Apr
11

Self-Service Tag Generator

TRUSTe takes pride in providing high quality customer service through our dedicated account management team, while providing flexibility to our global clients through a self-service portal. Our self-service portal launched in 2011 to provide our clients the ability to pull their own reports, and later, the ability generate their own TRUSTed Ad tags for AdChoices implementations.

TRUSTed Ads can be implemented in any ad serving system and can also be integrated with the platform through an API to make it seamless for your ad operations team. TRUSTe has integrations with major platforms including AppNexus to make experiences as easy as a checkbox. Having a self-service portal at hand allows clients to make changes on the fly whether it is to update the logo, privacy policy link, or verbiage of the in-ad interstitial.

For global clients, the feature to generate localized tags in EU languages is seen as a tremendous benefit. To enhance global language support, TRUSTe tags have dynamic browser language detection to ensure the appropriate translation displays depending on user browser settings. Without the self-service portal, clients can already easily move icons to various corners and modify the cid to report back on granular campaign data.

TRUSTe tags are battle tested being able to dynamically detect rich media expandables, flash creatives (w/ or w/o wmode), and SSL environments and respond accordingly. TRUSTe also has SmartTags to let you use ONE tag across all creatives. We proactively create SmartTags with major ad serving systems, including Doubleclick, Microsoft Atlas, MediaMind and many more, either through finding the ad size parameters in the ad tag OR simply digesting ad size macros in our tag. TRUSTe’s tag was built on the notions of flexibility and simplicity because TRUSTe knows trafficking is already a lot of work and a complementary privacy system should bake into existing processes.

Self-Service is not just a reality for our TRUSTed Ads products. Across all our services, we play a balance between being your personal privacy advocate as policy and regulations change globally and giving you control over technical compliance tools. TRUSTe knows that privacy management done well involves both pushing the envelope in new technology along with expert skilled services. TRUSTe is the leading global Data Privacy Management (DPM) company and powers trust in the data economy by enabling businesses to safely collect and use customer data across web, mobile, cloud and advertising channels.

Self-Service Tag Generator

Key Features:

- Customize Design and Verbiage of Interstitial
- Generate tags and choose among Regular Tags, DFA Smarttags, and Microsoft Smarttags
- Retrieve Existing Tags Individually or Export Batches to CSV
- Generate Tags in Various Languages

Self-Service Ad Choices Report

Key Features:

- Run Reporting on Impressions, Clicks, Opt-Outs
- Select Daily, Weekly, or Monthly Breakdown
- Select from various time zones including PST, PDT, EST, EDT, GMT
- Pivot Reporting by Various Parameters including Campaign and Creative Size 

Want to learn more about our self-service platforms?  Contact your account representative.

Mar
04

A rose by any other name. Part 1

Agile methodologies offer the benefits of sustainable, lightweight, and predictable development culture, allowing the work to be refined by the on-going, quickly turnaround execution format. The real outcome can be more predictable and as a result, the stakeholders gain the flexibility and dynamic understanding of, based on what was built, how to deliver most value to the markets that often act like moving targets. You can easily find many such definitions of Agile practices with a simple web search.

Yet in a broader sense, the culture of agility can help to evolve an organization that may keep the momentum of more traditional, sequential development styles. Often the focus of the development can be on over-documentation, redundancy in phases or stage gates. A valid question is that “Why does such momentum persist?” In contrast, often when Agile is alluded to, it can be confused or erroneously interchanged with notions of lack of documentation or with disorganization. Productivity can be questioned when the iterations fail to deliver the flexibility and predictability as promised. Instead, the cycles demonstrate less progress than ideal or the changes are more about fixing blemishes due to poor expectation setting in the beginning. In such cases, both practices have been poorly articulated; more importantly, not been considered in light of the organization’s culture and the changing climate of market nature.

Especially when facing emerging market trends, product development is highly impacted by unknown. Clarifying those unknowns can be extremely costly which further aggravates the business projections. For example, the shift to mobile from existing “Internet of things” exponentially creates long-tail and countless issues as is visible by all metrics. One only has to look at the tremendous explosion of mobile apps, ecosystems, and mobile devices evident in so many case studies. The need to handle, analyze, and make decisions based on so much growth means that development cycles of months is quickly becoming obsolete.

