# Apple and Google Cannot Ensure Online Privacy: Insights from a Former DoubleClick Executive
Written on
Understanding the Shifts in Online Privacy
Jules Polonetsky recalls a pivotal moment that changed his view of the internet. "Two decades ago, I served as the consumer affairs commissioner for New York City when I was introduced to a company I had never heard of, showcased with a large billboard reading, 'Welcome to Silicon Alley,' courtesy of DoubleClick." He had seen headlines regarding DoubleClick's controversies related to cookie usage and "appending your identity" to browsing data.
DoubleClick was a trailblazer in targeted advertising, leveraging cookies to monitor users across the web for the benefit of advertisers—a revolutionary concept at the time. This innovation sparked significant privacy concerns, especially when the company announced its merger with Abacus Direct, a well-known consumer data broker.
For Polonetsky, the belief that "we were anonymous online" shifted dramatically. Fast forward twenty years, and the tracking model akin to DoubleClick's may soon become obsolete due to the privacy-centric strategies implemented by tech giants like Apple and Google.
The video, The CORRECT way to use Google Gemini - Updated for 2024!, explores how these companies are pivoting towards a privacy-first web model, highlighting the need for robust federal privacy regulations.
The Evolution of Consumer Privacy
Polonetsky's early experiences with DoubleClick left him both intrigued and concerned about consumer protection. He was recruited as the company's first chief privacy officer to help mitigate backlash against its merger. Afterward, he took on a similar role at AOL and eventually became the CEO of the Future of Privacy Forum, a nonprofit established in 2008. Meanwhile, DoubleClick was purchased by Google in 2007 for $3.1 billion, becoming integral to Google's extensive display advertising network.
Today, Polonetsky argues that we are at a crucial juncture in the evolution of online privacy. The framework he once helped create—centered on cookie-based tracking, user consent, and industry self-regulation—has not effectively safeguarded consumer data. The internet today is dominated by large corporations that offer free services funded by targeted advertising, which is far from the ideal scenario envisioned.
"We're at a breaking point," Polonetsky emphasizes. "There’s a significant push for legislative action."
The Urgency for Legislative Change
Polonetsky believes there is now a unique opportunity for comprehensive federal privacy reform. With the Biden administration likely to be receptive to privacy advocates, the emergence of various state privacy laws could motivate the industry to seek a unified federal approach. However, he warns that failing to learn from past technological developments could lead to missed opportunities, as these windows of reform can close quickly.
Polonetsky took his role at DoubleClick just before the collapse of the dot-com bubble. His mission was to help establish operational guidelines for the company and the broader industry, allowing targeted advertising to thrive without compromising user privacy. However, national security concerns quickly overshadowed consumer privacy issues after the September 11 attacks.
While policymakers focused on security, the ad tech industry flourished, leveraging advancements in online infrastructure to refine targeted advertising. At DoubleClick, Polonetsky advocated for practices such as ensuring cookies were not linked to identifiable personal information and providing effective opt-out options for users.
However, the rise of self-serve advertising platforms diminished manual oversight, as companies could place targeted ads automatically without human intervention. Polonetsky notes, "The ability to enforce those standards faded as operations became more efficient."
The Consequences of Eroding Privacy Standards
As a result, he contends that the current advertising ecosystem has lost control over privacy promises. A recent example involved the Iowa Air National Guard purchasing ad tech data that could be used to inform drone operations—an alarming situation highlighting the potential misuse of seemingly innocuous data.
Initially, Polonetsky believed industry insiders like himself were best positioned to protect consumer privacy. "I thought the ideal scenario involved legislation, but I was skeptical that legislators could grasp the complexities of the market," he explains. However, a significant shift occurred in 2012 when the Obama administration proposed a "Consumer Privacy Bill of Rights," which Polonetsky found to be a sophisticated approach to privacy regulation.
Despite support from his organization, the proposal failed to gain traction, as tech companies deemed it burdensome and privacy advocates viewed it as insufficient. In recent years, consumer privacy concerns have resurfaced as prominent political issues in the U.S., particularly following the Cambridge Analytica scandal, which illuminated the potential real-world repercussions of invasive data collection.
Responses from Tech Giants
Currently, companies like Apple and Google are responding to heightened scrutiny by self-regulating once again. Google is moving to phase out third-party tracking cookies while prioritizing first-party data, of which it has an abundance. Meanwhile, Apple is tightening restrictions on data sharing among apps and shifting from complex opt-outs to more straightforward opt-ins—an approach praised by the New York Times editorial board as a "straightforward solution" to privacy concerns.
However, Polonetsky warns that opting in may not resolve the issues at hand. "People often click on things without understanding the implications. If every app required an opt-in, users would be inundated with requests, leading to fatigue," he argues.
The Biden administration appears to prioritize antitrust actions over privacy legislation, which could unintentionally exacerbate privacy issues. Polonetsky cautions that without federal privacy laws, competition laws could lead to a "dramatic impact on privacy," as they may encourage data sharing across platforms without adequate safeguards in place. He asserts that it is critical to prioritize privacy first, then address competitive dynamics.
In conclusion, Polonetsky's experience over the last two decades underscores the insufficiency of self-regulation. "We cannot rely on platforms and browsers to dictate rules for everyone; that responsibility must lie with lawmakers," he states, emphasizing the necessity for legal frameworks that can effectively protect consumer privacy in the digital age.