Privacy Option Proposed To Control Behavioral Ads

techinsider sends this quote from Security Week: "A group of media and marketing trade associations, with support from the Council of Better Business Bureaus, today announced the details of a self-regulatory program designed to give consumers enhanced control over the collection and use of data regarding their Web viewing for online behavioral advertising purposes. The program promotes the use of the 'Advertising Option Icon' and accompanying language, to be displayed within or near online advertisements or on Web pages where data is collected and used for behavioral advertising. The Advertising Option Icon indicates a company's use of online behavioral advertising and adherence to the Principles guiding the program. Similar to a Web site’s privacy policy, consumers will be able to link to a clear disclosure statement regarding the company's online behavioral advertising data collection and use practices as well as an easy-to-use opt-out option."

I would take a wild guess that

[hsmith]

The ones that let you opt our aren't the ones you need to worry most about...

Re:I would take a wild guess that

[prograde]

I'm reminded of the 'evil' bit.

Re:I would take a wild guess that

[KiloByte]

We learned it damn well that opting out means just "hey, there's someone who not only doesn't have ads blocked but also doesn't ignore them!". In other words, you can be damn sure other sites in that advertising network will try to advertise to you more aggressively.

Re:I would take a wild guess that

[Mathinker]

Funny, I have them opted out and blocked (more or less --- I never enable third-party advertising domains in NoScript). Does that mean I'm managing to waste even more of their resources than ordinary blockers?

Re:I would take a wild guess that

[spazdor]

I think it's almost time that we start looking at and designing GUIs the way we look at firewalls. Which apps have a legitimate need to receive which UI events? Does an app really have a right to know where the mouse is, or even whether its window happens to be minimized at the moment?

There are definitely some apps which would behave much better on my desktop if I could put a 'default drop all inbound' policy on them and just enable specific input events.

Re:I would take a wild guess that

[Runaway1956]

The battle is lost. Lost long ago. In this article, they are discussing targeted behavioural advertising like it's "normal" and "acceptable". I guess there are only a few of us freaks left who object to being tracked all over the internet. Sorry - but it's NO ONE's business where I go, or what I look at, or what I click on. Thank all the nerds and the gods of anonymity for the blocking tools available on Firefox. I can browse the web, knowing that only the MOST determined, and somewhat sophisticated people can track my habits.

I would imagine

[symes]

that the sort of person who would be interested in schooling themselves in companies policies would also be the sort of person who is well aware of how best to block most of these behavioural ads. That said, anything, no matter how small, that reigns bad ads is to be welcomed.

Re:I would imagine

[catbutt]

I don't agree. They may be aware of how to block them, but maybe that isn't their choice -- if the site takes their wishes into consideration. Maybe they actually want to support the sites they view, in hopes that they sites will continue to care about having them as a visitor.

I see, on this page, a notice that says "As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable advertising." You know what I do in response? I let them show me ads. Because I like slashdot. I don't want it to start to become targeted at the audience that is not tech-savvy enough to know how to install an ad blocker -- I want it to be targeted at people like me.

Re:I would imagine

In a down economy, advertisers might be wondering if it's really worth the money, if people are even noticing the ads on a particular web site.

What better way to reassure them than to run an advertising effectiveness survey in disguise like this. Your not clicking that checkbox when eligible is actually hurting Slashdot, not helping.

Abuse

[Scutter]

I'm sure this won't be abused at all by the more unscrupulous types of advertisers. You know, those who get paid by the click or the ones trying to distribute malware.

Re:Abuse

[vlm]

I'm sure this won't be abused at all by the more unscrupulous types of advertisers. You know, those who get paid by the click or the ones trying to distribute malware.

"abused"? That might literally be the only time these things are actually used, at all...

Re:Abuse

[dkleinsc]

Sure, this will be abused by the most unscrupulous types of advertisers. They're unscrupulous for a reason.

However, like the wildly popular Do Not Call registry and a voluntary program for direct mail, these do reduce the annoyance level a bit, because there are advertisers with scruples. The equivalent in the world of phone marketing is that the almost nightly "Do you want to change your long distance carrier?" calls have been replaced by maybe monthly calls from "Cardholder Services" and other obvious scam artists. While not perfect, it's definitely an improvement.

Re:Abuse

However, like the wildly popular Do Not Call registry and a voluntary program for direct mail, these do reduce the annoyance level a bit, because there are advertisers with scruples.

