Electronic Monitoring and Privacy Issues in Business-Marketing: The Ethics of the DoubleClick Experience

Darren Charters

ABSTRACT. The paper examines the ethics of electronic monitoring for advertising purposes and the implications for Internet user privacy using as a backdrop DoubleClick Incs recent controversy over matching previously anonymous user profiles with personally identifiable information. It explores various ethical theories that are applicable to understand privacy issues in electronic monitoring. It is argued that, despite the fact that electronic monitoring always constitutes an invasion of privacy, it can still be ethically justified on both Utilitarian and Kantian grounds. From a Utilitarian perspective the emphasis must be on minimizing potential harms. From a Kantian perspective the emphasis must be on giving users complete information so that they can make informed decisions as to whether they are willing to be monitored. Considering the Internet advertising industrys current actions, computer users and government regulators would be well advised, both practically and ethically, to move to a user control model in electronic monitoring. KEY WORDS: business marketing, computer ethics, cookies, electronic monitoring, privacy

If we wouldve known we wouldnt have done it. We moved into a grey area where theres a tremendous amount of confusion and thats not good. Were a very innovative company and sometimes you get ahead. We made a mistake.1 Mr. Kevin OConnor CEO DoubleClick Inc.

Introduction Businesses have long been aware of the value of targeted advertising. DoubleClick Inc. (DoubleClick) is an advertising company that operates in the Internet banner and pop-up advertising business space. The ability to continually tailor Internet advertising to the interests of a user is an advance on previous advertising mediums and represents an opportunity to develop a competitive advantage in the industry. Once trends are detected in a users Internet activity advertising can be customized to the users revealed interests. A company such as DoubleClick sits between the advertiser and the end user and acts as a facilitator between companies who want to advertise to specific types of users and users who may be interested in receiving such advertising. Endusers arguably benefit as they obtain the advantages of customized advertising content while the receipt of unwanted advertising is minimized. Until November 1999, DoubleClick had always tracked user activity by attaching user histories to anonymous user identifications.2 Accordingly, while user activity could be tracked the actual identity of the user was unknown. However, the

Darren Charters is a Lecturer in business law in the School of Accountancy, University of Waterloo. He is a member of the Law Society of Upper Canada and holds degrees in arts and law, as well as a graduate degree in business administration. He has also practiced as a corporate/ commercial lawyer.

Journal of Business Ethics 35: 243254, 2002. 2002 Kluwer Academic Publishers. Printed in the Netherlands.

244

Darren Charters monitoring. The paper will conclude with an ethical evaluation of DoubleClicks response to the situation in which it found itself and a suggested alternative approach for ethically justifying electronic monitoring. It will be argued that electronic monitoring is almost always an invasion of the right to privacy regardless of how the right to privacy is conceived. However, it can still be ethically justified on a Utilitarian basis provided its benefits exceed realizable harm. In fact, electronic monitoring was ethically justified on a utilitarian basis in DoubleClicks initial situation because of how it was conceived and implemented. There was increased convenience and measures were taken to minimize potential harm. However, privacy advocates should have been aware from the outset that companies would have difficulty resisting the opportunity to exploit potential gains made possible by attaching generic user profiles to identifiable individuals. If DoubleClick had implemented its proposal it would have completely undermined its ethical justification for engaging in electronic marketing since the potential for harm to individuals would have increased substantially. It will also be argued that there is another ethical justification for electronic monitoring and, considering DoubleClicks recent conduct, it may be the most appropriate foundation upon which to build future electronic monitoring activities. If Internet advertisers gave users the option of permitting or rejecting electronic monitoring they could ethically justify the invasion of privacy on a Kantian basis. Although this may not be a favourable option from a business perspective, it is an option that companies who engage in electronic monitoring for marketing purposes may have to contemplate. Mr. OConnors comments do not provide faith that Internet advertisers will exercise utmost diligence on behalf of users in protecting their privacy. Since companies appear to have limited incentive to properly regulate themselves at an individual or industry-wide level governments will also need to take a more active role in regulating database amalgamation and forcing companies to give individuals greater control over electronic monitoring.

