I’ve written quite a bit on this blog about online privacy. When it comes to advertising, last year there was a lot of media attention given to behavioural targeting – where advertisers reach you based on your online behaviour. Advertising firm Phorm was at the centre of that furor, and they exited the UK late last year.

Then of course there was Google Street View, and the fear that it was invading personal privacies (and helping thieves to boot!). Last year we advised you all to add a privacy policy to your website, to make it clear what information you were collecting about visitors.

New Code of Practice

Well now it looks like Websites will have to stick to a new code of practice put in place by the Information Commissioner’s Office (ICO). The whole point is to make sure that your website visitor’s information is kept secure and private.

The Personal Information Online Code of Practice simply firms up the advice we gave with regard to having privacy policy. Websites need to make their privacy settings clear and store data securely. There are 8 principles for looking after personal information, but what it boils down to is that only specific, relevant data can be gathered, if a website doesn’t needs the personal information, then it must not hold onto it longer than necessary.

For example, if a company no longer needs your email address or credit card details, they’re obliged to delete them.

If you have a log in to your site, the privacy settings must be well highlighted.

A representative of the ICO said: “Organisations must be transparent so that consumers can make online privacy choices and see how their information will be used.”

“Individuals can take control by checking their privacy settings and being careful about the amount of personal details they post to social-networking sites and elsewhere online,” he continued.

If websites fail to abide by the code, they could be forced to do so by the ICO.

What about you?

Have you put a privacy policy on your site? Do you think that fears over online privacy are overblown? Leave us a comment below.

It’s been a whilst since we talked about behavioural targeting on this blog. Behavioural targeting is where advertisers target web users based on their online behaviour. For example, let’s say you are visiting autotrader.co.uk quite a few times a week, and also checking out loans websites; it it looks like you’re thinking about buying a car. Behavioural targeting would allow car manufacturers to target you with their online advertising.

I like behavioural targeting

I for one am quite keen on behavoural targeting. I’d rather see advertising that’s relevant to me rather than general purpose.

But Privacy Groups don’t

However, online privacy groups have raised fears that behavioural targeting can represent an invasion of online privacy. Behavioral targeting firm ‘Phorm’ took the decision to close its doors in the UK last year, having faced a real uphill battle to convince stakeholders.

Google does it too

Google is in the behavioural targeting game too. The key difference with their ‘interest based‘ advertising is that as a web user you can see what categories Google has said you’re interested in, and edit them too.

Privacy Symbol

Now a good idea has come along that might help behavioural targeting get properly off the ground. There’s a new ‘privacy icon’ that’s being trialed by the US online ad industry. The icon will appear on adverts and be used to let users know that a website is using behavioural targeting.
The symbol not only allows users to know they’re being targeted, but when click the user can see who is targeting, and to opt out.

It seems like a sensible move. It allows consumers to be aware of that their data is being collected (albeit in an anonymous way). And it allows advertisers to take advantage of the powerful tool of behavioural targeting.

At the moment regulators have been hard to convince over behavioural targeting. This might just be the answer.

What do you think of behavioural targeting? Would you give up some privacy to get a personalised version of the web? Do you think this symbol can give users the reassurance and control they need? Leave us a comment below.

We’ve covered online privacy and behavioural targeting quite a bit on this blog.

At its basic level, due to the way that web technologies work, almost every website collects and aggregates data about each visitor. Its for this reason that every website should have a privacy policy.

On a deeper level, ‘behavioural targeting’ describes a kind of online advertising that reaches you based on your online activities.

On this blog we’ve always argued that its worth giving up a bit of online privacy if you get a personalised, tailored version of the web. A company called ‘Phorm’ has pioneered this type of advertising, although not without considerable resistance, even on this blog. In fact, such has been the level of friction that they have decided to give the UK a miss for now.

Google also wants to get into behavioural targeting. Their version is called ‘interest based’ advertising, which targets you… based on your interests.

As is so often the case with Google of course, they’ve thought about it all a bit more and have put in place an idea which may quell the fears of privacy groups.

