This month the FTC released an update to its 2000 guidelines on dot-com disclosures in mobile and social media advertising. These updates provide guidance on how to effectively make disclosures clear and conspicuous so as to avoid any deception for the consumer. Some of the guidance is the same but other areas have changed. For instance, the 2000 guide advised that advertisers should place disclosures, “near, and when possible, on the same screen” as the relevant claim, while the 2013 updates state that a disclosure should be placed “as close as possible to the relevant claim.” The updates also explain that if a disclosure cannot be made clear and conspicuous and without a disclosure the ad would be deceptive or unfair then that ad should not be disseminated. This also applies to platforms as a whole that might inhibit disclosures. Twitter is one such platform that could be difficult to provide clear and conspicuous disclosures on due to the word limit. Some things were continued from the original guidelines. One such example was that advertisers should avoid using hyperlinks for disclosures that involve pricing information or certain health and safety issues. These determinative factors should be present in the ads main text and should not be hidden in a disclosure. The new guidelines also provide useful mock ads to illustrate the updated principals. To see the full updated guidelines please follow this link: http://www.ftc.gov/os/2013/03/130312dotcomdisclosures.pdf
For more on privacy issues come register for AdNauseaum.org Presents: Advertising Trends in Class Actions on April 2nd. There will be panels on Privacy: the Large Scale Issues and Deciphering Natural Claims as well as The Class Action Demystified. You can register here: www.nyls.edu/adlaw
Facebook Custom Audience
Facebook’s “custom audience” feature lets marketers find and target advertising toward specific individuals among Facebook’s users. Marketers use e-mail addresses, phone numbers or Facebook User ID’s to match up with Facebook users in order to generate a “custom audience” created from data they already have. To generate the “custom audience,” the marketer uses a tool called the “power editor” to input an email or phone list representing their “segments” (groups of customers they’d like to target—may be current customers, prospects, loyalty club members…etc.). To protect the data, Facebook never receives the customer list. The list of emails or phone numbers is “hashed” on their own computer when using the power editor. Hashing is a method of securing information. Unlike encryption (another method of securing information), hashing summarizes text into a short fingerprint that can’t be decrypted.
Does this feature comport with the TCPA and the Consumer Privacy Bill of Rights?
Last month, Ad Nauseam discussed the FTC’s changes to the Children’s Online Privacy Protection Act (COPPA). The purpose of COPPA, which was implemented in 2000, is to protect the online use of personal information of children under the age of 13. In particular, the rule assigns strict responsibilities to “operators” including that they obtain verifiable parental consent before collecting, using or disclosing personal information from children, and that any information they do collect be kept secure. Today we will take a closer look at the FTC’s revised definition of an “operator” under the COPPA rule, and focus on the effect to third party services.
Importantly, under the revised definitions, advertising networks and plug-ins now fall under the umbrella of COPPA. The COPPA revisions have expanded the definitions of an “operator” and a “website or online service directed to children” to take today’s Internet-landscape into consideration. The definitions now include a child-directed site or service that integrates outside services that collects or maintains personal information from its visitors. This rule governs entities that have an agent or service provider collect or maintain personal information from its visitors, or an entity that benefits from allowing third parties to collect personal information from the viewers. Put simply: if you own the child-oriented website, then the use of that website by third parties is your responsibility.
But what about the third party service that is placed onto a child-oriented website? The expanded definition states that a third-party service that collects personal information directly from users of a child-directed site or service will be liable for complying with COPPA only when the third party has actual knowledge that the site is child-directed. The FTC explains that a third party service may obtain actual knowledge when: (1) a child-directed content provider expressly communicates the child-directed nature of its content, or (2) a representative of the online service recognizes the child-directed nature of its content.
URL’s present an interesting issue to “actual knowledge.” An easy assumption is that a URL will indicate whether the website you are placing the ad on is child-oriented. However, the Internet is a multi-layered and complicated network, and each layer collects different information. As a result, a third-party may not be able to discern whether or not a website is a “child-directed site” simply by viewing the URL. As a result, a URL may not be a proper indicator that a website has child-directed content, and could leave a third-party at risk for liability under COPPA.
