Slashdot Mirror
Google/Facebook: Do-Not-Track Threatens CA Economy
theodp writes "Google and Facebook are warning legislators of dire consequences if California passes a 'do-not-track' bill. The proposed law would require companies doing online business in the Golden State to offer an 'opt-out' privacy mechanism for consumers. Senate Bill 761 'would create an unnecessary, unenforceable and unconstitutional regulatory burden on Internet commerce,' reads the sky-is-falling protest letter bearing the stamp-of-disapproval from Google, Facebook, Yahoo, Amex, Acxiom, Experian, Allstate, Time-Warner, MPAA, ESA and others. 'The measure would negatively affect consumers who have come to expect rich content and free services through the Internet, and would make them more vulnerable to security threats.'"
Would you really want MPAA to get limitless power to track your every movement? What next, install tracking equipment and video cameras in your home so can MPAA can make sure you aren't making backups own your movies? After all, that would be really good for MPAA and barring such would "unnecessarily burden MPAA and movie studios business".
... show us 14 photos of yourself and we can identify who you are.", and again, "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."
It's actually an interesting thing among slashthink. This is one thing Microsoft is doing right. You don't see Microsoft among the privacy invasive companies like MPAA, Time-Warner, Google, Facebook, ESA etc.. That's because they don't want to track your every movement. Microsoft sells you software. You buy it, they're happy, and you don't lose your privacy. Still most here think MS is evil and Google is some kind of white knight. Well, a few quotes.. Eric Schmidt: "We try very hard to look like we're out of control. But in fact the company is very measured. And that's part of our secret.". And Schmidt: "If I look at enough of your messaging and your location, and use artificial intelligence, we can predict where you are going to go
That's not a good name to have associated with the rest. So much for Google not being evil. Maybe they should change their slogan to "Don't be unprofitable."
Lesson two: If it looks like there is a free lunch, think again. You're losing something worth more than cash up front.
The Californian economy is based on this stuff.
On the other hand, it seems strange that the new American economy is based entirely on
-hustling stuff via spam^H^H^H^Hemail marketing
-getting people to click on ads while penalizing sites that ask people to click on ads
-movies
-figuring out who you are/what you've bought so you can buy more of it.
-knowing who your friends are so you can be peer-pressured into buying more stuff.
It just seems that after you've figured out the basics of food production, housing, metals/commodities, transportation, there's nothing left except for group-brainstorming ethereal "value-adds" like the above.
I'm not a lawyer, but I play one on the Internet. Blog
if you would like to opt out of these services, please click the CLOSE button at the top of your window.
Everyone wants cool stuff. But nothing is free. It is just basic economics.
Facebook already has an opt-out privacy mechanism called no using it.
I don't recall agreeing to the change from "Netizen" to "Consumer"...
OMG!!! Ponies!!!
WARNING!!! TROLL POST.
Do not click the link of the parent post or your stomach will suffer!
Google may have said that - but I'm sure they said it in an un-evil voice.
#DeleteChrome
As in European Space Agency?
Translation: "Our business model is founded on doing stuff to consumers that they don't want. Please let us continue doing it."
The definition of FUD in the dictionary needs to be updated with this as the cited example.
Worse than Goatse.
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
'Opt-out' is kind of pointless anyway because it will require a cookie to say you've opted out, which can be used to track you. The only law which would make sense is requiring people to opt-in to being tracked.
I found it interesting who was on the list and who wasn't.
-Experian is but Fair Issac (who has a couple of offices near here) isn't.
-Amex is but Visa, one of the Bay Area's largest employers, isn't.
-Many insurance companies. I know past behavior is important to these companies, but web tracking? I don't know enough to see why this is worth fighting for on their end.
-California Assoc. of Licensed Investigators. Probably the only honest ones on the list. "We want to be able to track you, because, um, we track people. That's what we do."
So I wonder if some of the companies that aren't on here don't care, weren't asked, or actively don't want to be on a list with PR nightmares like the MPAA.
I never understood why people (especially on /.) would click on a shortened url. Even though my machine is pretty resistant to exploits and malware, blindly following links seems a bit like roulette to me. Not to mention the possibilites of the url leading to child porn or 2girls, goatse etc. what has been seen cannot be unseen.
