Online Ads, Privacy Remain In FTC Crosshairs

AC95 writes "The FTC wants to give users a browser-based tool for opting out of online behavioral tracking, a proposal that has privacy advocates cheering and online advertisers up in arms. A key issue, says FTC attorney Loretta Garrison, is that while most consumers know they're tracked online, they don't fully appreciate how much information is collected. Tim O'Reilly, founder and CEO of O'Reilly Media, worries about knee-jerk legislation criminalizing mistakes that are an inherent part of applying any new technology."

Mistakes?

[Serenissima]

Really Tim O'Reilly? Maybe criminalizing mistakes that affect the identity of citizens MIGHT make you more aware so those mistakes don't happen again.

Re:Mistakes?

[Andorin]

Troll mod? Really? The parent is 100% correct. I certainly wouldn't sleep as well at night if I knew that a business that fucked up with any personal data they had on me could get away with it by calling it a "mistake."

Re:Mistakes?

[Jawnn]

What he said...
Look, Tim. I'm all for the industry being able to track behavior and make money off of it, as long as the users are fully and completely informed of the terms of the agreement. The ads pay for much of the content that we get for free, I understand that, but you have to treat the users, your partners in that revenue stream with a hell of a lot more respect and consideration than we have seen to date. The sneakiness with which you have been doing this only confirms what the FTC is suggesting, that many users, if not most of them, would not agree to be so used. Apparently, someone must step in, since you won't be up front about the terms of the deal,

Re:blast

[DJRumpy]

Google is a data miner. Although I know they collect information, I also use their services for free. I understand it's a trade of services for something of value, so I'm not totally opposed to it, although it does give me pause when I use google to search and I have a google account. Although it's easy to claim they don't tie my account info to my searches, It would be a goldmine (literally) if they did so. I find it hard to believe they aren't collecting more than I'm aware of. I applaud this intent by the FTC. After all, Google will still have billions who never install such a plugin, or turn such a feature to exclude them from data mining on in their browser.

I don't want no stinking toolbar to help me out... F those data miners!

With the right addon...

[Danieljury3]

You can stop trackers if you use Firefox. I use Ghostery but you could also use No script and block everything.

Re:With the right addon...

[similar_name]

What about tracking the IP? I use Linux and my roommate uses Windows. I have had to search for drivers and technical information many many times for Linux. One weekend I reinstalled Windows for my roommate. On a fresh install under Windows I began to search for drivers. Google's results kept taking me to sites for Linux drivers.

Re:With the right addon...

[lavagolemking]

Isn't that what AdBlock Plus is for?

Re:With the right addon...

[sexconker]

You can stop trackers if you use Firefox. I use Ghostery but you could also use No script and block everything.

Unfortunately, people want sites to function.
Standard practice with No Script is:

10: Notice blocked items
20: Click No Script icon
30: Click "Temporarily allow all this page"
40: If page works, GOTO 60
50: GOTO 10
60: Success

Re:With the right addon...

[the_womble]

Most pages work OK.

Depends what sort of sites you visit.

Re:With the right addon...

[ILuvRamen]

I'd use noscript but I want the internet to work. Seriously, I like protection and stuff but that thing is overkill. blacklist-based ad blockers are a million times better and a billion times less annoying.
Plus, don't you think that the people wise enough to use this opt out option are also the type that never ever ever read or click on anything in a web ad anywhere ever? And the people too lazy or gnerally unwise or lacking internet knowledge are the types that click on ads all the time. So what do they care if there's a universal opt out?

Re:With the right addon...

[RandomFactor]

I'd use noscript but I want the internet to work. Seriously, I like protection and stuff but that thing is overkill. blacklist-based ad blockers are a million times better and a billion times less annoying.

I use noscript because I want my machine to keep working. The time cost of allowing specific sites as needed is more than offset by the time savings in general internet speed and not dealing with the ramifications of getting nailed by the latest drive by rootkit.

I fully understand that this is less of an issue in Linux and Mac environments, but I still primarily live in a Windows world. Firefox and NoScript is (imo) a no brainer there.

Re:With the right addon...

[improfane]

Highly recommend RequestPolicy.

