×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Online Ads, Privacy Remain In FTC Crosshairs

samzenpus posted more than 3 years ago | from the tracking-is-the-governments-job dept.

Privacy 95

AC95 writes "The FTC wants to give users a browser-based tool for opting out of online behavioral tracking, a proposal that has privacy advocates cheering and online advertisers up in arms. A key issue, says FTC attorney Loretta Garrison, is that while most consumers know they're tracked online, they don't fully appreciate how much information is collected. Tim O'Reilly, founder and CEO of O'Reilly Media, worries about knee-jerk legislation criminalizing mistakes that are an inherent part of applying any new technology."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

95 comments

blast (0)

Anonymous Coward | more than 3 years ago | (#33515076)

They should just make it illegal to collect personal information for sale period!

I don't want no stinking toolbar to help me out... F those data miners!

Re:blast (3, Interesting)

DJRumpy (1345787) | more than 3 years ago | (#33515214)

Google is a data miner. Although I know they collect information, I also use their services for free. I understand it's a trade of services for something of value, so I'm not totally opposed to it, although it does give me pause when I use google to search and I have a google account. Although it's easy to claim they don't tie my account info to my searches, It would be a goldmine (literally) if they did so. I find it hard to believe they aren't collecting more than I'm aware of. I applaud this intent by the FTC. After all, Google will still have billions who never install such a plugin, or turn such a feature to exclude them from data mining on in their browser.

I don't want no stinking toolbar to help me out... F those data miners!

Re:blast (2, Interesting)

hedwards (940851) | more than 3 years ago | (#33515262)

Indeed, it really depends on how it's being done. It's one thing to restrict such monitoring to the time that you're on their site, and possibly where you go via links and how you get there, but going any further than that is dubious at best. As far as I'm concerned it's fair game for them to mine their own site, provided of course that there's adequate warning and an option to opt out, presumably leaving the site.

Re:blast (5, Insightful)

Jane Q. Public (1010737) | more than 3 years ago | (#33515278)

Wrong! You are confusing just plain advertising with "behavior tracking".

I have no problem with advertising, Google's or anyone else's. You can still visit websites that advertise. It's the TRACKING that is at issue here.

It's not either/or. Companies can (and have for hundreds of years now) advertise without user tracking. Besides, poll after poll have shown that most people do not want "targeted" advertising anyway!

Re:blast (2, Interesting)

DJRumpy (1345787) | more than 3 years ago | (#33515520)

That is my point. If Google ties my searches to targeted advertising, then it's a form of data mining being sold for-profit to advertisers interested in what I'm interested in. I actually don't mind targeted ads as I simply block all of them anyway, but I do have privacy concerns that at some point they may tie my search to the 'ME' identity of my iGoogle account.

Wrong! You are confusing just plain advertising with "behavior tracking".

Re:blast (1)

beakerMeep (716990) | more than 3 years ago | (#33515810)

I think there is also a distinction made between targeting via aggregate groups, ie "those that have visited gaming sites" versus keeping perpetual specific data on an individual. Google *I think* leans more towards the aggregate, but the more ways you think of to target, the more specific info you will want to see, so that you can determine if the person matches the aggregate target. This is why retention plays a big role in Google's privacy policies.

Still, I'm sure they gobble a ton of data, and I know despite promises of erasing certain things (IP address after 6 months* for instance), the question also becomes do they retain that label they made for you such as "this person is a gamer, we don't have his website history to prove it but we previously have reports of his gaming interests." I'm kinda oversimplifying but the creepy stuff goes way beyond this too. Look at the credit reporting companies like Experian as some of the scary/invasive data miners.

*not sure if it's six months, just used number as a ballpark example

Re:blast (0)

Anonymous Coward | more than 3 years ago | (#33518304)

Besides, poll after poll have shown that most people do not want "targeted" advertising anyway!

Who's poll? I for one would love to stop seeing ads that sell me Viagra and start seeing more tech ads.

