Friday, November 10, 2006

SEM on Search & Consumer Privacy. SEM on Search & Consumer Privacy. Gord Hotchkiss, the president of a search engine marketing firm, writes what at first appears to be a thoughtful and reflective essay on how the rise of behavioral targeting within the search engine advertising market (his bread and butter): The mechanisms are already in place for search engines to track your online behavior. Tool bars, mini apps, personal search history. All of these can and do track where you've been. Everybody is being tracked to some degree. But as Seana pointed out in her column, most of us are blissfully unaware of it. That's because it's been relatively benign to this point. In return for a handy tool bar that offers increased convenience, the ability to index your desktop and other added functionality, we just click the accept button without really reading what we're accepting. Up to now, there hasn't seemed to be any consequences. But in the background, the engines are quietly collecting terabytes of click-stream data. Unfortunately, he casts this concern aside much too quickly: More and more consumer groups will launch protests. Politicians will sense opportunity and jump on their soapboxes. There will be a very vocal minority that will rail against this "Big Brotherism." There will also be a group of advertisers that will continue to step way beyond the acceptable, using targeting to subvert the user experience, rather than enhance it, hijacking the user and taking them to places they never intended. This will add fuel to the fire. And because they're the most visible target, the search engines will bear the brunt of the attack. In the end, we'll realize there's much more pro than con here. Effective targeting will generally add to our experience, not take away from it. We'll toy with trying to use a third-party privacy filter, but in the end, most of us won't be willing to give up the additional functionality in return for maintaining an illusion of anonymity online. Much of the usefulness of Web 2.0 (I know, I hate the term too, but at least it's commonly understood) will be dependent on capturing personal and click-stream data. We'll give in, and the storm will gradually fade away on the horizon. Our goal must be to make consumers aware of the trade-offs between providing enormous amounts of personal information in exchange for a "convenient" toolbar or a contextually-relevant ad. We must not allow people to give in so easily. [via Pogo Was Right] [michaelzimmer.org] 7:15:55 PM

Privacy and Security Law Blog: Confidential Information Should Be Encrypted or Not Stored on Laptops 81% of U.S. businesses surveyed this year reported that, in the previous 12 months, at least one of their laptops or other portable electronic devices had been lost or stolen. U.S. Survey: Confidential Data at Risk, 5 Privacy & Security Law Report 1162 (2006). When a laptop is lost or stolen, unencrypted data on the computer can easily be accessed. Even if a user name and password are needed to sign on to the laptop, the hard drive can be removed in a few seconds and all data on the hard drive can be copied to another computer or to a storage device in minutes. Despite the high risk sensitive data may be obtained from lost or stolen laptops, many businesses continue to allow employees to store such information on laptops and to take the laptops home, on business trips, and on vacations. Business managers should consider whether their current laptop security practices are sufficient. If a business' trade secrets, attorney-client privileged information, customer lists, or financial information are obtained from a lost or stolen laptop, affected shareholders, employees, or business partners may argue that the business failed to take adequate steps to safeguard the data. Avivah Litan, vice president and analyst at the Gartner Group, said in a recent interview: "Frankly, there is no excuse anymore not to encrypt data on laptops and mobile devices. . . . The cost for laptop encryption is $40 or less per laptop. . . . [T]here is no excuse today. It is really bordering on negligence." An Interview with Experts on the Cost of Ensuring Data Security, 6 Privacy Advisor 20, 23 (2006). Every company with sensitive data on mobile devices should consider whether the data should be encrypted. 6:31:52 PM

© Copyright 2006 Paul Hardwick. Last update: 12/6/06; 2:38:57 AM.