An orgy of data

[Itninja]

If you can't fight it, exploit it. I have actually gotten some pretty cool (free) stuff by misrepresenting myself to various sites online (up to the legal limit, of course).Everything from free Amazon gift cards, to free electronics. I even got a free mobile phone (with service paid for 6 months) once because I claimed I had a business with over 100 employees and that I made over $100K yearly (that was back in 1998 when phones were pricier and I only made about 1/3 of that). Free magazine subscriptions, free enterprise web hosting, free lawnmowers, it's all there for the taking for those willing to game the game.

Re:An orgy of data

[bipbop]

Hey, I've got lots of domains, and I never get offers for $100 of free stamps. What's your secret, CEO of Mike Inc.? ;-)

Re:An orgy of data

[TubeSteak]

If you can't fight it, exploit it. I have actually gotten some pretty cool (free) stuff by misrepresenting myself to various sites online (up to the legal limit, of course).

There is no legal limit.
Theft by fraud is still theft even if they're giving things away for free.
Try googling for Theft by deception to read various State laws.

Re:An orgy of data

[Itninja]

According to the US Law definition, what I do is not theft and is not fraud. All I do it lie to marketing companies and get (completely unsolicited) giveaways from them; sometimes expensive ones. The ToD laws always specifically indicate something like this: "The term 'deception' does not include falsity...or statements unlikely to deceive ordinary persons in the group addressed". Those are the kind of statements I make. I never portray the info as if it were legit; only an automated and brainless process would see my info as anything but a joke.

For example, once I filled in a marketing form and put my name as "Dr. Octopus", my occupation as "Super Villain", my income as 'over $100K yearly', and my mailing address as "Snake Mountain (followed by my actual street address)". I used one of my 'spam-only' Hotmail accounts as the email address. In a few weeks I started getting a bunch of stuff addressed to 'Dr. Octopus' in the mail. I got free movie tickets from some company selling malpractice insurance. I got a $50 AMEX gift card encouraging me to sign up for a AMEX card. And, I started getting email with real coupons codes for discounts at several different retail sites.

All this and, apparently, not a single human ever even read what I had put down on the form (except for some data-entry person, who probably didn't care).

Opt-out is a cop-out!

[Jane+Q.+Public]

Opt-out is better than nothing, but it's a pansy-assed attempt to keep industry "involved". Opt-in is really the only logical solution to privacy issues.

Re:Opt-out is a cop-out!

[hedwards]

Which the industry hates because most people would never know to opt-in, or really opt-out. Meaning that if it's opt out that's the status quo for most people.

Re:Opt-out is a cop-out!

[blair1q]

There's a solution for that:

http://slashdot.org/comments.pl?sid=1776316&cid=33469174

Re:Opt-out is a cop-out!

[sexconker]

Opt-out is better than nothing, but it's a pansy-assed attempt to keep industry "involved". Opt-in is really the only logical solution to privacy issues.

I'm a big proponent of "opt-away" myself.

I don't like giving information out, so I minimize it. If some site wants to track me in some non-trivial way, I stop using the site.

Re:Opt-out is a cop-out!

[compro01]

If some site wants to track me in some non-trivial way, I stop using the site.

And when it becomes "industry standard", what then?

Re:Opt-out is a cop-out!

[TubeSteak]

And when it becomes "industry standard", what then?

Which is pretty much what DoubleClick and Google Analytics have become.
They are everywhere

Re:Opt-out is a cop-out!

[rts008]

If some site wants to track me in some non-trivial way, I stop using the site.

And when it becomes "industry standard", what then?

Then I/we[1] will continue to use Firefox* with the 'better privacy, noscript, and adblock+ extensions(for some,also throw in flashblock); they are your friend!
*(or something similar: Opera, Chrome or Chromium, Iceweasel, Konqueror, etc., that have equivalent capabilities)

When that doesn't work, or 'breaks' most of the internet, then we'll go back to pre-internet PC[2] usage...but I doubt it would come to that.
There are too many examples in the whole of human history to leave out the possibility, nay, the certainty of several or many hackers and crackers finding and sharing the 'hacks' and work-arounds to still connect for the interested.

According [to /. deductive reasoning] to your user name and UID, you should know this already; if not by profession/training/experience, then by 'osmosis' from the /. collective pool...Wake Up!

[1] For those that are concerned/interested
[2]a. I'm old school: PC means Personal Computer.
      b. 'Politically Correct' is worse than 'Military Intelligence' as an oxymoron. There is nothing 'correct about politics now days!
      c. PC vs. Mac? both are PC's in my book,[see a.] and GNU/Linux should be included. Well, if it's running on a PC(x86) compatible architecture, that is.