Communicating to the business stakeholders with manageable expectations in such fluctuated climate requires that product owner and developers have solid foundations. This can mean technology stacks influenced by dynamic development – tier abstraction, concurrent development, and reduced heavy weight technology dependencies. It can also mean product requirements established with clear state – tangible objectives, measurable results, and incremental ambition. There is no prescriptive formula or complete checklist to follow. In fact, this is at the heart of what Agile should truly strive to influence the “brain power” of the whole rather than on one or two individuals.

At its heart, Agile is about self-organization, real ownership of problem solving, yet integration to a larger, perpetually improving team. Supporting a business’ success can only be done by product owner and developers building the credibility of delivering solutions together. The credibility must be rooted in the synergy of product design and a technology platform, and stack that can adjust and respond dynamically. Transforming can’t be magically master-planned but rather must be brought to life by coaxing each member of the organization to develop a self-governance culture. This matter requires its own investigation as each organization is uniquely formed by mixed individuals. How has TRUSTe been evangelising itself? Look for Part II for further discussion.

Feb
20

TRUSTe extends web tracking analytics ability

TRUSTe has recently extended its Website Monitoring capability by introducing process flow scanning. This web browser add-on (currently in beta) provides for customized site scanning and analytics by providing the ability to scan any part of a site in any sequence as often as needed. This allows for seamless site navigation and reporting into a central portal with all the rich analytics necessary for complete and accurate discovery of tracking on specific flows on a website.

How it works
Navigate to where you need to scan > start your scan > navigate the process > end your scan > view results in your account at my.truste.com instantly.

It is that simple.

 

Use cases
Some examples of customer specified use cases we have seen include:

1. Making purchases after logging into an account: What trackers drop when different products are purchased

2. Creating a specific persona for purpose of tracking analytics

3. Closing an account and taking the corresponding survey: what trackers drop? – is the survey really anonymous?

4. Shopping cart drop-off: marketing needs to verify what cookies drop when order is not completed?

5. Cookie consent testing: Testing what cookies drop when cookie preferences are set on the site for EU cookie directive compliance?

6. Reporting on tracking behind a VPN

These are just samples of the use cases TRUSTe can and has scanned into for customers. Every business will have a different use case that can be fulfilled using this technology.

 Problems doing this manually
Manual methods of looking for trackers, such as using a consumer tracker plug-in or tools like Firebug are cumbersome, time consuming and don’t provide all the required information needed to make informed decisions about site tracking. For example, by having to copy and paste each line item from a tool like Firebug into a spreadsheet takes time, and then one would still need to identify which entity belongs to each domain, how that entity got to the website, what are their privacy practices etc – all this insight is not available from plug-ins and similar tools. Just ask the TRUSTe Ops team about this painful process – their experiences led to this new browser add-on being developed.

Trying to derive this type of data using consumer plug-ins simply does not give the enterprise control over the specific site processes they may need scanned and analyzed.  

Availability
This is not a consumer privacy tool. The technology was developed specifically for an enterprise to get a better understanding of the data flows across specific areas on its site. This technology is currently only available to TRUSTe Website Monitoring customers.

Comprehensive web tracking analytics
With this addition to our Website Monitoring  Service, TRUSTe now provides analytics across an entire site, or just a specified portion of that site.

But enough talk on tracking, did you know that our monitoring service has been extended to identify and report on personal information collection. Keep a look out for my next post on how TRUSTe website tracking technology has transcended being solely a tool for tracker detection and has evolved into a full-featured privacy management tool that detects all data collection (tracking as well as personal information), providing the insight needed to understand comprehensive data collection across web properties. Our privacy pros use it today as part of their privacy assessments and certifications. Our customers are able to do so too. 

Oct
23

Do not Track Monitoring

January 1, 2014 is almost here. By that date in order to comply with the newly revised CalOPPA law companies must disclose in their privacy policies how they handle do not track (DNT) signals set in a user’s browser.

TRUSTe’s website monitoring service provides a wealth of website tracking analytics and has been extended to provide  Do Not Track site analytics.

For example, a sample DNT scan of a car rental website shows an overall reduction in third party tracking as compared to when DNT was not set – 32% fewer third parties resulting in a 38% reduction in third party cookies.

DNT Setting Number of third parties Number of cookies
DNT:1 43 66
DNT:0 63 106

Although there is not yet an industry standard for DNT, companies can still start evaluating how their third party vendors are responding to browser DNT signals.