Re:blast (1)

digitig (1056110) | more than 3 years ago | (#33519378)

If most people don't want any advertising then most people don't want targeted advertising.

And you do realise that it's because they've identified you as a techie that they're targeting you with all those viagra ads, don't you?

Re:blast (1)

Jane Q. Public (1010737) | more than 3 years ago | (#33515298)

To clarify, this is what I meant was "wrong":

"I understand it's a trade of services for something of value, so I'm not totally opposed to it"

Trading service for advertising is one thing. Trading service for privacy is quite another.

Re:blast (1)

tomhudson (43916) | more than 3 years ago | (#33516980)

Trading service for advertising is one thing. Trading service for privacy is quite another.

I'd go further, Trading service for invasion of privacy is quite another.

There's a concept called "anonymity of the crowd" - that you have a reasonable expectation to be able to just blend into the crowd in public. Nobody has a right to start following you around and tracking what you're doing just because you're in public - we call it "stalking." So why should it be tolerated on the Internet?

The worst part is that advertisers see social media as giving them even more insight into peoples private and semi-private lives.

Re:blast (2, Interesting)

vux984 (928602) | more than 3 years ago | (#33515326)

Google is a data miner. Although I know they collect information, I also use their services for free.

Their search service and their map service are the only services I use. I am presented their sponsored links in exchange for both. They don't require more than that.

Although it's easy to claim they don't tie my account info to my searches,

Where did they ever claim that? I fully expect they can and do tie your account to your web searches to whatever browsing information their ad tracking cookies report back to your usage of google maps to whatever the umpteen million 3rd party sites using google analytics on the backend give them.

And that's before talking about their image face tagging, youtube efforts, or harvesting your social network through your email contacts and their attempts to expand on that via google talk, and voice... and wave... not to mention the google toolbars...

Hell, even if you don't have a gmail account, they can construct a pretty good social network on an awful LOT of people just based on the gmail users who have you in their contact lists...

Re:blast (1)

hairyfeet (841228) | more than 3 years ago | (#33515584)

And the truly sad part? If they were to just allow Opt In while offering a free goodie they'd get 90% of the population to opt in without a fuss. All someone like Amazon or Google or MSFT would have to do is say something like "Hey, if you allow us to collect this data so we can make a better shopping experience for everybody, we'll give you 10% off your next order!"

Hell not only would they get everyone and his dog to opt in and end this mess, but their sales would probably spike for a good three months afterward. It always amazes me when corps will do the stupid thing like in TFA when a little simple bullshit will get them what they want AND let those that want privacy have it.

Re:blast (1)

DJRumpy (1345787) | more than 3 years ago | (#33516094)

It's in the Google privacy policy:

When you search at Google, information is recorded along with the search conducted, such as the time of day, browser type you used, your internet address and an anonymous user ID provided by our cookie.

Personal information, such as your name or email address, is not recorded. Google does not require such information to be provided in order to search the web. It may be collected if you use other Google services, such as Google Groups. However, no personal information collected is ever linked with the anonymous ID assigned to your search requests.

Google never provides search histories to third parties, unless required to by law. In these cases, the search histories provided carry no personal information about you.

My concern is one day they may start linking my Google accounts to my searches such as my iGoogle account.

Re:blast (1)

vux984 (928602) | more than 3 years ago | (#33516224)

This is the privacy policy I see for Google.

http://www.google.ca/intl/en/privacypolicy.html [google.ca]

The quotes you provided are NOT in it. And it says things that weasel around those quotes if you ask me. Please clarify.

My concern is one day they may start linking my Google accounts to my searches such as my iGoogle account.

Its called "Personalized Search" or "Web History" its been around for years. Not too long ago they expanded it to make it an opt-out service, instead of opt-in... you probably already 'use it'. Ooops.

http://searchengineland.com/google-now-personalizes-everyones-search-results-31195 [searchengineland.com]

Enjoy.

Re:blast (1)

sexconker (1179573) | more than 3 years ago | (#33515454)

Although it's easy to claim they don't tie my account info to my searches, It would be a goldmine (literally) if they did so.

