Google Adds To Mozilla's Push For 'Do Not Track'

AndyAndyAndyAndy writes "In a morning blog post, Google announced the release of a Chrome plug-in called 'Keep My Opt-Outs,' which hopes to block all tracking cookies. Interestingly, it is released as open-source with the hopes that it will gain quick deployment on non-Chrome browsers and find a robust foothold against ads. The story is also covered at Computerworld, which has broader insight into the issue, looking at Google, Mozilla and Firefox, and seems to indicate more rapid change is looming — potentially from the FCC itself."

But...

[joocemann]

... I love cookies!

Cookie cookie cookie!

NOM NOM NOM!

Re:But...

[Tr3vin]

You're a monster!

Re:But...

That's not Offtopic, for fuck's sake.

Re:But...

[joocemann]

That's not Offtopic, for fuck's sake.

I know. I thought it was more "ontopic/funny" but I guess the army of early-post haters got me first.

FCC

[TaoPhoenix]

Didn't they undergo a massive cave-in to special interests?

Re:FCC

[Attila+Dimedici]

Didn't they undergo a massive cave-in to special interests?

No, to call it a cave-in would imply that they were going to do something different before pressure was brought to bear.

Re:FCC

[TaoPhoenix]

A wall of Balsa Wood is still a wall. I'd like to think that for twelve seconds they were considering the right thing before saying "Lol right."

Fast Turn-around

[TaoPhoenix]

I know, lots of tech implementation problems, but Google's fast turn-around indicates that someone between Mozilla and Google is on the same page.

Re:Fast Turn-around

[Un+pobre+guey]

They are not on the same page. Blocking cookies is pointless. Robust all-knowing behavior tracking occurs on the server side. By implementing a header flag, Mozilla is ahead of the game. That flag covers any kind of tracking currently used or to be deployed in the future by asserting a generic end-user request always and uniformly. Blocking cookies addresses an obsolete tracking mechanism.

Re:Fast Turn-around

[E+IS+mC(Square)]

>> Blocking cookies addresses an obsolete tracking mechanism.

So that's why I don't see any cookie on my system at all!!??!?

Re:Fast Turn-around

[C_amiga_fan]

I think it's a good idea in general, to provide the option to not be tracked. Q: "Why are we doing this?" A: "We recognize that some users are uncomfortable with the personalization of ads that they see on the web."

I don't mind personalized ads. Just yesterday I was looking at Banquet Homestyle Meals, and about an hour later, slashdot sent me a personalized ad to the same thing, on sale, at Meijers. It was one of those rare cases where I was glad to see the advertisement, since it was showing me what I was looking for.

Re:Fast Turn-around

Banning all user info makes the browser quite broken. Just by taking two crucial bits of info, language and plugins, and combining that with the IP address (for area), already narrows 90% of viewers. UA is also generally a bad idea to obfuscate.

Then there's Flash, which invalidates any browser security. All browsers should make plugins click to enable by default.

Re:Fast Turn-around

[Un+pobre+guey]

Obsolete doesn't mean nobody uses it. Companies that don't have wide ranging access to user behavior across multiple sites on their backend have to use cookies. People who have content linking back to their servers placed on pages across many domains can do such tracking. Hint hint.

Re:Fast Turn-around

[pushing-robot]

And if you'd RTFA, you'd see that this plugin has nothing to do with "blocking cookies". In fact, it does entirely the opposite.

Re:Fast Turn-around

[Naturalis+Philosopho]

It was one of those rare cases where I was glad to see the advertisement

Isn't that the point of all this? That it's the rare exception that tracking is useful to anybody?

Re:Fast Turn-around

[DragonWriter]

By implementing a header flag, Mozilla is ahead of the game.

Sure, in the sense that Mozilla's approach might have much broader applicability in the future. But, a browser sending a header that no server existing does anything with acheives nothing.

"Keep My Opt-Outs", OTOH, supports an existing industry-standard opt-out mechanism that lots of existing advertisers use (and more are adopting.)

Mozilla's approach does exactly nothing now, though in theory, hosts could add support for it in the future.

Google's "Keep My Opt Outs" works with the mechanism by which providers of personalized advertising allow people to opt-out from the tracking that supports personalization right now.

Re:Fast Turn-around

Google is getting behind something they know they can safely ignore.
Lets all trust that google will respect this new flag

Re:Fast Turn-around

[McGiraf]

Just like the evil bit protects us against present and future network attacks.

Re:Fast Turn-around

[Un+pobre+guey]

OK, "focusing on cookies," "dealing with cookies," "working as if cookies were the most important tracking mechanism." TFA seems to refer only to cookies.

Re:Fast Turn-around

[Un+pobre+guey]

Not true. The big behavior trackers no longer rely on cookies and haven't for some time. Cookies are a red herring, which is the point I am flogging.

