Although do not track has been compared with the Federal Communications Commission's successful National Do Not Call Registry implemented after numerous legal battles in 2004, Soghoian pointed out the former would include neither a government record of Web sites that track users nor a list of consumers who do not want to be tracked. "You want a generic opt-out that is persistent and tells people, 'leave me alone,'" he said.
Much Web security has been reactive—consumers receive pop-up ads, so the Web browsers start featuring pop-up blockers, and then the ad networks find a way to evade the barrier. "If we simply continue the arms race that we've had for the last few years, we don't get any relief, because it's not illegal to engage in a cat-and-mouse game and innovate around browser privacy controls," Soghoian said. "I like the idea of the consumer sending their privacy preference every time they interact with an ad network because that then gives the FTC a hook to go ahead and nail these companies for telling consumers they will obey their preferences and then not doing so."
Although many companies use privacy policies to explain their information practices, the policies have become long, legalistic disclosures that consumers usually do not read and do not understand if they do, according to the FTC. The idea of building a do-not-track mechanism into browsers adheres to the FTC report's recommendation that Web software companies adopt a "privacy by design" approach to their products.
Mozilla, maker of the Firefox Web browser, responded to the FTC's report by indicating that the company needs to examine the proposal in greater detail. Mozilla vice president and general counsel Harvey Anderson was upbeat on his blog, commenting that the FTC "has proposed a set of principles that align well with the Mozilla manifesto and our approach to software development including: privacy by design, transparency, user choice and no surprises." Google noted in a statement to The New York Times that the company agrees with the FTC's view that privacy policies should be easier to understand and that corporate data-gathering practices should be more transparent.
Other companies that sell services via the Internet have been less cautious in their criticism of efforts to block online tracking. Advertising has emerged as a key driver of online content, services and applications available to users at little or no cost, Time Warner Cable president of media sales Joan Gillman testified Thursday at a U.S. House of Representatives Energy and Commerce Committee hearing to address potential do-not-track legislation. She defended targeted advertising, which relies on specific information about online users, as the most effective way for advertisers to reach potential consumers and encouraged the government to let the industry self-regulate (pdf).
Subscription Center
See what we're tweeting about
16 Comments
Add CommentYeah, Joan Gillman, we know how that self-regulating goes. These businesses who track your movement online are stalkers, or crooked lazy cops, or both. They should make it a crime to stalk people on line just like they do in the real world. Slap these business and fat lazy cops with a huge fine, say $500,000.00, and if they are caught doing it again a second time...jerk their business license and let them spend a couple of weekends in jail and make them register with a "stalkers registry" so other business will know to watch out for them. The rules that apply to business in the real world should also apply to them in the cyberworld.
Reply | Report Abuse | Link to thisI do find it a little ironic that this message is hosted on a website that is likely not only tracking me but even expects me to "log in" to access the service of posting a comment. Anyway, all services have to do to get around these obstructions is not offer any of their services if you have that opt-out option set. They just launch a popup that says something like "Do you wish to view the content on the page" which has a link to a page and a half of agreement legalese, which everyone is used to ignoring by now, that says it will automatically change your preferences to allow tracking cookies buried somewhere in the middle. I think there already exists the option in browsers to turn off cookies, but then you can't use half the web services you like. The do not call registry was a success, but I think the internet is currently a little too dynamic to fight effectively with legislation just yet. If you think of the time it took between when companies started telemarketing and the time it was more or less shut down, you are looking at a 50 year gap. Probably the only reason legislation could even be passed was that companies have cheaper and more affective advertising avenues with the advent of the internet. In other words, it was getting too expensive to pay all those telemarketers. They tried outsourcing to India and using computers to thin the cost, but it just angered people, reducing sales margins. I think the current model is to have software that can identify and remove the tracking cookies, closer to the Tivo/DVR arms race of technology against advertising. The counter stroke is product placement or super-short adds you can't really avoid. Maybe in 30 more years internet advertisers could be combated by legislation, but by that time advertisers will be using the in-home holographic product placement technology or something.
Reply | Report Abuse | Link to thisDon't forget that it is the ad revenue keeping the internet free.
Reply | Report Abuse | Link to thisSince I don't shop online, I've learned to ignore the ads - I don't even see 'em.
Silvrhairevil: couple of points - 1. the internet is not "free" as I pay about $50 per month for access, pay each year to maintain my web site hosting, et al, 2. We live in a world with less and less privacy. Companies that I do not know about or what they do my my information should not be permitted access unless I specifically permit it. We are too easily giving up our rights to privacy. One Supreme Court Justice said it succinctly - you're greatest right is the right to privacy.
Reply | Report Abuse | Link to thisHere's some information that you should read if you're concerned about your privacy on-line:
Reply | Report Abuse | Link to thisFlash cookies can also be used for a nasty trick. Advertisers can use them to restore regular cookies that you delete! Those tracking cookies you deleted may not actually be gone. They come back as fast as you delete them. That's why they've earned the nickname "zombie cookies."
Adobe does provide controls that help you manage or disable Flash cookies. But the controls can be confusing. You also need to visit Adobe's site to access the controls. Go to the Flash Player Settings Manager. You want to go to the Web site Storage Settings panel. Don't confuse this with the Global Storage Settings panel. We'll get to that one later.
