'Do Not Track' Bill Aims To Let Consumers Reject Online Tracking

kheldan writes: A newly introduced piece of federal legislation aims to give consumers more choices about when their browsing behavior is being tracked. Today, Sens. Richard Blumenthal (CT) and Ed Markey (MA) are introducing the Do Not Track Online Act of 2015 (PDF), which would direct the Federal Trade Commission to create new regulations "regarding the collection and use of personal information obtained by tracking the online activity of an individual."

Do not call was pretty fail

how are they going to enforce "do not track" if they can't even enforce do not call?

Re:Do not call was pretty fail

[aaron4801]

Well it worked with the CAN SPAM Act of 2003 didn't it?!?

Re:Do not call was pretty fail

[Sowelu]

Actually, Do Not Call is a pretty stellar success...things are a lot better now than they were before, and very large penalties are handed out on a regular basis. It's almost guaranteed that every solicitor who ignores Do Not Call is a scammer; it stops legit companies (which were the majority of this stuff) dead in their tracks.

Re:Do not call was pretty fail

[XXongo]

I think I get about one call a DAY. How do YOU get the do not call to work???

Re:Do not call was pretty fail

[ClickOnThis]

I think I get about one call a DAY. How do YOU get the do not call to work???

(1) Try to get as much information as possible from the caller: name of company, type of business, reply phone number, etc. True scammers are likely to waffle, so try to feign interest long enough to get what you can.
(2) Then ... tell the caller that you are on the FCC do-not-call list. If the caller says something oblique, like "oh, I need to mark you not-to-call in my records" then tell them it's the FCC's records (not their own) that they should be checking before they call.
(3) Report the violation to the FCC. Supply as much information as you can, including what you could get from the caller, your phone number, and the time of the call.

For the system to work, it's not enough to be put on the list. People need to complain when a caller violates the law.

Re:Do not call was pretty fail

[kheldan]

how are they going to enforce "do not track" if they can't even enforce do not call?

That's the question I was asking when I saw this story and decided to post it. So far as I know, some of the worst of the bad actors out there actually will use the 'Do Not Call' list as their calling list for their robodialers; others just roll the dice and hope there aren't enough complaints to get them busted, or find some way to obfuscate themselves enough to avoid calls getting traced back to them. Also, I'm not sure how a 'Do Not Track' law is going to be enforcable on a website that is hosted and operated outside the United States, not unless this was part of a world-wide agreement. I suppose in a glass-half-full sort of way, it's good that legislators are at least taking the subject seriously enough to be trying to do something about it.

Re:Do not call was pretty fail

[Viewsonic]

Yeah, I agree. I haven't had a spam since it went into effect. The calls instantly stopped.

You have to renew it every few years, maybe people don't realize this?

Re:Do not call was pretty fail

[Viewsonic]

Did you put the correct number into the database? Do you update it every few years as the numbers expire?

You should not be getting any calls.

Remember: Political, donation, and not-for-profit calls are NOT blocked by the list. Those are still fair game.

Re:Do not call was pretty fail

[ClickOnThis]

Do you update it every few years as the numbers expire?

Once a number is in the do-not-call list, the registration never expires unless the number becomes disconnected and assigned to someone else, or you ask for it to be removed.

Re:Do not call was pretty fail

[ClickOnThis]

You have to renew it every few years, maybe people don't realize this?

No, you don't. See my post above.

Re:Do not call was pretty fail

[rsmith-mac]

For the system to work, it's not enough to be put on the list. People need to complain when a caller violates the law.

And, most importantly, the caller needs to be a legitimate business located in the US. I don't know about the GGP, but of the multiple calls I get every day, most are Canadian Pharmacy, Microsoft Support, and other criminals operating in other countries and using VoIP bridges to call the US. It's telephone spam, and the Do Not Call list is powerless to stop it.

Re:Do not call was pretty fail

[ClickOnThis]

Report them anyway, even if they're outside the USA. They may be calling from outside the USA, but some are agents for US businesses.

I don't know whether the law can go after the providers of VoIP access-points in the USA, but with enough complaints to the FCC, maybe the law will be amended so that it does.

Also, these other countries surely have a reciprocal problem. Maybe the ultimate solution to junk calls will be treaties that enable prosecution across borders.