I've more or less been forced to conclude that anybody still calling me here in Canada (we have slightly different rules) is either fraudulent, too stupid to look up the registry, or has been given an exemption (ie they're a charity or something). I even see a lot of bogus caller IDs -- a very high percentage of them actually.

Being on the Do Not Call registry mean that any telemarketer who gets through (and they do) gets a very rude and abrupt "fuck the hell off". As a deterrent to calling me, the registry serves no purpose. Profanity seems to at least put them off their game.

My problem is, there's so many fraudulent callers, I'm forced to conclude that they all are since I have no real way of knowing. So, every telemarketer who calls is presumed to be a lying sack of shit ... it makes the decision tree much shorter. They probably are.

Re:Abuse

[hedwards]

Indeed, here in the US, they've made exceptions for all the people that we really don't want to hear from, ie., politicians. During election season it's terrible. 7 or 8 calls a day, frequently from a robocaller. Charities aren't quite as bad, but still they call frequently enough as to be an annoyance.

Re:Abuse

[vlm]

However, like the wildly popular Do Not Call registry and a voluntary program for direct mail, these do reduce the annoyance level a bit, because there are advertisers with scruples. The equivalent in the world of phone marketing is that the almost nightly "Do you want to change your long distance carrier?" calls have been replaced by maybe monthly calls from "Cardholder Services" and other obvious scam artists. While not perfect, it's definitely an improvement.

Terrible analogy. What you're proposing is much more like giving your CC information to the "cardholder services" scammers, and if it turns out they're legit, they'll leave you alone.

TRUSTe all over again?

[mlts]

Didn't we go through this before with the TRUSTe logo of showing if the site only used the information in-house versus sharing with others?

This just seems like more feel good PR fluff, like the P3P stuff about a decade ago. We don't need more "assurances" about privacy. We need the data not to be collected in the first place. No Flash shared objects. No shared objects in Quicktime or other add-ons. No using tricks in a browser to "personalize/individualize" content.

Re:TRUSTe all over again?

yes, and it the same attorney who has been doing this for years. he has been representing the DMA for decades. Every time there are proposed regulations they form a new org that does nothing. Like TRUSTe, complaints will be useless and they will never take action against their members (who pay the bills!)

Re:TRUSTe all over again?

[Monkeedude1212]

I agree. I think if anyone wants information from me they should have to ask me for it. They should not be able to collect any more information on me anymore than I should be able to collect information on whoever is interested and using the data. And if that's an advertising firm with 200+ employees than I want the browsing habits of all 200+ employees. I'd probably settle for just the CEO. Just a simple exchange of information, right? No different than sharing our names. But like I said earlier, they should have to ask, and I should have the right to refuse. Simple as that. Why should browsing habits be considered any less private than how I put on my pants in the morning, yet if someone wanted to sit outside my window and take readings on that - I could get them arrested.

Re:TRUSTe all over again?

[catbutt]

Oh, and while were at it, we need everyone on the planet to behave unselfishly. Yes, we need that, we won't accept anything less!! [stamps feet]

Would also be nice if cotton candy rained from the sky. But that last one is probably a lot to ask. Let's just go with the "everyone be unselfish" thing.

Thank you.

Re:TRUSTe all over again?

[mlts]

Expectations of privacy. Ad companies want people to think that anything on the Web is public for any to see. This way, in court cases, the judge just finds the ad company not guilty because the plaintiff has no reasonable expectation of privacy on the Web, as per what other people think.

The only good thing is that there are so many sheep out there that ad companies are not reacting to people who use AdBlock or other means of security. However, I'm sure it will only be a matter of time before most sites become like Hulu and offer anything other than a "Go away" message on the front page. Of course, the next step will be add-ons or Greasemonkey scripts that fake cookies and identifying info, and the arms race will go on.

Time to register your copy of sandboxie and VMWare Workstation. I'm sure we will get more pretty feel good crap like this coupled with more invasive shared objects stored by add-ons in our future.

Re:TRUSTe all over again?