I find it odd that Facebook, Aol, Yahoo, American Express, ValueClick, Amway, Experian, USANA all provide a joint "signature block."
I also wonder who are the 3 companies who signed with black squares. Is this the modern "X" for companies who can't spell?
Finally, this letter is written in MS Word with Arial font and the actual author of the paper did not sign his name. If I received a letter like this, I wouldn't even take it seriously.
Wow. Mods are idiots. The link goes to Bing.
It has been pointed out repeatedly and correctly many times on Slashdot that "do not track" as a polite request is idiotic. The real way to avoid this lies with a combination of client security (not loading tracking webbugs or running tracking scripts), using an IP masking proxy, and using a generic user-agent string. Otherwise, it cannot be trusted, and agencies outside US law can still track you, as can those inside the US who don't heed the string. It only works against "white hats".
At the moment, doing those things requires some knowledge, but they could be encapsulated by browsers into an easy single button along the lines of "do not track", but WITH REAL TEETH.
Why is all this energy put into something that is fundamentally broken, a mere header that asks nicely, rather than gives no choice? It seems to me like the world has gone insane sometimes.
I love how you got a +5 and I got a Troll mod. Definitely made my day :)
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
Does it not occur to some internet companies that I may actually be alright with um, oh I don't know, PAYING THEM for the services they offer, instead of being tracked and advertised to? Or are they too afraid of making money the traditional tried and true way of customers paying for their "apparently" superior offerings.
I mean if the only way a company can make money is by tracking and advertising to people then what business does a company like that have being on the stock market? Apparently they've just admitted in this "protest letter" that they really have no products or services that are worth being "sold".
Since when did it say "We the companies?". Wait, never mind. People have been handing over the power to companies for glass beads and nice promises since many years.
Don't fight for your country, if your country does not fight for you.
You think bing is not doing the same fucking thing?
Are you stupid or do you work for them?
Is that a joke? How is the state government requiring businesses licensed in the state to do something like this unconstitutional?
Lets forget about free services, why do you need to store my info if I pay for your rich content service. I'm more then happy to enter my CC details every time I need to renew your service.
Sony? If my personal info is not stored anywhere how am I at risk to security threats?
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
If, indeed, these consumers "have come to expect rich content and free services through the Internet", then they won't likely opt-out, will they. And, "would make them more vulnerable to security threats"? Really? By keeping their location private? What a load of crap.
Usually, it's legislation that tends toward treating citizens as if they're too stupid to think for themselves. In this case, it's private industry asking the government to do so.
sig: sauer
I have said many bad things about Google, and now I add to that Google is officially a bloated and lazy firm, not capable of meaningful innovation. If it were it would not be pulling the 'lost jobs' argument. Such an argument is only made of irrelevant companies such as US auto makers and book publishers.
Google, and to a lesser extent, facbook has made huge sums of money through consumer ignorance. What this is going to require that they share a bit more of those proceeds with the end user. Yes it will effect profits, and conceivably it will effect proficts enough that they will get out of the business, or leave california. Perhaps they can move to a desperate state like mississippi, and perhaps enough employee will follow. The reality is that California knows it has something that exists in few other places, and can enforce a code of conduct on the companies there. Othwise everyone would move 400 miles east to Nevada.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
Why would someone want to waste time on flash rubbish that they are not looking for , This whole rich content thing is nothing short of a con an easy backdoor into your system for those that have no business being in your system .
I have recently been asked to redesign 3 so called rich content sites for the simple reason they do not serve a purpose so they have gone back to the sanity of html css and java script and once again the sites actually do what they are supposed to do and whats more every single thing is within 3 clicks even archives that go back best part of 50 years..
Whatever Acxiom wants, I'm against.
These people were the slimy, IRL, version of google the last 30 years and most Americans have never even heard about them.
They had me nodding through that statement... The arguments being at least semi-reasonable. Right up until the last bit.
How does an opt-out system make things -less- secure?
Massive amount of obvious (but believable) self-interest, spoiled by trying to put a security spin on it that is total BS.
I like you, Stuart. You're not like everyone else, here, at Slashdot.
