The short answer is “it works.” Self-regulation has come under attack recently, particularly in the context of over-simplified debates about browser-based choice mechanisms. These discussions, which tend to be written in sound bites, focus on two core elements of self-regulatory programs: transparency and user control.
Through the use of trillions of icons in advertisements, disclosures in privacy policies, links to centralized opt-out mechanisms, and consumer education, the NAI program has robust provisions in place to provide transparency and control for consumers. There is always room for improvement, however. That’s why self-regulation is constantly evolving and seeking better ways to engage consumers. That may even include browser-based choice mechanisms in the future, and we are not opposed to such tools. On the contrary, we believe such tools can be beneficial for the entire ecosystem if implemented properly.
Let me be clear: we strongly believe in and offer the two core elements of self-regulation mentioned above – transparency and user control. The millions of consumers who have visited the NAI page and other self-regulatory websites to learn more and control their preferences around the collection and use of data for Interest-Based Advertising are evidence of just that. What I want to point out, without devaluing these two critical principles, is that self-regulation is so much more than transparency and choice, and we should not forget that as we debate what, if anything, we do about Do-Not-Track signals in browsers.
Self-regulation, as the NAI sees it, is a comprehensive code that embodies the full range of the Fair Information Practice Principles of notice, choice, transparency, control, access, data minimization, use limitations, accountability, and security. It is a framework that recognizes that some data requires higher standards for choice and control and that some uses of data – notably those that impact eligibility decisions – should be off limits for the marketing data collected by our members.
In addition, regulators have stated that industry self-regulation only works when it is backed up by rigorous compliance efforts, tough enforcement and accountability. The NAI is an example of this in every sense. Self-regulation works, and we know it works because our members prove to us year after year, in every compliance review, that they are committed to upholding high standards for the collection, use, management and security of data. Our compliance team demonstrates this hard work through robust enforcement and NAI-wide compliance with the Self-Regulatory Code of Conduct. When we do our job, regulators can focus limited enforcement resources on truly bad actors and those practices that cause consumers the greatest harm.
As noted above, we also believe that meaningful self-regulation requires constant reevaluation of new technologies, new business models, and new policy developments. At NAI, we continuously adapt old policies and craft new ones so that best practices evolve organically and in lockstep with our industry. Just this year we have released a revised Code of Conduct and drafted a new Mobile Application Code in response to the constantly evolving business and technology practices of our members and the online advertising ecosystem at large. Already our members have stepped up to the plate – eager to implement the next evolution of high standards.
We believe that flexible self-regulation, backed up by compliance and enforcement, is better for the industry than regulation or legislation that can’t keep pace with evolving technology and business models. Our industry is evolving so rapidly – new technologies and business models are introduced almost daily – but if we can apply well-accepted principles of notice, choice, transparency, and accountability industry-wide, we’ll be poised to overcome these challenges. With effective self-regulation, everyone wins – industry, regulators, and most importantly, consumers.