[zeropointburn]

While I do agree with you in spirit, there is a problem. You put your pants on in your own private property. You search Google by using a semi-public service. Instead of comparing it to how you put your pants on, compare it to someone watching and noting which parking spots you prefer at the supermarket or at work. Creepy but not illegal.
  Sometimes the information is used for statistical purposes (people from 9 county prefer the east side of the lot, 22 county prefers the west side). For targeted ads, it's more like having a free parking space downtown, provided you give your name, address, and license plate number. Then they take that and say 'hey, Bob likes to park downtown on Wednesdays, so I'll print up a few flyers with his name and leave them with the attendant to deliver when he gets there.' Then they take the next step and start charging the local shops, as well as exchanging info. Now they can say 'hey, Bob's probably coming back this Wednesday to stop in at the hardware store and the theatre, so I'll print up ads with his name on it for those stores.'
  As with many great ideas, this is very easy to misuse. If I work for the parking lot, I know Bob will be at the theatre for two hours once a week, so I know exactly when to ransack his car. If I've bought this behavioral information, now I know when Bob is away from home and where he is at certain times. Now it's getting pretty creepy. From an advertiser's perspective, I can harm them by buying the info and placing my own flyers under his window with better offers. If I'm an unscrupulous advertiser, now I know where bob lives and I can junk-mail and flyer him unto a psychotic break.

  To get away from that rampantly over-developed example, let's consider what could be done. If the major players were to offer a search engine that specifically advertised privacy, would you or I bother to use it? It would be a nice step but probably an empty gesture if it came to a court case. Some government org could try to regulate or legislate, make a mess of it, and make it both easier for scams and harder for legitimate advertisers. An industry group could form and try to self-regulate, which is what we see here. Individual users could use the tools available (like firefox and noscript), while the less tech-savvy get bombarded to make up the lost clicks. This already happens. What could possibly be done to stop the avalanche while still making it possible to run an ad-supported site? It is similar to the email spam problem in many ways, and while progress is made against both crapfests, it will never really go away.

Re:TRUSTe all over again?

[natehoy]

I'm a pilot. Give me a clear stretch of unpopulated land in uncontrolled airspace and a few bucks for some special equipment and I could undoubtedly make it rain cotton candy.

Changing human nature? Sorry, there's only one entity I've heard of that could possibly manage that, and he flies at somewhat higher altitudes than I do. I also strongly suspect he's a work of fiction.

Re:TRUSTe all over again?

[marcobat]

While i agree with you, looking from another perspective there could be a old man sitting on a chair just in front of his house, he spends his time looking at the people passing by. Noting the time, the recurrence, the way they are dressed, who do they walk by with, etc... He could infer a great lot of information about them. He never asked them for the permission to look at them or to gather information about them, but should he? Is this information theirs or his? Maybe both? I don't have a solution but I think the problem is that i (like you probably) don't trust what these company are going to do with the information they gather. I have the intuition (i say intuition because i can't pinpoint the reasons) that the amount of information collected and interpreted corresponds to the amount of power that company will have and i'm not happy to give it away that way... But the problem is not only one of personal privacy, it is one of social privacy.

Re:TRUSTe all over again?

[hedwards]

There isn't really a problem. There isn't a realistic expectation of privacy in public mainly because by default it's a public place. There's other people there that can see you, so obviously there's not going to be any privacy.

Online is a bit trickier, but it's largely private, people don't know where the data is going between them and the server, but those parties in the middle shouldn't be allowed to collect data beyond what's necessary to keep their infrastructure running. And definitely no personal information.

Ads are more like stalking than they are like other people in a public space. While you don't have any right to privacy in a public area, it is still illegal to follow people around and make note of where they're going without consent. Generally it comes under stalking prohibitions.

Re:TRUSTe all over again?

[Monkeedude1212]

Sometimes the information is used for statistical purposes (people from 9 county prefer the east side of the lot, 22 county prefers the west side). For targeted ads, it's more like having a free parking space downtown, provided you give your name, address, and license plate number. Then they take that and say 'hey, Bob likes to park downtown on Wednesdays, so I'll print up a few flyers with his name and leave them with the attendant to deliver when he gets there.' Then they take the next step and start charging the local shops, as well as exchanging info.

And THIS is where it should be illegal. I have no issues with Google collecting my information and using it for their advertising purposes because thats basically what I signed onto when I signed up for their services. If I don't like it, there is competition. I don't think of the internet as a strictly public space - I can't just wander around it like a park, anytime I do my ISP calls up and goes "WHAT ARE YOU DOING? Port Scanning our Equipment is against the TOS" or some racket like that. Those kinds of security measures in place for good reason. So the information I give to advertisers is not "publicly free" information. It is privately between me and the company the Ad is for. The advertisers can statistically see how many people are hitting the ads but they shouldn't be able to determin who. If they want to determin who they should have to ask us first. If we give them that information they should not be able to sell it to whoever, without my express permission. If I give my phone number to a friend and he goes and writes it on every bathroom stall in the city telling people to call me for a good time, there are actually laws in place that I can use, under some form of harassment.