Google have a tool that lets you look at the data and information that Google hold about you and delete it if you wish to. Google are calling this a ‘Dashboard’, and claim it gives you ‘unprecedented’ control over your personal data.

You can get to grips with your Google Dashboard on the settings page in your Google account.

The Dashboard summarises the personal information that Google has collected and stored about you, based on your use of their products.

“It’s important for people to be aware of what data they have online and to be able to manage that data – Google Dashboard should help to make this a reality.” said Alma Whitten, a Google software engineer on privacy and safety.

“We think of this as a great step towards giving people transparency and control over their data, and we hope this helps shape the way the industry thinks about these issues,” Whitten added.

Find out what Google knows about you using the Google dashboard. Any surprises there? Does this lay any privacy fears to rest? Leave us a comment below.

The office of fair trading (OFT) has this week produced a report into online shopping. According to the report, 30% of internet users don’t shop online because they are distrustful of the Internet

Worryingly, another 20% don’t shop due to ‘personal security fears’ and a further 15% don’t trust the companies that sell online.

In addition, a whopping 72% of online shoppers expressed some ‘concern’ about shopping on the Internet. Of all shoppers, 38% were only ‘slightly aware’ of their consumer rights when it came to online.

The OFT made it clear that the level of confidence in online shopping was too low for the market to reach its full potential.

“Online retailing is the future for many businesses and it’s increasingly important to the economy. If consumers are not confident online, demand will grow at a slower rate” said John Fingleton, CEO at the OFT.

“We must tackle these concerns right now if the online market is to grow at its full potential”, he added.

Minister for Consumer Affairs Gareth Thomas was keen to point out the upsides of the report: “UK consumers buy almost twice as much over the internet compared to their European neighbours. It’s encouraging that the OFT’s survey shows increasing consumer confidence when buying online – but people still have concerns.”

For our part, we believe that consumer confidence in online shopping takes a knock almost every time an Internet related story hits the news. Whether its paedophile rings, online privacy concerns over social networking groups, or PC viruses transmitted online, the mainstream media leap on board any opportunity to shake confidence in the Web. And all the recent stories of Phorm, and the ability for companies to track online behaviour, have done nothing to reassure consumers.

Whilst those of us who are keen users of the Internet know the issues above have nothing to do with whether or not its safe to put your credit card details into a website, those who are new to the Internet can be easily confused.

The Government for its part has pointed towards a forthcoming white paper on internet shopping that sets out proposals to increase peoples’ protection from fraudsters and increase their knowledge of online shopping.

Does lack of consumer confidence stop you getting more from your website visitors? Do you have trouble explaining to less tech savvy friends that shopping online is pretty safe? Has this affected how you have set up a website? Leave us a comment below.

Well, its finally happened. As reported on the BBC, the unlikely scenario whereby ISPs are forced to store private information about their customers’ surfing habits has finally become law.

We first trailed the story about email data being stored by ISPs in January.

Under an EU directive that came into force last week, ISPs are collecting and keeping information about your emails, internet phone calls, and which websites you visit. The information must be stored for a year. The actual content of the emails aren’t kept, but more basic information such as who the sender and recipient are.

It’s not commonly known, but legislation already exists that require telecoms firms to store information about each phone call.

This directive is all part of plans drawn up in the wake of the 2005 London bombings.

Many ISPs have resisted the directive, whilst some individual EU members are contesting it outright. Sweden for example are ignoring it entirely, whilst it is being contested in the German courts.

And there’s the cost too. Here in the UK the Government has promised to reimburse individual ISPs for the expense they incur in collecting and storing the data.

Regular readers of this blog will know that when it comes to behavioural targeting, and giving up a bit of online privacy to get a personalised version of the web, that we’re generally fans. Any technology which means that you find it easier to locate information relevant to you, even if that means receiving targeted advertising, is a good thing.

But for many, the snooping on user behavioiur by Government is a step too far. Policy Director at Liberty, Isabella Sankey said that in reality much of this information gathering had been going on under voluntary arrangement for years. “The problem is that this regime allows not just police to access this information but hundreds of other public bodies”, she said.