Re:Do not call was pretty fail

[swb]

I hired a couple of ex-Mossad freelancers and suddenly that company quit calling anyone.

Re:Do not call was pretty fail

[amicusNYCL]

Maybe they can just add federal penalties for ignoring the existing do-not-track settings of browsers.

Re:Do not call was pretty fail

[Jack+Griffin]

Don't have a phone?
Seriously, this isn't 2005, there is no need for a land-line in 2015.

Re:Do not call was pretty fail

[Schmorgluck]

Or, if the legislations are in tune, denunciation across borders.

Re:Do not call was pretty fail

[Actually,+I+do+RTFA]

One call a day is it working pretty well. It used to happen a lot more frequently, and the cost is lower. But companies now also try pretty hard to get you to do some business with them, which grants them the rights to call you. Enter a sweepstakes? Call for a free trinket. Two years of calls. Which at least is a sweepstakes entry.

I live in CT aand I hate this man.

[mmiscool]

The failed policy's we have had here in CT are just the evidence you need as to why to run from any bull proposed by this knucklehead.

Re:I live in CT aand I hate this man.

[epyT-R]

Yup. He's a fan of unenforceable, unworkable bullshit.

There will be a "Do Not Track" cookie

[QuietLagoon]

Each Do Not Track cookie will have a serial number that cannot be used for tracking purposes. /sarcasm

commentsubjecthere

[Falos]

So this is, what, theater? I mean, that's kind of my go to for all the "Does not actually deliver jack shit of claimed intent", it's for pacification or PR or image management or whatever. Assuming there isn't a more unpleasant motive.

Re:commentsubjecthere

[rtb61]

Should be pretty fucking obvious, this is the first push for anti-Windows anal probe 10 technology. Blocking browsers data mining without blocking operating system data mining will be impossible. So basically the first legal shot across M$'s extraordinarily hugely offensive privacy invasive bow, more sure to follow.

Cute

[Opportunist]

Ohhh, that's adorable. Politicians think their opinion matters to corporations.

Re:Cute

[epyT-R]

..and politicians still think that people believe they care about their rights.

Re:Cute

[poofmeisterp]

Ohhh, that's adorable. Politicians think their opinion^H^H^H^H^H^H^Hlaws matters^H to corporations.

I tidied that up a hair. Add in "Now they have a new restriction to overcome without breaking a sweat, and actually, encouragement to be a little less detectable," and I think you're awesome-golden. :)

Ask the engineers

[mstefanro]

Why not write these bills in collaboration with software engineers, who have a clue?

We don't want more ridiculous things like the mandatory "by visiting this site you agree with our website using cookies" messages.

Re:Ask the engineers

[mstefanro]

There is no such thing as "track cookies", which is why I said engineers should be part of the debate.
A unique identifier (session) stored in a cookie can be used to keep you logged in, to track you, or both. What they choose to do with
the cookie is decided on the server-side and not visible to you.

Unless you're suggesting disabling all cookies altogether, which would explain your posting as an anonymous coward.

Re:Ask the engineers

[lambsonic]

Tracking cookies are cookies that cross origins. Mozilla refuses to implement the same-origin policy for cookies and other browser state.

Re:Ask the engineers

[AmiMoJo]

Actually I think the cookie warning was worth a try. The hope was that it would encourage companies to either avoid cookies or at least be up front about what they do with them. It half worked.

It was actually an opportunity for companies, but they wasted it. Now AdBlock and some privacy blocking software are almost mandatory, and harsher legislation is likely to appear.

Re:Ask the engineers

[mstefanro]

Third-party cookies can be disabled in firefox from the settings, it's just not done by default.

Your browser contains enough uniquely identifying information that you can be separated from all other visitors without
using cookies anyway. If websites are not allowed by law to track you, they probably won't. If you take away their third-party
cookies, they'll just use something else (see panopticlick or evercookie).

Symbolic vote getter

[Bugler412]

Yet another "law" that is completely unenforceable and unworkable being paraded in front of us for one reason only, the get gullible people who don't understand the tech in play to vote for someone.

Re:Symbolic vote getter

[poofmeisterp]

Yet another "law" that is completely unenforceable and unworkable being paraded in front of us for one reason only, the get gullible people who don't understand the tech in play to vote for someone.