Re:Opt-out is a cop-out!

[maxwell+demon]

Then stop "using" them. Just block any access to those sites. Their domains are easy enough to detect.

Re:blast

[hedwards]

Indeed, it really depends on how it's being done. It's one thing to restrict such monitoring to the time that you're on their site, and possibly where you go via links and how you get there, but going any further than that is dubious at best. As far as I'm concerned it's fair game for them to mine their own site, provided of course that there's adequate warning and an option to opt out, presumably leaving the site.

Very Muddy Waters

[Swanktastic]

It's hard to be objective about whether to want to protect my privacy or not given I have zero idea of what Google's profile of me looks like. I imagine everyone has some threshold level where they say "Enough is enough, I'm not willing to sacrifice THAT info for free services." I would guess we all probably fall into two camps- either dramatically underestimating or dramatically overestimating the level of information stored in the profile. Without better specifics in the hands of the populace about the level of personal details, it doesn't seem to me that a fair level of regulation can possibly be drafted by public officials.

Re:Very Muddy Waters

[Kirijini]

I would guess we all probably fall into two camps- either dramatically underestimating or dramatically overestimating the level of information stored in the profile. Without better specifics in the hands of the populace about the level of personal details, it doesn't seem to me that a fair level of regulation can possibly be drafted by public officials.

Yes.

An easy regulation that doesn't require google or other online businesses to change their business model (much) would be to simply require them to release all collected data on a user to that user on request (while also making sure that the information is provided securely and confidentially). Attach some kind of civil (rather than criminal, which would probably go to far) penalty, and allow users to sue, either as a class action, or individually. This scheme wouldn't prevent Google from collecting data, but would allow users to understand what data they're giving over, and what kind of uses it can be put to. Google already has the privacy dashboard, but I'm thinking much more granular stuff, including, as others have pointed out, what data about you is collected from your email contacts, etc.

Then, users have the real potential to understand whether or not they want to use the service. It also encourages businesses not to abuse their gathered data. Thus, the market could possibly self-regulate to meet the that magical equilibrium where all parties are as close as possible to maximizing utility. Either no further regulation would be necessary, or the regulation would at least be better informed and more likely to be efficient

Re:Very Muddy Waters

I would guess we all probably fall into two camps- either dramatically underestimating or dramatically overestimating the level of information stored in the profile.

There's a lot of data stored, but I imagine it would be completely uninteresting to look at. You can see a summary of it here: https://www.google.com/dashboard/

Google looks at all sorts of information about you personally, but when it comes down to it, it all just ends up as a bunch of meaningless (except to computers) numbers used to classify your preferences so they can show you better search results, or ads which you'll like better than non-targeted ads (and if you like them better, you're more likely to click on them). There isn't some grand evil privacy-invading plot with a Googler specifically looking at your profile and laughing about what you clicked on. The data they have about you is used specifically so you like their product more.

Further than that, they use data in aggregate rather than on a personal level for all sorts of other things, but normally, people are fine with aggregated data.

Re:Very Muddy Waters

It's hard to be objective about whether to want to protect my privacy or not given I have zero idea of what Google's profile of me looks like.

You might want to look at Google Ads Preferences: http://www.google.com/ads/preferences/

It gives you insight into your profile, lets you opt out, and also provides a browser-based tool to allow that opt-out to persist after you clear your cookies.

Re:Very Muddy Waters

[ginsudo]

check out Bynamite - shows you what advertisers think you like - http://bynamite.com/

Re:Very Muddy Waters

[kumanopuusan]

require them to release all collected data on a user to that user on request (while also making sure that the information is provided securely and confidentially)

I believe I understand the theoretical basis of your proposal, which seems to be that consumers require perfect information to make correct decisions. That seems reasonable.

However, businesses like Google typically have policies forbidding the release of any information to anyone outside the company, with some exceptions. What's more, most user information is probably already somewhat anonymized (For example, there's no need to store specific user information when calculating term frequencies or click-through rates.) and stored in separate databases in different physical locations. Being able to provide user data on request requires the creation of a single, monolithic user database and software designed to retrieve all data related to a specific user and transmit it to a third party. Isn't that a huge leap in the wrong direction?