Re:Fast Turn-around

[DragonWriter]

Not true. The big behavior trackers no longer rely on cookies and haven't for some time.

I don't think you understand how the extension works. Its not a cookie blocker, its a cookie store that doesn't get erased when you erase your cookies -- specifically, it stores cookies for the cookie-based opt-out system that the big behavioral advertising providers are using.

One problem with this system without an extension like this is that clearing your cookies will clear your opt-outs. This system preserves the opt-out cookies (and ads them for new trackers as they become part of the system) so that you have a durable opt-out.

The actual method used for the behavioral tracking is irrelevant to the extension, what does matter is the method supported for opting out of the tracking.

Re:Fast Turn-around

[Un+pobre+guey]

Gaaahhhh! After re-reading it several times, it appears that you are right. It is an "opt-out cookie" management mechanism. It looks like the new aspects are that they now include management of other companies' opt-out cookies, presumably based on a list of known such cookies, that would have to be maintained by someone. It is similar to the Mozilla idea in that it is persistent, but I like that Mozilla's method is 1) generic, and 2) ever-present. Both mechanisms would rely on behavior trackers' voluntary or enforced compliance.

Sorry, Dude, my mistake.

Re:Fast Turn-around

[TaoPhoenix]

Let's say they are on different pages of the same book called Pro-Privacy. I freely agree some ideas may be technical disasters, however they create a "mind-space" in our world of flying headlines that indicates a direction. A "Mind-space" of "Let's block all the tracking stuff" is at least in the right direction in my view, even if it's only as actually relevant as that page describing the typeface chosen.

Re:Fast Turn-around

[TaoPhoenix]

Really awesome personalized ads can be fun. But I'd want to have explicitly turned on a button that says "I want to visit Minority Report for an hour". Then you can play in their playground with Meijer results, the pizza shop down the street, etc etc. But for it never to stop, it's really creepy.

Re:Fast Turn-around

[wunderbus]

Cookies aren't obsolete because they're persistent within the browser despite a changing IP address. A login cookie on your laptop will still work when you bring it into the coffee shop. So will tracking cookies.

Re:Fast Turn-around

[DragonWriter]

It is similar to the Mozilla idea in that it is persistent, but I like that Mozilla's method is 1) generic, and 2) ever-present. Both mechanisms would rely on behavior trackers' voluntary or enforced compliance.

Mozilla's mechanism is better in the long term (assuming people start supporting it on the backend), but Google's mechanism leverages something the big behavioral advertising firms are already supporting, but makes it simple to manage, so it works well right now, whereas sending Mozilla's do-not-track header right now will do nothing.

Re:Fast Turn-around

[Un+pobre+guey]

My point is that I do not believe that is what's really going on. I can't help but suspect that many companies are just throwing us a stale bone to distract us, and will leverage cleverly written terms of use to continue behavioral tracking in more sophisticated ways.

Google... and ads

So, those who jump up and down everytime on any story of Google trying to prove they are just evil can at least take one of their nonsense off their list - that it's in Google interest to sell your information at any cost?

Just shut up...

Re:Google... and ads

[Americano]

It's also in Google's interests to implement weak voluntary controls rather than FTC-mandated strict controls that would more-directly impinge on Google's bottom line.

An FTC ruling which dictates something along the lines of "You must default everybody to opted-out of all advertisements, and allow them to opt back in if they wish to," pretty much destroys Google's business overnight. "No need for the FTC to take action, since the browser makers have already provided a system to allow users to opt out of advertisements if they wish to," hurts a lot less.

Re:Google... and ads

[DragonWriter]

An FTC ruling which dictates something along the lines of "You must default everybody to opted-out of all advertisements, and allow them to opt back in if they wish to," pretty much destroys Google's business overnight.

Well, except that it would almost certainly be struck down by the courts, and its not even the subject that the FTC has been looking at. A more reasonable FTC order on the subject actually at issue, which mandated opt-out of ad personalization via behavioral tracking wouldn't have nearly that effect on Google (they'd still be able to serve ads, and even contextual ads.)

No need for the FTC to take action, since the browser makers have already provided a system to allow users to opt out of advertisements if they wish to," hurts a lot less.

The opt-out mechanisms (both the one that Google has had for years for their own tracking, and the new one that they just released for other people's tracking) are for behavioral tracking that supports personalized ads. They aren't opt-outs for advertisements at all. Its tracking, not advertising, that you are opting out of (and that's also the issue that the FTC has asked the industry to do something about if it doesn't want the FTC to step in -- behavioral tracking, not advertising.)

Re:Google... and ads

[Belial6]

What is this belief that advertising requires tracking? It doesn't. It never has. Do advertisers like traking? Sure. Do the require it? No. If all user tracking were stopped today, there would still be advertisers paying to put ads on Slashdot. They would determine what ads to put up the same way they do on TV and in magazines. They would put ads that would be most likely to appeal to the consumers of the product being offered. In fact, Google might make MORE money if tracking were stopped. They would still be selling the ad space, but their customers would no longer have an expectation of getting detailed info on the end users. Thus, same revenue, and less work for Google. Less work means more profit.