The only rule is you have to make sure there are a set of at least two major business investigations and/or seizures that have taken place after your law goes into effect. That's a lot of work and lost gov't revenue, but hey.. after a few, it can just fall by the proverbial wayside and it was still a success. The world is a better place now, and [I] am an awesome politician for MAKING that happen. Go Team America!

*gag*

Will there be teeth?

[gurps_npc]

Give the law teeth or it does nothing.

One of the problems they have with the health care privacy law is that there is no legal punishment. That is, if you get caught giving or selling away healthcare information, you don't do jail time. Usually they get off with a warning - even if it was your ex-employer who gave a private detective health care information and tried to hire them to look for incriminating evidence.

At best, the people get sued - which is often an expensive proposition.

Put in a real fine - say $1000 per incident PLUS all legal fees - non-waivable regardless of contract.

Doesn't work Internationally?

[foxalopex]

Even if you could pass a law like this and get people in the US or Canada to agree with it, exactly how are you suppose to stop companies that are located in other countries. This isn't really going to work.

Re:Right, because the Do-Not-Call list works so we

Dear Ledouche of the Retardation:

Nobody is talking about NSLs. The article isn't about NSLs. The bill isn't about NSLs. uBlock and Disconnect.me aren't about NSLs.

This is about stopping seedy advertising shitheads from doing what the NSA is already doing.

Re:Right, because the Do-Not-Call list works so we

[Viewsonic]

Do not call lists have worked perfect for myself for the past decade or so?

I just wish they would make it so political calls could be added to that list.

Wake up.

[poofmeisterp]

PHB: ...so I, a small online marketing firm, am not allowed to TELL anyone that I'm harvesting this data anymore? I have to say that I'm following the law and not? Ah, shucks. Well, that's fine. I'll just sell a "unique" data set product with "cutting-edge" sources. No big deal. Hey, Jen, tell the guys to start working on that.

Jen: Already did. They said it'll be done in a few hours.

PHB: Better idea than I originally thought!

*faceplant*

Ain't gonna work...

You think websites will give a damn?
We have a law against unwanted newsletter in Canada. Hasn't stopped ANYTHING other than from Canadian companies... and even there, some still send them because their TOS says you are agreeing to it just by using their service.

I can't wait to see what they attach

[mark_reh]

to this and what the loop holes are.

Re:Government tracking ?

[poofmeisterp]

I'm assuming my do not track preferences would not apply to the Feds though.

A better question is where would they apply? I'm sure there will be some rich-ass political BS merged in at the last moment that grants allowances and exclusions.

While we're at it

[clonehappy]

Can I get a "do not steal my credit card number" bill, and a "pretty please don't assume my identity" bill, while they're at it?

Damn...our politicians are just so forward-thinking. If only they would have have had the foresight to pass a "do not blow up skyscrapers" bill before 9/11. Just think how different the world would be today!!

Re:While we're at it

[frovingslosh]

You seem to want to say that we just can't know what evil doors are tracking us. But I would gladly support a bill that simply says when I visit your website don't connect to Facebook and a dozen other "social media" sites at the same time, particularly is there is no indication that I'm a member of Facebook or any of the other social media sites. Not only does this invade my privacy but it wastes my bandwidth, drives up my data usage and slows my connection. And personally I'll never join any of these sites so they have no right to know my browsing history. While we might not know who is going to blow up skyscrapers or steal our identity (although I believe all of the wacko conspiracy theories about 9/11), we can easily see all of the traffic connections made to other sites when we visit a website. Just outlawing those simple direct connections to other sites would make the web a lot safer and securer as well as faster and more private, and it is not wishful thinking that could not really be done.

Meaningless campaign posturing

[Etherwalk]

That's funny. perhaps they will add a bill to outlaw being a criminal, too.

No, it's actually bullshit. Meaningless campaign posturing. Their aides or supporters then mention it to media or in publications as if it were meaningful.

These are senators introducing a bill that everyone knows will be referred to a subcommittee where it will die. To top it off, they're Senators from the minority party so they *know* they have no chance of even getting the bill seriously on the agenda, much less of anything remotely resembling passage.

Which means they're spending taxpayer dollars on political posturing and time campaigning.

Time they could spend on actually trying to fix some area in government where everyone agrees something is stupid. It turns out there are a lot of these.

