8
Federal Trade Commission pushing for Do Not Track system
Browsing online
To view this content, Javascript must be enabled and Adobe Flash Player must be installed.
TEXT OF INTERVIEW
Tess Vigeland: Today the Federal Trade Commission released a report on privacy in the information age. Its chairman was blunt. He said industry self-regulation is not working for American consumers. And many of the companies we entrust with our data are letting us down.
Our own Steve Henn has been following the story and joins us now from Silicon Valley. Hi Steve.
STEVE HENN: Hey.
Vigeland: So give us a little picture of what the FTC is proposing at this point.
HENN: Well what the FTC really wants is to put consumers back in control of their own information. So here's how Jon Leibowitz, the chairman of the FTC, described what is going on online right now:
Jon Leibowitz: Imagine you're walking through a shopping mall, and there's someone standing behind you. And they don't know exactly your name, but they certainly know around where you live or your zip code, and everywhere you're going, they're sending emails to the stores in front of you saying, 'That's Leibowitz, he's looking for a madras jacket and a matching fur coat.' And you know, if it's someone behind you, you'd be kind of like, kind of disturbed by it. And if that person's following your daughter, you want to punch him out.
Vigeland: Wow. Can't disagree.
HENN: Yeah. So the FTC is proposing a kind of national Do Not Track mechanism. It's not really a list, but what they have in mind is a button on your browser that you could push that would tell companies -- all companies -- following you around online, basically to leave you alone. And they also want big data aggregators -- the companies that store and compile all this information about you -- to give customers access to the data about them.
Vigeland: Interesting. You know I have to say, couldn't you just do this by disabling cookies, or is that not enough anymore?
HENN: Well yeah, you can do it by disabling your cookies, or many browsers have these incognito modes that conceal your identity. But I think what the FTC wants is for people to really have the ability to really control their online experience. If you disable your cookies, you go to a site that you have a relationship with, they don't know who you are.
Vigeland: Does the proposal have teeth?
HENN: Honestly, at this point, not really. Or at least not yet. The FTC was completely upfront about saying that they don't have the authority right now to issue the rules they feel need to be written on this. But there is a pretty vigorous debate brewing in Congress now on privacy, and there seems to be bipartisan support building for some kind of privacy legislation. Leibowitz also really encouraged the tech industry to get out in front of this, and to create a Do Not Track mechanism on its own. Basically not wait for Congress.
Vigeland: What are the chances of that, do you think?
HENN: I think the chances of tech firms trying to do something on their own is actually pretty good. And I think the reason for that is that they really, really don't like the idea of a legislative fix for this problem. So already you're seeing big organizations and online advertising getting together and trying to create some kind of Do Not Track-like system that they can live with. For big online advertising businesses, tracking is their business. It's central to what they do, and a law that wasn't crafted just the way they like it could really kill them.
Vigeland: Let me ask you though, Steve, this is targeted at people who don't want to be followed around by technology. But it seems like these days, so many people are inviting that. I mean, people are telling the world where they're eating dinner.
HENN: Yeah, that's true. And the industry has to take a lot of solace in that. I think what the FTC really wants is for the industry to be completely transparent about when they're collecting information and how that information's going to be used. If that's true, I don't think the Federal Trade Commission really has a problem with that.
Vigeland: Marketplace's Steve Henn. Thanks so much.
HENN: Sure thing.
There are 2 issues being muddled into 1.
One is control over information I choose to put online. This would be your typical "don't put compromising pictures of yourself on Facebook." If those leak, that's my own fault.
The second is information I leave behind, but don't choose to put there. Prior comments suggest token bits of browser tech that solve tiny problems, but let's get back to the fundamental issue and follow the money: there isn't a reasonable 'cash economy' online. If I spend as 'cash' instead of 'Greg', you'd have a much harder time with doing anything too nefarious with my privacy, in the end.
Mark, A part of the point the FCC is trying to make is that the average computer user should be able to do this easily and quickly, not in some 12 step plan, etc. The benefit of the do not call list was that the average person did not need to call every entity that is currently contacting them or may want to reach them in the future to get removed from their list.
I applaud the intent of a strong regulatory anti-tracking control, IF it can work. Too bad the "cows have gone" long ago, and the internet data aggregators are ten times more clever than the best regulators.
Those like Henn who think that merely disabling cookies will prevent tracking, are sadly behind the times. The wild west of internet tracking and profiling has now given us also the "Flash cookies" (or LSOs) planted by Adobe's ubiquitous Flash video ad software, plus the newly contrived "evercookie" that employs nine different ways to hide on your PC and will repopulate if left in any one place. For details, look up "Security Now" at grc.com and find free podcasts on such subjects. Then try to sleep.
We already have this capability.
Here we go:
Got get the latest version of Firefox from http://www.getfirefox.com
Having installed the latest version of Firefox go to "Tools" and then "Add-Ons" and then look for the following:
*Google (DoubleClick) Advertising Cookie Opt-Out - http://www.google.com/ads/preferences/plugin/ Opts you out of tracking cookies from DoubleClick, now owned by Google.
* Google Analytics Opt-out Browser Addon - http://tools.google.com/dlpage/gaoptout (also available for IE & Chrome)
* Beef Taco - https://addons.mozilla.org/en-US/firefox/addon/180650/ This installs over 100 opt-out cookies in an instant. Easier and much more thorough than going to the NAI site.
* Better Privacy - https://addons.mozilla.org/en-US/firefox/addon/6623/ To deal with LSO / Flash cookies.
* Flashblock - https://addons.mozilla.org/en-US/firefox/addon/433/ To prevent flash objects and ads from running unsolicited. Gives you a little icon which you can click to see the content.
* CS Lite - https://addons.mozilla.org/en-US/firefox/addon/5207/ Puts a little icon on the bottom of the browser and allows you quickly and easily allow cookies permanently or for the session
* Ref Control https://addons.mozilla.org/en-US/firefox/addon/953/ Simply control what is sent as refferer. I set it to forge. Thus the server at the destination site will see itself as the originator of the visit. This helps prevent profile building.
* Track Me Not - https://addons.mozilla.org/en-US/firefox/addon/3173/ Sends not quite random search requests in the background. This prevents accurate profiles being built from your real search queries.
Also, of course, AdBlock. Although one could argue that most tracking is dealt with pretty well with the measures outlined above
We implemented a Do-Not-Call system because sales calls annoyed us, and legitimate commercial callers obeyed the list. The real reason I object so much to tracking cookies is because I can see the malicious uses, and the criminals won't obey the law. Anti-tracking technology would be a good start, but it's already in widespread use, so legislation is not needed. What we need is some way of detecting and reporting malicious tracking.
Also, while I'm not in favor of this sort of tracking, it's closer to the closed-circuit surveillance that stores use to prevent shoplifting or to audience-measurement technologies in a radio or TV than to somebody walking around behind you, because while you *could* be identified, most of the time they're just trying to show you ads that you're likely to respond to.
This is a very interesting topic. Steve Henn addresses the key here, and that is giving users transparency and choice. I have argued that there is a solid marketing value in terms of the value to the products or services that use this info too. For a more detailed analysis, I invite you to check out my blog at: http://wp.me/4aay
