Enhancing Online Privacy In Behavioral Targeting Advertisement Information Technology Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Advertisements are part of everyday life even if it's not a choice. They are placed in every possible physically spot and in every kind of mass media. Advertising has become an important channel of modern marketing [19]. The purpose of advertisements can be brand awareness, brand promotion or brand sales and the method varies based on the media used.

Internet media is an important communication channel and could not be an exception; therefore, display banner advertisement has become a big industry especially the latest years as advertisers struggle to approach ever-larger audiences with higher susceptibilities to consume. It is estimated that global online advertising market is valued $40 billion in 2009 and grown to $80 billion by 2010.[5]

Yet, people actively avoid looking at online banners [1] and empirical and experimental studies show that advertising messages are noisy [2]. Meaning that people are anointed by the existence of advertisements on web and therefore the effectiveness of the advertisement campaign might be low for people that dislike this noise. A way to measure the effectiveness and success of online banner advertisements is CTR (Click Through Rate). A CTR is calculated by dividing the amount of users who clicked on an ad within a web page by the amount of times the ad was in total delivered (impressions).

The average click-through rate of banner ads has been decreasing consistently, from 3% in the mid-1990s to 0.2% (eMarketer 2004).

Studies showed that since "we are faced with an ever expanding mass of information" the "selection of the relevant bits of information seems to become more important than the retrieval of data" [3]. The relevance of information is subjective and is related to the personal interest of each user. Hence, the idea of behavioural targeting within online advertisement was very quickly expanded in all countries and is today considered to be a mandatory service for the online advertisement industry. Online Behavioural targeting (OAB) is not a new practice within online advertisement industry; it was first released in late 1990s from DoubleClick to track users across sites and present banner advertisements based on their browsing preferences. [6]

Interest based advertising is not a static area of technology. On the contrast, it's continuously evolving and adapted to new techniques and methods, aiming to increase the revenues by succeeding on targeting the correct potential customers based on their personal interests. It's evolution combines web mining in data analysis of on-line users' behaviour and machine learning in optimizing web on-line advertising [1]

Companies in the industry use Interest based advertising as a solution for optimizing the selection of ads to display for a certain user. The selection of ads is based on an interest profile built up during visits to websites within a specific ad network.

Problems with behavioural targeting

The problem in today's solution within interest based advertisement is that since users have the ability to choose to surf in private mode, by selecting this choice from the browser, it is impossible to gather anonymous data about their interests.

In advance, although online behavioral advertising promises to decrease the noise and increase the user's interest, there is a great concern and protest, particularly among privacy and consumer advocacy groups [6] mainly because of the technology that is been used.

In addition to the general disapproval of the fact that the majority of advertising companies store and use their customers' information in a non-ethical way, an upcoming refinement of the methods which advertising companies use to inform their users about their online tracking is expected due to an EU directive issued on 2009 [15]. This directive is expected to redefine the implementation and operation of current methods used for retrieval of identification data, since every online advertising agency should explicitly ask for the user's consent before accessing and processing his data.

Current technology background

As mentioned previously, apart from the fact that current behavioral advertising techniques fail to retrieve the appropriate information regarding their target groups, they also neglect the security concerns. Most of them seem to focus more on attracting users' attention and persuade them to purchase without taking into consideration their privacy. As a result, security attacks are highly related with current advertising methods, thus making customers suspicious and face rather negatively the fact that their online behavior is monitored.

In this section we will first provide a brief description of the available techniques that are widely used from the advertising industry, in order to familiarize the reader with some basic underlying concepts. Consequently, we will specify which of these technologies are used by some of the leading advertising companies aiming to track users' online preferences, how they manage to deal with security attacks and why they still fail to convince people that they perform their privacy protection efficiently.

One of the most common techniques used to track online behavior nowadays are Cookies. These are text files created by web sites and placed into users' hard disk. When a user is visiting a site this file is placed automatically in a specific repository that each browser retains to store cookies. The next time the user choses to visit again this specific site, he will be uniquely identified based on the information that cookie has stored for him[7]. This information can be related to his browsing history, such as the sites he has visited, the usernames and passwords he provided to log into them etc., or information regarding his system's or network's details, such as browser type and version, operating system he uses or his IP address[8].

Another, relatively new introduced method is Deep Packet Inspection (DPI). It is mainly carried out within the user's ISP consent and cooperation with advertising companies, since it uses specific software and hardware aiming to retrieve information regarding the online preferences of ISP customers [9]. This information may include details regarding sensitive private data, such as name, sex or location of the user as well as his browsing and purchasing history.