Re:Google... and ads

[Dynedain]

The same can be said for Mozilla. By implementing a feature like the header, they can choose how they want to provide this kind of improvement to users. On the other hand, if they wait around for the FCC to force a decision, they might get locked into a method that Microsoft developed (with licensing costs of course), a method large ISPs like AT&T or TimeWarner prefer (ISP provided advertising like television), or something completely out of the blue that will get held up in court proceedings for decades.

Being first out of the gate on this lets Mozilla set the bar that everyone else has to match or beat, and gives them strong leverage if mandatory solutions start being discussed.

Re:Google... and ads

[Un+pobre+guey]

I think you are oversimplifying. Advertisers have always tracked and have always liked to track. Everything depends on the demographics of the medium where the ads will appear, and the demographics are the product of tracking, even back in the old days. Today they want to track everything because 1) they can, and 2) this allows them to focus ads more sharply than ever before.

Now you can tell with a high degree of probability that an end user is on the market for size 7 women's lavender-colored running shoes with a digital calorie counter and striped shoelaces. Advertisers of such shoes would kill their grandmothers for that kind of data.

Re:Google... and ads

I'm not over simplifying. I'm complaining about everybody else over simplifying. Yes, advertisers want that data. Yes, they want it bad. But, if they can't get it, it isn't going to shut them down as so many comments here are claiming.

DO NOT FUCKING TRACK ME !!

Oh, right, X-DO NOT FUCKING TRACK ME: yes

and so on and so forth let it be known that this is the way it is now and will be tomorrow and forever after, ahhhmen !!

Re:DO NOT FUCKING TRACK ME !!

Stealing shit, are you?

Why are you afraid otherwise?

Re:DO NOT FUCKING TRACK ME !!

Because people have different ideas about right and wrong, that's why.

it is good news

[Presto+Vivace]

maybe all our cries for privacy are having some effect.

Re:it is good news

[fahrbot-bot]

maybe all our cries for privacy are having some effect

No. They've probably though of another way to track our usage and the cookies don't matter anymore.

Re:it is good news

[Rockoon]

In other news...

Google CIO submits orders to increase their tracking database by 1 bit per user.

Re:it is good news

or maybe they've realized the only people worth tracking are those who -- *gasp* -- have an actual Google account and are logged in.

Google doesn't make all their money by selling your info anyway... they make it by being paid for facilitating click-throughs. It's Not The Same Thing.

Fast forward

[serano]

Why don't we just skip to the part where everyone has enabled this feature.

Re:Fast forward

[TaoPhoenix]

"Each browser configuration consists of a unique creative work of customizing settings by that particular user, and undue tracking of those unique specs consists in a copyright violation to be subject to the rates of Thommas-Rasset at $750 per tracked copy per site per click."

Re:Fast forward

IPv6 address space: permanent static IP

Re:Fast forward

..Per packet.

Re:Fast forward

[zn0k]

http://www.faqs.org/rfcs/rfc3041.html

Already used in Windows, the most popular desktop OS.

Re:Fast forward

What good is it if your /48 is registered to your name and address with RIPE/ARIN/...?

Re:Fast forward

..per favore

Interesting coming from Google

[nsanders]

who pioneered use of the first persistent cookie (set to expire in 2038, I believe?)

Re:Interesting coming from Google

[RazzleFrog]

Not all cookies are bad.

Re:Interesting coming from Google

[godrik]

My grandma's cookies are awesome!

Re:Interesting coming from Google

My grandma's cookies are awesome!

And they expire before 2038

Re:Interesting coming from Google

Not really. They allowed you to block Analytics[1] a long time ago. They're also probably the only major website with complete HTTPS support. Cookies shouldn't now be a surprising move.

1. https://chrome.google.com/extensions/detail/fllaojicojecljbmefodhfapmkghcbnh

Re:Interesting coming from Google

[silverglade00]

And they expire before 2038

So does grandma.

Re:Interesting coming from Google

[maxume]

So go ahead and make the case for cookies that expire 10 years (or more) in the future.

depends on the info, not all bad

[__aatirs3925]

Getting some of your info tracked is not all bad. I could see where it leaves technical specs of your computer and begins to geolocate you without your permission or cross-reference you with social networks etc... Buut, at the same time none of us likes to see advertisements that flash telling you to punch a monkey after taking some Viagra. In an ideal world, you would see LESS advertisements if advertisement blockers didn't exist, and you would see more relevant ads that would benefit you from clicking it by having your information tracked. However, this is in an ideal world and it just doesn't work in this world.

