|The Breadcrumbs You Leave: Should You Be Concerned|
|The Web companies are, in effect, taking the trail of crumbs people leave behind as they move around the Internet, and then analyzing them to anticipate people’s next steps. So anybody who searches for information on such disparate topics as iron supplements, airlines, hotels and soft drinks may see ads for those products and services later on. |
Consumers have not complained to any great extent about data collection online. But privacy experts say that is because the collection is invisible to them. Unlike Facebook’s Beacon program, which stirred controversy last year when it broadcast its members’ purchases to their online friends, most companies do not flash a notice on the screen when they collect data about visitors to their sites.
The Breadcrumbs You Leave: Should You Be Concerned [nytimes.com]
Or is it just a smart way of delivery ads? ;)
|It will not be "injecting" anything into your internet connection, as some commenters on our previous stories have suggested. Phorm's Open Internet Exchange (OIX) is an online advertising broker service that, just like DoubleClick, matches advertisers with publishers. For both these parties, the closer the match the better: advertisers reach the people they're most interested in, who are more likely to click on the ad, which means the publisher will get more money. |
[edited by: engine at 4:30 pm (utc) on Mar. 10, 2008]
Everything is open to abuse - it all depends if you trust the people who have the power! Or do you treat them with the contempt that they might deserve!
I've been always saying: it is best to stay in bed.
Question everything.. Trust no one... Clear your cookies every time you close your browser.
Words to live by....
[edited by: jatar_k at 9:33 pm (utc) on Mar. 10, 2008]
You can set your browser settings to only allow cookies from the sites you visit most, like webmasterworld.com ! ;-)
Looking at the AOL incident last year, where just a small sample of anonymized search data had been released into the wild, I feel not very secure when it comes to BIG players in the Internet, most importantly Google. IMO they dwarf any other player and are a real privacy risk. Yet AOL, Yahoo!, Microsoft, and others, are a risk, too.
I am concerned.
- Enable cookies only for sites that need them.
- Enable persistent cookies only for sites that you visit often and want to maintain sessions - for other sites you should accept cookies "only for this session". This applies particularly to search engines
- Some retail, travel, etc. sites will fiddle with prices based on your previous interest in products. Blocking cookies can work either for or against your favor in this case
- Use an ad blocker! There isn't anything I can say I've missed since installing a good one (that keeps getting better)
- Do not allow your email client to download linked content. Inline HTML (but ONLY inline) is generally safe with modern email clients. But downloaded images are used as beacons. I use an email client that has a little "download now" button for those emails where you really do want to see the linked content.
- If you use a "content advisor" extension, use it only in "download" mode, not "online". In this mode it periodically downloads a list of "bad sites" and the extension checks against the downloaded list. In online mode, you are telling the content advisory service about every site you browse.
A system should be (data) secure by design and not trust. If the Google founders crash with their nice airplane and the stock majority gets bought by some Chinese steal giant for a few hundred billion, who thinks that upselling your private data is a good idea, your trust in the G co-workers is worth nothing. Same with any company of any size. So privacy and trust is a question of informations system design. And right now the whole thing is crap under that aspect: Mine, yours and the internet giants, too! The whole network is not designed to be 100% secure.
But also: whining and complaining does just not help. Being paranoid and clearing private is the only choice, if you are VERY information sensitive at the moment. This privacy topic will go on for decades and all you can do is being educated, educating and being sensitive.
I personally decided that I can not control that information and gave up about 4 years ago. Nothing besides SPAM (email and paper mail) has happened so far. Hopefully we are old and just incompatible, when these head mounted devices start to suck the advertising data right of your brain in a few years!
OF course the information that we want from our own visitors is just the information that we want to hide from others.
use a proxy server and clear cookies then you will be totally anonymous on the net.
Just last I got willies when I went to a site for the first time and was greeted with "Hi Tim!" It was some embedded Amazon content. So I locked Amazon out of setting cookies. It made me feel better for a bit.
I didn't mind Amazon making assumptions about me from the stuff I bought from them, but them keeping an eye on my broader surfing habits was too much.
Of course other companies are also collecting the data, just not saying "Peekaboo I see you."
Until you do something on a site - your view will go counted, your path can be followed, the lack of common info is now your "online signature" which stands out among the crowds of viewers putting out tons of data. It helps to do the anonymous proxy thing, but unless people change the ways they interact with the web - they still create a wealth of personalized information by just doing what they do, and if a site wants to target its users that have these features enabled they can. The amount of personal info exposed will vary on the user and their habits no matter how or what they use to connect to a site.
|use a proxy server and clear cookies then you will be totally anonymous on the net. |
In my experience very few individual internet users seem to be aware that the name they give their newly purchased computer at installation will also be the name of their user account in Windows. A lot of people give their own name to their computer.