On the other hand, web beacons are often used for behavioral tracking also. They are usually a chunk of code linked to a graphic image that is not visible to the user in the foreground of a Web page. It can be used to collect either anonymous data, and in this case are stored in the cache of web browser or personal information which can be retrieved for example from an email containing the web beacon [10].

The techniques mentioned in the previous paragraph are widely used by some of the most dominant companies in the advertising industry, which aim to construct the users' profiles based on the tracking of their interests. In this section we will examine how companies like DoubleClick, Phorm and Yahoo exploit the available web techniques to gather information about their users and how they manage to protect the privacy of them.

DoubleClick, which was founded in '90s and managed to evolve into one of the most well-known online advertising agencies was acquired by Google Inc.in 2007. They use web cookies that are stored on user's browser each time he chooses to visit Google, DoubleClick or some of their partners (YouTube, Amazon etc.). Hence, they retrieve information based on both general browsing history of the user as well as his searching or purchasing history through specific advertising sites. The DoubleClick Cookie is stored in the web browser as a log file containing the time that the user interacted with the advertisement, the user's IP address, a number specifying the advertisement, a unique identification number for the user's browser and the url path of the site that hosts the advertisement [11]. As such, DoubleClick claims to use information that don't violate users' privacy and don't use sensitive personal data to construct the user's online profile.

Phorm uses Deep Packet Inspection to acquire information from the users' online preferences. It cooperates with ISPs to collect data regarding their customers' and uses the existing ISP infrastructure to achieve this. The main procedure it follows is to mark each browser with a different random number and relate it with the 10 most often keywords that appear in the visited sites and as such construct a "channel", which is a specific subset of users' interests [13].

Yahoo makes use of web beacons and the so called Yahoo Cookies, in order to offer their users more focused to their interests' advertisements [14]. They use both anonymous and personal data, but in the latter case they " require partners to disclose the presence of web beacons in their privacy policies and state what choices are available to users regarding the collection and use of this information", as stated in their website[14]. As such, they rely on their partners' privacy policies to efficiently protect the personal information of their users and also inform the user about the action of collecting his private data.

Related privacy concerns

Despite the fact that all the previously mentioned advertising agencies offer an opt-out choice to their users [15], which allow them to disable the tracking methods operation, there is a lot of discussion about the level in which they succeed in protecting their users' privacy. The greater issue of controversy between privacy advocates and advertising agencies focuses on whether all these companies actually use the retrieved information in an ethical way, and if this information is indeed anonymous. Numerous reports depict that Abacus Alliances, which owns databases containing personal information and is one of the major cooperators of DoubleClick utilize sensitive data of DoubleClick's visitors [12]. Phorm has been constantly accused from UK tabloids and Privacy Protection Organizations to infringe Internet Users rights by acquiring and storing personal information, and has also intrigued EU 's interest which has launched several legal proceedings against UK for not complying with the EU security rules [20].

Research Methodology

In order to provide an accomplished approach to our research we consider that the most suitable inquiry method is Qualitative Methodology and more specifically the conceptual inductive research process since it this is used in almost every workplace and study environment [17] and covers our research structure and means. Within a qualitative study we can generate "data in the form of participant descriptions of their experiences and use literary analytic procedures to produce higher-order descriptions and understandings of the investigated experience" [18].

First, we will investigate the dominant tendencies of tracking users' online behaviour and create the corresponding profiles for marketing purposes. By looking into the main web tools and techniques they deploy to retrieve information about the visitors of their sites, we will try to find out how they manage to build an overall picture of their preferences. We will particularly examine these techniques through a point of view of privacy concerns. In fact we will examine the ways they claim to successfully use towards protecting the privacy of their users, and in which degree they actually manage to achieve this. This part of our survey will be carried out through a data collection procedure based on three different sources of information:

The official sites of these companies, in which they describe the basic techniques that use for online behavioral targeting and what policies they follow to protect the privacy of their users.

Articles and papers which discuss and evaluate these techniques, by pointing out the basic points in which they fail to efficiently provide privacy security.

Previous surveys and statistics which indicate that either users are not interested in the advertisements they are exposed to, or their distrust to the level of the protection they perceive that these companies offer to them.

On the next step, our research will deal with a combination of technologies that aim to collect anonymous information regarding customers' behaviour and use them for behavioural advertisement targeting. As such, its goal will be to succeed in providing efficient advertise targeting along with showing respect to the users' need for privacy and freedom of choice.