The Home Office, for its part, said that it was implementing the directive because the Government had prioritised “protect[ing] public safety and national security”.

It added: “Communications data is the where and when of the communication and plays a vital part in a wide range of criminal investigations and prevention of terrorist attacks, as well as contributing to public safety more generally.

And it also said that when it came to fears about how and when this information would be used, it was bound by a legal framework that protected the rights of the individual: “Access to communications data is governed by the Regulation of Investigatory Powers Act 2000 (Ripa) which ensures that effective safeguards are in place and that the data can only be accessed when it is necessary and proportionate to do so.”

But what happens if criminals realise that their online details can be snooped? Won’t they just use other means to communicate – ones that can’t be traced and tracked?

And what happens the next time this personal data is left on a laptop on a train by a forgetful civil servant?

What do you think? Is it a big deal to have this personal data accessed by all arms of the Government? Or is it worth giving up the privacy in order to be better ‘protected’? How many questions can I ask in a row?! Leave us a comment below

Phorm, the online advertising firm, is finally making noises about going live with their controversial advertising platform. Phorm allows advertisers to target users based on their online behaviour.

We’ve discussed behavioural targeting – and whether this is a breach of user privacy – before, and we (I say we but mean me don’t I!) hold the view that it’s worth giving up a little bit of privacy in order to get a tailored online experience. I believe that people distrust behavioural targeting due to two misunderstandings. First, that they think that it is the online equivalent of getting direct mail through the post. And second, they believe that online privacy breaches means the lost of personal data such as bank account details.

Phorm are trying to dispel public fears in a public meeting next week. Anti phorm campaigners claim that the service breaches UK data interception laws. And according to the BBC, the European Commission have even started legal action against Britain over the platform. Despite this, the company actually received official clearance from the Home Office, and the police – who investigated BT’s trial of the technology – have now closed the case.

Phorm CEO Kent Ertugrul told BBC News: “We have been supported or endorsed by all of the leading stakeholders… Ofcom, the Information Commissioner’s Office, the Home Office, leading privacy advocates like Simon Davies, the advertising industry and publishers have all backed our service,” he said.

The official line on Phorm technology is that it ‘trawls’ websites visited by users whose ISPs are using the service, and matches keywords on those websites to the users’ profiles. The user is then targeted with ads that are tailored to their profile.

The initial trials were with BT, but Talk Talk and Virgin have also confirmed their interest. Following all the negative publicity, ISPs have to weigh up any revenue per user the system might generate with the loss of those customers whose fears cause them to migrate away.

The government for its part has given the system a green light but only if users have given consent and have the ability to opt out.

Privacy groups The Open Rights Group and the Foundation for Information Policy Research are still firmly opposed to use of the technology.

Our view – that it is a lack of understanding of behavioural targeting, and the belief that somehow users will suffer a breach of their personal data is what is creating the resistance to the service – is shared by the CEO Kent Ertugrul. He said:  “I am surprised by the fact, after it has been repeatedly explained how the technology works, they seem to be very keen on misunderstanding what it does.”

What do you think? Would you allow yourself to be behaviourally targeted if it meant you saw relevant ads? Or are you an website builder and advertiser who would like to make use of the technology?  Leave us a comment below.

16.04.09 Update: According to Web User, privacy campaigners have cheered the news that Amazon are planning to deploy technology that prevents Phorm from gathering information about users whilst they are visiting  the Amazon website. Jim Killock of the Open Rights Group (ORG) said: “By choosing to block the contentious online advertising system from scanning its web pages, [Amazon has] taken the positive choice to protect their users’ privacy and their own brands”.

Phorm for its part responded with a statement which read: “there is a process in place to allow publishers to contact Phorm and opt out of the system, but we do not comment on individual cases”.

Round 1 (or is it Round 99?) to the privacy lobby?

22.04.09 Update: According to ComputerShopper magazine, Wikipedia has now decided to opt out of Phorm. An email sent from Wikimedia (the organisation that runs Wikipedia) to Phorm stated “we consider the scanning and profiling of our visitors’ behaviour by a third party to be an infringement on their privacy.”

Round 2 all done then!

