/ Technology

New code for online behavioural ads – will it work?

Cartoon woman on computer

The internet advertising industry wants to self-regulate the way it lets web users opt-out of behavioural advertising. But is its solution the right one? We still have some major gripes and questions – do you?

Some of you may have spotted a media flurry around the Internet Advertising Bureau’s (the IAB) unveiling of its self-regulatory code for behavioural ads.

This is being rolled out across Europe, and the IAB has pledged to get 80% of the ad industry in the main EU markets signed up by June 2012.

Signatories already include the big online hitters, like Google, Yahoo! and Microsoft. But don’t be fooled into thinking the code will cover all the behavioural ads you see on the web. Crucially, full market coverage will always be an impossibility – you can’t get ad networks you don’t know exist to sign up, and further, some may simply not want to.

Opt-out of behavioural advertising

There also seems to be a bit of a misconception about the scheme. It simply means that you can opt-out of receiving ads based on a profile ad networks have built up about you (by monitoring the sites you’ve visited).

It does not necessarily mean that the ad network will stop tracking you online. Nor does it mean that you won’t see ads. Still, at least it’s a step in the right direction.

So what exactly does the IAB’s code mean in practice? How will your experience online change? The idea is that all signatories will place a logo ‘in or around’ the advert, which will take you to the opt-out website YourOnlineChoices.co.uk when you click on it.

At least, that’s what the final code states. When we looked at the first draft of IAB’s code, I pointed out a legal loophole which meant that the logo could be hidden away in a site’s privacy policy – nowhere near the ad. That’s hardly in line with the IAB’s public push for transparency and education.

We still have questions

After some tense conversations in Brussels, this get-out clause was thankfully removed. But some of my other gripes still remain.

Among these is the slippery definition of ‘Common Control’. This could mean that an ad network needn’t comply with the code if they’re advertising on a web page owned by a company within their group. And when the big players have tens of online subsidiaries, this could have some sizeable ramifications – no opt-out logo for Google’s ads on YouTube then?

I think the success of this code is going to be in the detail – and how the IAB and its signatories interpret the principles. How big is the logo on the ads going to be? What wording will accompany it? What does ‘around the ad’ actually mean? How persistent will the opt-outs be (at the moment, when you delete your cookies you’re automatically opted-in again)?

And ultimately, will you even notice the logo, fully understand what it means, and exercise your right to opt-out of behavioural ads?


I forsee this working, or rather not working, in a similar way to telephone and postal opt-out services. Reputable companies will follow the guidelines whereas disreputable companies, usually the ones who are the worst for ad plagues, will not.

No, it will continue to play into the hands of the trackers as they change their methods from client side to server side tracking. Note also that the IAB’s code allows users to “opt out of the ads” but not of of being tracked.

Harold Hall says:
1 June 2011

I hope relevant government departments in London and Brussels will not be detered from policy development to control the use, and abuse, of ICT ? Self-regulation is simply a device to retain control of commercial activities which are clearly in need of regulation by those charged with looking after the consumers’ interests.