ability to further refine data profiles was made possible through a series of acquisitions of other companies and their proprietary databases. In November 1999 DoubleClick announced an amendment to its existing practice. DoubleClick intended to match anonymous existing data with specific user names, personal information, and e-mail addresses. There was no initial public response to the proposed activity. However, in February 2000 the Electronic Privacy Information Center, a privacy advocate, publicly stated that the linkage of such information might have negative implications for users. The negative public response after the statement was immediate and forceful. DoubleClick was forced to back away from the proposed activity. DoubleClicks CEO offered the comment preceding the introduction in response to DoubleClicks failed proposal. Mr. OConnors statement suggests that DoubleClick did nothing wrong from an ethical perspective. Rather, if DoubleClick was guilty of anything, it was just of being too far ahead in anticipating customer tolerance for such activity. Reflecting on the aborted initiative, Mr. OConnor indicated that DoubleClick would not combine personally identifiable information with anonymous user activity profiles until such time as industry-wide privacy standards exist.3 Once again, however, there was no suggestion that DoubleClick will not engage in such activity, only that it would wait until some standards are developed before doing so. This paper will discuss electronic monitoring from an ethical perspective. The discussion will deal generally with ethical issues involved in electronic monitoring for business-marketing purposes, and the DoubleClick experience specifically. The analysis will begin with a brief overview of the basic technology that has permitted the development of such monitoring and move into a discussion of three general concepts of privacy relevant to electronic monitoring. The paper will continue with an examination of the two primary ethical foundations, Utilitarianism and Kantianism, which underpin the various privacy concepts. Once completed, the various privacy principles and ethical foundations will be discussed in the specific context of electronic

Electronic Monitoring and Privacy Issues in Business-Marketing The following discussion will focus solely on electronic monitoring in the business-marketing context. Electronic monitoring is also a relevant issue in the business employment context.4 However, the nature of the employer-employee relationship creates different issues in workplace electronic monitoring including the harm potentially caused to individual and organizational morale, and the impact that the express contractual right to conduct such activity may or may not have on the ethics of the issue. Accordingly this paper will not attempt to discuss the ethical issues surrounding workplace electronic monitoring. When the term electronic monitoring is used throughout the remainder of the paper it will refer only to electronic monitoring primarily for business-marketing purposes. To understand how electronic monitoring is made possible on the Internet one needs to understand cookies, which are the basic enabling technology.

245

cookies have been adapted for business purposes including shopping carts for carrying electronic purchases and tracking website activity. By downloading a cookie, servers hosting a website have the power to track and record information such as the previous website from which the user arrived, all web pages the user visits while on the given site, and finally the website address to which the user departs. This information is multiplied in power if the user can be successfully prompted to provide personal information and data while at the site. The knowledge can then be tied to a specific individual. This power has been taken one step further by Internet marketers, who developed the ability to monitor and profile user activity across thousands of sites.6 In addition the ability to tie such history to a specific individual has been achieved, not just through the voluntary action of users, but also through industry wide database consolidation.

Cookies and electronic monitoring i. Cookie technology Cookies are small data structures used by websites or servers to store and retrieve information on the users side of the Internet connection.5 They are sent by a host website or server and reside in the users computer. A cookie allows websites and servers to remember information about specific users. Cookies are a relatively recent phenomenon and were created with very early editions of Internet browsers. In the brief period following the introduction of cookies but prior to the development of the Internet as a medium for commerce the primary use for cookies was as a tool of convenience. For example, cookies could be used to store password codes so that a user would not have to re-type a password when re-entering a site. The intent behind cookies was not to create a tool for gathering knowledge about users but to benefit users through increased convenience. More recently this user convenience has also manifested itself in ability to create customized content through personalized news service subscriptions and other services. As business has developed on the Internet

ii. Browser capabilities Practically speaking, most Internet users would have no knowledge as to when their Internet activity is being electronically monitored. The normal practice is to download cookies onto a users hard drive without notice to the user. In this respect there is no choice given to the user, and the downloading and subsequent monitoring is involuntary from the users perspective. However, it must be acknowledged that software already exists that can give users complete power with respect to what cookies, if any, are allowed to be stored on a computer. More recent Internet browser versions have given users the ability to control cookies. Users can elect to prohibit all cookie downloads or, alternatively, be notified of, and have the right to accept or reject, any attempted cookie downloads by a server. Based on this it might be asserted that users cannot take the position that there is an ethical issue created by, or an invasion of privacy resulting from, electronic monitoring when it is within their power to completely prohibit or selectively control the activity. On a theoretical level this argument may have some merit, but it fails for three practical reasons.

246

Darren Charters individual protection that other rights might provide.8 As a result, it is possible to justify an invasion of the right to privacy on another ethical basis. In effect, what results is an ethical invasion of privacy. With respect to defining a right of privacy some theories focus on the existence and delineation of a private sphere. Other privacy theories concentrate on actions or conduct that, if carried out, will result in a violation of privacy. No one concept of privacy has been delineated that suitably applies to every situation. The concept has been expanded and extrapolated over time with the result that a number of acceptable concepts of privacy now exist. The privacy issues raised by electronic monitoring are not groundbreaking in that existing concepts of privacy adequately capture the current concerns surrounding electronic monitoring. The following discussion on privacy definitions relies primarily on the distillation of the various privacy concepts by Boatright and McCloskey with the three general conceptual approaches being those delineated by Boatright.

