Have Legislators Run Amock with Internet Advertising Restrictions?

Have national and state legislators run amock with Internet advertising restrictions?  Well, it depends on who you ask.  Indeed, it seems that there are compelling arguments for:  a.) Protecting consumers from unreasonable culling, collection, and misuse of private/confidential information;  b.) Allowing a free market economy driven by the need for information on what products and services are available to each of us;  c.) Taking a balanced approach that acknowledges that the Internet has become a primary means of advertising for all businesses and professionals.

Before jumping to conclusions about all of the bad advertisers, helpless consumers, and knee-jerk reactions to the issue, it seems that a little bit of careful analysis is required.  EsquireTech views this as a very complicated question because of the First Amendment and principles underlying a competitive marketplace.

Not only is the risk for consumer information release and abuse an issue, data breaches are already costing companies millions of dollars per instance.  In fact, one can apparently calculate the total exposure to a breach of data security.  Knowing this to be the case, should legislation be treated as more of a temporary mitigation effort until data security protocols can be more objectively injected into the marketplace?

NetChoice.org has released its hitlist of questionable internet legislative efforts.  The list (the Iawful list) primarily focuses on laws designed to limit the culling of private consumer information.

More specifically, opt-in and opt-out provisions are proposed for advertisers, limits are proposed on targeted marketing from social websites, and the imposition of additional disclosure requirements is contemplated.

For obvious reasons, the issue of First Amendment rights permeates this entire process.  Consumers should have a right to evaluate information on products and services.  Companies should have the right to collect basic information in the open where that information will help them survive in a tough economy and to better their products and services.

It is also noteworthy that social website advertising is a good method for attorneys to reach potential clients.  As long as any advertising is generalized and not targeted at specific victims (ambulance chasing) or making promises of litigation results, the First Amendment interest in being able to communicate with potential clients is obvious.  “Networking” with others in the Internet Agora is the new form of meeting up at the public square, having a chat over the telephone, or hanging out at a social gathering.

These otherwise ‘traditional’ sources of potential clients have been concentrated in the new social media and it would be draconian to just assume that none of it can be good. Rather, it seems, that a balanced approach needs to be taken as to which advertisers are capable of culling information in the first place.

The average attorney Facebook advertiser, for example, is simply looking for general characteristics of users and trying to reduce overall expense for advertising where forcing a general distribution would be cost prohibitive and to sporadic to even be effective.  While the natural tendency for lawyers, Libertarians, and market participants might be to say that we really need to put the brakes on internet advertising, be careful — it might just be that if you stop the train too quickly, everything moves forward and and is crushed under the weight of itself.

Whether or not any of this legislation will come up against the commercial free speech rights of advertisers is an open question.

While there are arguments to be had about culling personal information as defined by law, it does not follow that geo-specific advertising to a DNS area is per se’ bad.  Anyway, here’s the list:

The iAWFUL Top Ten: Click On Any Item To Learn More About the Laws that Threaten Your Use of the Internet

The March 2011 iAWFUL Top Ten

  1. Congressional Do Not Track Privacy Bill – Do Not Track is an unjustified restriction on targeted advertising, which helps pay for free online services and content.
  2. Social Network Micro Managing These bills would prevent teenagers from sharing their address and phone numbers on social networking sites and further limit their online interactions.
  3. Affiliate Nexus Bills – An unconstitutional expansion of sales tax burdens to out-of-state businesses.
  4. Recurring Offer Restrictions – Restricting consumers’ ability to use convenient automatic renewals.
  5. Child Online Registry and Do-Not-Market Mandate – Dangerously exposes children’s email addresses while drastically restricting US advertisers’ ability to market to children.
  1. Behavioral Advertising Restrictions – Severe restrictions on websites’ ability to collect user information that enables websites to provide free services and content.
  2. Telemarketing Restrictions on Online Marketing – Sorry, but Do Not Call just Does Not Work for the Internet.
  3. Adolescents’ Online Privacy Protection Act – Strips teenagers’ access to any website collecting information without first obtaining parental consent.
  4. Remote Purchaser Reporting Mandate – Requires out-of-state companies to report consumers’ purchasing information to the state’s Department of Revenue.
  5. Restrictions and Liability for Geo-Location Tracking – Requires repeated consumer consent for the collection of geographical information.