The FTC’s Chief Technologist, Steve Bellovin, recently published a blog post which provides some suggestions as to how to resolve this issue of actual knowledge. The first suggestion was explicit signaling from the child-oriented website to the third-party advertisement. This type of signaling has already been used by advertising networks when they include how to request advertisements. In this type of signaling, a news article might contain a long link, and when you click on a word, it indicates how to place the advertisement in your article. Furthermore, the advertising network is being passed along information about the website it is placed on.
Bellovin explains that this technique can be tailored to include a “COPPA-covered site” flag, to give third parties actual notice that the website is child-oriented. This flag could be placed into the URL, so that the browser will understand and pass the information on to the third party. Also, it would be possible to configure the system so that embedded content that embeds content from another source, will have to pass along information about the COPPA flag.
At this time a standard “signaling” system has not been put into place to resolve the issue of actual notice, but Bellovin suggests that it could be with accomplished with the joint effort of the industry. Until this is implemented, it is important for advertising networks and plug-ins to be cognizant of the fact that if their services are placed on a child-directed site and they have notice of this fact, they could be held liable for COPPA violations under the revised rule.
Like baseball and apple pie, television is among the classic all-American pastimes. Who can’t relate to the anticipation of waiting for a favorite show to premiere, and then dissecting every detail with fellow fans? While the favorite shows always change over time, now the ways to watch them have too. Traditionally, you would wait for the specific date and time to see your show, but with recording devices like TiVo and cable On-Demand and sites like Netflix and HBOGo, viewership is anything but traditional. Instead of being limited to only the show’s current season or time constraints, you can catch up with entire seasons at the push of a button, and see current episodes in their from your computer or tablet just minutes after the live broadcast. With these monumental shifts in viewing habits, it comes as a surprise that media ratings agencies have been slow to consider these new practices when compiling their ratings statistics.
But finally, Nielsen Company, the media company that monitors and compiles TV viewership to create TV ratings, has revised its sampling methodology. On February 21, 2013, Nielsen announced that it would begin counting TVs connected to the Internet as “television households,” therefore including those Americans that have dropped their cable or satellite providers and watch TV exclusively via the Internet. This change marks the conclusion of two years’ consideration of the plan, which Nielsen announced it was considering after TV ownership figures dropped in 2011. In conjunction, Nielsen will start monitoring the use of iPads, Playstations and other mobile devices in an attempt to create a more accurate picture of total viewership, and the use of streaming services like Amazon and Netflix (because these services are either ad-free or contain different ads than the original broadcast, they were not included in Nielsen data). Similarly, the move comes just a day after the Billboard 100 announced that it will include Youtube streams in compiling its song rating data.
TV executives, among others, are praising the long-awaited shift in ratings compilation, because they have long (and likely correctly) complained the new viewership avenues are not adequately reflected in ratings data. Nielsen’s position acknowledges the shift from traditional viewing mediums, and is an important first step in reflecting America’s media consumption in the digital age.
On February 1, the Federal Trade Commission (FTC) issued a staff report entitled Mobile Privacy Disclosures: Building Trust Through Transparency. By releasing this report, the FTC’s goal was to put in place “best practices” for mobile privacy disclosures. The FTC recognized several key themes arising from issues surrounding mobile privacy:
The lack of consumer awareness and understanding relating to “current information collection and use practices occurring on mobile devices.”
The importance of design of privacy disclosures to address the limitations of small screens.
The key role of platforms in deciding how information is conveyed to consumers and control they have over application developers.
The FTC organized their best practice recommendations by industry participant—platforms, app developers, third parties, and app trade associations—which is the order in which I will summarize the findings here.
For companies that devote entire departments to the sole task of maintaining the company website and social media platforms, the last item on their Internet teams’ favorite-thing-to-do list is likely “deal with legal issues.” Due to rapidly changing technology and laws that scurry to keep up, the frustrations are understandable, and most often come to a head on the topic of privacy.
Last month, the FTC attempted to keep pace with technology shifts and released its most recent amendments to the Children’s Online Privacy Protection Rule (also known as the “COPPA Rule,” as it is based on the requirements of the Children’s Online Privacy Protection Act [“COPPA”]), which will become effective July 1, 2013. Initiated in April of 2000 (light-years ago in terms of technology progression), the COPPA Rule requires operators of Web sites to take varying privacy precautions based on the maturity of the sites’ audience. Revisions to the rule arrived in the form of modifications to certain definitions, and implementation of newer or stronger methods for safer surfing.
