Ovum finds that the risk of sensitive information being divulged on the web by organisations makes regulation a necessary evil.

The use of social media by organisations when dealing with the public needs regulation to protect sensitive information from being divulged by blundering staff, according to Ovum.

More and more public and private sector organisations have begun to respond to customer queries and complaints via tools such as Twitter and Facebook. According to Ovum, the independent telecoms analyst, regulations need to be put in place to ensure that information is used appropriately.

In addition, Ovum believes that peer to peer support conducted via social media should be monitored, to ensure that customers do not unintentionally pass on incorrect information.

Aphrodite Brinsmead, an Ovum analyst, said: “The financial services industry has already made it a requirement that communications through social media are recorded and retained. We think this needs to go a step further and that all organisations using social media to interact with customers should be regulated”.

“While social media should still allow customers to interact and express themselves, we believe that they need to be protected from having sensitive information spread on the internet by staff who may not understand how to treat such enquiries. For these reasons, we believe regulations are a necessary evil.”

In addition to regulation, Aphrodite believes that it is now time for organisations to stop experimenting with social media and start putting in place formal strategies. She added: “Customers enjoy the fast response rates and good service that social media allows and more and more enquiries will be made this way. However, every organisation should have a strategy and guidelines in place so staff can understand how to treat them.”

In theory, it sounds like a no-brainer. While the Internet is an awesome free-for-all of services and content it is also a terrifying space, one where bits of information about who you are and what you're doing continually float around like cyber flotsam and jetsam, only to be picked apart by outside parties for their own devices. As a result, privacy is an issue, but would the Internet be a better place if a national registry existed to shield users from prying advertisers?

Late last month, FTC Chairman Jon Leibowitz announced to a Senate panel that the commission would explore the idea of a Do Not Track list for online marketers. In theory, it would work similarly to the Do Not Call registry pushed through in 2004: users register for a list governed by the FTC or a private entity that prevents web marketers from collecting user information like say, user ISPs providers, screen size, browser version, and so on.

That's where the similarities end. For effective Do Not Track legislation to pass, the FTC will have to address unprecedented complexities and deal with far-reaching implications, beyond say, the multimillion-dollar fines the commission has charged Do Not Call violators. Here are the thorniest issues the FTC is facing, at a minimum, in making such a plan work:

1) It will be hard to implement.

"For lack of a better way of saying it, [Do Not Call] operates in two dimensions," where as Do Not Track would have to be far more complex, says Ed Goodman, Chief Privacy Officer of Identify Theft 911. With Do Not Call, you register a phone number, and telemarketers are forbidden from calling. In theory, Do Not Track would work the same way: register your name, and third party marketers would not be allowed to access your online data. Several questions then arise: Is all of your information off-limits? Some of it? If so, which aspects? How would users be uniquely identified? Could marketers use that information for some purposes and not others? Though Goodman is a proponent of the concept, he admits he's not sure how such a registry would work in practice simply because there are more Internet-related issues for the FTC to contend with.

2) It could become outdated. Fast.

Technology advances rapidly, oftentimes with unpredictable new features, and online marketing will undoubtedly keep up. Already, we have targeted, behavioral ads on sites that can pinpoint our interests and even our general location. While Do Not Track legislation would regulate today's online marketing, would it still apply to marketing two, three, even five years from now? According to Goodman, the FTC will always be playing a game of catch-up they simply can't win. Drafting legislation that effectively polices today's technologies while remaining general enough to apply to new emerging technologies will be an almost impossible balancing act.

3) Businesses could lose money.

Let's face it: Internet users like you and I enjoy the wide variety of free content and services out there, but in reality, nothing is free. If you don't pay for it, someone else does. Many times your online payment is a dump of your demographic data, whether actively through a form, or passively through web traffic tracking code, like Google Analytics (GOOG). That demographic data is what enables websites to market themselves to online advertisers and stay in business. According to a study conducted by Interactive Advertising Bureau, 80% of online advertising campaigns were targeted or dependent upon some sort of targeted technology. With a Do Not Track list in effect, there will be less people to advertise to. Less people to advertise to equates to less revenue for advertisers and potentially less revenue for web sites as a whole.

4) Users may have to pony up.

When all is said and done, registered users may feel safer, but the unintended - and undesired - consequence is that they find themselves slapped with more frequent online service fees. Because if Web sites can't generate sufficient profit via advertising, they'll have to explore other avenues: monthly membership fees for Facebook, premium content on their favorite sites, and so on. This is already a trend online. Fencing off user data could hasten it.

Ultimately, if the Do Not Track list becomes reality, there would be many hurdles to setting it up to be effective, to avoid being just another federal boondoggle. Even then, with the amount of data users already share online, any plan would almost seem to be designed to be irrelevant out of the box. Indeed the very same users who have lobbied the FTC to create such a list may find themselves wishing they'd simply educated themselves on the finer points of keeping their data safe by being smarter about how they choose to share it online. As commenters on The Hill's story on the list have noted, the plug-in to prevent this sort of tracking already exists for the Firefox and Chrome browsers, meaning the FTC would likely be deploying large amounts of taxpayer money simply to reinvent an already rolling wheel.

The “do-not-track” legislation, could soon become a legislative priority, that allow consumers to hide their browsing activity from advertisers, giving people more control over how their personal information is collected and distributed online.

The fact is that this whole discussion is a moving target, as online marketing becomes more and more sophisticated. When you regulate one area, another opportunity opens, so the issue will never be fully resolved.

Self-regulation is the way to go.