On the third part of our research, we will try to testify the acceptance of our proposed technique. We consider that the most suitable way to achieve this is within a questionnaire that will give us feedback for our proposal.

Related Research

The selection of the target group for this questionnaire was based on the following criteria:

The target group should consist of people that have regular contact with various Web sites. This means that they have already experienced being exposed to online advertisements, and as such will be better able to express a well-argued opinion about online advertising issues.

It would be also useful that they acquire basic knowledge regarding the common tools and methods basically used to track their online behavior. Of course this doesn't mean that they should have in deep knowledge of the technical aspects of these methods, but rather a general sense of how it is feasible for an advertising company to get information about their online behavior.

The above consequently imply that the target group should consist of young-aged people, who are the main Internet users and usually have daily interaction with web applications.

For practical purposes it would be more convenient that the target group is easily accessible from us and is also familiar with Research and Scientific concepts. As such, it will be of greater interest to them to take part in our survey.

For the above reasons we regarded that the most suitable target audience for our questionnaire are KTH and DSV students. Our questions will deal with both examining their opinion about the effectiveness of our proposal in correctly identifying their interests and defining the level of their trust to the privacy protection that it guarantees. The final step will be to collect and evaluate the results coming out of our survey, in order to reach our final conclusions.

Literature references

[1] Drèze, X., and Hussherr, F.-X. (2004). Internet Advertising: Is Anybody Watching? Journal

of Interactive Marketing , 8-23.

[2] Bharat N. Anand · Ron Shachar (2009) Targeted advertising as a signal Quant Mark Econ (2009) 7:237-266

[3]Hildebrandt, M. and Gutwirth, S. (eds.), Profiling the European Citizen, Cross-Disciplinary Perspectives, Springer, p.1 (2008) (Profiling the European Citizen)

[4] J. Jaworska and M. Sydow (2008) Behavioural Targeting in On-Line Advertising: An Empirical Study

[5] Policy Engagement Network The Information Systems and Innovation Group, ONLINE ADVERTISING:Confronting the Challenges. MAY 2009

[6] V.Toubiana, A.Narayanan, D.Boneh, (2009) Adnostic: Privacy Preserving Targeted Advertising

[7]: JOON S. PARK AND RAVI SANDHU, "Secure Cookies on the Web", IEEE INTERNET COMPUTING, July-August 2000

[8]: Daniel Lin, Michael C. Loui, "Taking the Byte Out of Cookies: Privacy, Consent, and the Web", Ethics and Social Impact, ACM Policy '98

[9]: Gabriel Maci´a-Fern´andez, Yong Wang, Rafael Rodr´ıguez-G´omez, Aleksandar Kuzmanovic,ISP-Enabled Behavioral Ad Targeting without Deep Packet Inspection,IEEE INFOCOM 2010 proceedings

[10]: JOSHUA GOMEZ, TRAVIS PINNICK, ASHKAN SOLTAN, "KNOW PRIVACY", UC Berkeley, School of Information, : JUNE 1st 2009 p.8-9

[11]: http://www.google.com/privacy/ads/

[12]: Ethan Preston Law Clerk, "In the Matter of DoubleClick Inc.- Complaint and Request for Injunction, Request for Investigation and for Other Relief", submitted to Federal Trade Commission, February 10, 2000

[13]: http://www.phorm.com/

[14]: http://info.yahoo.com/privacy/us/yahoo/webbeacons/

[15]: 2007/0248 (COD), Directive Of The European Parliament And Of Council, " Electronic communications: universal service, users' rights relating to networks and services, processing of personal data, protection of privacy, consumer protection cooperation ['Telecoms Package' (amend. Directives 2002/22/EC, 2002/58/EC and Regulation (EC) No 2006/2004)]", Brussels, 22 October 2009

[16]: http://www.networkadvertising.org/participating/

[17] : http://www.qsrinternational.com/what-is-qualitative-research.aspx

[18]: D. E. Polkinghorne, "Handbook of Clinical Psychology Competencies", 2009

[19]: Adams M (1995) Brands of gold. Mediaweek 13:30-32

[20]: OsborneClark.com, International Online Behavioral Advertising Survey, 2010

[21]: Anton, A.I., Earp, J.B., Young, J.D., "How Internet Users' Privacy Concerns Have Evolved since 2002",  Security & Privacy, IEEE, Volume :  8 ,  Issue:1 , Jan.-Feb. 2010 p.24