First, Internet users may still be utilizing browser software that does not contain such cookie control options. Second, even if all users had such browser software, it is a distinct possibility that many users would still be unaware of the capability such software contained. Many computer and Internet users regularly utilize, and only have limited knowledge of, a minimal amount of a software programs capabilities. Third, and most important, the technology that enables electronic monitoring is constantly evolving. Soon after technology was developed that gave control of cookies to users, marketers seized on new technologies, such as web bugs, that can evade user detection thus allowing continued surveillance. The ongoing tension between user and marketer control in the development of surveillance technology ensures that the ethics of electronic monitoring will be a relevant issue for the foreseeable future. Further, while the technological means to monitor electronically may differ the same ethical issues are poised to play themselves out, or are already emerging in other spheres of business activity. For example the same issues are already developing in the field of telecommunications.7 In addition, the same issues will likely surface in the context of location based wireless Internet advertising, thus providing additional incentive to develop a greater understanding of the ethical principles involved in the current Internet advertising debate.

i. Privacy as a right to be left alone The initial concept of privacy established by Warren and Brandeis involves the right to be left alone. The foundation of the definition is that other people, groups, and entities should not act in a way that intrudes on an individuals seclusion or solitude (McCloskey, 1980). It was this concept of privacy that was initially established as a legal right. However, the expansive nature of the definition caused difficulties in its application. The right to be left alone is a distinct concept from the right to liberty. However, the concept of liberty has been frequently confused with the Warren and Brandeis concept of privacy. At its basic level, the right to liberty constitutes the right to be free from physical interference and coercion (McCloskey, 1980). However, a loss of liberty is not a prerequisite to, or a condition of, an invasion of privacy (Boatright, 2000). The above distinction is evident in the electronic monitoring debate. The power to observe an

Privacy As a concept, the notion of privacy is grounded in individual rights. Most theorists agree that privacy is a bona fide concept that is fundamentally important to human experience but there is no unanimous agreement on what that concept means or exactly what it encompasses. This is important because it essentially means that privacy has developed as a weaker right. Strong rights tend to have clear definitions and often remain inviolable notwithstanding any other ethical appeals to limit them. The protection of the right to free speech by American courts is one such example. Since the right to privacy is a weak right it has not provided the quality of

Electronic Monitoring and Privacy Issues in Business-Marketing Internet users activity in no way impairs the ability of that individual to use the Internet in any manner or way the person may elect. However, the same power to observe an Internet users activity may well constitute an invasion of privacy. Another weakness of the definition is that people do not always have a basic right to be left alone (Boatright, 2000). If ones actions are a danger to him or herself or others there may be reason to invade a persons privacy. Further, even if imminent harm is not a concern, the state may still have cause to invade individual privacy. With respect to the Internet, if individual conduct is such that the state has an interest in it (i.e., the storage and exchange of child pornography) the state is entitled to invade individual privacy. Accordingly, there should be limits to the Warren and Brandeis definition and this is born out by the fact it has been continually refined by jurisprudence. Without any limitations almost no invasion of privacy could occur unless an individual, organization or entity could provide a sufficient justification for doing so. The threshold of justification would likely be very high. As is evident from the foregoing it is problematic to define privacy solely as a right to be left alone.

247

ii. Privacy as the right to control access to ones personal information There are a number of various privacy theories that can, in their essence, be reduced to the right to control access to information about the self. These more recent theories of the right to privacy better address the distinction between privacy and liberty (Boatright, 2000). The basic theory represents a refinement of the Warren and Brandeis definition in that it eliminates potential confusion with the right to liberty. It does this by focusing on privacy of personal information. Privacy is conceived of as a right of an individual to determine to what extent, if at all, information about him or herself will be revealed to others (McCloskey, 1980). In this respect privacy is almost akin to a property right. It is do be dealt with as the owner wishes and no

other individual has a right to exploit or appropriate it (McCloskey, 1980). An individual is free to be extremely conservative or cavalier with respect publicizing or allowing access to their personal information. A variation of this concept of privacy is the right to control access to the realm of the individual. It is a variant on the above in that it recognizes the private sphere does not solely include factual information. It includes elements of individuality (i.e., private motivations) that may not be recordable or quantifiable but are capable of observation. Such information is also considered private and individuals should be able to control access to it (McCloskey, 1980). Upon initial examination, the idea of personal control may seem an enviable concept as it places control of information with the individual. It is a cohesive fit with western liberal-democratic ideals of individualism and choice and finds favour from that perspective. It is not, however, without criticism. As noted by McCloskey, people may consent to significant invasions or losses of privacy if they place low personal value on the right, or have simply become apathetic due to the continual assault on the sanctity of their personal affairs (McCloskey, 1980). It has also been noted that this approach effectively equates privacy with control when such a linkage is not appropriate. There could well be a loss of privacy in the free disclosure of very personal information without any individual loss in control (Boatright, 2000).

