As the Federal Trade Commission considers addressing Internet privacy through “Do Not Track” proposals, these efforts recall a line from Jack Lemmon’s 1960s film The Apartment: “that’s the way it crumbles … cookie-wise.” With the Internet economy’s heavy reliance on targeted advertising as a revenue generator, overregulation in this space could leave crumbs everywhere.

In this particular cautionary tale, the notion of personal space is more fluid than in The Apartment’s darkly comic fable about the repeated invasions of a clerk’s apartment by his bosses. In the Internet space, the innovation and functionality that consumers demand requires reasonable compromises as far as consumer data is concerned. Companies that engage in behavioral advertising and/or the collection, use and dissemination of online browsing data – often through the use of Internet “cookies” – work to generate revenues amid their users’ expectations of privacy. Advertising and tracking services deploy new and complex ways to follow users’ steps through the Internet, such as monitoring purchasing behavior and other activities. These efforts often benefit consumers as well -- content can be tailored to those users’ browsing habits and may provide a level of personalization through storing commonly used information, site preferences or other methods.

Nevertheless, despite efforts by many websites to craft privacy policies to address users’ concerns, some consumers are unaware of these tracking methods or of the data being collected. Some advocates support a “Do Not Track” approach to permit consumers to reject the collection and use of their data, and the FTC has weighed in with its support. In its December 1, 2010 report on Consumer Privacy, the FTC proposes a framework for enhancing consumer privacy on the Internet. Existing FTC regulation focuses on increasing notice to consumers about privacy practices, on promoting consumer choice for data practices and on consumer protection through FTC enforcement. The FTC’s new approach has several components: 1) Companies should adopt a “privacy by design” approach toward building privacy protections into their business practices; 2) Companies should provide simpler and more streamlined notice to consumers about data practices, and consumers should be afforded the opportunity to make informed and meaningful choices; and 3) Companies should make data practices more transparent to consumers.

Most significantly, the FTC supports the use of “Do Not Track” as part of the enhanced “notice” approach. “Do Not Track” would involve the use of a “persistent setting” on the consumer’s browser that would prevent tracking and targeted ads as the user browses or searches the Internet. In concept, the approach takes it cue from the wildly popular “Do Not Call” registry adopted by Congress several years ago. The impact of “Do Not Track” – and the potential unintended consequences – may be more significant. Early reports indicate that there are many technical challenges to implementation of a universal approach, and some useful website functionality may be disabled. More importantly, the potential for systemic blocking of targeted ads threatens the ad-based revenue model that dominates Internet commerce.

The FTC’s proposals are sure to draw much attention in the industry and among policymakers. As with “Do Not Call,” implementation and enforcement of “Do Not Track” likely requires some sort of federal legislation, and Congress has begun holding hearings on the matter in recent days. Expect “Do Not Track” to be a hot button issue in 2011, and keep an eye on the cookie jar.