Here's the thing with all of these sites. The 'free' content was originally provided with an 'understanding' that it would be supported by advertising revenue. Fine. I'll put up with banner ads and the occasional pop-up. But when these sites began selling my personal information, what they have done is to unilaterally modify the terms of this contract. Not only have they done so, but they are doing it with data that I may have entered before that ever announced (or possibly even envisioned) such a new business model. And they thing that they have a right to do so without telling me, giving me the right to refuse and retrieve all of my old data? Now IANAL, but this sounds like fraud.
Try running a self storage company and, without telling anyone renting the lockers, that you'll be auctioning their crap off to bring in additional revenue. Then see how fast the sheriff shows up.
Have gnu, will travel.
You think bing is not doing the same fucking thing?
Are you stupid or do you work for them?
I think he was just trying to be funny, and you read too much into it.
The higher the technology, the sharper that two-edged sword.
So much for "Don't be evil"?
I used to pay Google to advertise my Nixie watches. Ho-hum results. Then time passed, and the Woz started to wear his Nixie watch when he talked in front of thousands of techno-geeks. I sell way more Nixie watches through Google's steering of folks searching for "woz watch" to my site, than I ever got by giving Google money for ads.
The determined Real Programmer can write Fortran programs in any language.
...i would offer 'em a deal: "You don't oppose the Do-Not-Track Flag, and we don't include adblock-plus *preinstalled* with 42 different subscribtions with Firefox5. Deal...?"
California had an economy; I thought they just had a clusterfuck.
"...Sleep comes like a drug in God's country Sad eyes, crooked crosses in God's country..."
I mean, seriously. There is no mechanism by which Do Not Track can actually be made to work as it is currently being proposed. This is more important than whether you think it's a good idea.
If you want to be able to opt out of being tracked, you need to built it in to browser behavior and/or web protocols themselves. You can't simply ASK sites not to track you and expect anything to happen, nor can you rely on a law to do this for you.
The measure would negatively affect consumers who have come to expect rich content and free services through the Internet,
Personally it freaks me out whenever I go on a random site and it shows me my own facebook profile picture along with a message such as "Be the first of your friends to recommend this article!!"
I'm still caving to peer pressure and keeping a FB profile, but I resent it always more and more. One thing is for sure - that's one company I'm not investing in any time soon.
I am not a vegetarian werewolf.
Don't you just love it when things suddenly get new meanings?
Like "nano" things that are not a billionth the size of the normal things?
When "large" things are not large? Just because it is your biggest size does not mean it's large? (glasses of soft drinks, etc)
When it is unconstitutional to protect the citizens from the corporations?
When Harper (Canadian election) says while the opponent will raise taxes, he will "keep taxes low". (Excuse me, but Canadian taxes are not low, nor have they been any time in my life.)
you forget the cookie name, such as _6079_Smith_W
Entities that do not collect "sensitive information" would be exempt from the law, however. These are defined as services that do not obtain and store information that relates directly to a consumer's medical history, ethnicity, religion, sexual orientation, or financial status.
In fact, Lowenthal's proposed law permits the Attorney General some flexibility. Exemptions can be made on behalf of online companies that are:
(A) Providing, operating, or improving a product or service used, requested, or authorized by an individual, including the ongoing provision of customer service and support.
(B) Analyzing data related to use of the product or service for purposes of improving the products, services, or operations.
[and]
(F) Complying with a federal, state, or local law, regulation, rule, or other applicable legal requirement, including, but not limited to, disclosures pursuant to a court order, subpoena, summons, or other properly executed compulsory process.
Exemption B in particular seems wide enough to drive at least several digital trucks through.
And of course, IANAL, so I've already said about as much as I have authority to.
Anybody want a peanut?
I'd tell the CA legislature that if a user 'opts out' they also opt out of the ability to use my services.
On a more serious note, users already have multiple ways to opt out:
1) Use a different frickin website
2) Don't use the websites
3) disable cookies for that site
etc.
But never let it be said that the CA legislature thought through its actions or that it didn't try to stick its nose in other people's business while they had plenty of their own self-created problems.
Failure formatting five FAQs of financial facts.
Remember that this is California we're talking about - the state where everything is known to cause cancer, thanks to badly thought out feel-good legislation. I wouldn't put it past them to come up with a law that's essentially impossible to comply with whilst still actuallly running a useful website.