 

Oct
03

Raising the COPPA flag for third parties

Melissa Juan – Director of Mobile Product Management | TRUSTe
@lissajuan

The recent changes to the COPPA (Children’s Online Privacy Protection Act) rule put out by the FTC, attempts in part to address the confusion on who is really responsible for COPPA compliance, given that most digital properties are comprised of content or ads served by third parties.  According to the amended rule the onus is on the operator to comply.  Operators in this case, are companies that offer online services directed towards children or directly collect personal information from children.  Operators are typically first parties that include brands or publishers, but to complicate that statement further the COPPA changes state:

“…the definition of a website or online service directed to children is expanded to include plug-ins or ad networks that have actual knowledge that they are collecting personal information through a child-directed website or online service.”

This means third parties are indeed responsible, provided that they have “actual knowledge”.  There are two cases where third parties can obtain this knowledge.  One way is for the publisher to directly communicate the nature of their online service to all its partners and vendors.  Another way is for a representative from the third party to deem the site and/or app child directed after observing messaging, images and other artifacts that would appeal to just children.  In the mobile gaming world, there can be some blurred lines with the second method.

A developed flagging system to signal third parties would be much more scalable for the industry, rather than manually scanning sites and apps to discover if they’re child directed.  There are a few technologies already in place to enable first parties to communicate to third parties of whom their content and advertisements are being served to.  One mechanism of getting this knowledge isn’t any different than how they’re getting information to serve targeted ads and content to consumers via a JavaScript ad tag.

This comes from the Open RTB Specification, which is a protocol for communicating between the players of the ad ecosystem – SSPs, DSPs, ad networks, ad exchanges and data platforms.  In the spec is a user object, which contains information about the end user of a device or desktop that can be passed over to a third party content provider, or advertiser and the like.  It helps them determine what should be displayed in relation to the end user.  By passing another piece of information, for example a COPPA flag  (i.e. COPPA=Y in the buyerID field) stating that the embedding site is compliant to the rule, third parties can choose more appropriate content making a better experience for young audiences.   Using existing ad tags to receive this signal also creates efficient bidding in the exchange due to more accurate targeting.

In the case of mobile apps, understanding the end user of a device can be more challenging.  We live in a digital age, where children are more tapped into technology then ever before and devices are ubiquitous in day-to-day life.  Children may not own their own smartphones or tablets, but the vast majority of apps and media are targeted for young users’ consumption.  A friend told me that her son (who confessed that he loved the iPad more than his father) downloaded a seemingly harmless game.  She noticed that inappropriate ad images were being displayed so she immediately removed it from her device.  Something the app developer could do is pass the COPPA signal via an existing SDK, i.e. an SSP SDK.  This mechanism is specific to native mobile apps and also already used for online behavioral advertising practices.  At the time the app is initiated, it could transmit a signal to the third parties in the ad exchange.

Another avenue that app developers can take to ensure they’re COPPA compliance is communicated  is in the form of app monitoring and assessment.  These types of services audit the activity of the app including any data collection and transmission to third parties, as well as external calls made by the app.  This type of assessment can ensure compliance of self-regulatory governance such as COPPA and CalOPPA and create an insightful report, which can be used as a tool to communicate to all partnering companies who may collect and pass data from children using the app.  Each time an update is made to the app, the monitoring service can run a report and alert first parties to communicate to partners of COPPA compliance to send appropriate content and ads.

SDK work flow

Technology exists today for both the web and more importantly on mobile devices where children are the most vulnerable.  TRUSTe, the leader in global Data Privacy Management solutions, creates these technologies to allow for innovation and progress to continue and for self-regulatory mandates to be met by the industry for the consumer.  The TRUSTed Ads solution for display, mobile web and mobile app ads provides the mechanisms needed for involved parties in OBA to communicate end user opt-out preferences.  The preference reading JavaScript tag and SDK used to communicate consumer choice in online behavioral advertising can easily retrieve COPPA signals and propagate them to the industry.

TRUSTe also brings TRUSTed apps to the mobile industry, offering services that analyze app data collection practices, third party sharing for contractual provisions and data governance policies.  An enterprise version of this service additionally evaluates security and malware scanning of the app.   Raising the COPPA flag doesn’t require any heavy engineering or additional load to your site and/or app.  TRUSTe can provide the technology solutions to make it happen today.  It simply makes for a better, safer environment for all kids.