Cookies will fetch the user name and store it. If the name is a less common one it may well, in combination with the IP, fully identify the individual person browsing. I have not seen that issue discussed.
Changing the computer name in Windows is simple and easy, but that will NOT modify the user name. It is practically impossible to change a user name. One has to create a new user and migrate the old user's contents, profiles and customised settings (if possible) to the new account, and then delete the old one. Everybody is not able do that.
I am not overly concerned with companies tracking my purchase habits and trying to make me targeted offers. I make a living off the internet, essentially making money from such marketing efforts in one way of another. I would never install a total ad blocker or a cookie eraser for that reason. If everyone were to do that, I won't have much of a revenue stream anymore.
Just one problem with everyone saying "just delete cookies" or use proxy. The tracking is done at the ISP. Also Phorm work with an opt out cookie. So if you disable/delete the cookie, your are automatically tracked agian. I think one of the UK ISP's have gone for opt in, others have not. Have a read of some of the comments in the Register article.
Would be interesting to know what big G and the affliate networks thinks about Phorm.
Most folks won't even know what's going on. Those of us that do know what's going on ought to raise the profile on this issue.
I don't like the idea of buying habits being tracked without the users knowledge, and worse still, having to opt out, and being automatically opted back in when it suits the isp.
I'd find a different isp
|The tracking is done at the ISP. Also Phorm work with an opt out cookie. |
This was news to me - it's not common at all in the U.S. - there are some free and low-cost dial-up services where the ISP delivers-up their own ads, but otherwise this sort of thing is not common, or if it is, not disclosed.
I was rather shocked to see the statistic on the Phorm website that 70% of UK broadband subscribers are affected by this.
What I gather is that the ISP collects browser habits and sends them to Phorm - anonymous only in the sense that the name of the subscriber isn't disclosed. The data is then used by an ad network (or ad networks? That's what OIX enables?) to target users.
I did a search, and came up with a very recent news article suggesting that Phorm may be "eyeing the U.S. market."
I think it will go over like a lead balloon here. We aren't as accepting of Big Brother as our U.K. colleagues - at least not when it's done openly - on the other hand, we seem complacent with "what we don't know won't hurt us..."
The whole concept is rather scary. A bit more reading, and I see they are using deep packet inspection. That is, they are examining the data delivered to customers. So, it is more than clickstream - they are spying inside of packets. (Yes, like Gmail, which is why I feel Google is evil. IMO, Gmail is where Google crossed the line that should not be crossed.)
I have to disclose that I was involved as a software developer as the client-side software architect in one of the first (perhaps the first) clickstream advertising schemes, PowerAgent (long defunct). What made the concept palatable to me is that it was completely opt-in - users had to install an application on their PC - and a great deal of care was put into privacy and transparency. (For example, insuring that the uploaded data was in clear ASCII unencrypted text that users and security experts could examine, at the same time signed to prevent tampering. Uploaded data was to be sent to servers operated by a major accounting firm, acting as a trusted go-between, etc.)
So, I've watched with interest the development of similar concepts over the years. And, now, with dismay.
It saddens me to realize that I've lived to witness the birth of the society described by George Orwell in "1984".
This is doubleplusungood.
1984 parallels are hardly constructive. If these were govt inspired initiatives designed to track citizen's interests and trends, then that would be appropriate. But this is just the natural trend of advertising and capitalistic motives. Moreover, "Big Brother", elected by you, continues to protect you with relevent privacy laws and recourse to the law in the event of a civil infringement.
I for one do not especially care. In fact I want to see sensible advertising. Nothing is more annoying than TELEVISION ADS, 95% of which are targeted at a demographic I am not in. So annoying! But, some TV ads are of interest to me, and if 95% were, I might actually watch them instead of switching channel! Rather see the same with web ads. Inefficient advertising is just wasteful, annoying, decreases the profitibility/viability of websites you visit, and increases the cost of products you purchase.
The only issue would be if my habits (confidential) became disclosed and associated with my name, which has the potential to be damaging. But there are policies and also the law to guard against this. A company like Phorm, and their associate ISPs, endure nothing but knee-jerk reactions against this sort of initiative, so you can bet they will avoid any real controversy like the plague. In fact you can hope they publish in the Times a list of the last ten sex sites you visited okay? cos the settlement they'll offer you to avoid court will set you up for life :)