Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein
Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein

Dies ist unser Webangebot mit Stand 27.10.2014. Neuere Artikel finden Sie auf der überarbeiteten Webseite unter www.datenschutzzentrum.de.



Self-regulation on "Do Not Track" in danger of failing
ULD: "Policy and oversight are now needed"

A special kind of trade war is - barely noticed by the public - currently taking place between Europe and the U.S.: Privacy versus commerce, digital civil rights versus protection of monopolies. While the U.S. is positioning its lobbying forces in Brussels up in debate over the European Data Protection Regulation, there is a danger that the lobbyists in the debate over "Do Not Track" (DNT) enter an initial "success". The Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (Independent Centre for Privacy Protection Schleswig-Holstein, ULD) insists that this be counteracted by strong activities to protect privacy on the Internet.

Most Internet services, also from U.S. companies, are offered free of charge. The currency with which the users still pay is their data being collected via cookies and other tracking methods used commercially to deliver targeted advertising (online behavioural advertising OBA) on the Internet. European law allows this form of Internet-financing, but in the interest of consumer and data protection requires transparency and choice for users. Therefore, the so-called e-Privacy Directive demands the consent of the Internet user before a cookie is placed, which is not required to provide a service. Many U.S. companies, including Google, Yahoo!, Amazon and Facebook, defy this requirement as they see themselves affected in their marketing opportunities in Internet advertising – to some extent the biggest source of income.

To resolve the conflict, over a year ago talks about the self-regulation of the Internet advertising industry, moderated by Internet standards organization W3C (World Wide Web Consortium) and supported by the EU Commissioner for the Digital Agenda Neelie Kroes and U.S. consumer Protection FTC (Federal Trade Commission) began. After the last round of negotiations in early October 2012 in Amsterdam it has shown that the U.S. economy in its majority is hardly ready for compromise and using the negotiations only to expand their profitable advertising network dominance on the Internet – also at the expenses of European companies. Even the attempt by Microsoft, which announced to launch its browser Internet Explorer 10 with a modifiable default setting to prevent user tracking on the market, is sabotaged by the other U.S. companies by announcing to ignore its technical default setting because consumers were allegedly not presented with an option to choose. The procedure proposed by the Microsoft tool is a first step towards "privacy by default" and "privacy by design" – principles, which according to a draft of January 2012 are to be laid down in a European Data Protection Regulation by the will of the European Commission in Europe.

With complete disregard of European law that serves the civil rights and consumer protection on the Internet, the U.S. companies rely ruthlessly on their market power and their media dominance. The U.S. Direct Marketing Association (DMA) launched a million dollar advertising campaign lobbying against the strong European demand for "privacy by default". In a European Interactive Digital Advertising Alliance (EDAA) founded on 12.10.2012 they try to enforce self-regulation, which falls far short of the European data protection requirements. In this context, they plan to grant trust marks, to certify the self-imposed low privacy standards. The initially promising approach of "Do Not Track" is in the view of ULD now watered down to the point that the name of the initiative is more likely to be considered consumer fraud: Under the guise of "Do Not Track" advertising companies try to legitimize their illegal conduct and lull the user into a false sense of security.

ULD followed the discussions on the global privacy standard "Do Not Track". At present ULD is the only body that certifies with its European Privacy Seal (European Privacy Seal– EuroPriSe) compatibility of OBA offerings with the European data protection regulations - under precise naming of the legal and technical requirements, in a formalized and also transparent procedure.

Thilo Weichert, head of ULD "The hopes for a willingness of the Internet economy for self-regulation were sorely disappointed. The effort that was put into the Do-Not-Track initiative of European data protection authorities and the European Commission proves to be a bad investment after the willingness to reach out to the U.S. companies was dismissed with little argumentative substance. Politics in Europe, EU Member States and the European data protection authorities should now draw the consequences. In Germany, the e-Privacy Directive must finally be fully implemented in the interest of legal certainty. And for us Supervisors applies: After discussion proved ineffective, sanctions must follow. We must not allow that privacy on the Internet is recorded as a loss item."

On the conflict concerning the Microsoft Internet Explorer 10 see also the ULD press release of 06/26/2012:

Unabhaengiges Landeszentrum fuer Datenschutz Schleswig-Holstein
Holstenstr. 98, 24103 Kiel, Germany
Fon: +49 431 988-1200, Fax: -1223