Literally.

Re:blast (1)

rHBa (976986) | more than 3 years ago | (#33517420)

Didn't you know that if you tie enough Google accounts to searches in really tight latices you can make a great pan that will sift gold like no other...

Re:blast (1)

kelltic (1896880) | more than 3 years ago | (#33516900)

Oh hell no, Google rapes you every which way from Sunday! And they want more! Just wait for the Verizon Google gaggle to gain momentum. Seriously people, how deep does a d!ck need to be in your arse before you can feel it? Quit bending over so easily for the likes of Google and wake up!

Re:blast (1)

mrchaotica (681592) | more than 3 years ago | (#33526190)

Although it's easy to claim they don't tie my account info to my searches, It would be a goldmine (literally) if they did so.

You keep using that word. I do not think it means what you think it means.

Mistakes? (3, Insightful)

Serenissima (1210562) | more than 3 years ago | (#33515094)

Really Tim O'Reilly? Maybe criminalizing mistakes that affect the identity of citizens MIGHT make you more aware so those mistakes don't happen again.

Re:Mistakes? (2, Informative)

Andorin (1624303) | more than 3 years ago | (#33515676)

Troll mod? Really? The parent is 100% correct. I certainly wouldn't sleep as well at night if I knew that a business that fucked up with any personal data they had on me could get away with it by calling it a "mistake."

Re:Mistakes? (1)

Jawnn (445279) | more than 3 years ago | (#33520700)

What he said...
Look, Tim. I'm all for the industry being able to track behavior and make money off of it, as long as the users are fully and completely informed of the terms of the agreement. The ads pay for much of the content that we get for free, I understand that, but you have to treat the users, your partners in that revenue stream with a hell of a lot more respect and consideration than we have seen to date. The sneakiness with which you have been doing this only confirms what the FTC is suggesting, that many users, if not most of them, would not agree to be so used. Apparently, someone must step in, since you won't be up front about the terms of the deal,

With the right addon... (1)

Danieljury3 (1809634) | more than 3 years ago | (#33515220)

You can stop trackers if you use Firefox. I use Ghostery but you could also use No script and block everything.

Re:With the right addon... (3, Interesting)

similar_name (1164087) | more than 3 years ago | (#33515364)

What about tracking the IP? I use Linux and my roommate uses Windows. I have had to search for drivers and technical information many many times for Linux. One weekend I reinstalled Windows for my roommate. On a fresh install under Windows I began to search for drivers. Google's results kept taking me to sites for Linux drivers.

Re:With the right addon... (0)

Anonymous Coward | more than 3 years ago | (#33517026)

https://www.google.com/history/optout

Re:With the right addon... (2, Insightful)

sexconker (1179573) | more than 3 years ago | (#33515468)

You can stop trackers if you use Firefox. I use Ghostery but you could also use No script and block everything.

Unfortunately, people want sites to function.
Standard practice with No Script is:

10: Notice blocked items
20: Click No Script icon
30: Click "Temporarily allow all this page"
40: If page works, GOTO 60
50: GOTO 10
60: Success

Funny how sexconker shut up here though (0)

Anonymous Coward | more than 3 years ago | (#33547580)

http://yro.slashdot.org/comments.pl?sid=1781304&cid=33521660 [slashdot.org] See subject line first, and that url second, as well as the 2 replies beneath it, inclusive of sexconker's own (where sexconker had to shut up quickly afterwards, lmao, because he shot his stupid mouth off as is his usual and then sexconker had nothing technically pertinent in reply afterwards, and was forced to sit there with his piehole absolutely shut down, for his retarded idiot's profane reply, in utter silence - priceless!)

Re:With the right addon... (1)

ILuvRamen (1026668) | more than 3 years ago | (#33517736)

I'd use noscript but I want the internet to work. Seriously, I like protection and stuff but that thing is overkill. blacklist-based ad blockers are a million times better and a billion times less annoying.
Plus, don't you think that the people wise enough to use this opt out option are also the type that never ever ever read or click on anything in a web ad anywhere ever? And the people too lazy or gnerally unwise or lacking internet knowledge are the types that click on ads all the time. So what do they care if there's a universal opt out?

