Every December I am reminded of direct marketing's disconcerting precision. My mailbox fills with catalogs of electronic gadgets and books, while my neighbor's is stuffed with glossy brochures for cutlery sets and bread machines. I don't even need to check the mailing label to know when mail has been incorrectly sorted--the cover image of a richly appointed hearth is sufficient clue.
This kind of pinpoint marketing is, of course, both a blessing and a curse. It is far preferable to wading through mountains of irrelevant junk, but it's disquieting to realize how much advertisers know about my interests and purchasing habits. Still, despite what we may grumble as we sort through the mail, most of us have come to accept this trade-off.
What's interesting is that as marketers try to apply this same model to the online sphere they are running into a deep vein of resistance and anger. People seem to have very different concerns about privacy in the virtual world than in the real one. A new kind of contract between advertisers and consumers is needed that clarifies what are reasonable expectations of privacy and anonymity on the Web.
We're just starting to see the first hints of how such a contract might work, thanks to the ongoing debate over a small, Web-based technology with the unlikely name of "cookies."
First introduced by Netscape but now supported by all popular Web browsers, cookies are nuggets of data that can be stored on your PC by a Web site and then accessed every time you go back to that site.
For example, the first time I access HotWired I can give my name and password. HotWired then creates a cookie that contains this data and stores it on my computer. The next time I go to the site it will retrieve the cookie and greet me by name.
What makes this even more disquieting to many people is that cookies are exchanged silently behind the scenes. Unless you reconfigure your Web browser's settings so it asks permission before sending a cookie--a process that quickly becomes tedious--you will have no idea what information is being tracked.
"The biggest issue with cookies is that there isn't a mechanism for informed consent" says Lori Fena, executive director of the Electronic Frontier Foundation. "Users are concerned because it operates behind their backs."
In response to these concerns, two systems have been announced recently that put control over cookies into users' hands. One is a technical solution, while the other is more of a social and legal approach. Together, they provide the building blocks for a new online covenant between advertisers and consumers.
The technical solution is a piece of software called Cookie Cutter that allows users to control what information they are willing to share and with whom. The program was introduced this month by Pretty Good Privacy Inc., a small company best known for its eponymous encryption product and its legal battles with the U.S. government over export restrictions.
Nonetheless, says CEO Tom Steding, "when we tried to pinpoint what PGP Inc. is about, we agreed that our real goal is restoring privacy in the information age. And anonymity is a key piece of that."
It's a stance that may be as controversial with advertisers as PGP's stance on cryptography is with the government. But Steding is trying to make Cookie Cutter sound palatable to marketers by emphasizing that it doesn't blindly block all cookies.
"By allowing the user to decide when to share information," says Steding, "advertisers will end up with better-quality leads."
Hopefully advertisers will agree. Otherwise we may end up in a running battle, as each side develops increasingly sophisticated technical means of invading and protecting privacy.
Or, we may solve the cookie debate through nontechnical means. This is where eTrust comes in, a certification organization jointly sponsored by the Electronic Frontier Foundation and CommerceNet.
The eTrust scheme, which launches next month, works something like a Good Housekeeping seal of approval. A Web site that complies with certain rules about monitoring and sharing information will be able to display an official eTrust logo. There will be three different logos, each representing a slightly more stringent standard of privacy.
Following Ronald Reagan's old dictum "trust but verify," professional auditing firms such as KPMG Peat Marwick (where I work) and Coopers & Lybrand will help to make sure that eTrust logos are not used improperly.
In essence, eTrust provides a mechanism for informed consent. When Web surfers go to a participating site they can immediately decide if they are comfortable with the site's policy. Putting this information into the open not only assuages users' fears, it allows companies to trumpet their good business practices.
As the EFF's Lori Fena points out, "we need to recognize that technology can both enhance a user's experience online through personalization and it can be an invasion of their privacy." Users want to see ads relevant to their interests, but they may not want their visit to the drug information site http://www.prick.org to be part of their profile. Mechanisms such as Cookie Cutter and eTrust provide the information and control we need to strike the right balance.
Steve Steinberg can be reached via e-mail at firstname.lastname@example.org