Canada: Opt-In Or Opt-Out?

A recently reported initiative by Microsoft resulted in the residual or "default" setting on the new Internet Explorer 10 browser being fixed as a "do not track" request. This would mean that unless an individual user took the proactive step of changing their settings on an "opt-in" basis to permit online tracking, the deemed choice of the individual when using this Microsoft product would be to send websites a notification saying they should not be tracked. This is the first time a major on-line participant has set the default as "opt-out".  Usually, the pre-set instructions are designated as "opt-in" to permit online tracking, but also enable the individual to elect to remain anonymous by changing their settings to "do not track". Sometimes the opt-out is easy to implement, and sometimes not.

Not surprisingly, in the world of on-line advertising, this has prompted some battle lines to be drawn.

 The on-line marketing and advertising industries depend on on-line tracking to provide meaningful data to their clients, to support targeted marketing. This revenue stream makes a major contribution to keeping the internet relatively "free" of user-based charges. Even with a minor portion of the user base occasionally opting out by expending effort to trigger "do not track" options, the remaining data is still seen as meaningful and valuable.

However, as noted in the media discussion linked to above, a movement to an automatic setting of "do not track" signifcantly changes the state of affairs. If only a minor portion of users take the time and trouble to "opt-in" to such tracking, by changing their settings, the available tracking data becomes skewed, less relevant, and therefore less valuable for sale and resale. The revenue stream may be materially affected. Therefore, the  Digital Advertising Alliance, a voluntary industry association, is questioning whether its members will respect an automatic setting of "do not track". The Alliance is suggesting that any "do not track" setting, to be valid, must be a conscious decision affirmatively implemented by some consumer action. Also, there is a potential for mixed signals if other products used with this browser (eg. a Google account) contain a different default setting.

Privacy advocates may find the Alliance position ironic, as the Alliance members have historically relied on a deemed "opt-in" for automatic settings, to justify collection and monetization of their data. Arguably there is no conscious decision or affirmative step involved in that deemed opt-in.

Why should the default be an "opt-in"?  Personal information protection legislation in many jurisdictions (including BC) starts from the general proposition that no information can be collected at all, unless there is:

The reasoned debate would centre around the concept of implied consent – whether any reasonable person, in all the circumstances, would expect and consider that they were being tracked on-line unless they took steps to erect some barriers to affect that state of affairs. With so much at stake, evidence and argument will be assembled on both sides. It may also be the case that any reasoned debate is overshadowed by a stark reality. If the privacy advocates win this battle, and "opt-out" becomes an accepted and enforceable default setting, then what will be the eventual impact on the financial structure of the on-line world?

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.