Re:With the right addon... (1)

RandomFactor (22447) | more than 3 years ago | (#33520134)

I'd use noscript but I want the internet to work. Seriously, I like protection and stuff but that thing is overkill. blacklist-based ad blockers are a million times better and a billion times less annoying.

I use noscript because I want my machine to keep working. The time cost of allowing specific sites as needed is more than offset by the time savings in general internet speed and not dealing with the ramifications of getting nailed by the latest drive by rootkit.

I fully understand that this is less of an issue in Linux and Mac environments, but I still primarily live in a Windows world. Firefox and NoScript is (imo) a no brainer there.

An orgy of data (4, Interesting)

Itninja (937614) | more than 3 years ago | (#33515236)

If you can't fight it, exploit it. I have actually gotten some pretty cool (free) stuff by misrepresenting myself to various sites online (up to the legal limit, of course).Everything from free Amazon gift cards, to free electronics. I even got a free mobile phone (with service paid for 6 months) once because I claimed I had a business with over 100 employees and that I made over $100K yearly (that was back in 1998 when phones were pricier and I only made about 1/3 of that). Free magazine subscriptions, free enterprise web hosting, free lawnmowers, it's all there for the taking for those willing to game the game.

Re:An orgy of data (0)

Anonymous Coward | more than 3 years ago | (#33515440)

I actually get a lot of business offers due to having a domain name, which means I must own a business.
Just yesterday got an offer from stamps.com to print my own stamps with the first $100 free. Don't get me started on the number of free mags (not just trade) that I get as a business. Do these people really think I am CEO of Mike Inc?

Re:An orgy of data (1)

bipbop (1144919) | more than 3 years ago | (#33516048)

Hey, I've got lots of domains, and I never get offers for $100 of free stamps. What's your secret, CEO of Mike Inc.? ;-)

Re:An orgy of data (0)

Anonymous Coward | more than 3 years ago | (#33517176)

Business offers are presented to me as well.
I have daily fine opportunities to buy luxury watches and many medications.

Re:An orgy of data (1)

TubeSteak (669689) | more than 3 years ago | (#33517036)

If you can't fight it, exploit it. I have actually gotten some pretty cool (free) stuff by misrepresenting myself to various sites online (up to the legal limit, of course).

There is no legal limit.
Theft by fraud is still theft even if they're giving things away for free.
Try googling for Theft by deception [google.com] to read various State laws.

Re:An orgy of data (1)

Itninja (937614) | more than 3 years ago | (#33523660)

According to the US Law definition, what I do is not theft and is not fraud. All I do it lie to marketing companies and get (completely unsolicited) giveaways from them; sometimes expensive ones. The ToD laws always specifically indicate something like this: "The term 'deception' does not include falsity...or statements unlikely to deceive ordinary persons in the group addressed". Those are the kind of statements I make. I never portray the info as if it were legit; only an automated and brainless process would see my info as anything but a joke.

For example, once I filled in a marketing form and put my name as "Dr. Octopus", my occupation as "Super Villain", my income as 'over $100K yearly', and my mailing address as "Snake Mountain (followed by my actual street address)". I used one of my 'spam-only' Hotmail accounts as the email address. In a few weeks I started getting a bunch of stuff addressed to 'Dr. Octopus' in the mail. I got free movie tickets from some company selling malpractice insurance. I got a $50 AMEX gift card encouraging me to sign up for a AMEX card. And, I started getting email with real coupons codes for discounts at several different retail sites.

All this and, apparently, not a single human ever even read what I had put down on the form (except for some data-entry person, who probably didn't care).

Opt-out is a cop-out! (2, Insightful)

Jane Q. Public (1010737) | more than 3 years ago | (#33515248)

Opt-out is better than nothing, but it's a pansy-assed attempt to keep industry "involved". Opt-in is really the only logical solution to privacy issues.