iii. Privacy as the right to withhold certain facts from public knowledge The final notion of privacy to be discussed here is the concept of privacy that is premised on the notion that there is a definable private sphere and that a person is in a state of privacy when information within this sphere is unknown to others (Boatright, 2000). Parent defines this private realm as, the condition of not having undocumented personal knowledge about one possessed by others (Boatright, 2000, p. 68).9 Undocumented personal knowledge is conceived

248

Darren Charters Ethical principles underlying the right to privacy As with most, if not all, moral and legal rights there is an ethical basis underpinning the right. The right to privacy is no exception. It is built on both Utilitarian and Kantian foundations:

of as personal information that is not part of the public record and that most individuals in a society at a given time would not want widely known (Boatright, 2000). This approach implies that this private sphere should generally remain so notwithstanding an individuals casual willingness to surrender it. Also implicit in this approach to privacy is the recognition that there is, at any given point in time, some general community consensus as to personal information individuals would prefer not be available for public consumption. The foregoing definition attempts to refine the preceding concept of privacy by focusing on what information is, or should be, included in the private sphere. If a sphere of private information based on a general community consensus could be ascertained then most, if not all, actions that intrude on this sphere would be a violation of the right to privacy. This concept also has application to the electronic monitoring debate in the sense that if Internet activity were determined to be in the private realm, there would be few situations in which electronic monitoring could be ethically justified. However, as with the other theories of privacy, there are difficulties with this definition. First, even within a single cultural community people have very different understandings of what is or is not private which makes the likelihood of ascertaining a general consensus elusive. Second, external factors continually impact the ability to invade privacy and as a result the concept is necessarily fluid. For example, It is foreseeable that many activities that were formerly public in nature (i.e., shopping purchases etc.) will become increasingly private as technology gives individuals the ability to carry out such activities in relative privacy. The countervailing trend is that even this activity is increasingly capable of being monitored. If it is acknowledged that the sphere of what is private is fluid, and can be expanded or contracted, than delineating a private sphere is a venture fraught with significant difficulty.

i. Utilitarian foundation The Utilitarian basis for acknowledging a right to privacy is two-fold (Boatright, 2000). First, there is the concern that the invasion of privacy can result in significant actual harm to individuals. To evaluate whether a practice is ethical in Utilitarian terms, the harm realized is measured against the benefit flowing from the activity. The ethical evaluation is based on the collective benefits and collective harm resulting to society, although each is experienced at the individual level. If the overall harm exceeds the overall benefit then the practice is deemed to be unethical. In the context of electronic marketing the potential harm results from the fact that the organization developing user profiles can accumulate potentially sensitive information about a user, based on his or her Internet activities.10 For example, a gay individual may have elected not to publicly disclose his or her sexual orientation. However, the same individual may, with presumed anonymity, visit websites with gay content or participate as part of a gay Internet community. A company that is able to electronically monitor the individuals computer use could potentially gain intimate knowledge of the individuals situation as a result of the Internet sites the individual visited. The organization developing the profile may intend to use such information solely for the purpose of advertising, however it is not difficult to see the potential harm to the individuals practical interests if such information came into the hands of another party. Another example is potentially sensitive medical condition that might be accessed by employers doing pre-hiring checks or insurers contemplating the issuance of a policy.11 Profile

Electronic Monitoring and Privacy Issues in Business-Marketing information generated by electronic monitoring has the potential to be used against the individuals in a manner that harms their personal practical interests. Opponents of electronic marketing frequently dwell on potential harm but little mention is made of an actual weighing of harms against benefits. The balancing in the electronic monitoring context involves weighing potential serious harm to a limited number of people against the marginal benefit, such as increased convenience and knowledge of consumer products, which might flow to many people from such activity. If the total harm exceeds the total benefit the invasion of privacy through electronic monitoring cannot be considered ethical. However, if it can be claimed that benefits exceed harm the foundation exists for an ethical invasion of privacy. The second utilitarian basis for acknowledging a right to privacy is based on a wider concept of harm. As stated succinctly by Boatright, a certain amount of privacy is necessary for the enjoyment of some activities, so that invasions of privacy change the character of our experiences and deprive us of the opportunity for gaining pleasure from them (Boatright, 2000, p. 169). The harm resulting from the loss of the ability to gain maximum pleasure is presumed to exceed any benefit, such as increased convenience in the electronic monitoring context, such activity might have. A similar argument is that invasions of privacy harm the development and maintenance of personal identity, and that such harm exceeds all benefits (Boatright, 2000). There has been little reference to either of the above arguments made by privacy advocates in the electronic monitoring debate.

