"We hear the cries. It is time to take action," said Robin Webster, exec VP of the Association of National Advertisers. "We need to act quick."
Ms. Webster is heading up one of two panels that last week examined possible action.
Her ad hoc committee -- formed by the American Association of Advertising Agencies and ANA to include various major marketers, ad serving firms and ad agencies -- met last week in New York and will meet again this week.
Meanwhile in Washington, the Online Privacy Alliance -- which includes additional marketers, associations and Internet companies -- considered an internal recommendation to alter its privacy code to require better disclosure of the kind of information going to third-party ad servers.
Marketers may not have a lot of time to act voluntarily in the face of new challenges from privacy advocates, mounting congressional concern, regulatory action and new disclosures.
Last week DoubleClick and several health-related Internet sites said the Federal Trade Commission had begun probing them on privacy issues.
Michigan Attorney General Jennifer Granholm last week initiated legal proceedings against DoubleClick and its Internet address finder (iaf.net) and NetDeals.com Web sites, charging DoubleClick violated state laws by placing cookies on users' browsers without knowledge or consent.
The New York attorney general also is looking into DoubleClick's actions, and DoubleClick faces a growing list of lawsuits by consumers who say it's improperly using their data.
DoubleClick's controversies are drawing unwelcome attention to clients. There was a report that in apparent violation of their own private policies, some marketers regularly sent personally identifiable information to DoubleClick.
Privacy technology expert Richard Smith reported on his site (tiac.net/users/smiths) that when consumers went from one page to another on some major marketers Web sites, personal information supposed to go back to the marketers went unfiltered to DoubleClick as well.
Mr. Smith reported AltaVista Co. and several other sites had, without his authorization, sent DoubleClick such data as his home and e-mail addresses, birthday, and detailed information about movies and health conditions that he had inquired about.
An AltaVista spokesman attributed his site's data transmission to a "technical flaw" and "inadvertent data leak" that he said was fixed quickly after Mr. Smith brought it to AltaVista's attention.
DoubleClick said it did not keep or use the data.
Privacy groups have targeted DoubleClick, the biggest of the Web ad servers, because of its plan to take personally identifiable information from its Abacus Direct database and combine it with information to be gathered online.
DoubleClick said it will ask consumers for consent before beginning to collect the information, but privacy advocates say they fear consumers won't get adequate notice and won't understand that information gathered at one site is going to others.
"The critical issue is what will be the future ad model for the Internet," said Marc Rotenberg, executive director of the Electronic Privacy Information Center. The center filed a complaint with the FTC about DoubleClick's plans.
DoubleClick last week unveiled its own privacy initiative including a banner ad campaign, steps to better inform consumers about what it was doing, and measures to make it easier for consumers to "opt-out" of DoubleClick's data collection.
Reports of the probes, however, sent DoubleClick's stock into a sharp midweek skid. DoubleClick closed at $92.92 Feb. 18, down 16.3% from its Feb. 15 close of $111.44, shaving nearly $2 billion of valuation. DoubleClick, in disclosing the FTC probe in documents filed with the Securities & Exchange Commission, warned that the privacy issues could have other impacts.
"Some of our contracts with Web publishers prevent us from developing profiles of users of their Web sites," DoubleClick said. "The current debate . . . may cause additional Web publishers to seek similar provisions."
There is no indication DoubleClick clients are moving to abandon the company, whose plan to marry offline/online data looked like an advertiser's dream till the privacy debate erupted.
But some clients, such as RealNetworks.com, are watching carefully. While RealNetworks has no immediate plans to shift from DoubleClick, VP-General Counsel Kelly Jo MacArthur said, "We are constantly evaluating the information available to us in deciding which vendors we will be using, and we will watch how the industry resolves these issues. We want consumers to have a high level of trust with RealNetworks, and we will make choices that ensure that."
Rivals are ready if clients want to jump; Engage Technologies last week presented itself as being immune to DoubleClick's privacy problems because it doesn't ID users by name. As DoubleClick stock sank last week, Engage soared.
Sites of some DoubleClick clients, including Travelocity.com, are revising their privacy policies, suggesting sites do not want to be drawn into DoubleClick's fire.
"Recently, the advertising company DoubleClick received considerable attention regarding the serving of ads," Travelocity said in its privacy statement. "We do not sell or provide individual customer names or other personal profile information to third parties, including DoubleClick and their advertisers, except for vendors who participate in your itineraries."
Travelocity was targeted in a recent e-mail protest by the Center for Democracy & Technology as part of the center's campaign against DoubleClick.
Ad groups, however, worry that the issue is one the whole marketing industry needs to act on.
Whatever DoubleClick does, "it is not resolving the [overall] consumer issues," said Ms. Webster, noting that marketers still need to make what they are doing clearer. "The issue is still there."
John Kamp, senior VP of the Four A's, said marketers need to do a better job "of ensuring that consumers understand what is going on. [Consumers] need a better sense of control."
The pressure to act came as several new legislative proposals and committees surfaced that could affect marketers' abilities to target their Web ads.
Sen. Robert Torricelli (D., N.J.) offered legislation that would require consumers to "opt-in" before a marketer could provide information gathered at one site to another. Meanwhile two privacy task forces were announced, one a Senate Democratic task force to be headed by Sen. Patrick Leahy, (D., Vt.) and the other a bipartisan Congressional Privacy Caucus headed by Sen. Richard Shelby (R., Ala.) and Rep. Ed Markey (D., Mass.).
The privacy battle soon could be a very public political debate: An aide to Sen. Leahy said more than half the Democrats in the Senate had requested to be on his panel.