You can get to the Web site Storage Settings panel two ways. There is a link to it on the left side of the page. You can also click the folder tab in the Settings Manager window. You want the one without the globe behind it.
Once there, you'll see a list of Flash cookies stored on your computer. You can browse through and select individual sites. Click the "Delete website" button to remove the site's Flash cookie. You can also click the "Delete all sites" button. This will remove all Flash cookies and other Flash data.
Courtesy of www.kimkomando.com
Flash Player Settings Manager
Reply | Report Abuse | Link to thishttp://www.macromedia.com/support/documentation/en/flashplayer/help/index.html
The do no call lists were successful primarily because their purpose was to prevent unsolicited callers from communicating with phone subscribers. Since their sole intent was to communicate (for purposes such as making sales pitches, etc.), preventing their direct communication with subscribers was all that was necessary.
Reply | Report Abuse | Link to thisTracking cookies and potentially more sophisticated forms of covert activity monitors have little need to overtly communicate with the 'subscriber' - in fact most are not aware that tracking is occurring. Since no response from the 'subscriber' is necessary for trackers to achieve their purposes, there's little incentive for them to cooperate with voluntary 'do not track' requests. Why would any tracking software pay any attention to the request for voluntary cooperation, no matter how it's implemented? What would incent advertisers or any other trackers to stop tracking?
I completely support the effort to get the advertisers/trackers under some kind -any kind- of rational control, but I suspect it's a lost cause. The ad industry, which has made our society number 1 in human history in lies per second, has enough money to buy all the republicans and half the democrats in congress. And I don't mean to suggest that the dems are more expensive.
Reply | Report Abuse | Link to thisI think you are WAY behind the curb, picking up regular news outlets to make a story. There is some crazy technology and programing out there that can piece together browsing habits based on all kinds of obscure things.
Reply | Report Abuse | Link to thisAdditional: I use google search as a spell checker. That ruins any ad company from easily tracking my habits with search terms.
Reply | Report Abuse | Link to thisThere are a number of problems:
Reply | Report Abuse | Link to thisJurisdiction: OK, let's say the FTC makes a rule or the US Congress makes a law that offers users an option to "not be tracked". How is that going to be enforced by a ad network based in China?
Tied to methodology: Cookies are not the only way to track a user. If all links went to a "clearinghouse", with a redirect to the content requested by the user, the "clearinghouse" can grab (at minimum) the IP address of the requestor. The only way I'm aware of to defeat this is to hide behind a proxy; then the proxy's IP address is used rather than the users. If every user has a "personal proxy", this offers no protection... the only protection afforded is if multiple users use the same proxy, in effect, "getting lost in the crowd".
Begging the question: Why is privacy important? Why does it matter if anyone knows that I am surfing Scientific American and reading this article?
If you are serious about privacy, wear a mask when you leave your home, obscure your license plate when you drive on public roads (actually, don't... that's illegal) and pay in cash for everything. Retailers will track your purchases by your credit cards.
Based on my debit card/credit card utilization, it would be easy to figure out that I recently saw a particular movie, shopped at a particular supermarket where I purchased certain products, purchased gasoline from a particular station. Using data from EZ-Pass, it would be very easy to determine my usual route to and from work and the average speed at which I drive.
Does it matter than I prefer Levi's purchased at The Gap to Wrangler purchased at Walmart? Wheaties to Corn Flakes? Store brands to brand names? Not to me.
I don't pretend that it doesn't matter to the marketers who seek to influence your purchasing decisions; but I also don't pretend that they exert more control over my purchasing decisions than I do.
I think all good points.
Reply | Report Abuse | Link to thisI also think that most advertising is less effective than currently thought although it funds most web sites and most forms of media entertainment. The may catch on some day...
By the way, if your car insurance company constantly advertises everywhere and their greatest operating expense is advertising, how much of their revenue can they be spending for customer support and repair claims?
Do you really want your car insurance premiums to be spent mostly on advertising?
The problem isn't so much the tracking. The real problem is hosted advertising. Most sites subscribe to hosted advertising as a revenue stream. This means that they have no idea what each ad does. Historically most ad servers were malware attack platforms. An advertisement that is physically coded into the page on the actual web site rather than cross site hosted is much less likely to have putrescent scumware embedded in it.
Reply | Report Abuse | Link to thisI set my browser to only allow white listed sites. Miscrosoft harasses me by demanding that I click a button for each scumware site I don't want to see every single time a given scumware site comes up but it keeps out 95% of advertising and I haven't had any scumware attacks in 3 years.
Hosted advertising is certainly a web page performance issue: displaying a web page does not only require a successful transaction to the web page host, but to all advertisement servers referenced by the web page server. Since advertisers seek to maximize their accesses, their server are subject to resource contention, producing performance 'bottlenecks'. Anything for the customer...
Reply | Report Abuse | Link to thisThanks for this. I noticed that www.whitehouse.gov and www.democracynow.org were in the list, along with a number of others that I would not like to have others to have common knowledge about.
Reply | Report Abuse | Link to thisI just don't want my computer to store their records for them, and don't want their cronies to have access to their cookies. I don't want per-session cookies that I DO allow shared with other domains. That's not so difficult, is it?
Reply | Report Abuse | Link to this