Providing only meta-data (in this case the scope of the data that is being collected) would be much safer. In database terms, this would mean publishing the definitions of tables that contain user information, but not making the actual user-specific data available. Users would typically know their own personal information anyway. The issue is that they don't know which information is being collected and stored.

Re:Very Muddy Waters

[silentcoder]

That's a start - but it could be better.

Require any company that does tracking to provide an application to any user which lists ALL information in the profile with a simple button that can delete any entry from it - and a delete all button as well.

This requires all of an hour's coding and one SQL statement in the background. It lets users choose what is tracked and trackable and clear any information they don't want tracked.

Then: some kind of system to prevent at least some deleted entries from being retracked later - perhaps you can't do that with keywords without ending up with storing it somewhere else for the user (which defeats the purpose) but you could at least classify information outside of that - e.g. known full names and such and if a user deletes such an entry mark it for "never collect this again".

Finally - make it compulsory that this delete action must also delete entries when backups are updated etc. Essentially the delete must be: permanent, non-reversible and complete.
Failure to delete as such would be fraud (a criminal offense already) - so conveniently we have no need for a new criminal law, simply a reasonable regulation that if a company collects information on you they should give you the opportunity to review this information and remove from it anything they don't want you to have.
The sheer scale of the internet and the user-base means that this is enough. You don't have to worry about an employee remembering the detail.

Re:blast

[Jane+Q.+Public]

Wrong! You are confusing just plain advertising with "behavior tracking".

I have no problem with advertising, Google's or anyone else's. You can still visit websites that advertise. It's the TRACKING that is at issue here.

It's not either/or. Companies can (and have for hundreds of years now) advertise without user tracking. Besides, poll after poll have shown that most people do not want "targeted" advertising anyway!

Re:blast

[Jane+Q.+Public]

To clarify, this is what I meant was "wrong":

"I understand it's a trade of services for something of value, so I'm not totally opposed to it"

Trading service for advertising is one thing. Trading service for privacy is quite another.

How's this different from a do-not-call list?

[lavagolemking]

Advertisers didn't like the idea of a do-not-call list to restrict telemarketers from calling/harassing consumers who didn't want to be bothered either, but people are still pretty happy with it. Now advertising companies are collecting (and even selling) a lot of personal data about consumers who don't even know such data exists, and advertisers are upset that the government might give them a way to opt out of their system. How is this any different? Also, I know this isn't how things are done in Washington, but in a democracy shouldn't the government be answering to its concerned citizens instead of just focusing on what makes things easy/profitable/convenient/one-sided for large corporations?

Re:How's this different from a do-not-call list?

[Wingman+5]

Actually for some state, county, and city laws they are passed democratically for a famous example see http://en.wikipedia.org/wiki/California_Proposition_8_(2008)

Re:How's this different from a do-not-call list?

[Sulphur]

If by taking up arms you mean voting them out.

Re:How's this different from a do-not-call list?

[theaceoffire]

My older employer loved it.

They were telemarketers... technically "Non-Profit", although 95% of the donated money went to overhead.

^_^ And yes, we are allowed to call the Do Not Call List.

//Would not be surprised if that is where we get our call list

Re:blast

[vux984]

Google is a data miner. Although I know they collect information, I also use their services for free.

Their search service and their map service are the only services I use. I am presented their sponsored links in exchange for both. They don't require more than that.

Although it's easy to claim they don't tie my account info to my searches,

Where did they ever claim that? I fully expect they can and do tie your account to your web searches to whatever browsing information their ad tracking cookies report back to your usage of google maps to whatever the umpteen million 3rd party sites using google analytics on the backend give them.

And that's before talking about their image face tagging, youtube efforts, or harvesting your social network through your email contacts and their attempts to expand on that via google talk, and voice... and wave... not to mention the google toolbars...

Hell, even if you don't have a gmail account, they can construct a pretty good social network on an awful LOT of people just based on the gmail users who have you in their contact lists...

Don't accept cookies?

[ynohoo]

I only accept cookies from sites I trust. Yes this sometimes causes problems on untrusted sites - which gives me further reason to not trust them! If a web designer does not anticipate "no cookie" users, their intention is to give your privacy a good shafting.

Criminalizing mistakes

[blair1q]

I'm not sure what that means in this context.

If I tell you not to put any cookies on my machine, then DON'T.

And don't sneak around to other websites to find my IP address, either.

