Last weekend the White House and the Digital Advertising Alliance released dueling plans to guarantee privacy online. The DAA, whose members include Google (GOOG), Microsoft (MSFT), and Yahoo! (YHOO), advocates a self-regulatory approach, or, in layman’s terms: “No, seriously we got this.” It has proposed a “do not track” button, a way for Web users to opt out of cookies and other methods of tracking their habits after they leave a website. The administration, on the other hand, has urged what it calls a “stakeholding” process, where civil society groups and industry agree on standards, to be codified into law by Congress and enforced by the Federal Trade Commission.
It’s an ugly word, “stakeholding.” It smacks of meaningless, corporate gloss. It’s also the reason the Internet works. Think of the Internet not as a thing, but as an agreement: If all parties consent to the same standards—HTML, Internet Protocol, the domain-name system—then each party can talk to the rest. As with all agreements, you can cheat a bit. Apple (AAPL) vets its apps and blocks Adobe (ADBE) Flash. China does, well, anything it can. The point is, there’s no moral or legal force behind Internet standards. They work only because everyone agrees that they work, and everyone agrees only because if you built your own Internet from scratch you would be very lonely in it. (The U.S. Department of Defense has built its own Internet. But it wants to be lonely.)
Stakeholding creates these agreements. It’s an ugly, imperfect word because it’s an ugly, imperfect process. The Internet Corporation for Assigned Names and Numbers, for example, which is responsible for making sure that the domain names you type into your URL go to the right website, brings together industry and civil society groups. Its Government Advisory Committee represents countries. The process is opaque to most observers, including this one. Civil society groups have made a fair case that it’s expensive and time-consuming to go to a new continent every six months and navigate the 14-box org chart of what ICANN calls its “Multi-Stakeholder Model.” But it works. ICANN creates lowest-common-denominator decisions that are tolerable for the largest number of groups using the Internet. In doing so, it endows its decisions with a wary trust from all parties, and this trust keeps the Internet working.
The advertising industry has a right to use the Internet, just like the rest of us do. Its self-regulated “do not track” solution is not a bad thing. But cookies are only a part of a larger set of unanswered questions. What about the amount of information a company like Facebook or Google is allowed to keep? For how long? What are their obligations to protect it? What is their right to share it? How much do they need to disclose up front about their plans for your data? How will all of these obligations square with those in all the other countries where these companies operate?
The answers to these questions, which are crucial to the future of trust on the Internet, can’t possibly come from the advertising industry or Silicon Valley, because Madison Avenue and the Valley will always want more information than we want to give them. As with all of the Internet’s other standards, the answers that are the least offensive to the largest number of interest groups will have to come through a long, imperfect, intricate, impenetrable, boring discussion among all interest groups. It will have to come from stakeholding.