First, the COPPA Rule update redefines certain terms including “operator,” “Web site or online service directed to children,” and “personal information.” The term “operator” is now defined as a conductor of a child-directed site or service that allows outside services to collect personal information from visitors. In a related vein, “website or online service directed to children” means those services having actual knowledge that they are collecting personal information through a site geared towards children. “Directed at children” sites are now also required to provide notice and obtain parental consent for users under the age of thirteen. Possibly the most dynamic of defined terms, however, is “personal information.” Due to the vast increase in big brother technology, “personal information” has been revamped to include geolocation data, and other more sophisticated identifiers, on top of the more commonly known photos, videos, and audio files that contain a child’s image or voice.
Next, the new COPPA Rule clarifies the method that operators must utilize to notify parents of data collection. When operators collect personal information from children, they must not only alert parents beforehand that they are collecting the data, but must also place all pertinent information about the collection in the very beginning of the notice. On the bright side for operators, the new Rule also comprises of new ways to obtain consent from parents. Some examples of updated modes of permission include video conferencing with operators, and scanned parental consent forms.
Furthermore, the COPPA Rule now requires stronger practices to maintain the security of children’s information after collection. If an operator releases the data collected from children to a third party and/or service provider, the operator must take reasonable measures to verify the third party’s aptitude for protecting the information. Cutting error time is also key; therefore, operators may only retain the collected information for as long as reasonably necessary.
Amazingly, no matter how quickly a new version of the COPPA Rule enters the scene, it is already behind the times. Paralleling this notion is the inevitability of children surpassing their parents in their level of technological ability. Thus, it may be difficult to keep up with the best practice in online data collection, but it would be prudent for those involved to try.
For more information, visit: http://www.ftc.gov/privacy/coppafaqs.shtm
As the saying goes, why work hard when you can work smart? Advertisers have adopted this approach by abandoning the one-size-fits-all approach and tailoring ads to specific target audiences. One obvious example is your inbox: If you receive emails from companies like Gilt Groupe or Rue La La, it is a safe assumption that you are interested in finding great fashion at discount prices. Perhaps then you will notice a banner ad for similar sites like Net-A-Porter, or Overstock.com. That ad was chosen for you based on your previously-expressed interests in similar sites. Browser tools like cookies that store information on the websites you visit help advertisers form a profile to predict which advertisements would be most relevant to you. This profile information allows advertisers to more effectively reach their desired audiences, and results in you seeing ads that (should be) interesting and relevant to you. Such practices are called interest-based advertising, targeted advertising, or online behavioral advertising (OBA). As defined by the Digital Advertising Alliance, OBA is “the practice of collecting data from a particular computer or device regarding web viewing behaviors over time and across non-Affiliate websites for the purpose of using such data to predict user preferences or interests to deliver advertising to that computer or device based on the preferences or interests inferred from such Web viewing behaviors.”
But with identity theft, hacking and cyber data breaches that are often front-page news, how can consumers be sure that OBA data is collected and used in a responsible manner? What are the options for consumers who do not wish to have their online activity tracked and compiled for third-party use? What are the pros and cons of OBA-generated profiles?
The Digital Advertising Alliance (DAA) is an organization dedicated to de-mystifying OBA practices and seeks to establish standards for companies engaging in this type of advertising. The DAA is a consortium of leading advertising and marketing associations that share a commitment to establish best-practices in OBA, thus increasing consumer confidence in OBA’s use and application (see a list of participating associations here). Like the National Advertising Division, the DAA is a self-regulatory group that seeks to monitor advertising practices and ensure transparency. In 2009, they released the Self-Regulator Principles for Online Behavioral Advertising (Principles) which emphasize:
– Education for consumers and businesses about online behavioral advertising and the Principles.
– Transparency about data collection and use practices associated with OBA, providing consumers with clear, meaningful and prominent notice through multiple mechanisms.
– Consumer Control over whether data is collected and used or transferred for OBA purposes, provided through easy-to-use consumer choice mechanisms.
– Appropriate Data Security for, and limited retention of, data collected and used for OBA purposes.
– Obtaining consumer consent before a Material Change is made to an entity’s OBA data collection and use policies unless that change will result in less collection or use of data.
– Limitations of the collection of Sensitive Data collected and used for OBA.
– Accountability for entries collecting and using data for OBA purposes, including mechanisms for enforcement of the Principles.