28.04.09 Update: Phorm has launched a website to take on critics. Kent Ertugrul says this is because it has been relentlessly under fire from “a small, but dedicated band of ‘privacy pirates’ who appear determined to harm our company”.  Phorm are complaining that privacy activists are targeting MPs, journalists and regulators to try and “distort the truth and misrepresent Phorm’s technology”.

2-1?

Google Street View, the street mapping service we talked about last month, has now finally launched in the UK.

And as expected, it has already caused controversy amongst some privacy campaigners.

Google Street View is a street level database of 360 degree images from 25,000 miles of UK roads. The images were taken from a camera on the top of a specially adapted car, and show many streets from 25 UK towns and cities.

Since the Google Steet View car simply drives past taking photos of everything visible from the road, privacy groups have suggested that this is an invasion of privacy since Google are not asking anyone’s permission.

To overcome these concerns, Google have made it possible for images to be removed from the database. What remains instead is just a blank space, with the message ‘this image is no longer available’. However, canny users can just move down the street and look back on the scene instead – in order to see what has been deleted.

Google have already removed hundreds of photos following complaints from individuals. It is thought the images that have been deleted so far contain revealing images of people’s homes, and someone being arrested.

Google have said that anyone can have their images removed if they ask. In an attempt to minimise removal from the database, they have already deployed face blurring technology.

Google for its part says that it is merely showing what is visible from a public road, and that any person there might see the same.

Street View is already live in the US and 8 other countries too.

Have you found your street or yourself on Streetview yet? Leave us a comment below.

Following our previous story about behavioural targeting, Google announced this week that it is to launch ‘interest-based’ advertising.

They know that advertisers are keen to invest in advertising that reaches people based on their online surfing habits, and have moved to allow them to target specific ‘interest’ groups on both YouTube and the Google content network

At the moment the new advertising model is in Beta, which gives a few advertisers the opportunity trial and give feedback to the product specialists at Google. Of course knowing that amongst consumers this targeting model may be akin to online snooping on their bahaviour, Google have tried to reassure users that they will not use information stored within Google Accounts.

And in a major step forward, Google are giving us all the ability to access and edit the interest category that they have compiled for us, or to opt out entirely.

What this means is that you as a user can log into the ad preferences section in your Google account. You might have recently watched some soccer clips on YouTube, and Google might have therefore placed you in the interest category ‘football’ .You have the ability to confirm or reject Google’s categorisation of your online behaviour. If you accept it you will be more likely to receive advertising from companies selling football related products.

Google will use cookies to track users on both YouTube and the Google content network (any website where you see the ‘ads by google’ message at the bottom of an advert). Of course their assessment of what we’re all interested in won’t be perfect, but rather a best guess based on the websites we visit, the video clips we watch, and the articles we read. A statement from Google said: “Over time we expect our ability to get the right ad in front of the right person at the right time to improve as we build interest categories with the help of our users and publishers.”

This comes at a time where Tim Berners-Lee – the person widely credited with the foundation of the Internet in 1989 – has said that the maintenance of online privacy is vital for the development of the web. He is calling for restrictions on the collection and use of ‘private’ information. He considers the Google’s ‘interest based’ advertising model, and behavioural targeting in general, is just the sort of private information gathering we need to avoid.

The other side of the equation is this: we all expect information on websites to be free of charge. We read our newspapers’ website, get free newsletters, catch up socially, all without any cost to ourselves. But all the services do cost at some point, so if we aren’t prepared to pay a subscription then we need to make it possible for the providers of these free services to raise money in other ways – by selling advertising. And the better targeting they can give to advertisers, the more money they can make from advertising. And the more money they make, the better their service becomes. And so on.

Once again we’re back to the same old question. Is it worth giving up some ‘private’ information in order to get a better version of the Internet, and allow online publishers to make a return too? I firmly think so, and as a website creator you’re probably on my side, but the reality is that everyone needs to be educated to be able to make an informed choice. Whilst ignorance of online behavioural targeting exists, consumers’ decisions will be driven by fear rather that what is actually best for the long term development of the web.