Re:TRUSTe all over again?

[mlts]

This is only going to get worse. Even if the website has a privacy guarantee, there are plenty of other parties that can steal private info and sling ads with potential browser exploits:

The ad serving company. If it pays them to have blackhats put on exploits randomly, they will do it, assuming they don't get caught.

Ad clients who have their own servers.

ISPs using Phorm-esque MITM appliances to modify the connection in flight. This is a very lucrative thing for ISPs, because they can not just replace ads, but capture click-throughs and other data. And since there are zero laws preventing this, queries that were typed in on one webpage can be redirected to another.

Moral: A legal solution won't be happening anytime soon.

Re:TRUSTe all over again?

[Chaonici]

a search engine that specifically advertised privacy

You mean like startpage, a search engine powered by Ixquick that doesn't record your IP address?

Re:TRUSTe all over again?

> I agree. I think if anyone wants information from me they should have to ask me for it.

Sorry, this is Slashdot, and we've already decided that Information Wants To Be Free.

Re:TRUSTe all over again?

[cjb658]

Meh, just use Tor

Re:TRUSTe all over again?

[Nethead]

I think if anyone wants information from me they should have to ask me for it.

But the protocol does ask you for it, and your computer answers. The solution is to train your computer to not give out the answers. There is no expectation of privacy when you freely answer nosy questions.

Devient behavior is the answer!

[Kenja]

Just generate a history of horrifically devient behavior and they'll take you out of the system out of sheer shame by association. Start by googling zucchini and lubrication.

Re:Devient behavior is the answer!

[vlm]

Just generate a history of horrifically devient behavior and they'll take you out of the system out of sheer shame by association. Start by googling zucchini and lubrication.

Marketing people are much dumber that us computer people, and generally don't even know it.

I tried something similar a decade ago with a relative and one of those "free dialup internet email" providers, you know, you fill out a questionnaire, they let you dial in for free for email and also spam the unholy hell out of you. They spammed her with the union of the sets of her interests, not the intersection of the sets of her interests.

You'll almost certainly end up with zucchini cookbooks, and ten cent off coupons for quarts of 5w30. Nothing nearly as interesting as you'd see on google images for the query.

Re:Devient behavior is the answer!

I need a -1 Buzzkill mod

I really don't care.

[chemicaldave]

If companies want to market ads to me based on my behavior then go for it. I wont click them anyway. Give me something that bans obnoxious (I don't need to explain what these are) ads.

Re:I really don't care.

[Bigbutt]

Agree. And because of such tracking, spam, malware, viruses, and other such cruft, I don't click on ads when I see them and generally don't see them due to adblock (occasionally one will pop up; literally). And noscript does help against the same payloads.

[John]

No thanks.

Signup to yet another site to opt out of giving info to all the other sites?

That sounds silly...

I'll just continue to block all the ads I see right off at the hosts file. 42,000+ lines and growing. I haven't seen an ad anywhere in months.

Re:No thanks.

[zeropointburn]

You must not use any sites that have been forced to host and embed ads because their readership blocks the advertisers. I would much rather be able to allow or deny ads not just by advertiser (doubleclick can burn in hell), but by site as well. Then I could block all the ads on various slashdot links while still allowing ads at sites I like. Wish someone would do that with adblock/noscript.

Re:No thanks.

[hedwards]

If they defaulted to opt-in tracking and refrained from those obnoxious flash ads, I'm sure there'd be quite a few more people that would be willing to watch the ads. But when ads purposely cover content randomly, crash the browser or track you without permission, that's pretty deserving of being blocked.

"Opt-out" indeed

[kheldan]

Because previous "opt-out" and "unsubscribe" schemes were always so reliable. Just look at how much spamming has been reduced by their use!

Re:"Opt-out" indeed

[wealthychef]

Yes, I can always rely on marketers to honor the "opt-out" feature. And it's always so easy to find and use! This is an obvious fraud designed to avoid pending legislation of some sort. It's a dishonest attempt to appear to honor people's privacy. Only Opt-In truly honors my privacy. My data is MINE.

Re:"Opt-out" indeed

The opt-out option is very easy to find. In your e-mail client it says something along the lines of "filter messages like these", and for your web browser it's called Adblock Plus.

Re:"Opt-out" indeed

[catbutt]

How do you know how much it has been reduced? Do you know how different the world would be, here in 2010, if they weren't in existence?