Don't forget the "CONGRATULATIONS! YOU ARE THE 10,000,000TH VISITOR TO THIS SITE!" audio clips blaring at speaker-bursting volume. Also, Flash cookies are evil in that browsers can't purge them, and neither can you unless you write-protect their destination (on Linux the command is chmod -R 0500 ~/.macromedia).
do you use it?
How does being able to opt-out of being tracked harm security? The rest I can understand, as the companies want to make money by tracking you, but how would security be harmed?
Dear Larry, Sergey, Eric, Mark, Jerry, and friends:
If the brightest idea all your super-smart people can come up with is to interpose yourselves into every interaction a human being is involved in on the internet, then we don't need your kind of economic engine. Be glad all that's being suggested is that people be able to opt out. Consider these alternatives before you start crying into your gold plated mugs of artisenal beer:
a) In order to maintain a level of equality we implant a camera, call it a "third-eye", into your foreheads and stream it live to the internet along with a GPS tracker allowing anyone who gives a shit to know where you are and what you are doing at all times.
b) We allow you to collect any data you want about people but we strip you of the corporate protections and make you personally liable for any leaks of any data you collected regardless of how many times it's been sold and resold.
So stop with the whining and use those big brains to do something beyond implying that you can improving marketing tactics. You wankers.
I didn't read the letter, but I did read the article. Google & Facebook's claims about *how* the proposed law was not described clearly.
What was clear, sort of, is how both organizations would lose information that has been used in the past to play dirty tricks on consumers. For example, location, date and time information. In the past, Amazon has charged different prices for the same product based on a customers location.
These two orgs should have been the last to write such a letter. Google and Facebook protesting new privacy laws is a bit like Saleh ( Yemen's dictator ) and Gaddaffi protesting freedom of speech on the grounds that it will interfere with the running of their government.
Worm on a hook.
Cat crap in the garden.
Roadkill which attracts a crow which gets smooshed which attracts another animal which...
Day old bread from the bakery.
Roommates' food so long as you only take one bite from many different meals, don't finish any off, and don't open any packages.
Okay, I'll admit some of them have a catch.
Not an apologist but I find it wierd Google implements do-not-track in chrome before it's even standardized but then complains to Senate that passing a law about it would be worse than industry self-regulation. Maybe they are stuffing the ammo box with blanks so it at least looks like they are well armed?
The usual slimeballs are behind this:
If all those organizations went bust, the world would be a better place. Applying some pain to all of them is a good first step.
This business of claiming the victims love the crime reminds me of heads on beers. I saw an ad in a brewing trade magazine that explained how customers want a finger or two of head on their beers and that makes the keg last longer and increases profit. What bullshit. When I pay for a pint of beer I want the whole pint.
Rather than track my every move they can take their "rich content" and stick it.
If you don't want a website tracking you, don't visit it or disable your cookies. This doesn't need a law.
Bull Shit!!! if the phone telemarketers gloom and doom scenario never came to pass nor shall this. Advertisers have been making tons of money long before they got the ability to spy on everyones click and fill. I say Boo Hoo.
Jack of all trades,master of none
If the economy is so dependent on this that we would all suffer tremendously if they had to stop, how did we ever manage to do anything before this capability arrived?
I never understood why people (especially on /.) would click on a shortened url. Even though my machine is pretty resistant to exploits and malware, blindly following links seems a bit like roulette to me. Not to mention the possibilites of the url leading to child porn or 2girls, goatse etc. what has been seen cannot be unseen.
Every link is blind. Does http://example.com/totally_safe_for_work.gif point to a gif exploit, a jpg exploit, an html page, a redirect to a goatse png, or any number of other things? Remember when whitehouse.com used to be the "OMG it looks like a safe link!" site? I thank the early-adopters who click on links before us and warn others of naughty links.
If the economy is so dependent on this that we would all suffer tremendously if they had to stop, how did we ever manage to do anything before this capability arrived?
Fifty years ago people had real jobs making real stuff that people wanted. If this does bring on the Apocalyse for online advertisers, then people might have to actually go back to doing that.
Clueless post is clueless.
I mean, seriously. There is no mechanism by which Do Not Track can actually be made to work as it is currently being proposed. This is more important than whether you think it's a good idea.
