How Much Should We Let Companies Snoop?

30 Gen How Much Should We Let Companies Snoop?

Wired, By Nicholas Thompson, January 29, 2009
I just had a very fun debate/conversation on bloggingheadstv with Ari Schwartz of the Center for Democracy and Technology. The subject was the story Fred Vogelstein and I recently wrote called The Plot to Kill Google, and the particular topic was privacy. We began by discussing part of the article’s thesis: privacy is going to be a huge debate in the next year, in large part because a group of companies that don’t like Google seem it as the best way to go after the search company. If they can paint the Mountain View company as a sprawling snooper, they can weaken it and thus gain leverage in all sorts of other areas. Ari’s position was: OK. That may be true. But what matters is that people are finally now having a real debate about the issue. We started there and moved on to other topics: whether technology policy should be set by legislators or  corporate norms, what exactly Google does that might violate privacy, and why AT&T has taken such a strong stand in defense of its customers’ privacy. Eventually, we ended, I think on the most important topic: how much information should companies be allowed to gather? In the clip, you’ll see that I begin with a rhetorical question: online ads support all sorts of important web businesses and online ads would be better if companies could gather more information about you; if Google combined information gleaned from Google Docs and Google Earth and your searching, they could give that information to DoubleClick (which they own), which could then serve you better ads for pizzas or sneakers or whatever. You’d see more relevant ads and websites would get more money. I expected Ari to fire back and call that ridiculous. Instead, he agreed that we should try to figure out ways to make ads worth more. Companies should be able to pool the information they gather so that they can to sell you better ads; but they should also make it easy to opt out of this pooling. I objected on the grounds that no one, actually, will ever opt out. No one reads manuals and no one will click a link to manage their preferences for DoubleClick. He countered that you could create a do-not-track registry that mirrors the do-not-call registry that has worked fairly well. I’m not sure that would work. But it’s close to a compromise I’d like, and would be far better than the weird hodgepodge of privace regulations we have now. Most interestingly, it seems like it would make online advertisements more effective at the same time that it would allow people concerned about being tracked and spammed to get out of the whole system.