All I know is that 99% of the mass emails that actually reach my inbox have an easy to use unsubscribe option on them. (those are typically from people that I've given my email address for some reason or another) So I'm going to assume those "schemes" are good things.

Re:"Opt-out" indeed

[catbutt]

My data is MINE.

Then don't send your data out on the web.

Re:"Opt-out" indeed

[hedwards]

I'm not sure about these days, but I did spend a bit of time unsubscribing from spam for a while. It was a junk account that I was going to have to abandon either way. The results were a noticeable reduction in spam messages pretty quickly, then a gradual increase over time. I'm not sure what the actual explanation is, given that most spammers don't have any way of receiving a response to their spam, other than through a store.

Re:"Opt-out" indeed

[kheldan]

How much are they paying you to post messages like this? Or are you one of the spammers?

Re:"Opt-out" indeed

> My data is MINE

You clearly haven't been reading Slashdot. Information wants to be free...

Re:"Opt-out" indeed

[catbutt]

No, I'm not a spammer and am not defending spammers. If I'm defending anyone, it's the pragmatic people who pressed for the "rules" (or whatever they are) that say that mass emailings should have unsubscribe links.

I have gmail, so I get almost no "real" spam. I get several spam's per hour in my spam folder, but I never look there --and as much as it may bother me that spam is costing ISP's and Google money, I can't say I lose a lot of sleep over it.

I do get a fair number of mass emails from various companies I've done business with (Borders, Target, Apple, Walgreens, Amazon, etc), and they all tend to have "unsubscribe" links, which I appreciate (and use!). So I am glad that whoever pushed for such things did so, rather than just lumped those companies in with the "true" spammers. The system as it is isn't perfect (I still find most mass emails to be annoying, even if they have unsubscribe links and even if it is a company I like), but things are better than they could be.

Re:"Opt-out" indeed

[wealthychef]

My password wants to be free? My social security number wants to be free? I think the quote you are using refers to conceptual information such as software algorithms and the like, more so that individual data bits, although certainly there is probably pressure on all data to be free.

Re:"Opt-out" indeed

[wealthychef]

Then don't send your data out on the web.

Wouldn't that make the web a lot less useful? The idea is that I conduct a transaction and have a reasonable expectation that just because someone does business with me does not allow them to sell everything they know about me to anyone they choose.

Re:"Opt-out" indeed

[kheldan]

Gee, I wish I could cop a Polyanna attitude like that whenever I wanted to, but I can't. ALL unsolicited email is bad, just like all mail to "Resident" is bad and wasteful. All the above waste valuable resources and/or bandwidth that everyone has to pay for. It should be flat-out illegal with severe penalties for engaging in such activities.

Re:"Opt-out" indeed

[Mr.+Slippery]

My password wants to be free? My social security number wants to be free?

Yes, your password and SSN want to be free, which is why you must keep them carefully cooped up and restrained.

"Information wants to be free" does not say whether it's good or bad that it gets free. My pit bull puppy wants to be free also -- free to roam the house, tearing up shoes and books and anything else he can his jaws on. So he is carefully restricted or supervised. But unlike my puppy, once information gets out, you can't put it back in the crate.

So... what?

[rakuen]

So people like us /.'ers who know ways to block advertisements have little use for this. The rest of the people probably won't know or care enough to utilize it. I suppose there's a middle ground in there something, but I think the bottom line is I'm impressed by how much nothing this accomplishes for the end user.

I suppose it does help cover a business' rear a bit in the legal department.

Re:So... what?

[mlts]

It is just advertising PR. It also is a wakeup call to the more technologically adept people that they are far better served by using products like AdBlock, NoScript, Sandboxie, BetterPrivacy, and other items as opposed to thinking that the website or its advertisers will do anything else but sell any and every bit of info they get to the highest bidder.

Of course, the opt out button is there, but is the private info still present on their servers? Even in saved database snapshots? All this information can be easily mined and used for profit the second that advertising company gets bought out, or declares bankruptcy, and there is nothing a person can do about it.

Re:So... what?

[AuMatar]

No, it's an attempt to head off legislation. By making a voluntary "self-policing" system, they get to point at it and say "See, we're doing something" in an attempt to block legislative efforts that would likely be more strict.

Re:So... what?

[John+Hasler]

I don't actually much care about their "data mining". I just don't want to see their asinine ads. And I don't. They don't get much data either, but that's really a side-effect.

Re:So... what?

[CCarrot]

I suppose it does help cover a business' rear a bit in the legal department.