May
22

Managing Fourth Party Tags

I know what third parties are present on my website.

This is the response from a typical website operator when TRUSTe recommends an audit of all third party tracking on their site. How surprised they are to discover third parties on their site to which they were not aware. When this happens, and it happens often, the customer typically goes through reaction cycle:

  • First: Denial – “You made a mistake. We definitely do not deal with companies.”
  • Second: Prove it. Even though TRUSTe identifies the vendors responsible for allowing these additional third parties onto the site, customers often refuse to believe it. In one instance a customer went so far as to remove the identified vendor tag from the site and have TRUSTe rescan. Lo and behold, the unknown third parties were no longer present.
  • Third: Appreciation – “Wow this is great. We had no idea there there were other third parties on our site.”

So how do third parties get on a site?

I categorize third parties into two categories: “vendors” and “fourth parties.”

Vendors are those third parties your site calls directly, i.e. you have placed that third party tag directly into its HTML code.

Fourth parties are those third parties that may piggy-back off of a vendor tag to get to your site. As you are not calling them directly you may not be aware of their presence on your site.

Managing fourth parties

Are fourth parties “bad”? Not necessarily – in fact if you are relying on ad supported revenue then you should expect additional parties to be present in the ad chain, e.g., SSPs, DSPs, data providers, etc.

Do you need to know what fourth parties are present? Absolutely!

Step 1: Find out what vendors and fourth party tags are on your site.

Step 2: Effectively monitor and  manage these third party tags. Many companies opt for a tag management solution to help streamline third party tag management. Simply put, tag management involves replacing all third party tags on your site with one central tag container. All other third parties tags are then wrapped into this central tag container allowing a site operator to manage all tags in one central place. Tag management allows you to easily manage and remove a tags from your site.

Step 3: Ongoing site monitoring and tag management.

A tag management system alone, is not the silver bullet we would all hope it would be:

  • Tag managers can only manage the tags that they are allowed to see. They will not see any new tags added to your site outside of the central tag container – and let’s face it people are fallible. Even though internal policy might dictate that all tags must be added through the tag management system – mistakes happen.
  • There are limitations around managing and blocking redirects to fourth parties.
  • There is no insight given into client side behavior, e.g., what cookies, pixels or flash cookies are being set.
  • There is often no insight into who these parties are and what they do.

For this reason, TRUSTe’s Website Tracker Monitoring Service forms an important part of the tag management ecosystem. We Provide a comprehensive discovery of all vendor and fourth party tracking on your website and monitor your website on an ongoing basis for new parties and trackers.

Our service strengthens our customers’ overall tag management system by:

  • Providing complete initial discovery of all tags on a website.
  • Providing detailed information and privacy risk analysis on all fourth parties enabling customers to make informed decisions. TRUSTe’s database of over 17000 tracking domains is integrated into our reporting and is available as a standalone data set.  We know who these third parties are, what they do, their privacy practices and provide you with this information together with their overall privacy risk to your site and site users.
  • Providing detailed analysis of client side behavior e.g., what cookies, flash cookies, web storage, pixel tags and scripts are being dropped and by whom.
  • Continued monitoring and detection of unmanaged tags and fourth parties,
  • Verifying that the tag management system is operating as intended and only allowing authorized vendors onto the site.

TRUSTe provides integrated website consent mechanisms for users. Additionally, through partnerships with tag management, companies, e.g., BrightTag, TRUSTe has helped customers properly implement and manage their tag management solution. We can help you.

 

 

 

 

 

Apr
01

Through the looking Glass

By Clay Turk (@clayturk)
Product Manager | TRUSTe
View Kevin Trilli's profile on LinkedIn

 

Let me start by saying I am very excited about the upcoming release of Google Glass, and everything this means for the future of ‘enhanced’ reality (AR was so 2011). I suppose I should caveat this statement and say that my enthusiasm lies not so much in a Google specific version, but the release of this technology to the general consumer.

The idea of being able to walk down the street and quickly identify, route, or share your adventures as you experience them is simply fantastic. However, with this comes an inherent privacy concern; what if I don’t want to be ‘Googled’ when I walk past someone wearing Google Glass? What if I don’t want my location and activities witnessed or potentially recorded by an app or Google itself? How would one opt out?

