Four Missed Opportunities for Privacy

← Back to Stories (view on slashdot.org)

Four Missed Opportunities for Privacy

Posted by kdawson on Tuesday July 7, 2009 @06:44AM from the squirming-to-head-off-regulation dept.

The NY Times has a blog posting on the occasion of the Internet advertising industry's release (PDF) of what it describes as tough new standards governing the collection and use of data about users' behavior. The Times' Saul Hansell describes these "new" standards as more of the same old status quo, and outlines four privacy-enhancing ideas, being discussed by Google, Yahoo, the FTC, and Congress, that the IAB has completely ignored. These principles are: every ad should explain itself; users should be able to see data collected about them; browsers should help enforce user choices about tracking; and some information (medical and financial) is simply too sensitive to track.

14 of 67 comments (clear)

Min score:

Reason:

Sort:

I'm completely shocked... by fuzzyfuzzyfungus · 2009-07-07 06:47 · Score: 4, Informative

You mean that "self regulation" fails when it is opposed to self interest? Who could have guessed?
1. Re:I'm completely shocked... by log1385 · 2009-07-07 06:55 · Score: 2, Insightful
  
  Self-regulation is even more effective when combined with wide-spread user apathy/stupidity/unawareness.
  
  --
  Seek and ye shall find.
2. Re:I'm completely shocked... by megamerican · 2009-07-07 06:58 · Score: 3, Insightful
  
  People now expect government to do everything for them including protection against their own stupidity.
  It would be quite simple to organize boycotts against products and companies that don't give you adequate information. However, people have forgotten that they have much more power than a beaurocrat ever will. What they get in return for their lost vigilence are corrupt politicians who sell them out and then they wonder how things went bad.
  This is just another example of "my people suffer for lack of knowledge." If you think the government will do everything for you, then you'll end up like the Obsolete Man (a great Twilight Zone episode).
  
  --
  If you have something that you dont want anyone to know, maybe you shouldnt be doing it in the first place -Eric Schmidt
3. Re:I'm completely shocked... by emocomputerjock · 2009-07-07 07:01 · Score: 3, Insightful
  
  I think it's been proven again and again that the only privacy available on the net is that which you go and secure for yourself. You almost have to become obsessive-compulsive fighting against cookies, scripts, and counters to protect yourself nowadays.
4. Re:I'm completely shocked... by FlyingSquidStudios · 2009-07-07 07:24 · Score: 4, Insightful
  
  Okay, but this is the real world, not an Ayn Rand fantasy utopia. People are not going to realize or want to use their powers as individuals. Many people are perfectly happy being sheep as long as they are in a comfy pasture with plenty of grass. Despite my personal distaste for that behavior, I still feel those people deserve the same basic human rights as I do. The only way to ensure they have those rights is to work within the system, not rebel against it. The only way you will get people to join your self-reliance revolution will be for them to suffer a hell of a lot more than they are now. I, for one, am thankful we don't live in a world that desperate yet.
  
  --
  http://twitter.com/OLDTELEGRAM
5. Re:I'm completely shocked... by Valdrax · 2009-07-07 13:15 · Score: 2, Insightful
  
  People now expect government to do everything for them including protection against their own stupidity.
  I see that you're under the delusion that it's possible to not be "stupid" about every important transaction you engage in. Unfortunately, there's simply far, far, far too much information in the real world for any citizen to properly protect themselves in every transaction. You can't know everything, even in transactions where the seller isn't deliberately hiding information from you, and time is not an infinite resource.
  This is what government is good for. We need specialists that can drill down and make sure things are safe for those of us who are not experts in an area.
  We need financial regulators because the average person can't understand complex financial products. We need people to look into drug safety because the average person is not a doctor and wouldn't even know where to look to protect themselves against complications. We also need food & drug inspectors because people can't inspect factories to see that the products they ingest are safe. We need people to look into whether businesses are protecting customer's privacy because it takes too much effort to research which companies do and don't.
  We need experts to watch what we can't. That's not "stupidity." That's simple specialization of society, as advocated by Adam Smith. Information assymmetry is a fact of life, and the only way to tackle it is to put someone in charge of watching over things. Modern society is simply too complex and contradictory for word of mouth to protect against crooked dealers.
  And it does nothing if there's more market advantage to screwing the customers than treating them well. This is especially the case in a world where the only method of regulating bad players you will accept is...
  
  It would be quite simple to organize boycotts against products and companies that don't give you adequate information.
  No, it's not simple. If it were simple, people would do it all the time, and it would actually be effective.
  In practice, the only boycotts that seem to ever reach any critical mass of attention in the public's mind are religious-based protests, such as those against Disneyworld for "Gay Days," and even then a company that's big enough can simply shrug it off (e.g. Disney). I mean, how's that whole "let's all boycott Amazon.com over their one-click patent" thing going? How about boycotting the RIAA? If enough people don't know, don't care, or don't care enough about a cause not to do business with a company, then there's no market disadvantage to acting like a complete jerk.
  It's even more laughable of an idea in markets where there are only a handful of competitors that all play the game the same way, such as utility companies.
  
