Privacy & Information Security Law Blog

This week, the Digital Advertising Alliance (the “DAA”) unveiled new “Self-Regulatory Principles for Multi-Site Data” (the “Principles”), aimed at expanding the scope of industry self-regulation with respect to online data collection. The Principles are designed to supplement the Self-Regulatory Principles for Online Behavioral Advertising which were issued in July 2009. The DAA is composed of several constituent industry groups such as the American Association of Advertising Agencies, Council of Better Business Bureaus, the Direct Marketing Association and the Interactive Advertising Bureau.

The Principles encompass “all data collected from a particular computer or device regarding Web viewing over time and across non-Affiliate Web sites” and not just data specifically collected for online behavioral advertising. The Principles stipulate that any third party or service provider that collects multi-site data for purposes other than online behavioral advertising should provide consumers with “transparency and consumer control” except as necessary for (1) operations and systems management purposes, such as fraud prevention or intellectual property protection, (2) market research or product development, or (3) where the Multi-Site Data will be de-identified.

Notably, the Principles prohibit third parties or service providers from collecting, using or transferring any Multi-Site Data in order to determine an individual’s eligibility for employment, credit, health care treatment or insurance. The Principles also require entities to (1) treat personal information in accordance with the Children’s Online Privacy Protection Act, and (2) obtain opt-in consent to collect and use Multi-Site Data that contains health or financial information (with an exception for operational or systems management purposes).

In a press release announcing the Multi-Site Data Principles, the DAA stated that they adopted many of the FTC’s recommendations from its recent privacy report. The Managing Director of the DAA expressed hope that the Multi-Site Principles, when “combined with the fast-growing adoption and online display of the Advertising Option Icon,” demonstrate that “the business community has taken another step to address concerns of policy makers regarding online data collection and use.”