If you want to be able to opt out of being tracked, you need to built it in to browser behavior and/or web protocols themselves. You can't simply ASK sites not to track you and expect anything to happen, nor can you rely on a law to do this for you.
You mean, like including the newly proposed DNT:1 HTTP header in every HTTP request in order to signify that this request should not be subject to tracking?
You ARE aware that this is already in Firefox 4, and no-script, and will be in the new version IE9 --- we already asked, we even submitted code, and got the code accepted in browsers, and are already using said browsers with said feature.
Now, we're just asking that Google, Facebook, et al. respect our wishes and stop tracking users that include the DNT:1 header.
However, You're right! It IS currently unenforceable, but if the law passes, then it WILL be enforceable.
Posting anonymously to protect, um, something. But one more slimeball to add to your list is The Bernard Hodes Group, who aggressively use multiple means of tracking people who are applying for jobs--by selling analytics to large employers--to gain value for themselves. What that value is, I do not know for sure, but having worked with them on behalf of shared customers, and having forced them to accept zero PII on any transactions under my control, and seeing their reaction to that I'm 100% sure that a significant portion of the profit model is the reuse and possible resale of that tracking data.
From the article, bold type mine.
Sounds like these companies are catering to the identity theft crowd. Maybe they need to be INVESTIGATED by the CA attorney general.
Nice how the summary and article left Apple off the list for some reason (can never guess why . . . ). Next time editors (and submitters), try finding a more informative article. Took me all of two seconds to find that. Fucking hypocritical fanbois.
Nathan's blog
They can have my access logs when they pry them out of my cold, dead fingers.
Seriously -- I run a small website and I'm just not gonna bother installing special software to purge certain IP addresses from my logs upon request, then forget that I purged those IP addresses (because that would be tracking), then somehow un-forget them on a regular basis so I can purge them again, then forget them again, ....
I agree with Google, Facebook, et al. The bill is quite simply unenforceable, and thus has no force of law, whether passed or not.
The Web is like Usenet, but
the elephants are untrained.
Clueless post is clueless.
>You ARE aware that this is already in Firefox 4...
You ARE aware that this header makes fuck-all difference, right? The entire world is not subject to this law, and even if it was, black hats will still not abide it any more than they have abided the laws against spam mails.
> Now, we're just asking that Google, Facebook, et al. respect our wishes
And what of all the other sites that won't? Heck, what if even those sites won't? That's why the person you're following up to is saying this must be enforced by the browser *not giving out the damn data*. That' the ONLY way it can work. Anything else is pure fantasy.
This was great advise, ill be sure to put it to the test soon. I also have an informational blog about eating right and being on a healthy diet. For more info, please visit http://www.bionic-electronics.com/extensiveweightloss/ for the details
CASHIER'S DESK, California Senate, Saturday (NTN) — The associations listed on this letter are writing to strongly oppose California Senate Bill 761. It would create an unnecessary, unenforceable and unconstitutional regulatory burden, as our products could get uppity.
The measure would negatively affect products who have come to expect fun browser games and free services through the Internet, at the mere price of their DNA and that of their first-born. Additionally, it would make them more vulnerable to security threats. (We thought we'd throw that one in even though we have no idea how that would work.)
California law already provides a number of significant privacy protections for products to protect their sensitive personal information, at least on the books even if they can't use them against us.
Products can easily opt out of the collection of data. The four leading Internet browsers all provide user-friendly filtering options that block the ability of companies to collect data or track products' Internet use, even though that's a complete red herring since we keep all the good stuff on our servers and sell it to each other.
The bill would harm California’s Internet economy and innovation, which absolutely relies on the business model of "1. Brutally sodomise products' personal privacy; 2. Sell ads." We also vaguely threaten to fire everyone we employ, just as if we don't have ridiculously profitable businesses already and can easily afford to employ everyone we have work for.
The bill gratuitously singles out advertising companies for special regulation, just because we deal in egregious violations daily. We think you should look to the video game companies too. Opt-in consent is not a viable compliance route for most tracking models, as we know damn well the products wouldn't give us the serial codes to their souls if we actually asked them.