  --
  If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
6. Re:I'm completely shocked... by Valdrax · 2009-07-07 13:34 · Score: 2, Interesting
  
  No. Because that leads to a state-run economy.
  Right. Because if you're not black, you're white. There's no such thing as grey or even orange, and there's never been such a thing as a mixed-model economy. You know. Like ours. Either either fiscal anarchy or totalitarian socialism.
  
  Now I suppose you'll tell me that since everyone should ensure that they can defend themselves, they should not create an organization of defense specialists tasked with securing the defense of the society.
  Really, government was designed for this sole purpose.
  Really, government wasn't originally designed at all. It just happens as soon as someone gains power over another person. The first formal state occurred when someone rounded up enough people to enforce their will over a populace.
  I find it funny when libertarians accept the premise of societies banding together for mutual defense against certain overt forms of violence or deceit (e.g. murder and outright fraud) but not against others (e.g. pollution and predatory lending).
  
  --
  If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
Mostly not going to happen by Nautical+Insanity · 2009-07-07 07:09 · Score: 5, Interesting

Ads will never "explain themselves" and companies will never reveal how much information they harvest from you (outside of lengthy, dull, usage terms written in Jargon.) Either case would make users skittish, and there's too much money involved for either them or congress to want to do anything about it.
As for medical and financial information, it's incredibly sensitive, yes, but having it tracked is incredibly convenient for both lay people and companies (if inconvenient for the IT staff who have to secure them.) Either way, these records have to be kept somewhere and somehow and be accessible in some way to people who need them (doctors and banks.)
The only change I see possible is improvement in the browsers. If any privacy change does occur, you can bet that it will start with either Firefox, Opera, or some non-mainstream browser, and then be eventually adopted by IE. Don't expect the end-users to know how to enable any privacy features though.
Valid but not simple? by nine-times · 2009-07-07 07:15 · Score: 3, Interesting

One thing that caught my attention in the summary:

users should be able to see data collected about them
Seems like a very valid sort of thing to want. If your company has information about me, I should be able to know what information you have. Common sense, right?
On the other hand, if you're going to talk about something like this, don't you also have to talk about other increases in security to go along with the additional transparency? If you're going to make it increasingly easy for me to see information about me, it should go hand in hand with making it increasingly difficult for someone who is not-me to access that information about me.
I really think it's time that we talk about improving our security models. SSL on everything would be a good start.
1. Re:Valid but not simple? by funkatron · 2009-07-07 07:26 · Score: 3, Informative
  
  In Britain the data protection act means that you can write to any company and request all of the data that they hold on you. However, the company is allowed to charge up to £10 to cover the costs of finding this data. I'm not sure what level of security is required tho.
  
  --
  "Welcome to our world. We are the wasted youth. And we are the future too." Yes, I know these are stupid lyrics.
Solution by Sarcasmooo! · 2009-07-07 07:23 · Score: 5, Informative

Install adblock extension, disable 3rd party cookie files, use software that ads advertising domains to your hosts file.
As far as I can tell the internet doesn't even have banner ads anymore.
Won't work by Darkness404 · 2009-07-07 07:33 · Score: 2, Interesting

These principles are: every ad should explain itself, users should be able to see data collected about them, browsers should help enforce user choices about tracking, and some information (medical and financial) is simply too sensitive to track.

This fails in many aspects. Every ad should explain itself? How are you going to do that on something that takes up 1/6th of a normal computer screen. If you click it for more info, that kinda kills the entire point of the ad to begin with. Users should be able to see the data collected about them? Oh no theres no potential for abuse for this one. Theres no way this can be used to create a very good phishing attack especially if you have physical access to the computer. As for browsers helping enforcing user choices, how do you do that? Have a box where you check "block tracking cookies?" I'm sure theres no potential for abuse for that either. Theres no way that MS or another company will "conveniently" "mislabel" legitimate cookies as tracking cookies. Plus, this can very well lead to a ton of censorship.

--
Taxation is legalized theft, no more, no less.
"Cookies" by orngjce223 · 2009-07-07 07:40 · Score: 2, Funny

There's a grain of truth here. Cookies have a nice cutesy name to them that makes them seem innocent. It's "just" an edible text file, that's all!
Why not call them something else? Take a page out of PETA's book; call them turds or something!

--
Note: I was 13 when I wrote most of this. Take with several grains of salt.
Meh by SirGarlon · 2009-07-07 07:42 · Score: 4, Informative

When it comes to privacy, there are much bigger issues than the pervasive use of tracking cookies. (For example: indefinite data retention after a customer has stopped doing business with a vendor, sale of customer data without explicit opt-in, and let's not forget the pervasive failure of government agencies to encrypt sensitive data like Social Security numbers.) Tracking cookies seem quaint and harmless by comparison... this article reminds me of the privacy issues we used to worry about back in 1999.

--
[Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.