249

should be respected and treated as autonomous individuals capable of rational choice. To quote Stanley Benn:
Covert observation spying is objectionable because it deliberately deceives a person about his world, thwarting . . . his attempts to make a rational choice. One cannot be said to respect a man . . . if one knowingly and deliberately alters his conditions of action, concealing the fact from him (Boatright, 2000, p. 170).12

Arguments against electronic monitoring that are premised on Kantianism base their position on the argument that electronic monitoring violates the principle of respect for individuals and prohibits them from acting as autonomous beings capable of rational choice. To date, there has been little public opposition expressed against electronic monitoring on the foregoing basis. However, this is not surprising. In terms of generating public support against electronic monitoring, concerns over potential harm will have a greater mobilizing influence than a more esoteric, albeit relevant, ethical theory such as Kantianism. The fact that Kantian theories supporting a right to privacy have not been part of popular debate makes them no less a valid basis on which to base an objection to, or alternatively support for, electronic monitoring.

Privacy and ethical theories applied i. Electronic monitoring and privacy Reduced to its simplest form, electronic monitoring as it is currently practiced amounts to unauthorized observance. Many individuals using the Internet have no knowledge of when their online activity is being monitored for the purpose of developing an advertising profile. When discussing concepts of privacy theorists have sometimes resorted to the analogy of one individual watching another individual in a shower without the showering individuals knowledge or consent (McCloskey, 1980). Such action is almost always considered an unethical

ii. Kantian foundation The right to privacy can also be supported on the basis of Kants second categorical imperative. It provides that individuals should act in a manner that treats other individuals as an end and never as a means only (Boatright, 2000). This imperative captures the themes that people

250

Darren Charters mation and that any advertising that is tailored to an Internet user will be done completely by electronic intelligent agents. The possibility of harm is minimized still further once Internet advertising companies such as DoubleClick make additional efforts to ensure user profiles remain anonymous. From a Kantian perspective the minimization of harm is relatively meaningless in terms of ethically justifying the activity. If electronic monitoring is carried out in such a way that it fundamentally respected the autonomy of individuals then it is ethically permissible on a Kantian basis even with isolated incidents of harm. It is still ethically permissible in instances of significant harm provided the principle of individual autonomy is respected. Using Benns quote above as the analytical tool, it is evident that the guarantee that profiles will not be matched against other identifying information is meaningless in terms of making the practice of electronic monitoring ethical from a Kantian perspective. Most users still had no knowledge of the situation and DoubleClick and other companies could not, from an ethical perspective, be judged to be treating users as individuals capable of rational choice. However, the minimization of harm is fundamental to justifying electronic monitoring on a Utilitarian basis. As noted above the right to privacy is a relatively weak right. Accordingly, it is open to being subverted based on an appeal to Utilitarianism. Utilitarian based arguments would allow electronic monitoring regardless of its design provided the harms do not exceed its benefits to society as a whole. On this basis, the argument is that any serious albeit intermittent harm that comes to individuals (i.e., the example of the user and the medical condition) is more than offset by the benefits that accrue to the public. Advertising promotes economic efficiency, and advertising that can be tailored directly to individuals, only serves to further promote economic efficiency and thus, generally benefits the public. Further, by initiating the blind profile Internet advertisers could claim that the potential for harm was significantly minimized. Proponents of electronic monitoring could then claim the invasion of privacy was eth-

invasion of privacy. The foregoing analogy generally applies to the context of electronic monitoring. The fundamental similarity is that Internet users can be observed without knowledge or express consent. That said, personal reaction to such observance by users has ranged from significant concern to complete disinterest. Although many people consider their bodies to be a very private aspect of themselves, they may feel less so about Internet activities that are capable of being observed electronically. Accordingly, this may account for the relative indifference of some users. When the previously discussed concepts of privacy are considered, one would conclude that electronic monitoring without consent constitutes an invasion of privacy. Electronic monitoring violates the right to privacy if it is conceived of as the right to be left alone, or the right to control access to ones personal information. There is a possible argument that there is no violation of the right to withhold certain facts from public knowledge. It might be argued that if current user apathy about electronic monitoring is substantial, most users have little concern over whether their activity is widely known. As such, electronic monitoring does not meet the threshold test that most members of society consider it to be information that should not be widely known. However this argument can just as easily be made the opposite way. As such, even considering the various understandings attached to the concept of privacy it is difficult to argue that electronic monitoring does not violate the privacy right.