Personally, I have ABP installed and if it's a website I support ie: Slashdot, I'll disable ABP. I may not click on the ads but just viewing them somehow gives back a little bit.

Re:depends on the info, not all bad

[__aatirs3925]

I didn't read my first sentence while revising (strange I know right?) I didn't mean that geolocate you without permission or cross-referencing would be a good thing. I meant the complete opposite and getting some technical specs like browser info, if javascript is installed, etc... That shouldn't be a problem for anyone realistically if it's kept anonymous.

Re:depends on the info, not all bad

[TaoPhoenix]

(Humor)

Hi jappleng. Your post suggests you like geotracking.

BEGIN AD: Did you know the KnightRider edition GPS actually used brand new prompts by the same voice actor as the original series? End Ad:

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

P.S. Your actual article starts here. So long to your ideal world.

Re:depends on the info, not all bad

[__aatirs3925]

lol I know you were kidding but at the same time I don't know if you read my reply stating that I didn't mean that at all :X

It seems so simple

Why do they not think somebody will just make plugins called "Opt Out Of Everything" (OOoFE for short)?

Jab at Adobe?

[captaindomon]

Is this just another part of the battle with Adobe, who owns Omniture and competes with Google Analytics?

Ghostery

How does this compare to Ghostery?
http://www.ghostery.com/

Re:3.0

[TaoPhoenix]

The Linux Kernel might never make it to 3.0.

This already exists

[He+who+knows]

and is called Ghostery. https://addons.mozilla.org/en-US/firefox/addon/ghostery/

Re:This already exists

[C_amiga_fan]

Link for Netscape and Mozilla SeaMonkey users:
https://addons.mozilla.org/en-US/seamonkey/addon/ghostery/

Re:This already exists

[sunderland56]

This already exists in a better form: the "clear all cookies" option in Firefox (and similar options in other decent browsers).

If you dump *all* cookies every day, you aren't subject to whether or not the web programmer chooses to honor the html do-not-track tag or not.

Re:This already exists

[hedwards]

That isn't a reasonable solution. For one thing they're still able to track you within that day, and for another it can be challenging to figure out which cookie you've blocked is causing problems with the current page and why it's needed.

What we really need is something in place to require companies to have permission before they set a cookie, a statement about the use and a ban on them trying to cram it on the end user.

Re:This already exists

[AmiMoJo]

Or how about just randomising the data in the cookies so they look valid but actually fill the marketer's database with rubbish. Maybe randomly change the HTTP headers too, e.g. making them look like requests from a proxy on behalf of a random IP address. Similar to those auto-form-fillers used against spam-advertised sites.

If you make the marketing data worthless they will actively try to filter you out. Works much better than a system advertise have to opt-in to because I can't see many non-US companies going for it since there will be no threat of fine for violation.

Pot meet kettle?

[wiresquire]

Does this plug-in/add-on also stop all tracking of Google properties?

Not just the google ads, but also all those other google sites like oh, I don't know, googleapis, youtube etc?

Just because they're not serving ads doesn't mean that they don't or can't track you.

Re:Pot meet kettle?

[Un+pobre+guey]

Just because they're not serving ads doesn't mean that they don't or can't track you.

Likewise, just because they're not setting cookies doesn't mean that they don't or can't track you.

Re:Pot meet kettle?

[DragonWriter]

Does this plug-in/add-on also stop all tracking of Google properties?

It doesn't really have anything to do with Google properties. Its about behavioral tracking that supports personalized advertising regardless of the provider (the new feature in this is that it isn't limited to Google -- Google has for years had a tool for all major browsers, not just Chrome, that did the same thing for Google ads tracking.)

Google?

[bsDaemon]

So, Google, a company that makes its money selling ad space, is distributing software to help block advertising? That seems either incredibly counter-intuitive, or incredibly cynical ("no one will use it except people who know how to do it anyway, so why not get some good press"). It'll be interesting to see which it really is, but I'm going to have to lean towards cynical on this one for the time being (call me cynical...).

Re:Google?

[BitZtream]

That seems either incredibly counter-intuitive, or incredibly cynical ("no one will use it except people who know how to do it anyway, so why not get some good press").

Its not only good press and taking advantage of the fact that people are lazy and won't do it ... It also gives them an easy bit of legal help.

If they make a bunch of tools available to protect your privacy then you don't have nearly as much room to bitch about the tracking since you do have a way to limit the tracking.

Second, if no one uses the tools and someone starts trying to push legislation through to make tracking more legally difficult, google and other online advertisers can jump in and scream 'we gave them tools and no one used them, the people don't want this!' ... and it'll be REALLY hard to argue their point when they have proof that the general population doesn't care enough to use the tools.

I won't call you cynical, just realistic and wise.

Re:Google?

[gmuslera]

There is some tracking that can't be blocked, unless you use an anonymizer, proxy or something like that, like rough geographic location of the visitor based on IP address. And probably most of the interesting results come from that way.

