Not long ago, consumers accessed the Internet primarily through the browser on their desktop or laptop PC. While the PC remains a fixture for many, today’s typical consumer relies on a variety of different connected devices to navigate their daily lives. Examples include consulting a traffic app on a smart phone on the commute to work; surfing the net or downloading a book to a tablet device; or streaming television programs on an Internet-connected TV. As consumers move seamlessly from one device to the next, they interact with a multiplicity of platforms, software applications, service providers, and publishers.
The proliferation of devices and their corresponding technologies has created new challenges for marketers and consumers. In the past, cookies allowed companies to track consumers’ online activities for targeted advertising and allowed consumers to exercise and store their privacy choices. Such traditional tracking technology, however, does not operate across the multi-device, multi-platform digital landscape. A cookie may paint an incomplete picture of the consumer who switches between different web browsers at home and at work. Further, a cookie stored on a consumer’s browser cannot provide insight into the consumer’s activities or preferences within the “sandboxed” apps on the consumer’s phone.
As a result, industry has turned to alternate techniques to track consumers across their devices. One method is “deterministic” tracking, in which a publisher or platform requires the consumer to sign in to access its service. This allows the company to link the consumer’s various devices to a single account. Another method involves the collection of information such as device type, operating system, fonts, and IP address to create a digital fingerprint to link a user to different devices. Such “probabilistic” tracking is generally invisible to consumers and, unlike tracking through cookies, the consumer has no ability to control it. Accordingly, this practice raises a number of privacy concerns and questions. We propose hosting a public discussion on Monday, November 16, 2015 to address issues related to cross device tracking. The event will include a variety of stakeholders and topics will include:
- What are the different types of cross device tracking, how do they work, and what are they used for?
- What types of information and benefits do companies gain from using these technologies?
- What benefits do consumers derive from the use of these technologies?
- What are the privacy and security risks associated with the use of these technologies?
- How can companies make their tracking more transparent and give consumers greater control over it?
- Do current industry self-regulatory programs apply to different cross device tracking techniques?
If you have questions about the workshop, please email firstname.lastname@example.org or contact Megan Cox at (202) 326-2282.
Attorney, Division of Privacy and Identity Protection, FTC
What is Cross-Device Tracking?
This presentation will provide background about the practice of cross-device tracking and a description of some of the techniques currently used to correlate consumer devices. The presentation will also look at the notice and transparency currently provided to consumers about cross-device tracking and the options consumers have to control the tracking.
Policy Director, Office of Technology, Research, and Investigation, FTC
Panel 1: A Technological Perspective on Cross-Device Tracking
This panel will look at the various cross-device tracking techniques, the evolution of the technology, and discuss some of the finer points of how the various technologies function today. Panelists will discuss the benefits provided by cross-device tracking to consumers and businesses, the privacy concerns associated with the technology used to track consumers across devices, as well as the mechanisms for effective notice and choice.
- Ashkan Soltani
Chief Technologist, FTC
- Joseph Lorenzo Hall
Chief Technologist and Director of the Internet Architecture Project, Center for Democracy & Technology
- Jonathan Mayer
PhD Candidate, Computer Science, Stanford University
- Andrew Sudbury
Co-founder and CTO, Abine, Inc.
- Jurgen J. Van Staden
Director of Policy, Network Advertising Initiative
Panel 2: Policy Perspectives on Cross-Device Tracking
This panel will look at the broader privacy issues raised by cross-device tracking. Topics that will be discussed include what information is being collected, stored, and shared to track consumers; the extent to which consumers are aware of the practice; how consumers can receive notice and provide consent related to these practices; and how industry self-regulatory programs apply to these tracking techniques.
- Megan Cox
Attorney, Division of Privacy and Identity Protection, FTC
- Genie Barton
Vice President and Director, Online Interest-Based Advertising Accountability Program, Council of Better Business Bureaus
- Leigh Freund
President and CEO, Network Advertising Initiative
- Jason Kint
CEO, Digital Content Next
- Laura Moy
Senior Policy Counsel, New America’s Open Technology Institute
- Joseph Turow
Professor, Annenberg School for Communication, University of Pennsylvania
Associate Director, Division of Privacy and Identity Protection, FTC
- Ashkan Soltani
Justin Brookman is Policy Director of the FTC’s new Office of Technology Research and Investigation (OTECH). OTECH’s mission is to generate new research into consumer protection issues involving emerging technologies, and to help investigate potential cases into deceptive or unfair behavior. Prior to joining the FTC, Mr. Brookman was Director of Consumer Privacy at the Center for Democracy & Technology (CDT), a digital rights advocacy organization. At CDT, Mr. Brookman advocated for stronger legal and policy protections for personal information and greater individual autonomy over information and communications technologies. He also served as Chair of the World Wide Web Consortium (W3C) Tracking Protection Working Group that standardized the Do Not Track setting across web browsers. Mr. Brookman also previously served as Chief of the Internet Bureau of the New York Attorney General’s office where he brought consumer protection actions on a wide range of issues, including privacy, free speech, data security, and net neutrality.