Re:Meaningless campaign posturing

[Ranbot]

Meaningless campaign posturing....will be referred to a subcommittee where it will die. To top it off, they're Senators from the minority party so they *know* they have no chance of even getting the bill seriously on the agenda, much less of anything remotely resembling passage.

Which means they're spending taxpayer dollars on political posturing and time campaigning.

I agree it's dead on arrival, but I'm not sure it's campaign posturing, because I doubt the rest of the country really cares enough about this issue to take notice. If a politician's goal is to prop up a campaign, there are much better issues to use. I am more inclined to believe that someone thinks [possibly erroneously] that they can make some progress on this issue. Keep in mind that just because an idea flounders in sub-committee hell doesn't always mean that something useful isn't incorporated into a later law.

But we'll still be able to buy homeopathic

[AndyKron]

But we'll still be able to buy homeopathic bullshit, and pay for it with an InstantCash loan, right?

Re:But we'll still be able to buy homeopathic

[amicusNYCL]

You would prefer it if the government made it a crime to buy something that they didn't approve?

Re:Right, because the Do-Not-Call list works so we

[Jack+Griffin]

Do not call lists have worked perfect for myself for the past decade or so?

I just wish they would make it so political calls could be added to that list.

Having no land-line works perfectly for this. Unless you're really old, I can't understand why anyone still has a land-line

Re:Right, because the Do-Not-Call list works so we

[techno-vampire]

I won't say it works perfectly, but I will say that at least half of the time that I tell a telemarketer that I'm on the National Do Not Call List they've either hung up, or apologized for the call and ended it politely.

Re:Right, because the Do-Not-Call list works so we

[Gryle]

I have one because my ISP provides it as part of my internet package. The option without a landline is cheaper but the Internet speed is painfully slow. The one benefit of the landline is free calls to any landline in the US, which comes in handy when trying to handle business with US companies. (I live in Southern Europe.)

This is a bad idea

[Sloppy]

People are already empowered to prevent websites from remembering what they told those websites: don't talk to that website. We have neglected to use that power, and instead, we've chosen to use shitty web browsers for the last 20 years, where those web browsers' policy seems to be "meh, load whatever anyone suggests." I suppose some people would say since our browsers suck and most of us aren't programmers who can make their own browser, we're not really empowered, but I think we simply rejected the power.

And things are actually changing (for various reasons that we're all familiar with). You really ought to check out Privacy Badger. It's a start. There are a lot of related and similar plugins, and as we have started to care more about the issue, we have started to have these things. When we start to care a lot, then we'll really upgrade our tools and get what we want.

Mostly. We'll mostly get what we want, at least in terms of "third party" tracking. First party tracking has been possible since the dawn of time. You tell Ogg the caveman, "me hungry" too many times, and eventually he'll start to remember you're often hungry, and who knows: he might approach you with offers of trading his mammoth meat for your ropes and pre-napped obsidian or whatever. That's life.

And I find it pretty fucking outrageous that someone wants to point at gun at Ogg and tell him that he's not allowed to remember things that you told him. His mind is his right, outside of your (or anyone else's) purview. Same goes for my computer. If you choose to tell my agent things about you, my agent gets to remember what you said. "Do Not Track" is about thoughtcrime, and is arguably even more despicable than DMCA (where you're not allowed to program your own computer).

To recap:

1. We've got this on the browser side; we don't need a law.

2. The law would be unenforceable so it won't do any good (you can't verify that Ogg has forgotten whatever you told him).

3. The law would set precedent for more thoughtcrime laws, so it's bad. Also, having an unforceable law just encourages people to not do the things that really work; it reminds me of people who want Congress to stop the NSA from reading their plaintext emails, instead of them encrypting so that the NSA (and everyone else) can't read their emails. So it'd be harmful to privacy.

Everything points against supporting the kind of people who advocate this nonsense. It's another one of those things that is all disadvantages and doesn't even have any advantages, where some idiot could subjectively weigh it in a certain direction. I don't care what you multiple the zero on the "up" side by: it's not enough.

What about government itself?

[wwalker]

Can we get "do not track" bill that applies to NSA/CIA/etc. first, please?

Re:Right, because the Do-Not-Call list works so we

[Jack+Griffin]

I get a free one with my ISP too, but have nothing connected to it and never use it. Everything I need I can do with Mobile or VOIP.