It is not unreasonable to consider the following to be a common use case; a Glass wearing individual walks into a conference and is able to pull up LinkedIn or Facebook profiles simply by looking at someone. Taken a step further, Government could start wearing Glass to identify people by certain profile types, even picking out “criminals” based on historic data. There are certainly ample benefits to such applications, but I would argue that with these benefits come  at a definite cost.

Currently web profiling and targeting only pertains to the device used by the individual, providing the user the ability to maintain an online and offline “persona”. If a user decides they no longer wish to be targeted based on a profile they are able to opt out. Opt outs traditionally being a nullifying cookie which replaces the targeting cookie’s unique ID, resulting in the user either being removed or ignored by that “vendor’s” targeting on that browser/computer going forward.

This seemingly works well for a computer or device, but breaks down when it comes to an individual in the real world. Without a directory to store this information there would need to be something unique and trackable about the individual, a new “cookie”, which from an observer’s perspective, is most likely the face.

Taking this to be true, we are left with a rather interesting conundrum, in that assuming a person could “opt” their face out of recognition, they would inherently need to be identified each time for the device/service to know to block them. The currently recommended solution to this is simply telling the potentially affected party to not participate, but this really only applies for an on-premise video recognition system. How would this work when dealing with Glass apps that record in public spaces or even private property where the owner is unaware if a customer is wearing Glass? What about children? With COPPA finally here, privacy concerns for anyone under 13 are paramount to any online business. Does signage need to go up in our parks or on our streets? Or do we simply accept the situation and allow our right to privacy to shrink that much more.

We certainly don’t want to get in the way of technology evolving, nor do we wish to prevent this technology from becoming widely adopted, but feel we would be remiss for not asking the above questions. For the time being it appears it may take laws and regulation to ensure compliance, at least until people start caring more about their offline privacy enough to force a change.

Our entire lives are quickly migrating to the internet, which makes everything we do, say and experience available for the world to view and comment on. In this way, we are entering a new era, one where the potential reach of technology has far superseded our definition and scope of privacy. I can’t help but give pause and wonder if we aren’t letting our desire for this new technology get ahead of our ability to understand its potentially lasting effect on our lives, both public and private.

Mar
26

HTML5…I mean, Local…I mean, DOM…I mean, Web Storage!

By Kevin Trilli (@squawkt22)
VP Product | TRUSTe
View Kevin Trilli's profile on LinkedIn

As we have moved rather quickly into 2013, the subject of mobile privacy has brought a renewed focus to client-side storage of identifiers and attributes.  Initially, this was driven by the fact that mobile safari with its default-on cookie blocking policy is especially relevant in the huge adoption of IOS devices. Firefox has since elevated this discussion on the desktop side with their recently announced change in cookie policy. Classic third party http cookies can not be used for traditional uses that help facilitate the ad ecosystem and in particular the behavioral advertising systems.  As such, there has been a push to look at alternative methods to accomplish device identification within a browser.

This post will investigate one of those methods, the use of HTML5 or Web Storage, compare the current state of browsers and then make some recommendations around how they can be used to provide better operational processes, but also balance user privacy.

Web Storage
To start, we should all get on same page with what to call this thing, as initially it was derived from the HTML5 specification, but has subsequently been moved to a more general Web Storage specification in the W3C.  Many people still refer to this as “HTML5 storage” (inside TRUSTe also) but we are officially going with “Web Storage” so we do not have to keep using multiple names when we bring it up. Additionally, the term “DOM Storage” is also used but less so, especially by Mozilla and Microsoft and only appears in IE browsers externally.

The storage facility is similar to traditional HTTP cookie storage but offers some benefits commonly understood as:

  1. Storage capacity:  Browsers have enabled a minimum of 5Mb of storage inside a web storage object (IE has allowed 10Mb but it varies by storage type and browser).
  2. Data transmission:  Objects are not sent automatically with each request but must be requested.
  3. Client side access:  Servers cannot directly write to web storage which provides some additional controls from client-side scripting.
  4. Data storage:  Array level name/value pairs provides a more flexible data model

Privacy Implications
As has been discussed in the W3C spec and other forums, there are some considerations for privacy in place both within the spec design and implemented in the variable user agent controls present today in common web browsers.   Within the spec, there are options for user agents to:

  1. Restrict access to local storage to “third party domains” or those domains that do not match the top-level domain (e.g., that sit within i-frames).  Sub-domains are considered separate domains unlike cookies.
  2. Session and time-based expirations can be set to make data finite vs. permanent.
  3. Whitelist and blacklisting features can be used for access controls.

