Berkeley Law Releases Its First Web Privacy Census

New submitter DeeEff writes "The first report in the University of California, Berkeley Law School's quarterly Web Privacy Census was released on Tuesday, and it shows that popular Web sites are far more aggressive in their consumer tracking practices than most people suspect, and that consumers are trapped in an escalating privacy crisis with limited control over their personal information. Most interestingly noted in the article is that twice the amount of sites are using HTML5 storage as opposed to last year, while Flash Cookies are dying down, as we should expect. It also appears that third-party tracking seems to dominate most sites, such as from Google, Facebook, and other large players."

Not as simple as "use Tor!"

[betterunixthanunix]

Yes, I know, someone is going to say, "Use Tor!" -- and I would have said the same thing not so long ago. Yet this is more complicated than just deploying privacy enhancing technologies.

We are talking about companies that have teams of hackers and computer scientists who are paid to find ways to break technical measures of protecting privacy. Substantial effort is needed to fight back, and most people are not willing to do the sorts of things that would be needed to protect their privacy. Disabling Flash, Silverlight, Java, and Javascript? Disabling cookies? These things make using the web very difficult these days, and as if that were not enough, there are malicious Tor exits that look for passwords and credit card data -- leaving users dependent on the very websites that are violating their privacy to protect it (by enabling TLS).

So unless someone has figured out a way to compel everyone to stop installing every trendy plugin, to give up on trendy Javascript-heavy websites, and to demand TLS from every website they connect to, we need to put some legal restrictions on data collection in places. Yes, I know, the big bad government interfering with business, but let's put it this way: do you want the big bad government to have access to vast logs of user activity (which is the next step after the corporations collect it -- the government either asks politely, demands it, or covertly acquires it)?

Which leaves us at the heart of the problem: the only organization in our society with the power needed to stop this has an interest in promoting it.

Re:Not as simple as "use Tor!"

These things make using the web very difficult these days

Do they really though? People keep saying that, but I've never seen it. I don't enable ANY of that shit by default. I whitelist a few sites like yahoo or my local bank, and that's it. Everything seems quite fine honestly, and much, much, much less annoying. When I look at the web on other people's computers who don't do that, it just looks entirely unusable. There's shit popping up over things you're trying to read, shit moving all around the screen to distract you, ... it's unusable.

I think it's exactly the reverse of what you say. The web is very difficult to use WITHOUT disabling javascript, flash, and silverlight.

Cookies, yeah, but you can immediately reject 3rd party cookies with no problems, and others, you can turn into session cookies.

Ghostery. Right away.

[gestalt_n_pepper]

Installing ghostery is the first thing I do now when I install a browser. You'll find that you can't interact with a lot of sites, or write comments on them if their tracking software is off, which gives you a good list of sites to stay away from.

Re:I miss the good old days...

When privacy meant not using your real name online?

If you go back even further, everyone was using their real names online. In the 1970's and the first part of the 80's on (then) arpanet, the standard was to use your real name, and be "fingerable" to discover even more data about you such as your phone number and such. (I know, because I remember those times). But there weren't entire organizations hell bent on logging everything you did, so in that sense, it was far more private even if your data could be discovered by anyone. It was not yet an "evil" internet, and in that sense, yes, I miss the good old days. The pre-evil days.

I blame every single person who joined the internet after about 1990. It was fine before the epic influx of clueless people. With the original internet population, none of this tracking shit would have worked. We'd have run those places off the damned net, stopped patronizing them, and blocked their attempts to track us. But the clueless legions that started to appear.... the stupid overwhelmed the smart.