This past Tuesday, a Stanford graduate student posted an article here allegedly examining Epic Marketplace’s business practices. The posting was, to some extent, a follow-up to an earlier piece (available here), which examined the marketing activities of several ad networks, and suggested that their practices violated various consumer privacy initiatives. Given the nature of these allegations, we felt the need to address them, specifically the ones aimed at our peers and now us.
First and foremost, allegations of this kind – those that involve consumer privacy, online behavioral advertising or compliance issues in general – are taken very seriously by our company no matter who makes them. We believe, as we have for years now, that our company is among the leaders in compliance and we work very closely with the leading industry groups in that regard. When anyone brings to light any issue, whether it is related to “Do Not Track” or any other consumer privacy concerns, we take the time to research the allegations and if necessary, take corrective action immediately.
The Stanford student’s blog purports to examine a practice described as “history stealing”. The use of such a pejorative term obviously reveals a bias; the student seems to believe that the collection of anonymous, non-personally identifiable, browser information somehow constitutes theft. This is an extreme position, to say the least, as this type of data collection occurs in virtually every web transaction. The practice described in the blog, better labeled as “segment verification” (indeed, as admitted in the blog, no URLs or URL history is actually collected) provides companies with a way to measure the accuracy of the data that a company purchases from data vendors without compromising consumer privacy. NO data obtained from segment verification is personally identifiable information (PII), nor is that data ever merged with other data points that are, or may be, personally identifiable.
Furthermore, when the user opts out, all data collection efforts cease. The student erroneously concludes that users are unable to avoid participating in segment verification because the opt-out mechanism does not delete the cookie that exists on the user’s computer. Like many other networks have pointed out already in their responses, this is misleading and inaccurate. When a user opts-out, all further collection of behavioral data from that user stops and existing profile data is deleted, even though the cookie itself is not deleted. The reason for this is simple: these cookies provide important operational information necessary for the delivery of any ad, not just targeted ads. For example, Epic Marketplace needs this data to determine how many times a particular ad has been shown to a user, and to analyze whether fraudulent activity is taking place. Ironically, in order to give effect to a consumer’s decision to avoid data collection, the cookie has to remain, otherwise advertisers have no way of knowing that that particular consumer has elected to opt-out of that advertiser’s data collection practices.
The business practices at Epic Marketplace are consistent with the NAI’s long-standing definition of what opt-out means. While many consumer advocates are calling for a much broader implementation of “Do Not Track,” there is no industry consensus on what “tracking” means or what these browser technologies should do. Currently, the NAI and DAA cookie-based opt out is the industry standard, and Epic Marketplace complies with this approach. By way of background, it should be noted that our legacy network has been named one of the top networks for compliance, as covered in MediaPost here. Epic Marketplace’s privacy practices towards online behavioral advertising are firmly aligned with industry self-regulation efforts which generally allow for the collection and use of anonymous online behavioral advertising data, provided that there is notice and a robust mechanism for opt out.
For more background about how seriously we take all things compliance-related, we have written several pieces previously which point to our commitment in the area of online privacy and compliance spanning several years. You can see our past essays and the work we’re doing in several of our blog posts. For our take on brand safety, please click here. You can view the news about us being named a top network for compliance here. You can view our response to the Wall Street Journal’s “What they Know” series here.
Finally, years ago, we invested heavily in our in-house compliance team by bringing on highly-acclaimed attorneys as well as a former FBI agent and cyber crime expert. No other company has done this, or taken the precise steps we have, to secure our reputation to our clients, consumers, and those across the industry. More importantly, we took these steps because consumer protection and privacy are at the top of our agenda and corporate fabric. As one of the only accredited companies in our industry with an A+ rating by the Better Business Bureau, we have a vested interest in ensuring the highest standards are met in the course of everyday business. We pride ourselves on being fully compliant, and are actively working towards implementing all self-regulatory principles our industry has adopted in a comprehensive and responsible manner.
We look forward to continuing a healthy, proactive discussion about some of these important topics in the future. We also look forward to continuing to serve our clients, advertisers and consumers in an effective, yet safe and compliant fashion, to which we are accustomed.
2 Responses to “Epic Marketplace: Response to Behavioral Advertising and Tracking Allegations”