Just forget I ever visit more than one site.

No mistake about that.

Re:blast

[sexconker]

Although it's easy to claim they don't tie my account info to my searches, It would be a goldmine (literally) if they did so.

Literally.

Stop Following Me Around, Club Med

[speedlaw]

I got a taste of this when I went looking online for vacations. I saw "club med" ads on every page I went to for a good two weeks. It got really creepy after a while. I went away but NOT to Club Med.

Re:Stop Following Me Around, Club Med

[pedantic+bore]

Hmm. Swedish fish have been following me around for a week or so.

What about OFFLINE advertising?

[dave562]

I'm all for the FTC cracking down on online advertising and tracking. Who are we kidding though? Have you seen some of the stuff that happens offline? Has anyone taken a look at what Nielsen is up to? They have insane levels of demographic data available on EVERYONE. Every single one of us has already been pigeon holed and stereotyped based on our buying habits, where we live, what kind of car we drive, etc.

Take a look at this.

http://en-us.nielsen.com/content/nielsen/en_us/product_families/nielsen_claritas/prizm.html

Emphasis mine.

"PRIZM defines every U.S. household in terms of 66 demographically and behaviorally distinct types, or "segments," to help marketers discern consumer behavior: their likes, dislikes, lifestyles, purchase behaviors and media preferences. Used by thousands of marketers within Fortune 500 companies, PRIZM provides the "lingua franca" for marketing in an increasingly diverse and complex American marketplace. Because PRIZM is linked to the surveys and panels of most major marketing databases in the U.S., the segmentation system enables you to target on virtually any purchase and media behavior."

Re:blast

[DJRumpy]

That is my point. If Google ties my searches to targeted advertising, then it's a form of data mining being sold for-profit to advertisers interested in what I'm interested in. I actually don't mind targeted ads as I simply block all of them anyway, but I do have privacy concerns that at some point they may tie my search to the 'ME' identity of my iGoogle account.

Wrong! You are confusing just plain advertising with "behavior tracking".

Re:blast

[hairyfeet]

And the truly sad part? If they were to just allow Opt In while offering a free goodie they'd get 90% of the population to opt in without a fuss. All someone like Amazon or Google or MSFT would have to do is say something like "Hey, if you allow us to collect this data so we can make a better shopping experience for everybody, we'll give you 10% off your next order!"

Hell not only would they get everyone and his dog to opt in and end this mess, but their sales would probably spike for a good three months afterward. It always amazes me when corps will do the stupid thing like in TFA when a little simple bullshit will get them what they want AND let those that want privacy have it.

How would a Do-Not-Track system work?

[scdeimos]

I'm all for the FTC/government cracking down on behavioural tracking, but how would such a system work and how could it even be policed?

In the case of the Do-Not-Call system:

• Individuals must register their telephone number with the government (in Australia, at least, you have to repeat this registration every 12 months)
• The government then exports the list to the advertisers/marketers on a regular basis.
• Advertisers/marketers are expected to integrate the list with their systems and honour its content.
• If advertisers/marketers call a number on the Do-Not-Call list it's still up to the individual to complain to the government about it, and the government is expected to pounce on the advertiser/marketer if the number was registered more than 30 days ago.

How would such a system translate to the web? (And I say the web as opposed to the internet as a whole, since the web seems to be where the battlefront is at the moment.)

Possiblities:

• Individuals have to register their IP addresses: fails because of dynamic IP address assignment at most ISP's.
• Individuals have to create a special Cookie: fails because Cookies are only sent to their origin domain - you can't set one for *.com, *.edu, etc.
• Special "X-Do-Not-Track: Yes" HTTP header: this could work but may be stripped by certain proxy servers enroute, rendering it useless. All browsers would have to be updated to include a UI preference that turns this on and off as well.

What about enforcement? How can you tell if someone is tracking you? How can you provably report it to the government so that they can do something about it?

Unfortunately it sounds like a bit of a pipe dream to me.

Re:How would a Do-Not-Track system work?

It's so simple: no cross-site anything, period, all content displayed must be local to that site only.

That means no cross-site CSS, no clear gifs/beacons from any other site, scripts cannot pull any content from other sites, if a domain owner has ownership over more than one domain then their site on one domain cannot pull content from another of their domains. Whatever else, if it comes from another site it must be clearly linked to that site, but that content cannot be pulled, included, or otherwise force-downloaded to the user without their specific action to access that other site content.