Anyway, could be people that are interested in being tracked so getting ads targetting them. That was the bet of personalized ads in gmail, if you must have ads, better that have a chance of being interesting for you, and not be a waste of time, screen space and bandwidth.

Anyway, whats the alternative? That people install an ad blocker that won't display any ad, personalized or not? That would be worse for google than not tracking some maybe uninteresting visitor data.

Re:Google?

[lonecrow]

Well does google need to track? Don't they make the lions share of their revenue from adSense on their search results pages? They don't need to track you to know that your searching for "treatments for crabs". They just show ads relevant to your search.

Lesson to Advertisers: Don't be Evil!

[MagikSlinger]

You think your cookies and tracking are harmless, or even good, but as you can see, very powerful backlashes form which will hurt everyone because you abused your privelege, and cross-site cookies tracking is a privelege. I understand the need for advertising tracking to improve the value of the ad to the ad buyer and to me, the ad "consumer". But considering it's becoming a hodge-podge and used to make people very uncomfortable, there was an inevitible push back.

You lost the Javascript/flash wars because you allowed abusive banner ads. Sure, you got a quick hit for a year or two, but for how long until AdBlocker has become de rigeur for the heavy Internet browser? So by trying to be too flashy and too in your face, you lost all right to use Javascript/flash for your ads.

Now you are losing the cookie battle too.

Just try not to be evil and respect people's wishes. Is it really that hard? Really?

Re:Lesson to Advertisers: Don't be Evil!

[noidentity]

You talk as if there was a single advertiser. The situation seems more like a tragedy-of-the-commons. Everyone might start out respecting it, but because the cost to an individual advertiser violating it is less than the benefit, one inevitably does this, and more follow.

Re:Lesson to Advertisers: Don't be Evil!

HAHAHAHA advertisers have always been slime, and this post backs it up! LOL

Re:Lesson to Advertisers: Don't be Evil!

[tukang]

Instead of using adblockers, how about boycotting content that comes with annoying ads? Content owners are people, too, and you're not respecting their wishes when you block ads.

Re:Lesson to Advertisers: Don't be Evil!

[MagikSlinger]

Instead of using adblockers, how about boycotting content that comes with annoying ads? Content owners are people, too, and you're not respecting their wishes when you block ads.

I don't use an ad blocker; just NoScript. But you also missed the point: people resort to these measures because web advertising has become abusive because they desperately want attention.

How often do you see people cutting out ads from a magazine or newspaper because they don't want to look at ads? Even though an Ad Blocker is a lot less work, it still takes some effort to find and install an AdBlocker. People seek them out because they don't want so Javascript ad screaming "HELLO!!?? HELLO!!!??" or opening 5-10 pop behinds.

Understand: people are avoiding ads because they are resorting to abusive measures to get attention.

Boycotting the content: that would be "nice" of the users instead of just blocking the ads. But then again, it would also be "nice" if the advertisers didn't sell my personal info like cigarettes in a prison.

Re:Lesson to Advertisers: Don't be Evil!

[vux984]

You talk as if there was a single advertiser.

Its pretty close actually.

Have you looked at the numbers.

In 2009, in the US, Google had 72.1% of online ads. One company is almost three out four ads.
Yahoo, Microsoft, and Ask.com had another 17%, 5.5% and 3.7% respectively.

Adding all 4 up is 98.3% of online ads.

Re:Lesson to Advertisers: Don't be Evil!

[Mana+Mana]

I've been wondering or a while why there is not an AdBlocker-cookie-blocker? Subscriptions, ya know. Like who doesn't block doubleclick.net|com, bluekai, etc. But I don't follow this. So, a la Ghostery, AdBlocker cookie-cutter developer where art thou?

Re:Lesson to Advertisers: Don't be Evil!

[berbo]

Yes it is really that hard.

Please buy my shit now!

Re:Lesson to Advertisers: Don't be Evil!

[Raenex]

Instead of using adblockers, how about boycotting content that comes with annoying ads? Content owners are people, too, and you're not respecting their wishes when you block ads.

I don't give a shit about their wishes. The Web was around before the advertisers were, and one of the fundamental principles of the Web was that you could view the content as you wished, whether that meant not loading pictures, disabling JavaScript, or whatever. Blocking ads is no different.

If the "content owners" don't like the game, they can take their ball and play somewhere else.

Re:Lesson to Advertisers: Don't be Evil!

[Uzuri]

There are -- the addon CookieSafe is one (lets you block all by default, allow by domain, subdomain, etc for session or temporarily).

Running that side by side with NoScript and RequestPolicy makes for a very interesting browsing experience, though. Kinda like trying to open someone else's combo lock.

Oh, and it doesn't do anything for Flash LSOs or other tracking methods, of course.