In further emphasizing the Principles of Consumer Control, Education and Transparency, the DAA has created the Advertising Choice Icon, as part of their Ad Choice Program. You may have noticed this, a small blue triangle with an “I” in its center, in the corner of a banner, pop-up advertisement, or pages where your browsing data will be used for advertisers. It is a disclosure technique used by advertisers to indicate that OBA is occurring and showing consumers that the advertiser participates in the DAA Program. When you roll your mouse over the AdChoice Icon, a clear disclosure statement appears detailing the data collection, explaining how consumers can control the tracking options and how to limit or deactivate data collection. The AdChoice Icon has a twofold benefit: consumers become aware of the companies and sites that are tracking them, and understand available options to prevent their privacy. By disclosing such information, companies and sites increase consumer confidence in their products and services, and hope that this transparency will bolster their bottom lines. The AdChoice Program boasts a long list of participating companies (see a complete list here) such as advertising agencies, retailers and advertising networks. Its website – http://www.youradchoices.com/ – lists detailed instructions on how to customize browser settings and educate both companies and consumers on the advantages of OBA.
But don’t mistake the DAA as a regulator in name, not spirit. Partnered with the Better Business Bureau’s Advertising Self-Regulatory Counsel, there have been several instances where the organizations have requested clarification of a company’s OBA practices to ensure there is no consumer confusion. Recent examples have been with the brand-new Facebook Exchange platform, where a company with its own advertising data could then reach out to consumers when they log on to Facebook. It was determined that Facebook could improve the transparency of its practices in this medium by making subtle changes to its ads, like adding the AdChoices Icon and changing some disclosure language (read the whole decision here). Another example is BlueCava, an advertising company that identified and tracked users across devices and associated (or “householded”) them together. The Advertising Self-Regulatory Counsel found that BlueCava did not clearly state to consumers that it was tracking their activity across devices, nor did they specify if opt-outs would be honored across devices. BlueCava responded to this inquiry by synchronizing its opt-out features across devices and amending its disclosures to clarify its practices (read the decision here).
The DAA has also been a vocal advocate of OBA practices in light of the popular do-not-track movement (as I have detailed in a previous post), and with privacy concerns at an all-time high, remains dedicated to providing consumers comprehensive information so they can make educated choices about how to tailor their online experiences.
In recent years, many consumers have been looking to purchase all natural organic products. However, what does natural mean? To many, this word evokes images of fresh strawberries just picked out of the patch, herbs cut out of the garden, or fresh made milk from a cow. Yet, most of these images are not what come into play with natural claims in the advertising industry. To many in this field, the questions that come about include: How much of a product has to be natural in order to claim that the product is natural?, Can something be claimed as natural if there are trace amounts of synthesized elements in it? or, Is a GMO natural? All of these questions seem to lead to one question: Is any product advertised as all natural, ever really “all” natural? The answer is probably a resounding no. It is hard for the industry to make the best hair care product with no chemical binding element.
The focus in advertising law is not on what companies are putting into their products though, but how the consumer is being deceived by the premise stated above. If the consumer believes that they are buying shampoo with just strawberry extract, but the company has put in chemicals to make is soap, how can the customer know what they are about to buy? A lot of time they don’t question it, but as of late, this question has been the forefront of class action suits.
Currently, Tropicana is being singled out in California for creating a deceptive advertisement. The company states that it’s orange juice is 100% natural and not from concentrate. However, consumers are stating that the juice is actually processed, and not as natural as the company has marketed it out to be. They are particularly attacking the deceptive advertisements with the straw in the orange, which evokes images of actually drinking juice straight from the fruit. This case is just a drop in the proverbial bucket for natural claims though. California is becoming the new battle ground for these suits, which has served as a past venue for past class action cases (Big Tobacco). Ramifications will be felt by advertisers. To avoid large settlements, companies will have to figure out what all natural actually means, and how to abide by it. To discover more about this topic, come the adnauseum’s spring event on April 2! Information is on the home page of the site.
adsales Advertising Celebrities class action Copyright Do Not Track Endorsements facebook false advertising fashion FDA Federal Trade Commission FTC Google in-stream insta instagram internet privacy lawsuit like-gate like-gating Naked Juice native advertising Natural Pandora personal information pinterest privacy privacy rights regulation Search settings Settlement social media trademarks twitter viral marketing