Stanford, Mozilla, Opera Launch Web Privacy Initiative

An anonymous reader writes "Stanford Law School has kicked off a 'Cookie Clearinghouse' web privacy initiative that brings together researchers and browsers. The project aims to provide a centralized and trusted repository for whitelist and blacklist data on web tracking, much like StopBadware does for malware. Mozilla and Opera are collaborating on the initiative, and Mozilla plans to integrate it into Firefox's new default third-party cookie blocking. The leader of an advertising trade group has, of course, denounced the participating browsers as 'oligopolies.'"

It's about the right to choose

[Jawnn]

“There are billions and billions of dollars and tens of thousands of jobs at stake in this supply chain,” said Rothenberg, who called the browser makers “oligopolies” with excessive power to make decisions affecting the workings of the Internet. “It should be done with stakeholders’ input.”

Mr. Rothenberg, you keep using that word. I do not think that it means what you think it means. The "stakeholders" in this are the users of the browsers, not the web site operators. Get that part right, at least. It is my browser, not the web site operators. If I don't want it to allow me to be tracked through the use of third-party cookies, I should have that choice, just like it's the web site operator's choice to deny me access if I don't allow such tracking. It's all about choice and when it comes to what my browser should or should not do, that choice is mine.

Re:It's about the right to choose

[MysteriousPreacher]

And of course there's nothing stopping Rothenberg's bunch of self-entitled wastes of skin from producing their own browser! The AdBrowser could be designed with no blocking of cookies, tracking enabled by default and no blocking of Flash or pop-up windows.

I'm sure it'd be popular.

Re:It's about the right to choose

[auric_dude]

EFF illustrate the scope of third party data sharing. How Dozens of Companies Know You're Reading About Those NSA Leaks https://www.eff.org/deeplinks/2013/06/third-party-resources-nsa-leaks. Noscript helps but is a bit like shutting the stable after the horse has bolted, this 3rd party stuff should not be in your browser in the first place.

Re:It's about the right to choose

[SJHillman]

He also seems to have trouble telling the difference between the Web and the Internet. Browsers are half the game of the Web, but just more car in a traffic jam of the Internet.

They do have a lot of power when it comes to defining the user experience of the web, but the cool thing about browsers is that it's relatively easy for a programmer (or group thereof) to split off and make their own how they want it, so browser makers have a fair amount of incentive to give users what they want. It won't necessarily be easy, but with all of the major players pushing to follow the standards better, it's probably a lot easier now than it was for Firefox to break on the scene a decade or so ago.

Re:It's about the right to choose

[__aaltlg1547]

That's called Internet Explorer isn't it?

That advertising group?

[MysteriousPreacher]

The group in question is the Interactive Advertising Bureau, which is paid to rail against pretty much anything that makes it harder for advertisers to track people online.

I don't want these shitbags tracking my browsing history, which is why I block or otherwise restrict most cookies, and block web bugs. I'm fine though with adverts - just not Randall Rothenberg's view of spying being an acceptable price for free content. Bloody hell, even his name makes him sound like some 19th century mad industrialist, busy earning a fortune from grinding childrens' bones in to cosmetics.

Re:That advertising group?

[SJHillman]

I'm okay with most ads, as long as there's no music/video/flashing/excessive animation/pop-ups/pop-unders/scrolling/etc. I don't mind them tracking me within a site (IE: NewEgg displaying ads for stuff someone from my IP has previously looked at). However, when I see ads for something I looked at on NewEgg popping up on every site I visit, that just feels like stalking. I don't want the Walmart Greeter following me into Target, Sears and Big Lots just so he can keep trying to hand me the Flyer of the Week.

TIL: Adblocking in IE is actually BUILT-IN

[mha]

See http://superuser.com/questions/257792/how-can-i-block-ads-in-internet-explorer

Not that I use IE, but I tried that immediately and it works great. No need to install any add-ons, it works right out of the box, you just have to subscribe to one of those lists (like in Adblock+). And the page with those lists is provided by Microsoft!

Tough ...