Of course Google wants this

[barchibald]

If I were google, I'd be pretty psyched to be the only ad provider who can triangulate from search to ad delivery. Thats a real coup in terms of unique analytics for them. Between every page that has their ads on it, every site that uses their site analytics and every request that has google.com as the launch point (and access to http-referer information across all of these....it'd be hard to imagine an analytics company coming close to competing.

There are many more desserts than just cookies.

Re:Of course Google wants this

Some sort of joke about cakes and lies belongs here, but I can't think of one...

What If...

[tunapez]

What if they didn't need cookies anymore? I'm sure if enough people with an agenda to get rich(er) got together they could track anyone and everyone...given enough resources and 'affiliates'. I never logged no-script blocks, but doesn't seem too implausible to get a small number of ad providers together to cooperate for massive data gathering gain.

I don't know. All I do know is when Mega-Corps bring me flowers and tell me they're my buddy, I tend to look around to see what's in the other hand.

But Google Themselves use tracking cookies?!?

[Stregano]

So, a company that became huge and rich from advertising and trying to "judge" us based on our clicks is now acting like They don't do it? Unless you are actually told about stuff like this then it is safe to say that Google is no better. I mean, come on, look at all the tracking cookies and stuff it uses, and you have to search for a way to disable them, and how many people will do that? That is like me being a bank robber, and then telling others to not rob banks and also tell some banks that ONLY if they talk to me ahead of time, I will not rob from them.

I tell you what Google, how about you stop using them yourself before you act like you are a huge activist behind getting rid of them.

Re:But Google Themselves use tracking cookies?!?

[Anonymous+Psychopath]

So, a company that became huge and rich from advertising and trying to "judge" us based on our clicks is now acting like They don't do it? Unless you are actually told about stuff like this then it is safe to say that Google is no better. I mean, come on, look at all the tracking cookies and stuff it uses, and you have to search for a way to disable them, and how many people will do that? That is like me being a bank robber, and then telling others to not rob banks and also tell some banks that ONLY if they talk to me ahead of time, I will not rob from them.

I tell you what Google, how about you stop using them yourself before you act like you are a huge activist behind getting rid of them.

Google isn't saying that cookies are bad. They are saying some people don't like or want them, and providing a tool to block them if desired. There's no holier-than-thou going on here.

Re:THIS IS WHAT WE'VE BECOME !!

[godrik]

What is the link with tfa ?

Opt out of what exactly?

[MtHuurne]

I am not convinced that "opting out of behavioral advertising" is the same as "do not track". The page describing the opt-out initiative contains the following sentence:

In some cases, automated systems will continue to collect other data about browser visits but that data will no longer be used to deliver interest-based advertising to the user.

This suggests that tracking might still happen, but the ads served will not be based on the collected information if you opt out. That does not sound like much of an improvement in online privacy.

Re:THIS IS WHAT WE'VE BECOME !!

[JonySuede]

interesting rant but next time, please try to post it on a related article

FCC != FTC

It may not be obvious to the slashdot editors, but the FTC is the Federal Trade Commission (mainly protecting consumers), not the Federal Communications Commission, which is mainly about regulating scarce communications resources (such as airwaves). The FCC better keep its nose out of my browser (and my choice of net providers and what they can do/can't do for me, I'll just sue my provider if they suck) but I welcome the RECOMMENDATION from the FTC. (yeah. you can see the editor didn't actually RTFA.)

Major Disruption?

[joshuao3]

Is this going to affect sites that use a cookie to maintain session state? If so, let me be the first to say: No. Thank. You. I cannot afford to reengineer all my sites.

Ok. Im adding myself to Mozilla's push too

[unity100]

With me, that makes 3. a strong push for privacy. add yourselves too, so that it will make 4, 5, and n.

this post, may or may not contain sarcasm. i may or may not be giving 2 cents to anyone that may prove that way, or otherwise. if the world is in the eye of a fish, then it means we have a problem. now beat it. there is nothing to see here - all mj impressions are done, all britney spears songs are sung, all ships are sunk, all your bases are owned, we shall never flag or flail. we shall fight on the routers, we shall fight on the switches, we shall fight on the hubs, we shall never surrender ! and then, they will say, this, was internet's finest hour !!!

Re:Ok. Im adding myself to Mozilla's push too

[Elbereth]

You finally used a capital letter!

Congratulations! Now, if we can just make that a habit...

In a word: choice

[DragonWriter]

So, a company that became huge and rich from advertising and trying to "judge" us based on our clicks is now acting like they don't do it?

No, they aren't. As noted in the blog post announcing the "Keep My Opt Outs" extensions, Google, two years ago, "made available, for all major browsers, a downloadable browser plugin that enables you to permanently opt out of Google’s advertising cookie, even if you deleted all your browser’s cookies."

They aren't pretending they don't do anything. They are quite open that they do it by default, they provided a cookie-based mechanism to opt-out of it, and they later provided a mechanism for durably opting-out of it.

