Web tracking may be a growing problem online for consumers—it means companies know the sites they visit, what they buy, and their personal preferences. But, the Do Not Track proposal before Congress might be an even bigger problem for small business activities online.
Whenever you surf the Web, websites use small bits of code called "cookies" to track your activity.
The goal is to determine your interests and concerns and display ads calculated to appeal specifically to you. The downside is that advertisers know which sites you have visited; some even track your online purchases.
Depending on your point of view, this practice is either an invasion of privacy or a beneficial practice that helps keep online content free, and makes browsing in general more interesting because you may see an ad for something you actually want.
Newly proposed Do Not Track legislation is intended to make Internet surfing more private. The basic idea is that you could opt-out of tracking, and then Web servers—those inter-connected computers that form the Internet—would insert a small portion of code called a header that tells a Web site you do not want to be tracked. Those that own the Web servers, such as AT&T, could be fined for not following Do Not Track legislation.
Proponents and opponents of Do Not Track introduced in Congress are lining up on either side of the issue, and rhetoric is as heavy-handed as you might expect in Washington. Those who oppose Do Not Track (or DNT) cite concerns over its effect on small businesses. "Do Not Track will run small business off the track," declares Steve DelBianco, executive director of NetChoice, an advocacy group that opposes the law.
Rick Jaworski, publisher of JoyofBaking.com tends to agree. The site is fully supported by advertising and earns enough to provide a good living for him and his wife. But that could change, he says, if Do Not Track becomes law. "It could lop our revenue in half. There's no way to know."
JoyofBaking uses advertising aggregators such as Google and ContextWeb. The site is compensated on either a cost per thousand page views (CPM) or cost per click (CPC) basis, depending on which advertisers bid higher in the auction for the site. With Do Not Track, Jaworski says, revenues from both sources would go down dramatically.
"The non-targeted ads are the random ones like the flashing ad that says you're the millionth visitor," he says. "They don't pay as much for those."
Cost per click will almost certainly be affected since the site earns no money until a user clicks on an ad, which is less likely to happen when the ad isn't targeted to that customer.
Other consequences for Do Not Track could include even more online advertising as site owners scramble to make up the loss of targeted advertising, more ads that pop up before the site loads, including video ads, and more "paywalls" (meaning, you pay a fee to see content).
Do Not Track might not be a reason to panic quite yet.
For one thing, the biggest fear of business people like Jaworski or advocates like DelBianco is that, when the law is finally enacted, it may only allow tracking on an opt-in basis where advertisers and others are forbidden to track users' online behavior unless those users have gone to the trouble to change a browser setting and allow it.
"Who's going to do that?" Jaworski asks. "Maybe 1 percent of users. And no advertising network is going to make the investment in the infrastructure needed to serve interest-based ads for that small a number of people."
It's a legitimate worry, and it's impossible to know what final form the law, if any, will take. But for now, most proponents of Do Not Track appear to be stumping for an opt-out system in which users will be tracked by default unless they ask not to be.
Browsers like Mozilla Firefox and Internet Explorer already include a feature to disable cookies. The main difference would be to make sure users are aware of the tracking, and to give them a simple and obvious way to turn it off.
That's already happening. Mozilla recently announced the Firefox 4 Do Not Track feature, which is turned off by default. It does not actually prevent tracking, but does send a message to websites requesting that they refrain from tracking this user.
So far, few websites have agreed to comply, with the notable exception of the Associated Press which last month announced it would configure its many news sites to honor Do Not Track in Firefox 4.
Mozilla is confident more will follow. "Many ad networks already voluntarily honor opt-out cookies, and Do Not Track is a similar technology," notes Sid Stamm, Mozilla's privacy engineer. Microsoft Internet Explorer 9 also has a Do Not Track feature, although it's an all-or-nothing approach. Tracking is either on or off.
Responses like these may prevent the passage of a law altogether. In December, the Federal Trade Commission encouraged Congress to consider Do Not Track legislation because the industry's efforts to address the issue had "largely fallen short." But, the FTC acknowledged that "robust, enforceable self-regulation" might be a potential alternative. With the two most popular browsers now building in Do Not Track features, that alternative starts to look more viable.
That's all to the good, says Dennis Dayman, the chief privacy officer at the marketing automation company Eloqua. "The legislation is in reaction to some companies putting their own benefit ahead of end users,'" he says. "But we're better off with self-regulation. It takes years to institute a law, so many technology laws become invalid after the first year or two. It's very hard for laws to keep up with technology. With self-regulation, we can move faster."