Consumer Controls
The immediate privacy controls exist within the user agents, and as with any user control, the degree to which the feature has been deployed and in what manner varies across the major browser in use.  This next section will provide a comparison of the four major browsers: (Note: This data is current as of the date of the post) 

Chrome Safari Firefox IE
Version Tested 24.0.1312.56 6.0.2 (8536.26.17) 19.02 10.0.9200.16521
Location Advanced>Privacy>
Content>Cookies
Privacy>Cookies and Other
Website Data; “Details”
Tools> Clear Recent History
> Cookies
Internet Options> General>
Browsing History>Delete>
Cookies and Website Data
Nomenclature “local data”, ”Database
storage”
“Website Data”, ”cache” “cookies” “Browsing History”, “Website Data”,
“DOM Storage”
Ability to see presence of Web objects Yes Yes No No
Ability to see contents of Web objects Yes No No No
Ability to block setting of Web storage objects Yes No No Yes (Internet Options>
Advanced>Security)
Separate control Yes Yes
Combined with cookie control No – 3rd party cookie
setting separate
No
Default Off (Allowed) Off (Allowed)
Ability to delete content of Web Storage objects Yes Yes Yes Yes(2)
On exit of browser (Multiple) Yes Yes Yes(1) Yes
Individually Yes Yes No No

(1) DOM Storage can be cleared via “Tools -> Clear Recent History -> Cookies” when Time range is “Everything”. DOM Storage is not cleared via Tools -> Options -> Advanced -> Network -> Offline data -> Clear Now

(2) Included in the “Cookies and Website Data” setting.


Discussion
I have to admit, this was a fairly intensive exercise, requiring some effort to discover and understand these different controls across the different browsers.  Most users only use one browser, but it is quite difficult to offer specific general guidance to consumers as it varies so widely by browser.

However, the general behavior of the web storage objects is trending towards that of cookies. It is expected that user agents will ultimately treat them the same way to ensure the willing and motivated consumer can feel that their expectations were met when turning on cookie controls or similar settings.

Generally, Chrome offers the best set of features in terms of clarity and advanced features.

 

Conclusion
Usefulness of Storage.  In some ways, Web storage provides a better long term solution to cookies, as the amount of information that can be stored allows for more uses.  One area this can be helpful is around storing multiple preferences across multiple third parties for privacy.  Another would be to store preferences a user has provided with intent and permission to be shared.  For example, “I allow my favorite brand, Burton Snowboards, to present me with their new snowboard advertising as I am in the market for a new board next season.  Also, they can share my info with different providers of boots and bindings as I would want to look at those also.”

Performance.  The usual trade-off of (1) unique client-side identifiers that point to server-side data vs. (2) heavier client side data plays an interesting role in performance optimization, especially in dynamic exchanges and other real-time operations.  Having a better option for richer client side data can help present additonal options for client-side optimization.

Privacy.  There are still some gaps from a consumer’s perspective depending on the browser used, as illustrated above.  But, generally, web storage objects are non-permanent so they can be deleted just like cookies and thus are as “safe” as cookies.  But, some degree of standardization is needed in terms of either merging controls with cookies or educating users that these also behave like cookies and need appropriate controls.  This is all trending towards happening in the coming short-to-medium time frame, so generally, the threat level is low around web storage objects in the medium term.

For the immediate term for those that want to use Web Storage, the high road should be taken on transparency of their use and providing an opt-out system similar to the industry transparency programs (e.g., AdChoices).  TRUSTe has already developed such system for those already using this approach in the mobile world, but it also applies for desktop users.  Clearly, a DNT-like approach can work once that spec reaches a landing point.

Finally, websites should regularly monitor their sites for the use of these technologies similarly to cookies and other tracking technologies.

 

 

 

More Resources:

Oct
11

Do Not Track and Preference Management

By Travis Pinnick
User Experience Designer | TRUSTe
@xtratrav

The current industry standard of providing user preferences around ad-related tracking makes use of a script-based in-ad icon as specified by the DAA which links to a preference management tool. Newer browsers are also supporting the Do Not Track (DNT) header request as an alternate method of indicating user preferences.

With the proliferation of DNT it is becoming more obvious that future systems need to be technology-agnostic in their approach to preference management. Until the industry fully adopts DNT, a temporary solution could be to integrate DNT recognition mechanisms into existing cookie-based systems.