But, but... what if an ad provider wants to serve an ad? Instead of site A pulling from ad-server B, the ad provider provides the full copy of the ad to be hosted on site A only. If and only if the ad is clicked on from within site A, and then only after a clear warning that clicking on the ad will go to another site B has been confirmed, only then can the advertiser do all their click-through and tracking stuff since the intent was clear to navigate away from site A to site B.

Same goes for the widgets, instead of pulling from the widget provider's site, the widget provider will have to provide a way for those widgets to be hosted local to the site that is using those widgets.

I am surprised something like this is not already a law, and yet it is not, how stupid is that?

Re:How would a Do-Not-Track system work?

[uigrad_2000]

Unfortunately it sounds like a bit of a pipe dream to me.

Unfortunately, it's far worse than that. We've all heard the phrase "When they outlaw xxxx, only outlaws will have xxxx". And of course, that exact logic applies here. Even once yahoo and google spend millions to comply with whatever craptastic regulation Washington makes, all the non-legit sites will continue to do whatever they feel like doing, and the average individual browsing the web will be just vulnerable as before.

For people concerned with being tracked, relying on the government for safety while browsing seedy sites is like counting on your life insurance policy to protect you while swimming with sharks. The only way to really protect yourself is to learn how tracking systems work, and implement your own safety. In this case, it's pretty easy, just turn off cookies...lol.

Re:How would a Do-Not-Track system work?

[drcheap]

The only way to really protect yourself is to learn how tracking systems work, and implement your own safety. In this case, it's pretty easy, just turn off cookies...lol.

Yes, just turn them off, breaking legit functionality of many sites you frequent.

It's okay though, because your healthy, no-cookie diet still won't make you thin because there is the cake that is being secretly injected right into your stomach .

Am I alone when I say I don't mind it?

[mykos]

This is the least of my privacy concerns on the internet. Seeing ads for things I'm interested in is better than seeing ads for things I'm not interested in, right?

I'd certainly change my mind in some unspeakable horror was revealed, but my default stance is not to hang too much importance on it.

Re:Am I alone when I say I don't mind it?

[Sarten-X]

Not alone at all. So what if the advertisers track me? If I'm doing something I don't want to be connected to me, I can use Tor and a different browser, and consider myself sufficiently clear. Any ties to my normal habits will be sufficiently remote to not greatly affect my normal experience.

I, for one, welcome tracking and targeted advertising. As a true example, I recently realized that an uncomfortable number of my family games ended in arguments because of certain players screwing over other certain players. Not being much into non-video games, I started looking for things like "player-vs-world games" and "games like dungeons and dragons" (since that's the only not-usually-player-vs-player game I knew). After a few rounds of fruitless searches, a targeted ad showed me the magic term "cooperative game", and helped me in my quest.

Targeted ads aren't any different from having a friend who tells you about every new thing they try that they think you'll like. Yeah, they're a little creepy at times, but once in a while they're useful. I think that's worth having someone know that I'm looking for a new game.

Re:Am I alone when I say I don't mind it?

[jpapon]

I agree completely. Besides, it's just a good practice to assume that anything you do involving the interwebz is tracked and stored. If I'm up to shenanigans, or I need my activities to be secure, I make sure they're anonymous/secure to the best of my abilities. The Internet is a public arena, I find the claim that you should be anonymous all the time dubious at best. Besides, from my experience, anonymity tends to bring out the worst in people.

Re:blast

[beakerMeep]

I think there is also a distinction made between targeting via aggregate groups, ie "those that have visited gaming sites" versus keeping perpetual specific data on an individual. Google *I think* leans more towards the aggregate, but the more ways you think of to target, the more specific info you will want to see, so that you can determine if the person matches the aggregate target. This is why retention plays a big role in Google's privacy policies.

Still, I'm sure they gobble a ton of data, and I know despite promises of erasing certain things (IP address after 6 months* for instance), the question also becomes do they retain that label they made for you such as "this person is a gamer, we don't have his website history to prove it but we previously have reports of his gaming interests." I'm kinda oversimplifying but the creepy stuff goes way beyond this too. Look at the credit reporting companies like Experian as some of the scary/invasive data miners.