"Keep My Opt-Outs" is an extension that provides durable opt-out by default functionality for all advertising/tracking systems that support similar opt-out mechanisms.

That is like me being a bank robber, and then telling others to not rob banks and also tell some banks that ONLY if they talk to me ahead of time, I will not rob from them.

If you assume that the use of tracking cookies is equivalent to robbery, which I think is, at best, a non-obvious position for which some argument should be presented.

I tell you what Google, how about you stop using them yourself before you act like you are a huge activist behind getting rid of them.

But Google isn't pretending to be an activist behind getting rid of them. Google, who has for some time provided a tool to durably opt-out of Google's tracking system, is now providing a tool to durably opt-out of an expanding set of third-party tracking systems as well. Its about supporting user choice in whether or not to participate in tracking, not about getting rid of tracking.

TFS is wrong: not a response to Mozilla

[DragonWriter]

I know, lots of tech implementation problems, but Google's fast turn-around indicates that someone between Mozilla and Google is on the same page.

This isn't a response to Mozilla.

Both Google's actions with "Keep My Opt Outs" and Mozilla's "Do Not Track" header are responses to the FTC urging the industry to adopt do not track mechanisms (with the strong implication that, absent sufficient non-mandated progress in this direction, mandatory regulations would be imposed.)

Google already provided a similar mechanism for all major browsers to opt-out of Google's own tracking; the new extension -- initially available in Chrome but, per Google's announcement, being worked on for other browsers as well as released as open-source, extends similar durable opt-out to other tracking services (and is designed to update itself to include new services as they are added to its database.)

Opting out

[Spikeles]

Opt out of major advertising networks: http://www.networkadvertising.org/managing/opt_out.asp Opt out of doubleclick/google ads: http://optout.doubleclick.net/cgi-bin/optoutgoogle.pl

whaa..?

Who are they kidding? 99% of who is tracking us is Google. Why would they encourage a do not track feature unless they fully intend to ignore it.

Privoxy helps out here

[simplypeachy]

I seem to be on a bit of a Privoxy obsession of late. It comes and goes like a biorhythm. Privoxy goes a long way to help prevent tracking...like tracking by Google, youtube, blogspot, ytimg...oh wait, they're all one and the same.

Cookies are old,Locatoin based services, static IP

Between static IPs, google adsense / analytics on every (almost) web page out there, google account (or other single signon)
  there is no need for any cookie tracking. Even "private browsing" implemented is pretty useless in fighting tracking.
There is tons of money in location based services and cookies are past.

Lovely, now add "no signature" mode

[saikou]

Having a flag in the header is nice. But the real question is, would Firefox (and Chrome) add "no signature/generic signature" mode, where headers sent out to the server get synchronized to the lowest common denominator for a large set of users?
You know, so that browser can't be sufficiently identified by the headers alone. And http://panopticlick.eff.org would say "Browser plugin details: one in 2", and "User Agent" one in, say, 10. Plus the heck with system fonts.

Re:Lovely, now add "no signature" mode

[Ash-Fox]

But the real question is, would Firefox (and Chrome) add "no signature/generic signature" mode, where headers sent out to the server get synchronized to the lowest common denominator for a large set of users?

How would you determine what is a login cookie for authentication to a website veres an advertising tracking cookie? They can look identical and even have the exact same field names.

Not at all.

[DragonWriter]

So, Google, a company that makes its money selling ad space, is distributing software to help block advertising?

Nope, this software does not (and does not claim to) do anything to "block advertising".

It blocks behavioral tracking which supports personalizing advertising, which means that when using it, the ads you see will not be personalized based on tracking you, but you'll still get just as many ads, they'll just be generic rather than personalized based on behavior.

Google has provided a durable opt-out of this kind for years with their own advertising (which is supported on multiple browsers), this new tool extends that to include other advertisers that have adopted an industry-standard mechanism for supporting opt-outs.

TFS is wrong: FCC is irrelevant

[DragonWriter]

Didn't they undergo a massive cave-in to special interests?

We can argue all day about that, but it doesn't really matter since the organization that is putting on pressure for do-not-track mechanisms is the Federal Trade Commission (FTC), not the Federal Communications Commission (FCC) that recently adopted open internet ("net neutrality") rules that have been panned by some neutrality advocates as "worse than nothing" in terms of restricting ISP abuses and by some ISPs and Tea Party types as a totalitarian takeover of the internet by government.

Re:TFS is wrong: FCC is irrelevant

[TaoPhoenix]

You get credit for an Informative reply. Seems our summaries are only hitting 70% accuracy lately.

Meanwhile I really don't know what to think if we get a war among agencies where say the FTC is awesome and the FCC caves. I'd like to think the whole government, per elected administration, has the same "mood".