[gstoddart]

âoeThere are billions and billions of dollars and tens of thousands of jobs at stake in this supply chain,â

You know what Mr Rothenberg, we don't give a shit.

Because also at stake is our privacy, and our right to not have some douchebag advertising company know every detail of our lives.

I don't want doubleclick, quantserve, google analytics, scorecard research, and all of these other assholes to get a phone-home beacon on every page I visit -- which is why between my firewall and various things like NoScript/ScriptSafe, these sites are blocked.

I don't owe you marketing data, and I'm not interested in your product. Don't act like it's your right for me to provide you this data, because it isn't.

The advertising companies who do this are the oligopolies, Mozilla is just putting some more freedom in the hands of their consumers ... or maybe you don't like it when consumers exercise their right to be not interested in what you're selling and your just a corporate mouthpiece who is only interested in corporate freedom?

I don't have any more sympathy for advertisers than I do for telemarketers. They can both go eat shit and die.

Re:Tough ...

[gstoddart]

In theory, they could use this in their Terms of Service and deny you service on those grounds.

In theory, they can shove it up their asses.

Until I see a legally binding court decision which compels me to allow this, I'm going to assume my right to tune them out and not listen still holds true.

If a website wants to sue me for blocking their ads, and 3rd party advertiser thinks I'm breaking some kind of law by blocking this, then I will refer them to Arkell v Pressdram.

Even if we call advertising 'speech', your right to free speech in no way compels me to listen or enable you to speak to me. I consider advertising to be in the same class the Jehova's Witnesses who come to my door -- your desire to tell me something is trumped by the fact that I Don't Give A Fucking Shit. And like I will shoo these people from my front door, I will continue to block the advertisers and other crap in my browser.

Their desire to be heard doesn't mean I'm required to listen or allow them onto my property.

Re:Microsoft and Apple's stance on this

[gstoddart]

Google even went to try to circumvent Safari's user privacy settings to be able to track users. Apple quickly followed with a fix.

I'm not convinced that's true .. because if you set Safari to block 3rd party cookies, and go to a web site, you still get 3rd party cookies.

So, whatever 'fix' Apple did seems pretty useless to me. Which is why Safari for me is used only to host Facebook -- I don't trust either of them, and if the browser never visits any other sites, there's no other information to be gleaned.

Can I have...

a) A general end to end encryption mechanism, as opposed to the current end to server mechanism. If I send a message to Bob using FaceBook, that is between me and bob, not Bob, Facebook, NSA, CIA, or any other law breaking faction of government that might have the technical means to grab it.
So it should be encrypted with Bob's certs, not Facebooks certs.

b) Thunderbird to support public key exchanges like SSH does. So a public key is attached to outgoing mail, a client that supports it, records that key the first time it sees it, and from then on send to my email are encrypted with that key. i.e. removing the public certificate authority, and relying on the first key exchange to encrypt mail end to end.

c) A HTML extension, declaring an encrypted edit field, with a second extension declaring the recipient. The browser only allows javascript and send to see the encrypted edit text, encrypted with the public key of the recipient (which you obtained on the first key exchange, see a). The edit field needs a visual indicator so we know its encrypted. So webmail can support end to end encryption.

d) An add on to force sites like Yahoo, Hotmail and Gmail into encrypted mode. So we can webmail encrypted even if the site refuses to cooperate.

e) Better control of certificates, I'd like to remove all the cert authorities that have a US base as untrusted (untrustable), but I'm reduced to going through them one by one. Also SSH has warned me in the past of attempts to substitute a certificate, does Firefox do the same?

f) File send data encrypted. People upload zip files with their banking passwords, and other details, thinking they're trusting Google or Yahoo or Dropbox or whatever with a backup copy of their data, not realizing they're handing it to a Dr Strangelove. They should have an easy way to upload it encrypted with their own key.

g) ISPs, can I have the old Deutsch Telekom trick of renewing an IP address every 2am. Making tracking more difficult.

h) ISP's if you're putting in Super NATs can we have them using a session id, and not some constant mechanism that reveals the end point after the NAT.