What follows below is the Press Release from Jackie Speier.  EsquireTech is a bit torn on this one since I just argued a consumer privacy case where electronically maintained real estate loan information was released by a lender to operators of a Ponzi scheme, resulting in some $142,000,000.00 in losses in just one area of the state. (Richter v. Nationstar, et al.).

Just to add to the consumer misery, the victims of the fraud were subjected to a Star Chamber arbitration process where they were literally not allowed to be heard whatsoever and the lender was not required to release any of the electronic information its own employees were allegedly kind enough to share with Ponzi scheme operators.  The disallowance of any material evidence, discovery, or production from the defendants was done regardless of the fact that the ex-employee was convicted on felony fraud, an SEC judgment, a Department of Corporations C&D, CA Department of RE C&D, and a civil injunction won by our office.  How can a consumer fight the collection of and a release of electronic information if they are not even allowed to know how the leak occurred or what information was leaked?

In short, regardless of the overwhelming evidence that consumer information was abused, Nationstar and Centex Home Equity were able to rely on a sneaky arbitration process that quieted the potential exposure to the lender for sharing information without permission.  Then, to boot, the companies who released information are seeking to sanction the consumers for even bringing the issue up.

Again, it seems that a careful balancing act is required in order to weigh the interests of the advertising community with those of reasonable consumers.

Press Release from Representative:

Washington DC – Congresswoman Jackie Speier (D-CA), a longtime consumer advocate, today held a press conference to introduce a package of privacy bills aimed at protecting the personal information of all Americans. The Do Not Track Me Online Act of 2011 (H.R. 654) would give consumers the ability to prevent the collection and use of data on their online activities. The Financial Information Privacy Act of 2011 (H.R. 653) would give consumers control of their own financial information. Consumer Federation of America, Consumers Union, Consumer Action, U.S. PIRG, Consumer Watchdog, World Privacy Forum, the Center for Digital Democracy, and the ACLU all announced their support.

“These two bills send a clear message—privacy over profit,” Speier said. “Consumers have a right to determine what if any of their information is shared with big corporations and the federal government must have the authority and tools to enforce reasonable protections.”

There is no longer any anonymity on the Web. The most personal information about people’s online habits is collected and eventually bought and sold, often instantaneously and invisibly. Data collection practices have become a business in themselves, driven by profits at consumers’ expense. The Wall Street Journal recently highlighted these practices—which included targeting children—in its groundbreaking series “What They Know.”

The Do Not Track Me Online Act of 2011 would direct the Federal Trade Commission to develop standards for a “Do Not Track” mechanism that would allow individuals to choose upfront to opt out of the collection, use or sale of their online activities, and require covered entities to respect the consumer’s choice. Failure to do so would be considered an unfair or deceptive act punishable by law. The covered entity would have to disclose its collection and sharing practices, including with whom the information is shared. The bill would allow the FTC to exempt commonly accepted commercial practices like the collection of information for billing purposes.

A USA Today poll released Tuesday showed that 70% of Facebook members and 52% of Google users say they are either “somewhat” or “very concerned” about their privacy.

“People have a right to surf the web without Big Brother watching their every move and announcing it to the world,” Speier said. “The internet marketplace has matured, and it is time for consumers’ protections to keep pace.”

The Financial Information Privacy Act of 2011 would finally give consumers the ability to control the sharing of their own financial information. The bill mirrors legislation Speier successfully steered to passage in California that prevents financial institutions from sharing or selling personally identifiable nonpublic information with affiliates without an opportunity to opt-out, or in the case of unaffiliated third parties, a requirement that consumers opt-in. This bill gives consumers control of their personal financial information and provides meaningful but workable privacy protection.

“Because of the law we passed in California, consumers now have the clear and simple ability to prevent financial institutions from sharing their personal information,” Speier said. “Every American deserves that right.”

 

Electronic Privacy: A Moderate FTC Attack on Advertisers and Commercial Exploitation of User History Information

Obviously, one of the biggest concerns for a lawyer is the confidentiality of client records and work product.