Yes, I always hate it when my legal department is showing. ;)

My way of fighting against advertisement:

Here's how I fight against advertisement:

I never buy anything that has been advertised to me, period.

Advertising is not only annoying, but often it's rather immoral with it's use of "behavior modification" techniques.

Everyone should boycott any product that's advertised in annoying ways.

Re:My way of fighting against advertisement:

[Darkness404]

Same here, if a company runs an annoying commercial it makes me less likely to buy that product. If a company's ads manage to get through my hosts file, I'm not going to buy from them. Internet advertising is scummy to begin with, and if I see an ad online for some virus scaner/spam blocker/etc I'm going to think its malware and not even bother with it.

Re:My way of fighting against advertisement:

[Abstrackt]

Here's how I fight against advertisement:

I never buy anything that has been advertised to me, period.

Advertising is not only annoying, but often it's rather immoral with it's use of "behavior modification" techniques.

Everyone should boycott any product that's advertised in annoying ways.

How do you buy food?

The bakery in your local grocery store wafts the smell of fresh bread for a reason and the sugary cereals sitting on the lower shelves are decorated brightly so the little ones can pick them out more easily. Even at the less devious end of the scale, like a farmer's market, you still need to be advertised to to know the product exists, right?

Re:My way of fighting against advertisement:

[catbutt]

Everyone should boycott any product that's advertised in annoying ways.

Boycotts don't work. "Everyone" is not a single individual with a single shared interest. It is a lot of separate people, each with their own interests, acting independently. Expecting anything different is doomed to failure.

Unless you can convince people that their individual interest will be served by participating in your boycott (regardless of whether or not other's participate), you can expect the boycot to fail.

Re:My way of fighting against advertisement:

[CCarrot]

How do you buy food?

The bakery in your local grocery store wafts the smell of fresh bread for a reason and the sugary cereals sitting on the lower shelves are decorated brightly so the little ones can pick them out more easily. Even at the less devious end of the scale, like a farmer's market, you still need to be advertised to to know the product exists, right?

Fair enough, passive advertising is, to some degree, necessary, and possibly even desirable (I can't even believe I'm saying that...)

OTOH, my local baker doesn't jump out at me as I walk by, waving a Mario-shaped carrot cake in my face, all thanks to their inference of what I would be most likely to buy based on the T-Shirt I was wearing each day for the last week when I walked past their storefront, my gender, apparent age bracket, and what I glanced at in their display window...all automatically compiled from their handy spy cams...

...and my local pharmacist doesn't tap me on the shoulder and try to tell me all about the new line of vibrating condoms they got in last week, because he noticed I was browsing through the Victoria's Secret collection when he was following me around last month...

...and my grocery store doesn't have people hired to block the aisle I want to go down until they can show me whatever crap it is they have on sale, ask me 15 questions about my experience with them so far, and try to muscle me over to the appropriate aisle anyways if I say 'no thanks'...

As far as I'm concerned, any advertising that tries to shape itself to me by spying on me and trying to predict my behaviour is unethical, and intensely creepy. If I am interested in certain things, I will seek them out, I don't want them seeking me out!

Re:My way of fighting against advertisement:

I'm with you, man. Ever since the annoying ads, I have never since set foot inside Old Navy, and never plan to. Harvey's and Hardee's are both on my blacklist. And thanks to Slashdot and those godawful animated ads with the guy's wife yelling at him about server issues... should that ever be required by myself, that company's blacklisted too.

"easy-to-use opt-out option"

[John+Hasler]

I've already got one of those. It's called Privoxy.

It's a trap!

[__aagctu1952]

Let me guess: The Advertising Option Icon will be a 1x1 transparent gif? :-)

Re:It's a trap!

[rakuen]

You can do even better. Use CSS to hide it behind another image. Then you can't even find it accidentally!

Opt Out? Shouldn't that be Opt IN?

[krelvin]

I would much rather opt in for stuff I am interested in with Opt Out being the default.

Why should a consumer need to opt out of something they didn't ask for.

The right of self-determination over personal data

[Jah-Wren+Ryel]

Screw this voluntary self-regulation slap-on-the-wrist-at-worst bullshit.

What we really need is legal backing for the right of self-determination over personal data.

A simple technical solution to a social problem

Just filter out the ads.

AdBlock Plus is a good Firefox plugin.

You can set it to filter anything you don't like. Such as Facebook: htp://api.ak.facebook.com/*, http://www.facebook.com/plugins/*, http://static.ak.fbcdn.net/*, etc.

That's it, no problems. No more crap!

