its users’ “identified information with any third party,” either as a result of changes in practices or of changes to a product or service such as Google Buzz, Google must first “obtain affirmative express consent from the Google user to such sharing.” The settlement doesn’t further clarify how Google would obtain that consent, but the FTC attorney who worked on the settlement, Kathryn Ratté, says that the term "affirmative express content" requires an action on the part of the consumer, and that "simply letting people request an opt-out after the sharing practices change would likely not satisfy the requirement."
"The goal of this provision is to increase transparency for consumers so that they understand how their data is being shared when those practices change," she says.
NetChoice, whose members include AOL Inc., eBay Inc., Facebook Inc., Overstock.com Inc., Yahoo Inc. and Symantec Corp.’s VeriSign, plans to file its concerns with the FTC during the public comment period on the Google settlement that runs until May 2.
“The FTC has made no secret of its assessment that industry self-regulation has failed regarding consumer online privacy, and that it wants Congress to give it rule-making authority,” says Steve DelBianco, NetChoice executive director. DelBianco contends that if all online organizations are required to obtain consent from site visitors to any changes in how their sites use visitor information—changes which he says are a routine part of online marketing and merchandising campaigns—e-commerce operations in general won’t be able to use effective online merchandising and marketing campaigns to present consumers with the products and services they’re most likely to buy.
At issue is whether the terms of the Google Buzz settlement—in particular the requirement for Google to get the consent of Google Buzz users before it makes any changes to how it uses their information—would be extended to all organizations involved in online marketing. To support its argument that such a move would severely undercut the U.S. e-commerce industry, NetChoice cites research conducted by the University of Toronto and others that showed a 65% drop in revenue from online advertising in the United Kingdom as a result of opt-in consent rules for online ads. It figures that a similar hit to U.S. online advertising would occur if all online organizations were required like Google to get “affirmative consent” from all of their customers before making any changes in how they use their personal information to run targeted online ads.
NetChoice further contends that such a drop in ad revenue—and, in turn, the effectiveness of online advertising campaigns to reach consumers—would lead to less effective e-commerce marketing and merchandising operations, producing an overall drop in e-commerce revenue of $80 billion over five years.
The FTC has not said whether it intends to extend the terms of the Google settlement to other online organizations. But Ratté, the FTC attorney, says that, though the settlement technically applies only to Google, it is "consistent with Commission policy about increasing transparency and consumer control, particularly when companies change their sharing practices for previously collected data."
Other groups that lobby for stricter online privacy rules, including the Electronic Privacy Information Center, have been pushing for a broad application of the settlement. EPIC, which filed a privacy complaint with the FTC that preceded the agency’s investigation of Google Buzz, provides an online form on its web site for visitors to fill out and send to the FTC in time for the May 2 comment deadline with requests for extended privacy.
When Google agreed last month to a settlement with the Federal Trade Commission over online privacy rules, the FTC hailed the deal as a first-of-its-kind win for consumers.
“This is the first time an FTC settlement order has required a company to implement a comprehensive privacy program to protect the privacy of consumers’ information,” the agency said in announcing the settlement.
Under the terms of the settlement, Google has agreed to implement a comprehensive privacy program designed to ensure that users of its products such as Google Buzz are fully aware of how their personal information will be used. That will give users more control over whether, and how, their information is made public.
The initial complaint against Google Buzz arose when observers realized that user’s personal information from their Google Gmail e-mail accounts was made publicly available through the Google Buzz social network. For example, a user’s name and e-mail address, and the names and e-mail addresses of his contacts, could be circulated more broadly than a user wanted.
The FTC also contends that Google Buzz provided misleading opt-in and opt-out features that resulted in the distribution of more personal information through Buzz than users were led to believe would occur.
In a blog post following the settlement with the FTC, Google admitted it had made mistakes with Google Buzz and is taking steps to rectify things.
“We don’t always get everything right,” wrote Alma Whitten, director of privacy, product and engineering. “The launch of Google Buzz fell short of our usual standards for transparency and user control—letting our users and Google down.”
In addition to giving users more control over keeping their personal information private and agreeing to ask for, Google said it has arranged to receive an independent review of its privacy procedures once every two years.