The bill has recently become even more extreme, imposing a free-standing flat ban on any covered entity sharing or transferring any covered information, for any purpose at all. This provision is clearly bin Laden-inspired communism and must be removed. Our selling each other the data is, of course, free enterprise as the Founders intended. We might as well just shut down Google tomorrow! Really! We'll find ONE MILLION PEOPLE WHO HATE THIS BILL ON FACEBOOK. See if we don't.
http://rocknerd.co.uk
It links to Bing you idiot, blindly-accepting Mods.
Add Goggle to that list please
Dear Larry, Sergey, Eric, Mark, Jerry, and friends:
If the brightest idea all your super-smart people can come up with is to interpose yourselves into every interaction a human being is involved in on the internet, then we don't need your kind of economic engine.
The stock market agrees. Google's stock peaked in late 2007. It's now about 25% below the peak. It's not the recession; GOOG has underperformed the DJIA and the NASDAQ since 2007. Google is frantically trying to diversify into something else that makes money. But it's not working. Revenue is still around 97% ads. Revenue is growing, but expenses on all those money losing "products" are growing faster. YouTube is profitable, but only because it's been turned into an ad farm.
Thus the importance of "tracking" to Google. It's their edge in the ad business. If they lose the privilege of tracking their users and exploiting that information for advertising purposes, their margins on advertising will go down. And that's all that brings in money.
The appropriate response is: "You can either have an opt-out system, or an opt-in system. Which would you prefer?"
Opt-In
I find it interesting no one at /. noted that Apple is not part of this. And yet klaxons are sounded over alarmist claims of Apple tracking people and violating privacy.
"Do not track" is a nice way of saying "It is illegal to have certain kinds of information on a computer."
This makes me very nervous.
If my browser caches pages, does that mean I am illegally tracking?
If my web site saves logs for troubleshooting, am I illegally tracking?
If I use peer-to-peer file sharing software, am I illegally tracking?
What powers of search and seizure will the state need to enforce "Do not track?"
I haven't read this particular bill. Maybe it has some well thought out way of targeting advertisers without placing a huge new regulatory burden on everyone who uses a computer in California, or makes software that might be used on a computer in California. But I doubt it.
http://xkcd.com/756//
California pulled the same stunt in the 80's, claiming that caller-ID would kill their telemarketer biz. 90% of all telemarketers originate in CA. They won.
Fight stupid speeding tickets.
A well designed law would acknowledge different uses for tracking, this would make it possible to keep information about an opt-out while making any other use of that information illegal. The only problem would be in getting that law past legislators without them messing it up.
...would be laws that force sites such as Google and Facebook to have very short, plain-language TOS agreements prominently posted on their sites.
By 'force', I mean under penalty of a very heavy fine, such as $1M for the first offence, $10M for the second, etc. By 'prominently posted', I mean something that's impossible to miss and is visible on EVERY page on the site. And by 'short, plain-language TOS agreements', I mean something like the following:
"By using this site, you consent to us collecting ALL of the information we possbily can about you, your family, your friends, your job, and your life in general, both on our site and wherever you go on the Internet that we manage to follow you. You further consent to us storing this information for as long as we want, sharing it with whomever we want, (including but not limited to other web sites, advertisers, government agencies, the police, journalists, bloggers, and the walls of toilet stalls), and in general using it however we please. And you give up your right to take any legal action against us, either civil or criminal, for any way in which we may harm or compromise you in using said information".
There are a lot of people out there for whom such an approach is the only way they'll 'get it'. And these people aren't necessarily stupid or thoughtless. Many are simply uninformed, and perhaps a bit naive. And while it's true that you 'can't fix stupid', you CAN legislate against con artists, and I would argue that the companies under discussion here are con artists of the highest order.
'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
Clueless post is clueless.
>You ARE aware that this is already in Firefox 4...
You ARE aware that this header makes fuck-all difference, right? The entire world is not subject to this law, and even if it was, black hats will still not abide it any more than they have abided the laws against spam mails.
Your point makes a very little bit of sense.
How many hundreds of millions or even billions of dollars do the black-hat sites make in profit? Google, Facebook, etc, have a lot to loose -- Imagine lawsuits and at the very worst case, no-longer operating in the US or even EU. To be sure, this California law will be the first of many.