Re:Opt Out? Shouldn't that be Opt IN?

[rakuen]

Obviously because their mapped advertisements add value to their service at no cost to you! Who wouldn't want free value!?

Easy to find opt out...

[spinkham]

A:I eventually had to go down to the cellar.
P: That's the display department.
A: I had to take a torch.
P: The lights must have been out.
A: So were the stairs.
P: But you did find the plans^H^H^H^H^H opt out button?
A: Yes, I found them. In a locked filing cabinet in a disused lavatory behind a door that said "Beware of the tiger".
P: That's our display department.

--The HitchhIker's Guide to the Galaxy

Re:Opt Out? Shouldn't that be Opt IN?

[rakuen]

Whoever marked that as troll didn't understand what I was going for with it. In this comment, I am playing the part of the business justifying their practice to the consumer.

riiiiiiiight

"...consumers will be able to link to a clear disclosure statement regarding the company's online behavioral advertising data collection and use practices..."

yeah, right. If the statement is actually clear, they can still retroactively change it any time they want.

"... as well as an easy-to-use opt-out option."

Hmmmm, how about an easy to use OPT-IN option! I know, I know, it'll never happen.

(ha ha the captcha word is "pinhead". Why, yes, they are pinheads :-)

well if they are not stupid

[RobertLTux]

47CFR64.1200 (thats the Code of Federal Regulations Volumne 47 section 64 subsection 1200)
or as it is formally known
TITLE 47--TELECOMMUNICATION

                CHAPTER I--FEDERAL COMMUNICATIONS COMMISSION (CONTINUED)

PART 64_MISCELLANEOUS RULES RELATING TO COMMON CARRIERS--
Table of Contents

    Subpart L_Restrictions on Telemarketing, Telephone Solicitation, and
                                                    Facsimile Advertising

of course you will have a somewhat different actual law but...
if they think you live this far south then you
1 ask for their name
2 ask for the "company they are calling on behalf of"
3 ask them for a call back number (must be a non toll number)
4 bonus points if you are on the CA DNC list

of course 99.999% of the time they will drop the call once you inform them that you are invoking 47CFR64.1200
(of course if you can invoke the CA version thats even better)

let me just reply to myself and invite a downmod

[spazdor]

As another example, I can recall a couple IM programs with an "auto-away" feature, which activates after a certain period of idleness, but automatically deactivates as soon as you move the mouse, regardless of which window has focus. I would choke that program down to receiving mouseclick and keyboard events only. No mouseover, no GetFocus(or whatever the damn API calls it), just the facts.

Trust

[Stan92057]

The have already lost the most important thing in business and in life, Trust. They have in the past shown they do not care about our privacy,lying to us installing hidden programs,tracking cookies and god knows what else they have had and didn't get caught at yet.They tried years and years to self regulate and the only way they got any really control is when congress spanked there asses with the do not call list. This shows they will do as little as possible until forced by laws. They are untrustable and a long history to back that up

Clever way to collect personal data

You go to their site to opt out, fill in your name, ip and email adress. Perheps get a few cookies telling who you are and that you "don't" want to be cyberstalked.

Clever!

Name, rank, and serial #?

Let me guess, you opt out by providing your IP address and SSN so they can be sure to not track you across the websites where they are advertising?

We already have HOSTS files though

A HOSTS file and it can be used to do the same filtering that privoxy can essentially, easily too, just by blocking out known bad servers or websites, easily speeding one up and securing you at the same time in doing that, but, it can also further speed you up by using "hardcodes" of your favorite website's domainname/hostname-to-IP Address (e.g.-> 216.34.181.45 slashdot.org) with entries in it for that. Hosts files also cover every webbound app you have, not just specific browsers (like adblock does only, for example) and they help tremendously speed up webbrowsing, as well as secure you vs. threats in adbanners in malscripted content, not just vs. known bad servers/sites. Well respected & reputable hosts files can be found and downloaded for free as well as easily installed here http://www.mvps.org/winhelp2002/hosts.htm or here http://someonewhocares.org/hosts/ for example. Hosts files also use no CPU cycles up, like DNS servers do, since hosts files are merely a filter. Hosts files are also very easily installed, edited, and controlled by users (notepad.exe is your pal here in Windows for example, usually here %WinDir%\system32\drivers\etc) and they have no programmatic security (or other types of) "bugs" like DNS servers STILL do (see Moxie Marlinspike &/or Dan Kaminsky online in regards to THAT) either.

