Watchdog group again recommends enhanced disclosures, other fixes

Slow but Steady

The Digital Advertising Accountability Program (DAAP), part of the national Better Business Bureau’s group of national advertising self-regulatory bodies, continues its march across the internet, dispensing justice in the form of consumer protection by policing digital marketers’ practices not in line with self-regulatory guidelines.

In its latest release, the DAAP, which the Digital Advertising Alliance (DAA) entrusts to enforce its AdChoices and other self-regulatory programs, made a statement on its efforts to bring companies in line with the DAA’s Self-Regulatory Principles. The current cases bring the program’s total number of public actions to 115, many of which we have reported on before.

Unusual Suspects

The DAAP investigations involve two very different companies. The first involves two apps produced by Mammoth Media, the self-proclaimed “Social Entertainment Studio for Gen Z.” Mammoth Media produces two apps that fell under the DAAP’s privacy searchlight – Wishbone and Yarn.

Wishbone serves up a daily set of poll questions comparing two things – any two things. Different colored hoodies (which one should I wear?) different locations (seaside or cityscape?) or the same actor in different roles (who gave a better performance?). We’re sure there’s some sinister algorithm lurking behind the choices. Once a decision is made, the user gets to see how community voting impacted each choice.

Yarn is an app that tries to provide one of cyberculture’s perennial entertainments – “found” stories presented within the context of online communication. In this case, they’re stories based around invented text exchanges.

The second company, Recovery Centers of America, couldn’t be more different from Mammoth Media: It’s a well-known alcohol and drug addiction treatment chain with facilities in Maryland, Pennsylvania, New Jersey and Massachusetts.

The Takeaway

Recovery Centers of America received a simple request: After noticing “signs” of targeted advertising data collection at the company’s website, the DAA asked the company to add an “enhanced notice” link at the top of its privacy policies describing how user data is used in third-party advertising.

In Mammoth Media’s case, “technical analysis revealed the collection of user data – including precise location data – by third parties for advertising purposes.” But clear disclosure of those activities and requests for consent were not found.

Under the DAAP’s direction, Mammoth Media added its own “enhanced notice” link at the top of its privacy policies, linked to the DAAP’s AppChoices tool, which lets users opt out of mobile ads, and disabled collection of location information by third parties.

It’s like a greatest hits package of DAAP enforcement – and thus serves as a good lesson in “the basics” for advertisers. These enhanced notices for targeted advertising data collection and geolocation tracking provide notice to consumers about these practices and the choices consumers are entitled to make under the DAA principles. Like most self-regulatory programs, adherence is voluntary, but the DAAP will seek to obtain compliance regardless of a company’s affiliation with the DAA.

As companies continue to implement these useful and tailored technologies for consumer-facing apps, they should also be aware of potential DAAP scrutiny. While most app publishers are not directly affiliated with the DAA, most of the vendors they work with to enable interest-based advertising are, and they contractually push DAA adherence down to the publishers with which they work. Accordingly, while the DAAP can’t force a publisher to follow the DAA’s self-regulatory rules, publishers could find themselves in trouble with critical vendors that have committed to do so.