ii Electronic monitoring and ethical foundations The interesting fact is that electronic monitoring still occurs notwithstanding that it amounts to an invasion of privacy. The justification for, and tolerance of, electronic monitoring rests in the minor differences that exist with the shower analogy. With electronic monitoring the observed information may be electronically collected, organized, and distilled before another individual views it. It is even possible that another individual will never view such infor-

Electronic Monitoring and Privacy Issues in Business-Marketing ically justified. In reality, it was only justifiable based on one ethical perspective, Utilitarianism. Further, in DoubleClicks situation, had it proceeded with its intention to link user profiles with identified individuals it would have undermined the very ethical foundation that justified its electronic monitoring practice.

251

DoubleClicks response to opposition It is apparent from the foregoing discussion that linking user data to personally identifiable information could result in a formerly ethical invasion of privacy becoming unethical. DoubleClick responded to the privacy concerns in a variety of ways after aborting its plan. DoubleClick also initiated a significant media campaign to explain how users could opt-out of DoubleClicks service. DoubleClick had an operable opt-out service for over three years preceding the most recent controversy but had not promoted it extensively. The opt-out mechanism requires a user to visit a site and download a cookie. This cookie serves as notice to DoubleClick that they are not to download any cookies on the users computer. DoubleClick would be free to download a cookie onto a hardrive as long as the opt-out cookie is not present. In theory, it could be argued that this gives autonomous individuals a choice with respect to electronic monitoring and thus provides a Kantian justification for the activity. However, this option is little known and is likely to remain so notwithstanding advertising efforts. Accordingly it is difficult to claim that this truly gives control to users and respects their individual autonomy. A Chief Privacy Officer (CPO) was also hired along a Privacy Advisory Board Chair to act as a consumer ombudsman. Overall the response was indicative of a company that developed a greater sensitivity to privacy issues (perhaps for commercial reasons) but that had not developed a deeper understanding of the ethical issues at stake. That is, the actions do not suggest that they have analyzed and understood the ethical issues and tried to develop a principled response. To

give DoubleClick some benefit of the doubt, it may be that the new CPO and privacy advisory board chair will infuse the organization with a deeper understanding of the ethical issues at stake and develop ethically based approaches to dealing with such issues. DoubleClicks share price largely recovered after the implementation of the foregoing measures suggesting that even if the response was ethically unsatisfactory in the shortterm, at least the market was satisfied with DoubleClicks immediate response. As noted above DoubleClick indicated it would not engage in such activity until such time as industry wide privacy standards were developed. This was relevant in that DoubleClick could still justify its electronic monitoring on a Utilitarian basis. That said, they probably lost some degree of public trust on the issue. DoubleClick has been directly involved in the development of the Interactive Advertising Bureaus (IAB) recently developed Privacy Guidelines. The Privacy Guidelines are intended to form the foundation of a self-regulatory regime with respect to personally identifiable information gathered by electronic means on the Internet. Unfortunately, regarding the use of cookies in electronic monitoring, the guidelines state only that IAB member organizations should notify users, through privacy policies, of such technologies in use and provide users the ability to disable such cookies or other information gathering system. This represents no change from the current situation and for the reasons outlined above, does not provide a proper foundation for the ethical use of cookies in electronic monitoring. The Privacy Guidelines have also proposed measures that allow individuals to place limits on the use of personally identifiable information that an organization may possess. Once again, it is premised on an opt-out format. That is, organizations are generally free to collect and use personally identifiable information in the first instance subject to an individual informing an organization of limits to be placed on use of such information. It is an ingenious approach that appears to place control of personally identifiable information in the hands in individuals that, realistically, requires minimal change

252

Darren Charters to the ethical suitability of building such capabilities into Internet browser software.