Re:We already have HOSTS files though

You neglected to mention though, that in Windows, if they install one of those HOSTS files, and have the DNSClient service enabled, they will slow down their entire machine, and not just their browsing experience, because for whatever reason, it isn't programmed to handle much over 10,000 entries, and starts causing noticeable performance degradation at about 8,000-9,000 entries. This unfortunately, is still a problem even under Windows 7, where they improved it ever-so-slightly to start choking up the entire machine at about 25,000 entries. Yes, the DNSClient service will peg 2 out of 4 cores on a Core 2 Quad to 100% for lengthy periods of time while processing a HOSTS file with a large dataset. And it will do this every time you open a new webpage. What will alleviate this somewhat, is moving entries for the most common advertising urls to the top of the entry list, and also using 0.0.0.0 instead of 127.0.0.1 in the "where to look" part. It is still going to read and process the entire file anyhow for each link on a webpage that is trying to load, for every page you open, but it will at least allow the webpage to load in a somewhat reasonable time when it's able to find certain links right at the top of the list.

Moral of the story: Unless you're on a corporate LAN, disable that useless for (most) home users service anyhow. Also, that Microsoft seems to love not fixing bugs that have been around since they first implemented the DNSClient service. Which has been well over 10 years ago (I believe Win2k).

You are incorrect on 3 points

"What will alleviate this somewhat, is moving entries for the most common advertising urls to the top of the entry list, and also using 0.0.0.0 instead of 127.0.0.1 in the "where to look" part. It is still going to read and process the entire file anyhow for each link on a webpage that is trying to load, for every page you open" - by Anonymous Coward on Tuesday October 05, @03:26PM (#33798318)

Wrong - you're NOT accounting for the fact that the local HOSTS file is just that: A FILE!

(And, what caches files? The local diskcache does, completely nullifying this point you just made... because subsequent reads of the HOSTS file if unchanged (like ANY file would be), will be read from the diskcache once the file is read by ANYTHING at least once, & yes, that includes the first read upon reload by the OS into the IP stack once the HOSTS file is read upon changing in the %WinDir%\system32\drivers\etc folder (std. location for it in Windows, since you noted this is about Windows here))

----

"that in Windows, if they install one of those HOSTS files, and have the DNSClient service enabled, they will slow down their entire machine, and not just their browsing experience" - by Anonymous Coward on Tuesday October 05, @03:26PM (#33798318)

Only with relatively "largish" hosts files though. Still, you CAN save RAM &/or CPU cycles too by turning off the DNS Clientside Cache even with smaller HOSTS files.

(It doesn't hurt anything either when you turn off the DNS Client Cache service, you surf just fine.)

"because for whatever reason, it isn't programmed to handle much over 10,000 entries, and starts causing noticeable performance degradation at about 8,000-9,000 entries. This unfortunately, is still a problem even under Windows 7, where they improved it ever-so-slightly to start choking up the entire machine at about 25,000 entries." - by Anonymous Coward on Tuesday October 05, @03:26PM (#33798318)

Some "FYI" for you: The "Reason why" is because it is programmed by the DNS Client Service code to read the data into a C/C++ struct, instead of a FIFO type buffer like a queue for example (a programmatic example), or even a redimmable array (those take time & cpu to "resize/reset" too, but not like you see in what happens with the current design of the DNS clientside cache as you noted in fact and it is true).

I have even notified MS of this over the years many times, and how to fix it, and once such example is here -> http://blogs.msdn.com/b/e7/archive/2009/02/25/feedback-and-engineering-windows-7.aspx?CommentPosted=true&PageIndex=3#comments but, they don't fix it. At least not yet.

(Fact is, I have a HOSTS file here that is now currently 902,393 entries long/24++mb in size on disk and I surf fine setup this way, without the DNS cache client running, & since 1997 or so on PC's @ least...)

----

"You neglected to mention though, that in Windows, if they install one of those HOSTS files, and have the DNSClient service enabled, they will slow down their entire machine, and not just their browsing experience" - by Anonymous Coward on Tuesday October 05, @03:26PM (#33798318)

Now, as to what you noted in MY post you replied to? Either of the sites that were shown to have good hosts files in the post you replied to DO tell users about when you use a larger hosts file, you may have to turn off the DNS client cache service.

(It's easy to do and mvps.org, one of the sites I noted for downloading a HOSTS file no less in my post you replied to, it has a batchfile that does it for you even)

You made it also seem like it always has to be turned off and that is NOT the case with all HOSTS files, only relatively "largish" ones.

APK