As recently reported on the Huffington Post, there are a number of major players on the Internet who see it fit to trawl for user information when visiting their sites.  While maybe not a big deal, other than the unwanted hassle of targeted advertising, other sensitive information could be a real problem where one is storing client files on the Cloud or where similar factors present themselves.

While one could say that he/she will never be using the Cloud to store client data, I think the reality is that there may be no realistic alternatives in the future for what we consider to be standard storage now (i.e., hard drives, USB drives, external drives, etc.).  It’s not all bad if we plan now and place a privacy/security infrastructure in place now.

Historically, the confidentiality between the learned professions and those are served by those professions has been largely respected and protected.  Current technology does not eliminate the legitimate public policy concerns underlying these privileges against invasion, disclosure, production, and admission into evidence before a court.  For better or worse, most public policy issues express themselves through the regulatory environment and the creation of a whole new set of laws and restrictions (as though we don’t have enough laws on the books).  This being said, until there is a way of getting people to better behave themselves, we will have to settle for making a complex legal system even more so.

Realistically, I think that we will all eventually end up storing and processing much of our information through services such as Dropbox, Windows Live, Google Docs, RocketMatter.com, and other cloud-based servers.  While it is easy to say that hard storage will never be eliminated, the same could have been said of the cassette tape, VCRs, eight-tracks, zip drives, and a whole host of other tech items that seemed to earn what we thought was a permanent place in our daily lives.  While the main focus on these forms of storage media were related to intellectual property rights, privilege issues have not been widely discussed in the legal field.  It may simply be that lawyers, as a profession, are way behind the technological curve.  However, I am fairly certain that our clients not only expect confidentiality of information, they rightfully demand it.

In a recent review by me of the Rutter Group’s treatise on Professional Responsibility, there was quite a bit of information in the privacy concerns that arise as a matter of professional ethics.  Most of the information related to state bars coming down on lawyers for advertising violations.  There was also a brief discourse on how Facebook and other social networking sites affect bias of the judiciary, public perception, and client confidentiality.  What was not provided was a solution to how attorneys can stay competitive, be environmentally friendly, and how they might protect information in a world of data retention that changes and advances by the day.  Thus, this all becomes an issue about what we are all willing to do in order to protect not only confidential client information, but our own reasonable expectations of privacy in our personal lives as professionals and regular citizens/consumers.

Notwithstanding the privacy concerns within our specific profession, the Federal Trade Commission (FTC) is working on some proposals designed to address the invasions of privacy occasioned by some of the sites specifically mentioned in the Huffington Post article.

In the report, the FTC asserts that, “Companies should incorporate substantive privacy protections into theirpractices, such as data security, reasonable collection limits, sound retention practices, and data accuracy,” and that, “Companies should maintain comprehensive data managementprocedures throughout the life cycle of their products and services.”  There are also a number of practical proposals set out as well:

  • Privacy notices should be clearer, shorter, and more standardized, to enable better comprehension and comparison of privacy practices.
  • Companies should provide reasonable access to the consumer data they maintain; the extent of access should be proportionate to thesensitivity of the data and the nature of its use.
  • Companies must provide prominent disclosures and obtain affirmative express consent before using consumer data in a materially different manner than claimed when the data was collected.
  • All stakeholders should work to educate consumers about commercial data privacy practices.

While I am ordinarily no fan of governmental interference with a Free Market Economy, I must say that I do agree with the conclusion that many of the cooking tracking, user-history exploitation, and unwanted targeted advertising schemes are the product of a lack of education on the part of Internet users.

Moreover, unlike the voluntary decision to go to a store or similar place, the decision to utilize the internet is one that often involves making a connection from one’s private location and the associated plethora of data that rests on our personal or business computers.  As indicated above, this is a huge concern especially for professionals who retain confidential information with respect to their clients.  One can only sadly imagine the potential liability exposure should a marketer get a hold of professional-user information that references specific clients and sensitive data associated with them.

Keeping up on these issues is a must for not only those of us in positions of trust, I strongly believe that there is a legitimate issue of safety that deserves the expenditure of governmental resources for preventative measures and, at a minimum, for the education of those who use the internet.