Joseph Lorenzo Hall
Joseph Lorenzo Hall is the Chief Technologist and Director of the Internet Architecture Project at the Center for Democracy & Technology (CDT), a Washington, DC-based non-profit advocacy organization dedicated to ensuring the internet remains open, innovative and free. Mr. Hall’s work focuses on the intersection of technology, law, and policy, working to ensure that technical considerations are appropriately embedded into legal and policy instruments. Supporting work across all of CDT’s programmatic areas, Mr. Hall provides substantive technical expertise to CDT’s programs, and interfaces externally with CDT supporters, stakeholders, academics, and technologists. Mr. Hall leads CDT’s Internet Architecture Project, which focuses on embedding human rights values into core internet standards and infrastructure, engaging technologists in policy work, and producing accessible technical material for policymakers.
Jonathan Mayer is a lawyer and a PhD candidate in computer science at Stanford University. He was named one of the Forbes “30 Under 30” in 2014 for his work on technology security and privacy. Mr. Mayer’s research and commentary frequently appear in national publications, and he has contributed to federal and state law enforcement actions. He is a cybersecurity fellow at the Center for International Security and Cooperation, a junior affiliate scholar at the Center for Internet and Society, and a Stanford interdisciplinary graduate fellow. Mr. Mayer earned his AB at Princeton University in 2009 and his JD at Stanford University in 2013.
Andrew Sudbury is co-founder and CTO of Abine, Inc. Mr. Sudbury manages the company infrastructure and finances and helps develop and bring Abine’s products and services to market. His combined financial and security expertise has helped Abine develop a reputation as a technology leader. Prior to Abine, Mr. Sudbury worked as Vice President of Security Metrics at Clear Point Metrics, leading the team creating information security metrics and scorecards from concept to $1M in sales. Previously, while employed at @stake, he assessed the security of network storage devices and high-privacy file systems and researched quantitative security modeling. Mr. Sudbury received an MBA from MIT Sloan and a SB from MIT.
Jurgen J. Van Staden
Jurgen J. Van Staden is the Director of Policy for the Network Advertising Initiative (NAI). He is responsible for driving policy initiatives for the third-party digital advertising ecosystem, including the NAI’s recent guidance on the use of next generation technologies and their application across devices. Mr. Van Staden is currently leading the NAI’s development of a new industry opt-out page that provides consumers increased notice and transparency of technologies used for interest-based advertising. In addition to a JD and LLM, Mr. Van Staden holds a Masters of Computer Science, several information security certifications, and is a registered legal and technical expert under the EuroPriSe Seal.
Genie Barton is Vice President of the Council of Better Business Bureaus and Director (CBBB) of its Online Interest-Based Advertising Accountability Program, which monitors the desktop and mobile advertising supply chain for compliance with the Digital Advertising Alliance’s self-regulatory principles. Since 2010, the Accountability Program has published the results of 58 formal inquiries, counseled hundreds of companies, answered over 12,000 complaints, and reviewed over 30,000 websites. Before coming to the CBBB, Ms. Barton worked both in the private sector and for/in the federal government. She is a summa cum laude graduate of the George Washington University College of Law and Oxford University.
Leigh Freund is the President and CEO of the Network Advertising Initiative (NAI). Ms. Freund joined NAI in 2015 after an eleven-year career at AOL Inc., where she served as vice president & chief counsel for global public policy. During her time at AOL, Ms. Freund led the company’s public policy efforts and was a leading voice on global digital and technology policy. Ms. Freund holds an undergraduate degree in political science from Kalamazoo College and a J.D. from Georgetown University. She is an active participant in several industry organizations devoted to compliance with key regulatory initiatives and principles, including the Interactive Advertising Bureau (IAB) and Digital Advertising Alliance (DAA).
Jason Kint is CEO of Digital Content Next (DCN), the only trade association to exclusively serve the unique and diverse needs of high-quality, digital content companies that manage trusted, direct relationships with consumers and marketers. Mr. Kint guides DCN’s diverse and powerful group of members—from established brands such as The New York Times, NBC, Condé Nast and ESPN, to digital natives, such as Vox, Slate and Business Insider—in setting the agenda for discussions on issues ranging from net neutrality to revenue innovation to privacy. A 20-year veteran of the digital media industry, Mr. Kint led the evolution of CBS Sports into a multi-platform brand and he served other publishing entities in various executive roles.
Laura Moy is Senior Policy Counsel at New America, where she works for the Open Technology Institute (OTI), a program dedicated to technology policy and technology development in support of digital rights, social justice, and universal access to open communications networks. At OTI, Ms. Moy leads policy efforts on consumer privacy issues. Before joining New America, Ms. Moy held positions as a staff attorney at Public Knowledge and as a clinical teaching fellow at Georgetown Law’s Institute for Public Representation. Ms. Moy has written, spoken, and testified on a variety of consumer privacy issues. She received her JD from New York University School of Law. Prior to law school she was the resident cell site expert at the Manhattan District Attorney’s Office.
Joseph Turow is the Robert Lewis Shayon Professor of Communication and Associate Dean for Graduate Studies at the University of Pennsylvania’s Annenberg School for Communication. Professor Turow is an elected Fellow of the International Communication Association and was presented with a Distinguished Scholar Award by the National Communication Association. In 2012, the TRUSTe internet privacy-management organization designated him a “privacy pioneer” for his research and writing on marketing and digital-privacy. He has authored nine books, edited five, and written more than 150 articles on mass media industries. Professor Turow currently serves on the editorial boards of Poetics and Media Industries.
Request for Comments
Click the link above to view the received public comments. Comments will be accepted prior to the event until Oct. 16, 2015, and the comment period will be held open for post-workshop comments until Dec. 16, 2015. Comments can be submitted online.