Got an opinion? Leave us a comment below

We’ve blogged previously about online privacy – it’s a really hot Internet topic. Whilst we all want to protect our online identity, I personally think that it’s worth giving up some privacy in order to get a more tailored Internet experience. This of course includes getting served adverts that are specifically targeted at me. When it comes to advertising, getting personalized & tailored adverts aimed just at me is called ‘behavioural targeting’.

Behavioural targeting currently has a poor reputation. A poll out this week in New Media Age magazine suggested that over 81% of Internet users would reject receiving behaviourally targeted advertising. This bad name is probably down to scant information amongst users, who probably believe ‘behavioural targeting’ is the online equivalent of getting bombarded by leaflets through the post. The majority of us resent having direct mail land on our doormats, but the reality is that behaviourally targeted advertising is something completely different. As I’ve said previously it’s got to be worth getting a more personal version of websites and of online advertising, if it means that it’s more relevant to you. But the chances are that people are choosing to opt out of this because they have the perception that it’s going to be like getting direct mail, whereas in reality it’s going to be a more tailored online experience.

This week there’s been a major step forward in the setting up of a regulatory framework for behavioural targeting. In an attempt to lay consumers’ fears to rest, lots of Internet Advertising organisations including Google and the Interactive Advertising Bureau (IAB) have got together to produce guidelines about what is acceptable in terms of targeting users based on their online behaviour. This includes a range of measures including making it clear when information is being gathered by a website, and giving the user the ability to opt out of that information gathering.

Experts say that these guidelines need to quickly win the trust of Internet users otherwise the idea of behavioural targeting will be dismissed before it has even been given a chance to work properly.

Which side of the fence do you sit? Would you prefer to keep your online behaviour completely private? Or as someone who likes to build websites, can you see the benefits of reaching out to users whose online activity means they might want to buy one of your products? Leave us a comment below.

As we’ve spoken about before, it seems like the issue of privacy is constantly in the news: whether its online privacy, and the issue of keeping your identity a secret; or real world issues such as CCTV in town centres, meaning that we are being constantly photographed. (With over 4m surveillance cameras in the UK, more per head than any other nation, we’re right to be concerned about these things.)

Now it appears that the online and offline privacy issues are about to come together with the arrival in the UK of Google Street View.

Google Street View is an attempt by Google to make maps more interactive. With Street View when you identify a place using a map, you can then zoom down and see what that location really looks like, using a photographic image. You can effectively see 3D views of a place from the ground. It’s a bit like when you switch from map view to aerial view on Google Maps – you can see what the place really looks like using a real image. Except this time it’s a ground level.

How do they do Street View? Well there really is no shortcut with this one. They have placed a 360 degree camera on the top of a car, and are driving round every street in the country, capturing a panoramic image from every single place.

That sounds like a long time spent in the car for someone! But I also think the final result sounds pretty cool too. If you look at a location on Google Maps in the USA, you will see that they have already completed a lot of the process over there.

However, the issue that’s creating trouble with privacy groups is that people are going to be caught on Google’s cameras, as the car drives past. Publishing a photo of someone (which putting it on the Internet equates to) without their permission is fraught with legal complications. In the US this has already enabled some towns to opt out of the Street View entirely – try and find street view for North Oaks, north east of Minneapolis, and there’s nothing there. There’s also a quite amusing case of a Pennsylvanian couple who took Google to court last year, for taking pictures of their house. Mr and Mrs Boring (brilliant, isn’t it!) had their case thrown out. Since then, Google have deployed a service called ‘deleted-on-request’. Last month they even tried out some face blurring techniques on images in New York.

Laura Scott of Google UK said “We know that privacy concerns are a big thing in the UK, but we feel that we’ve been open and honest. The service has been approved by the UK’s Information Commissioner’s Office”.

As Google maps is fully integrated, with WebEden, this is an issue that faces you too, when you’re using our Website creator system. If people use a map on your site to navigate, and then choose to include Street View, you as a publisher are endorsing Google’s system.

Do you think that privacy issues are important here? Or are privacy campaigners making a mountain out of a molehill? Leave us a comment below.