Yesterday, I began the Six Sigma Privacy series with a discussion on the user attitude to online privacy, primarily focusing on the observation that most Internet users don’t really care. Today, I’m going to take a look at how some of the big players approach the topic. The bottom line is that there’s lots of talk and not a lot of action.

Privacy advocates want people to believe that this is the single biggest issue since the Colonies seceded from England. Consumers are apathetic. How do the titans of the Internet tackle privacy?

Back in July, Microsoft and Ask came together to call for global privacy standards:

Building on their respective efforts to protect consumer privacy, industry leaders Microsoft Corp. and Ask.com, a wholly owned business of IAC (NASDAQ: IACI), today joined together in the commitment to call on the industry to develop global privacy principles for data collection, use and protection related to searching and online advertising. The companies will work with other technology leaders, consumer advocacy organizations and academics to come together and join them in working on the development of these principles, which could include developing and sharing best practices to provide more control for consumers.

“As search and other online services progress, it’s important for our customers to be able to trust that their information is being used appropriately and in a way that provides value to them,” said Peter Cullen, chief privacy strategist at Microsoft. “We hope others in the industry will join us in developing and supporting principles that address these important issues. People should be able to search and surf online without having to navigate a complicated patchwork of privacy policies.” [emphasis mine]

Google followed suit in September, with Peter Fleischer calling for global privacy standards at a UNESCO conference:

…Google is calling for a discussion about international privacy standards which work to protect everyone’s privacy on the Internet. These standards must be clear and strong, mindful of commercial realities, and in line with oftentimes divergent political needs. Moreover, global privacy standards need to reflect technological realities, taking into account how quickly these realities can change.

Their announcement, though, was met with resounding cynicism, according to MediaPost coverage:

“…It’s clear that this is motivated in part to dampen the growing opposition to the DoubleClick takeover,” said Jeff Chester, executive director of the Center for Digital Democracy (CDD). “Google is attempting to head off a global regulatory digital train wreck.”

…”Google is under enormous pressure from many countries around the world who are fed up with their arrogance and their unwillingness to make meaningful changes to their business practices,” said Marc Rotenberg, executive director of EPIC. “They are also trying desperately to push the acquisition of DoubleClick through the Federal Trade Commission. And they’ve met enormous resistance.”

…Critics argued that the search giant gave no specifics for how to move forward with a global implementation–calling it another sign that the endorsement was just Google posturing for the FTC.

“Mr. Fleisher is lobbying to get a privacy Band-aid placed over an ever-growing flow of personal data being squeezed from consumers (by Google and others),” said Chester.

Poor Google. Evil-avoidance notwithstanding, they’ve gotten so big that pretty much anything they do these days is greeted with cynicism. Take Maile Ohye and the Google Privacy Videos (one and two). Just a few days ago, Ryan Singel at Wired gave his non-held-back opinion on them:

The video skips right over the part where Google opts in new users to the tracking program without explaining to people what the program is or does.

Instead, it jumps from the “create a Google account screen” to a heartwarming story about how having searched for the “Rolling Stones” in the past will help Google disambiguate a later search on the word “bass” - so it knows you are interested in the instrument, not the fish.

This might be interesting if it were true, which I doubt it is since I’d wager MORE people who searched on the “Rolling Stones” in the past are anglers than musicians.

But why let that get in the way of a good cover story for why Google really wants to collect data about you which is, as we all know, the ad dollars.

Anyway, back to Fleischer and Google’s request for global privacy standards. In September, Google’s CEO, Eric Schmidt, added his voice to the conversation:

More encouragingly recent initiatives in this area by the United Nations, the Asian-Pacific Economic Co-operation Forum and the International Privacy Commissioners’ Conference have all focussed on the need for common data protection principles. For individuals such principles would increase transparency and consumer choice, helping people to make informed decisions about the services they use as well as reducing the need for additional regulation. For business, agreed standards would mean being able to work within one clear framework, rather than the dozens that exist today. This would help stimulate innovation. And for governments, a common approach would help dramatically improve the flow of data between countries, promoting trade and commerce.

I recommend you click on the link to Schmidt’s piece and read the response from Ann Cavoukian, who chaired a working group of Commissioners convened for the purpose of creating a single harmonized privacy standard; she points out that the issue isn’t standards creation but standards implementation:

I would also like to draw your attention to documents already produced by highly regarded international authorities on privacy and suggest that the issue is not one of developing new standards, but of raising the bar by observing existing global standards and privacy principles.

What does this all add up to? Major players understand the importance of being seen as caring guardians of the people’s privacy. They talk about it, create videos about it, call for global standards for it. I’m just not yet convinced that effective actions are being taken about it, or even that these companies want people to truly understand the issues at stake. The Maile Ohye videos aren’t designed to raise awareness; they’re designed to keep people calm.

But what should they be doing instead? Tomorrow I’ll discuss some of the issues involved and why this topic is important. Until then, I’d love to hear your opinion about how the big players handle online privacy. Do you think they do a good job? Or should we demand something better?

This entry was posted on Tuesday, November 6th, 2007 at 9:40 pm and is filed under Ask.com, Privacy, People matter, Microsoft, Google. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.