in the current practices of organizations that use electronic monitoring to gather such information. Further, the Privacy Guidelines have a fundamental problem in that their only real value is as a tool of moral suasion. Although the Privacy Guidelines encourage Internet businesses to adopt the practices established therein, there is no mechanism whatsoever for disciplining businesses who elect to ignore them. For all the effort put into the exercise, the Privacy Guidelines amount to nothing more than best practice suggestions for Internet marketers with respect to privacy issues. If DoubleClick respects the initial basis on which it proceeded with electronic monitoring, it can claim to have an ethical basis for such conduct. However, considering DoubleClicks willingness to discontinue the previously protective practice one has to wonder how vigilant DoubleClick, or other companies, will be about supporting the privacy of Internet users in a highly competitively market. Since DoubleClick maintains profiles for their own business benefit, it is not possible to claim that they stand in a position of trust with respect to managing such information. However, their position is ethically more sensitive than they appeared to originally comprehend. Based on this, there is cause to argue that it is no longer sufficient to continue to permit electronic monitoring in its current state. This is buttressed by the inherent weakness of relying on a self-regulatory regime that effectively has no sanctioning authority or disciplinary power. The alternative, and it is not a mutually exclusive option, would be move to a permissionbased form of electronic monitoring. This option will be discussed below. The practice of electronic monitoring would still be ethically justifiable in such circumstance. However, it is apparent that DoubleClicks current opt-out practice is not the platform on which such permission based electronic marketing should be premised. This is due to the fact that users have extremely limited knowledge of it and, more fundamentally, it places the onus on the user to take active steps to prevent electronic monitoring. The same argument applies with respect

An alternative ethical justification If one accepts that privacy is the right to control access to information about ones self then the solution to electronic monitoring is apparent. The choice about whether or not to be monitored in the first instance should be made by the individual user. In fact, in the wake of the DoubleClick experience many commentators and privacy advocates have taken the position that express consent by a user should be a regulatory precondition to downloading cookies that enable electronic monitoring.13 Placing the power to control electronic monitoring with users is ethically justifiable on a Kantian basis. First, giving users a choice to be monitored gives individuals autonomy and appears to respect their capabilities of rational choice. However, it could be argued in a wider sense that Internet advertisers are still utilizing individuals as a means to profit and that this violates Kants second categorical imperative. However, if an individual knowingly and rationally elects to permit such monitoring this must undermine, at least to a minimum degree, such an argument. Accordingly, any electronic monitoring that occurs with express rational permission can be claimed to be ethical on a Kantian basis. This is a significant step, because it provides an alternative basis for ethically justifying electronic monitoring. A corollary to the foregoing discussion is that while electronic monitoring is most frequently opposed on the basis of potential harm, which is a Utilitarian concern, the permission-based approach in no way guarantees an outcome that will make the practice ethically justifiable on a Utilitarian basis. In other words, the solution being proposed by many commentators is at ethical odds to the frequency stated concern of potential significant harm. If everyone freely elects to permit electronic monitoring the potential for harm is no different than it was prior to such a practice. For example, it is not difficult to imagine that information based on website

Electronic Monitoring and Privacy Issues in Business-Marketing usage, if in the hands of certain groups, could be used to make decisions about individuals that cause harm. The only difference is that now users have voluntarily accepted the risk. It should also be recognized however, that providing choice to users necessarily undermines the concept that there is a private sphere that should generally be respected irrespective of individual opinion. As such, it is a fundamental rejection of one concept of the right to privacy. Even if the foregoing is accepted it has little application to the profiles that have been generated to date. In fact there will likely be continual pressure to exploit the marketing advantages that such databases provide. Further, there appears to be limited willingness for companies to zealously regulate themselves at an individual or even an industry-wide level. In this respect there is a regulatory role for governments to play. There is a possibility that individual harm will result from such database consolidation. In addition, regulations should be developed which aim to provide at least minimal individual privacy protection with respect to such database management and/or consolidation. It is apparent that this represents as much a threat to individual privacy as electronic monitoring in the first instance.

253

Conclusion The reality of the present situation is that DoubleClick has no intention of discontinuing an activity that provides its competitive advantage. However, it should not want to jeopardize itself by apparently engaging in conduct that amounts to an unethical invasion of privacy. DoubleClick allayed initial concerns by ensuring that all profiles maintained individual anonymity. By this action DoubleClick could claim that its electronic marketing was in fact an ethical invasion of privacy. However, DoubleClick would have undercut its ethical position by using their databases to link user data with personal identification information. The DoubleClick experience indicates that businesses ignore ethical issues at their peril. While the general public may not be sensitive to all the nuances of ethical issues it is fair to say

that people understand the concepts of potential harm and freedom to choose. Electronic monitoring is an invasion of privacy that has potential for harm. Companies must be able to justify the practice from an ethical perspective whether its through taking measures on behalf of users to minimize harm or placing the choice to assume the risk of harm with users themselves. Providing guarantees with respect to individual anonymity accomplished this. It gave companies an ethical basis on which to engage in electronic monitoring on a covert basis. Unfortunately, casual regard for the sensitive caretaker position occupied by such companies has given critics reason to support a form of electronic monitoring premised solely on voluntary acquiescence. It is not surprising to believe that such an approach would yield less fruitful results for Internet marketers. It is an outcome that industry participants are attempting to avoid through the establishment of a self-regulatory regime. However, Mr. OConnors comments at the outset of the paper along with current selfregulatory initiatives provide little reason for the public to maintain its faith in the current paternalistic environment. There is every reason to believe, both practically and ethically, that government regulators should place control of electronic monitoring directly and completely in the hands of computer users.