*not sure if it's six months, just used number as a ballpark example

Re:blast

[DJRumpy]

It's in the Google privacy policy:

When you search at Google, information is recorded along with the search conducted, such as the time of day, browser type you used, your internet address and an anonymous user ID provided by our cookie.

Personal information, such as your name or email address, is not recorded. Google does not require such information to be provided in order to search the web. It may be collected if you use other Google services, such as Google Groups. However, no personal information collected is ever linked with the anonymous ID assigned to your search requests.

Google never provides search histories to third parties, unless required to by law. In these cases, the search histories provided carry no personal information about you.

My concern is one day they may start linking my Google accounts to my searches such as my iGoogle account.

Equality

[b4upoo]

As long as individuals have the same right to spy as companies I have no issue at all with data collection. It is only when government of groups with privilege have powers that the public does not that there is a problem.

Re:blast

[vux984]

This is the privacy policy I see for Google.

http://www.google.ca/intl/en/privacypolicy.html

The quotes you provided are NOT in it. And it says things that weasel around those quotes if you ask me. Please clarify.

My concern is one day they may start linking my Google accounts to my searches such as my iGoogle account.

Its called "Personalized Search" or "Web History" its been around for years. Not too long ago they expanded it to make it an opt-out service, instead of opt-in... you probably already 'use it'. Ooops.

http://searchengineland.com/google-now-personalizes-everyones-search-results-31195

Enjoy.

Firefox Addons Already Provide Customized Blocking

[CodeBuster]

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

Re:blast

[DJRumpy]

I wasn't aware they had updated the policy. I just opted back out of the web history and deleted any existing history that was there. This is exactly the sort of thing I don't want to participate in.

If anyone else is curious, you can find out how here:

http://www.google.ca/support/accounts/bin/answer.py?hl=en&answer=54052

Re:Firefox Addons Already Provide Customized Block

[arkenian]

but if you are logging in with a named account then you probably already knew that.

Which is an interesting point. As the web has more and more 'big players' how often are people 'logged in' without really paying attention to the fact because they're logged in for a different function and forget that the two functions are connected?

I'm embarassed to admit that I'd forgotten how often I'm logged into gmail in another tab while using google search...

Re:Firefox Addons Already Provide Customized Block

[CodeBuster]

I'm embarassed to admit that I'd forgotten how often I'm logged into gmail in another tab while using google search...

The precise source of said embarrassment is left up to the imagination of the reader...

Re:blast

[kelltic]

Oh hell no, Google rapes you every which way from Sunday! And they want more! Just wait for the Verizon Google gaggle to gain momentum. Seriously people, how deep does a d!ck need to be in your arse before you can feel it? Quit bending over so easily for the likes of Google and wake up!

Re:blast

[tomhudson]

Trading service for advertising is one thing. Trading service for privacy is quite another.

I'd go further, Trading service for invasion of privacy is quite another.

There's a concept called "anonymity of the crowd" - that you have a reasonable expectation to be able to just blend into the crowd in public. Nobody has a right to start following you around and tracking what you're doing just because you're in public - we call it "stalking." So why should it be tolerated on the Internet?

The worst part is that advertisers see social media as giving them even more insight into peoples private and semi-private lives.

Re:blast

[rHBa]

Didn't you know that if you tie enough Google accounts to searches in really tight latices you can make a great pan that will sift gold like no other...

Re:Firefox Addons Already Provide Customized Block

[whitesea]

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I also use TACO. Why do we need government action, when all the tools are already here?

Re:blast

[StripedCow]

they should do just the opposite...

then watch how fast people will switch to privacy-secure technology

Re:blast

[digitig]

If most people don't want any advertising then most people don't want targeted advertising.

And you do realise that it's because they've identified you as a techie that they're targeting you with all those viagra ads, don't you?

Re:Firefox Addons Already Provide Customized Block

[Endosynth7]

Another useful tool is ghostery http://www.ghostery.com/

Re:Firefox Addons Already Provide Customized Block

[assantisz]

I am confused about the FTC requiring opt-out tools. They already exist. You can go to the Network Advertising Initiative's website and opt-out. Sure, only members of this organization will recognize the opt-out cookie but most advertising and tracking services are members of the NAI. Then there are tools as OP mentioned. I'd like to add Bynamite as well.

Re:blast

[mrchaotica]

Although it's easy to claim they don't tie my account info to my searches, It would be a goldmine (literally) if they did so.

You keep using that word. I do not think it means what you think it means.