DNT vs Cookie-based preferences

DNT is a browser feature that appends a header to http requests expressing a user’s preference not to be tracked (currently implemented in newer versions of Firefox, IE, and soon to be implemented in Chrome).

A strong advantage of DNT is that it makes it easy for consumers state a clear preference regarding tracking. Unfortunately other than an acknowledgement response that the signal was detected, DNT lacks a technical method of enforcement and relies on trackers to honor the request.

Cookie-based opt-out tools are used to indicate that a user wishes to be opted-out of behavioral advertising. This places the burden of control on the user to deal with large numbers of tracking domains, and deleting cookies (a common consumer approach for controlling privacy) also deletes the opt-out preferences.


DNT Exception Handling

DNT in its current incarnation is a global preference associated with the browser, whereas cookie-based opt-out allows for granular tracker-specific preferences.

While DNT only applies to third party trackers, it’s still possible that a user may want to grant exceptions for third parties on a site they trust for the purposes of enabling desired functionality. For this purpose future browser implementations of DNT may accommodate exception handling – allowing the user to set browser-based DNT exceptions for specific domains.


view demo »

Mozilla was an early champion of DNT and specifically chose the term to avoid the ambiguity of interpretation that plagued cookie-based opt-out mechanisms. Microsoft’s surprising move to make DNT the default in IE10 will force the industry to decide how to interpret this signal. For companies who plan to honor DNT, this will be an opportunity for a new kind of consumer engagement and education by way of a DNT exception request, in which the publisher can request on behalf of the ad providers that the user allow tracking for a trusted site.


Complications of an Integrated Solution

One of the difficulties of integrating DNT and cookie-based preferences is that these two preference mechanisms, while similar in their representation of user intent, are functionally very different. DNT is a global setting in the browser and is communicated along with all http requests, while cookie-based preferences are maintained in the browser cookie storage and can only be accessed by the individual domains who set them.

Any preference mechanism which attempts to recognize both types of preferences will have to deal with collisions – what happens if the user has set a global DNT preference in their browser, but has an opt-in tracking cookie? Collision logic will be necessary to determine which preference is the most accurate signal of user intent. This will be complicated even further if browsers implement domain-based DNT exceptions, wherein users may have a global DNT preference, a domain-based DNT exception, and a cookie-based preference, any of which may conflict.


DNT and Automatic Cookie-based Opt-out

Since a user who has stated a DNT preference most likely does not wanted to be targeted, existing cookie-based systems could also be implemented to respond to DNT detection. TRUSTe has developed a DNT-integrated ad tag solution capable of acknowledging a user’s DNT preference and reflecting it via the transparency afforded by the in-ad icon, using the ad tag script to automatically record the user’s preference by triggering opt-outs for all tracking entities associated with the ad tag.
More on this »

A less invasive approach is for this option to be presented to the user in the ad interstitital messaging, or at the point of interaction with the preference manager (rather than being invoked by the script serving the ad tag). While functionally similar, this approach gives the user control over the execution of the opt-out, rather than letting the system do this automatically.


view demo »


Conclusion
The future of DNT is still uncertain, as the industry struggles to reach an agreement regarding how it should be honored, which its inclusion as a default in IE10 will only reinforce. A parallel approach to this is to find ways to integrate DNT recognition mechanisms into existing preference systems in ways that are both meaningful and graceful, without forgetting its original intent.

Sep
30

Technical Analysis of the IOS6 Tracking Identifiers and Privacy System

The new release for IOS6 contains several improvements in the tracking and privacy systems for advertisers and consumers. The release features are definitely just a starting point in what appears to be a long term strategy to embed privacy controls into the platform.  Below is an analysis of what is included within the system along with some insights from TRUSTe based upon on our learnings from launching the industry’s first comprehensive mobile ad privacy system earlier this year.

From a high level, there are two major components to this system:

  1. A new system for identifying users based upon two identifiers.
  2. A new privacy control system for users to signal privacy preferences.

New IO6 Identifiers

The two identifiers are as follows:

  1. advertisingIdentifier(aI)
    • Per the documentation, this is a read-only, alphanumeric string unique to each device, used for advertising only.
    • The value is constant for all third parties, but the ID can be deleted “if the user erases the device.”
  2. identiferForVendor (idV)
    • Per the documentation, this is a read-only, alphanumeric string that uniquely identifies a device to the app developer.
    • The value is the same for apps that come from the same app developer running on the same device.