Notes
1

McQueen, R., How To Get Ahead in Advertising, National Post, March 1, 2000, p. D1. Mr. OConnors quote, wherein he commented on the failure of DoubleClicks proposed initiative, was taken from a newspaper article that examined the issue. 2 The facts of the abandoned DoubleClick initiative provided herein are publicly available and were gathered from multiple published news sources. 3 Mr. OConnor provided the insight in the same newspaper article from which the initial quote was taken. 4 For a recent paper on electronic monitoring in the employment context see Alder, G. S., Ethical Issues in Electronic Performance Monitoring: A Consideration of Deontological and Teleological

254

Darren Charters
Such a position was taken by Heather Green in the commentary Privacy Online: The FTC Must Act Now wherein she discussed her concerns about the DoubleClick proposal prior to the statements of the Electronic Privacy Information Center.
13

Perspectives, Journal of Business Ethics 17(7), May 1998, pp. 729743. 5 Information regarding Internet cookies is also publicly available from a wide variety of Internet resources. The U.S. Department of Energy Computer Incident Advisory Capability has published a bulletin on the topic I-034: Internet Cookies. It is available at http://ciac.IInI.gov/ciac/bulletins/i-034.shtm. 6 Green, H., Privacy Online: The FTC Must Act Now, Business Week, November 29, 1999, p. 48. 7 Telecommunications companies have the technological capacity to develop personally identifiable user profiles based on the phone activities of customers. Such profiles also have commercial value from a business marketing perspective. 8 A good example of the subversion of the right of privacy in favor of a strong right is the U.S. West, Inc. v. FCC case. The FCC attempted to impose regulatory restrictions on the ability of U.S. telecommunication companies to use, disclose, or allow access to customer proprietary network information (CPNI). U.S. West mounted a successful legal challenge against the regulatory obligations imposed by the FCC. The Tenth Circuit held that, absent any clear evidence of harm to an individuals right of privacy through the use of CPNI, the right of commercial speech possessed by corporate entities should be paramount. 9 Reproduced from Parent, Privacy Morality and the Law, Philosophy and Public Affairs 12 (1983), p. 269. 10 Julie Tuan in U.S. West, Inc. v. FCC, Berkeley Technology Law Journal 15 (2000), p. 353 discusses similar issues of privacy in her criticism of the Tenth Circuits decision. 11 The Interactive Advertising Bureau (IAB) has attempted to address the collection, use, and redistribution of sensitive information in its Privacy Guidelines. However, the guidelines on this point are poorly drafted containing both permissive and mandatory language. Ultimately, the guidelines suffer from even more fundamental flaws that are discussed herein. 12 Reproduced from Benn, S., Privacy, Freedom, and Respect For Persons, in Pennock and Chapman, eds., Privacy, pp. 1011.

References
Alder, G. S.: 1998, Ethical Issues in Electronic Performance Monitoring: A Consideration of Deontological and Teleological Perspectives, Journal of Business Ethics 17(7) (May), 729743. Boatright, M.: 2000, Privacy, Ethics and the Conduct of Business, 3rd ed. (Prentice-Hall, Saddle River New Jersey), pp. 159183. Culver, C., J. Moor, W. Duerfeldt, M. Kapp and M. Sullivan: 1994, Privacy, Professional Ethics 3(3 & 4), 325. Green, H.: 1999, Privacy Online The FTC Must Act Now, Business Week, No. 3657 (Nov. 29), 48. Introna, L. and A. Pouloudi: 1999, Privacy in the Information Age: Stakeholders, Interests and Values, The Journal of Business Ethics 22(1), 2738. McCloskey, H.: 1980, Privacy and the Right to Privacy, Philosophy 55(211), 1738. Tuan, J.: 2000, U.S. West, Inc. v. FCC, Berkeley Technology Law Journal 15, 353. I-034: Internet Cookies. U.S. Department of Energy Computer Incident Advisory Capability. 1998. <http://ciac.IInI.gov/ciac/bulletins/i-034.shtm> (March 1, 2000). IAB Privacy Guidelines. Internet Advertising Bureau. 2000. <http//www.iab.net/privacy guidelines/htm> (August 7, 2000).

University of Waterloo School of Accountancy, 200 University Avenue West, Waterloo, Ontario, N2L 3G1, Hagey Hall, Room 155, Canada