- DuckDuckGo executive Megan Gray said companies should be responsible for the data they store on a panel at CNBC's Technology Executive Council.
- The company creates alternatives to Google's products with a focus on privacy and defaulting to not tracking its users.
- A Mozilla executive on the panel agreed that it's no longer necessary or wise for many companies to store large amounts of data that could present security risks.
It's no longer enough just to protect against hacks and data breaches. Companies also have a responsibility not to attract bad actors to their services, according to Megan Gray, general counsel and policy advocate at DuckDuckGo, a search engine alternative to Google.
"It's incumbent on the companies to not create these honeypots of data," Gray said on a panel about tech regulation at a CNBC Technology Executive Council event on Tuesday.
DuckDuckGo is best known for its privacy-focused search engine, which relies on contextual ads, rather than behavioral ads that track users' actions to target their preferences. Gray said the company advocates for "do not track" legislation, that would require companies to respect users' decisions not to be tracked. Such regulation would actually boost innovation around contextual advertising, rather than stifling it, she said.
Advertisers may already be preparing for this version of the future. After Google announced earlier this year that it would introduce new privacy features and tracking information on its Chrome browser, advertisers were forced to reevaluate how to reach their audiences under the new changes.
Chris Kelly, a former chief privacy officer at Facebook, disagreed that companies must avoid data "honeypots" altogether.
"In today's day and age you can't avoid creating honeypots of data," he said, arguing consumers like when they are served relevant information based on their preferences, though it's important to protect that data.
Alan Davidson, VP of global policy at Firefox owner Mozilla, agreed with Gray that there's no need for companies to store the vast amounts of data once believed to be valuable.
"I think there was an article of faith maybe ten years ago that all data should be kept because it will ultimately someday be valuable," Davidson said. "And hopefully we are now questioning that and recognizing there's a cost to keeping data. There's a privacy issue but there's a huge security issue and a lot of companies are not equipped to keep the data that they're keeping."