Comments:

  • These IDs are an improvement over UDID and MAC Address usage, as the ID’s are non-permanent, can be deleted and have two different systems that can be used for Advertising and Analytics.
  • Offering a separate developer-only version also provides some origin control around access to the ID.  But, the aI is available to any third party so profiles can be built across different apps.
  • In order to delete these ID’s, users will have to erase their device to remove the ID which is a pretty extreme analog to clearing your cookies from your browser.
  • Cookies also offer the added benefit of including expiration dates so they only be used for short finite periods, whereby these IDs offer no such controls.

New Tracking Controls

There is a new “Limit Ad Tracking” function that allows phone users to control the use of their aI by advertisers.

  1. There is a user-controlled setting under “About” in the Setting menu where a user can turn this on or off.  It is defaulted OFF.
  2. Apple Provided text to consumer:
    1. iOS 6 introduces the Advertising Identifier, a non-permanent, non-personal, device identifier, that advertising networks will use to give you more control over advertisers’ ability to use tracking methods.
    2. If you choose to limit ad tracking, advertising networks using the Advertising Identifier may no longer gather information to serve you targeted ads.
    3. In the future all advertising networks will be required to use the Advertising Identifier.
    4. However, until advertising networks transition to using the Advertising Identifier you may still receive targeted ads from other networks.

How exactly does this work?

There are two new functions:

  1. NSUUID *adid = [[ASIdentifierManager sharedManager] advertisingIdentifier];
  2. BOOL tracking = [ASIdentifierManager sharedManager].advertisingTrackingEnabled;

The first function is to get the aI , and the second one requests the state to check if tracking is enabled (it is ON by default), which is sort of a “DNT” flag concept:

  1. When a user keeps the Limit function in its default OFF position, the aI gets sent to third parties and “TrackingEnabled” returns “YES.”
  2. When a user turn on Limit Ad Tracking, the aI still gets sent and “TrackingEnabled” returns “NO”.

Comments:

  1. This is definitely an expert function for the most privacy-sensitive users, which TRUSTe applauds Apple for making these controls available as a baseline.  General consumers will not know this function exists without additional education.  As such there is still need for a transparency system by app developers and the ad industry to let users know when their data (identifiers) is being used by third parties.
  2. There is only one option to Limit Ad Tracking and this is a global setting. There needs to a more granular system to allow users to provide exceptions beyond the global option, as some [free] apps are predicated on the fact that they can be ad supported.
  3. This system has some structural similarities to the DNT header feature that is rolling out in most browsers, but with some important gaps like Exception management and some definitions around what behaviors are expected by third parties once the user has set the flag.
  4. It is unclear how this system will work in conjunction with the browser-side DNT deployment that also is rolling out in IO6.
  5. It appears that restricting access to UDID and MAC address will occur at the app approval process vs. platform level, as access to the UDID is still possible when the Limit flag is set.  There are no official positions stated by Apple around MAC address, but one would have to assume this will be eventually limited like the UDID was.

Conclusion:

This is an interesting first step for Apple to bring some improvements to its platform, to help advertisers offer targeted advertising in a more privacy-safe manner.  But, there are still some pretty important gaps around user transparency, user education and more granular choices that reflect those users that want free apps from trusted brands.

TRUSTe has been working hard for over a year on its TRUSTed Mobile Ads product with leading app developers and third party ad and data providers to provide users with transparency around their data use and flexible choice options on how they want their information shared with third parties.  This information includes their device ID’s but also other parameters that are used by advertisers.

TRUSTe’s solution offers a very robust set of choice options that include permissions for brands, ad networks and global preference options.  The solution also binds these preferences across both sides of the mobile device to give the user comprehensive control.  Finally, it is a general permission framework which goes beyond just those users that wish to opt-out, but also provides capabilities for user to tell advertisers what they are interested in, which is what a full-featured interest and privacy system should accomodate.

TRUSTe looks forward to evolving its solution alongside this new IOS solution in addition to the DNT program on the browser side.  TRUSTe’s solution is ID-agnostic, so it will automatically work with the new IDs.  The TRUSTe solution will also be compatible with any user-invoked settings via the Limit Ad Tracking settings.

Older posts «