Being a "no fucks given" Internet Outlaw doesn't earn you big adverting revenue -- Watch a TV commercial -- Cars, Sports teams, TV shows, even my nightly news program all have tie-ins with web analytic companies like Facebook (and increasingly Twitter).
Do you honestly think they want to be associated with some prosecuted out of the country and anti-privacy news headlined outlaw websites? There is money to be made being reputable, there is far less to be made being a sleaze.
> Now, we're just asking that Google, Facebook, et al. respect our wishes
And what of all the other sites that won't? Heck, what if even those sites won't? That's why the person you're following up to is saying this must be enforced by the browser *not giving out the damn data*. That' the ONLY way it can work. Anything else is pure fantasy.
Your web browser has no control over the fact that your IP address must be known in order to receive information from a server. Some IP addresses are transient, but not enough that it's not a damn good way to track you. You can TRY to stop all the ways that a website can track you, but even the URL can be munged (user identifying tokens added) in order to track you -- The browser must use URLs -- This is how we created login systems before Cookies were invented. Hell, a bit of javascript running on a page that has a bunch of links to other sites can figure out which sites/pages you've visited simply by looking at their color or other such properties.
It's a cat & mouse game that you can't win -- You'll never keep the shady folks from tracking your browsing habits on their sites -- But what you can do is make it expensive for the big profitable "good" guys to ignore your privacy settings. These giants are much more of a threat -- their "like" buttons and "analytics" or "advertising" tracking systems are nearly everywhere online, this is not the sort of breadth that joeOutlawICanSeeYourIP.com typically has.
I have over 100 tricks in my "user persistence systems" repository. I add a few every month or so -- If I can figure out inventive ways that not even no-script or other "anti-tracking" programs block, then so can all the other web devs who are working on this "problem". Many of my tricks can identify your IP even while you are using TOR or other web proxy services! Without the cooperation of the sites we visit, there is no way to keep them from tracking us.
What if Facebook partners with Slashdot? What if Google partners with Your ISP. No amount of browser tech can stop Slashdot or your ISP from selling their logs to Facebook and Google. Legislation can.
Enough said.
any details on privacy-shattering data in ms home calls, please?
True, to a point. There is no guarantee that http://example.com/totally_safe_for_work.gif is in fact safe, but http://shrt.com/bvd7 adds another layer of obfuscation. Does it point to http://example.com/totally_safe_for_work.gif or to http://childporntofsckamericans.ru (excuse me for using the over the top, think of the children example).
What you say makes no sense to me, and I am a sensible, well informed, credible individual. What you say?
The reason they're crying foul now is because of their advertisement (or in the case of the MPAA, DRM) or region-locking efforts. If they are not allowed to track, then they can no longer deliver city/suburb-level advertisements (which is a win actually, I see the same two advertisements on every damn site that uses adsense based on my location.) The region locking efforts (Eg netflix, youtube, hulu, comedy/discovery channel) would allow foreigners to watch the US broadcasts for free.
Don't forget Google.
A lot of their products don't even work without cookies - unlike Microsoft's Bing.
For example - Google maps and mail.
> Legislation can.
People totally pay attention to EULA's too. Experian sells the data you put in to freecreditreport.com before you hit the paywall, to 28+ vendors, as of last year. Legislation was never the answer.
Often wrong but never in doubt.
I am Jack9.
Everyone knows me.
You guys are so dumb. I got this thing all figured out.
Oh, yeah, Malvin? How would you do it?
The first game in the list. Go right through Falken's Maze.
For web browsing, the first game in the list is ... Firefox.
Setup Firefox so that cookies for all top-level-domains (.net, .com, .org, .aero, etc.) are blocked. Then allow cookies selectively from the websites where you really need them (slashdot.org, linuxquestions.org, etc.). Make cookies for sites like "google.com" session cookies. Each time you start your web browser, you will get a new id from google.
All of this can easily be setup in Firefox.
Some people complained that other websites will show their facebook picture / profile info. Well - log out from facebook first before you go to any other websites. I always log out from gmail first, before I do any searches on google.