Re:TFS is wrong: FCC is irrelevant

[AliasMarlowe]

Seems our summaries are only hitting 70% accuracy lately.

I have not noticed such a dramatic improvement in accuracy of summaries.

Re:TFS is wrong: FCC is irrelevant

Google does not need cookies to be successful. The core of their business is in ads based on search words, this does not need cookies.
Actually, if you make cookie tracking less usable, this is good for Google that becomes the refuge for advertisers ...

Major Disruption? Not at all.

[DragonWriter]

Is this going to affect sites that use a cookie to maintain session state?

No. For more info, see the page for the extension.

We lose while this is opt-OUT, rather than IN

"Why don't we just skip to the part where everyone has enabled this feature."

Why don't we scrap the idea and have opt-IN tracking instead. You know, like how spam is UNSOLICITED stuff? Anything less on websites represents a loss of rights from what we have with email -- and that's pretty dire already.

Wait a sec...

[supersloshy]

Don't Ghostery/Beef Taco for Firefox do the same thing? Or did I misread something?

Wait a sec...

[Red_Chaos1]

...maybe I'm just ignorant on this but doesn't NoScript do this already by blocking the sites period? (if you choose)

Why not poison cookies.

[eljimbo]

First time poster, long time reader. I have been wondering why more people don't poison cookies rather than blocking them. Its relatively easy to open the sql database that firefox uses and replace numbers and strings with random similar values, I'm sure it could be automated. It seems like it would be better to make tracking companies data worthless, rather than simply blocking it. I wonder if there is a way to trade tracking cookies (obviously some cookies shouldn't be shared)?

User-Agent Headers

[nonregistered]

"Your browser fingerprint appears to be unique among the 1,379,292 tested so far. Currently, we estimate that your browser has a fingerprint that conveys at least 20.4 bits of identifying information." -Panopticlick

I'm thinking opt-out of tracking by cookies, etc., is a throwaway. Google et al no longer need those technologies.

Re:User-Agent Headers

[VortexCortex]

"Your browser fingerprint appears to be unique among the 1,379,292 tested so far. Currently, we estimate that your browser has a fingerprint that conveys at least 20.4 bits of identifying information." -Panopticlick

I'm thinking opt-out of tracking by cookies, etc., is a throwaway. Google et al no longer need those technologies.

Having a unique fingerprint isn't bad if the fingerprint is also dynamic.

Every site finds my browser fingerprint to be unique -- It changes as a function (SHA1 HMAC) of the current website, time of day, and a secret salt. Fields are re-ordered yet still contain the same information, along with a bit of Base64 in the comments (parenthesis). A few unneeded and duplicate/renamed fonts are "available" or not, Screen resolution is also fudged slightly, not enough to break layouts.

The real downfall is Flash, Java, SilverLight, etc -- Each plugin can help fingerprint. I'm too lazy to add the fuzzing to my Java VM, or Gnash (flash player), and some people use closed source plugins -- there's no helping them... What's to say a closed source plugin (or browser for that matter) won't create a serial number and make it available to each website you visit?

Maybe someday I'll get tired of maintaining my modified browser code and reimplement it as a proper plugin -- Then again, I like being the most unique.

No Mas

[Mana+Mana]

> people resort to these measures because web advertising has become
> abusive because they desperately want attention.

I'm just a market force. You want a market mechanism? Equilibrium = ads + abuse + ad networks drive by attacks - ad blocker - web bug blocker - flash blocker + advertiser rants + advertiser counter tactics - ridicule - Element Hiding Helper - capitulation + flailing - demoralize = Detente? Bring on the sixth republic.

Erik Schmidt

I wonder if it's coincidental that this is announced just a few days after the Erik Schmidt leaves.

opt-out not as bad as IP black-listed

I would think the big realisation from advertising companies is that they would rather have consumers engage in an "opt-out" scheme than maintain an IP black-list of their servers.

With IP black-listing emerging as a widespread tool (yeah its been around for ages but consumers never really used it properly) that everyone can easily adopt and even download IP lists of various kinds for sites that aggregate such lists, advertising companies may be worried that they will eventually end up on the IP black-lists of the majority of Internet users - making their advertisement services pretty much dead forever. Thus the big push for opt-out and to make everyone feel safe.

Please don't IP black-list us off the net.

Irony

You realise by reading Slashdot you're being tracked by Google Analytics, Adhere, Google Adwords, Doubleclick?

yees

[unity100]

all the troubles on the planet will vanish when we all do that wont they. (following text is all in capital letters) down with grammar nazizm !! down with old people pushing it on young people !!!

Re:yees

all the troubles on the planet will vanish when we all do that wont they.

Straw man arguments are lies.

Re:yees

[unity100]

i still dont capitalize. moreover, im starting to see not doing it as a rebellion.

You talkin' to me?

[berbo]

X-ARE YOU TALKIN' TO ME?