NoScript does not help with cookies afaik.
http://kb.mozillazine.org/Cookies
http://kb.mozillazine.org/Hostperm.1#Domain_2
We heard the same things about the do not call registry and anti-telemarketing legislation. It didn't crash our economy, business simply had to find a way to reach customers that wasn't so intrusive and annoying. There's that old saying, why do people (spam/telemarket)? Because it works. Which baffles me, but I suppose when you can reduce your cost per call/e-mail to such a low level that you only need one out of every thousand or million communications to result in a sale to be profitable you'll eventually find those few idiots who'll buy your stuff regardless of how annoying or harmful their chosen method of communication was. Those idiots deserve protection too, which is why there's a role for government to shut down spammers and prosecute telemarketers who disobey the DNC registry.
The good news is that individuals can already take action to keep themselves from being tracked. A few firefox plugins (functionality I would love to see become standard and turned on by default) can greatly enhance your online security. Noscript, Adblock Plus, BetterPrivacy, Flashblock, and others effectively render most of the common tracking and advertising methods useless. I'd love to see a day when advertising online becomes entirely ineffective because no one ever sees those ads, their browser blocks them--but for the time being I think it's a necessary evil. Some ads have to be seen by someone in order for those services to remain free, I certainly don't want the alternative where I have to start paying for them to become a reality. There's no way I'd pay for online search or email. What can be done is to frustrate companies like Google and Facebook in their efforts to track and display ads as much as possible up to the point where any further loss of income would result in the service no longer being offered for free. So it's a balancing act for the time being. We need a few people to see ads so the service can remain free for the rest of us.
There are other important things that can be done too, like salting of their data with useless and garbage info. A FF plugin exists that constantly submits random search queries to Google so your real searches are hidden in mounds of fake ones, making your online profile useless for market research, and poisoning the results they do gather. Facebook is more difficult, but people can add fake or erroneous info to their profiles that don't reflect their real habits/preferences for the same effect.
The larger goal is fostering an anti-ad cultural movement that fights advertising at all levels of society. This means skipping commercials on your DVR, filtering ads online, and not purchasing from companies who's advertising practices are offensively ubiquitous.
If you build it, nerds will come. Soylentnews.org
NOOOOOO!!!.. our bottom line... NOOOOOOO!!!!!
Fascism: An authoritarian and nationalistic right-wing system of government and social organization. See also: NAZI's
.... is that people are not informed. If every person that wanted to sign up for services that make their money off advertising and user profiling and collecting your personal details and all that jazz, was actually informed in a real life example of what such company was going to collect and store, and derive and market from their use of that service. I think fewer people would use these services, or would opt for a paid version where they turned off all that tracking. The issue is, that these things are declared up front, in some arcane laywerspeak that is a EULA.... that no one reads cause its impossible to understand. If however the EULA said "By using this site, and posting details about your life on it, you enable our company to find out what you had for breakfast, where you work, what your political views are, your criminal history, your relationship preferences and [half a dozen other things that might worry people]....." then people could understand what that meant, and possibly say "you know, I'm gonna pass on this". Basically, people see FREE STUFF, and don't figure out what they are actually giving up to get that free stuff until wayyyyyyyy later.
I assumed it is a Goatse, but I wanted to see which one, so I clicked. I assume most mods did not bother. On the positive, the grand parent is at +3 now, not +5.
Isn't it obvious that companies, that make money exploiting people and ignoring their privacy, are against this bill ? They will be able to "convince" politicians not to pass the bill. Money does equal power after all.
Way to go! Tell them all to go fuck themselves.
They've been around for a very long time, and made money before we had advanced cookies that track you. It's become really stupid, visit one product website, and everywhere you go you're bombarded with ads on any other site with an ad engine.
It can be fun though. Go on a friends computer and google something embarassing, click on an ad, and close the browser. Then your buddies browser will show those ad's every time he's on.
I have had good luck with simply adding the following lines to my hosts file:
127.0.0.1 googlesyndication.com
127.0.0.1 googleanalytics.com
127.0.0.1 www.googleanalytics.com
127.0.0.1 googleapis.com
127.0.0.1 google-analytics.com
These seem to be the vast majority of tracking cookies/responses. The only problem appears to be if you do a google search and happen to want to follow up on a click to an image. Apparently it uses the cookie to store the results of your search to do a follow-up click.
Part of the current business and future of Google and Facebook is having this valuable information to users. If this is not so, users will have more privacy but far fewer free applications "Should we choose to lose?