Re:Opt-out is a cop-out! (1)

sexconker (1179573) | more than 3 years ago | (#33515498)

Opt-out is better than nothing, but it's a pansy-assed attempt to keep industry "involved". Opt-in is really the only logical solution to privacy issues.

I'm a big proponent of "opt-away" myself.

I don't like giving information out, so I minimize it. If some site wants to track me in some non-trivial way, I stop using the site.

Re:Opt-out is a cop-out! (2, Insightful)

compro01 (777531) | more than 3 years ago | (#33515638)

If some site wants to track me in some non-trivial way, I stop using the site.

And when it becomes "industry standard", what then?

Re:Opt-out is a cop-out! (1)

TubeSteak (669689) | more than 3 years ago | (#33517062)

And when it becomes "industry standard", what then?

Which is pretty much what DoubleClick and Google Analytics have become.
They are everywhere

Re:Opt-out is a cop-out! (1)

maxwell demon (590494) | more than 3 years ago | (#33518830)

Then stop "using" them. Just block any access to those sites. Their domains are easy enough to detect.

Re:Opt-out is a cop-out! (1)

rts008 (812749) | more than 3 years ago | (#33518228)

If some site wants to track me in some non-trivial way, I stop using the site.

And when it becomes "industry standard", what then?

Then I/we[1] will continue to use Firefox* with the 'better privacy, noscript, and adblock+ extensions(for some,also throw in flashblock); they are your friend!
*(or something similar: Opera, Chrome or Chromium, Iceweasel, Konqueror, etc., that have equivalent capabilities)

When that doesn't work, or 'breaks' most of the internet, then we'll go back to pre-internet PC[2] usage...but I doubt it would come to that.
There are too many examples in the whole of human history to leave out the possibility, nay, the certainty of several or many hackers and crackers finding and sharing the 'hacks' and work-arounds to still connect for the interested.

According [to /. deductive reasoning] to your user name and UID, you should know this already; if not by profession/training/experience, then by 'osmosis' from the /. collective pool...Wake Up!

[1] For those that are concerned/interested
[2]a. I'm old school: PC means Personal Computer.
      b. 'Politically Correct' is worse than 'Military Intelligence' as an oxymoron. There is nothing 'correct about politics now days!
      c. PC vs. Mac? both are PC's in my book,[see a.] and GNU/Linux should be included. Well, if it's running on a PC(x86) compatible architecture, that is.

Re:Opt-out is a cop-out! (0)

Anonymous Coward | more than 3 years ago | (#33520264)

There is nothing 'correct about politics now days!

Wow, did you think that up all by yourself?

HOSTS files advantages over ADBLOCK (0)

Anonymous Coward | more than 3 years ago | (#33521660)

10 ADVANTAGES OF HOSTS FILES OVER BROWSER ADDONS ALONE, & EVEN DNS SERVERS:

1.) HOSTS files eat A LOT LESS CPU cycles than browser addons do no less (since browser addons have to parse each HTML page & tag content in them)!

2.) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons, are. HOSTS files cover & protect (for security) and speed up (all apps that are webbound) any app you have that goes to the internet (specifically the web).

3.) HOSTS files allow you to bypass DNS Server requests logs (via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server, but also for avoiding those logs OR a DNS server that has been compromised (see Dan Kaminsky online, on that note)).

4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

5.) HOSTS files also allow you to not worry about a DNS server being compromised, or downed (if either occurs, you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case).

6.) HOSTS files are EASILY user controlled, updated and obtained (for reliable ones see mvps.org ) & edited too, via texteditors like Windows notepad.exe or Linux nano or kate (etc.)

7.) HOSTS files aren't as vulnerable to "bugs" either like programs/libs/extensions of that nature are, OR even DNS servers, as they are NOT code, & because of what's next too

8.) HOSTS files are also EASILY secured well, via write-protection "read-only" attributes set on them, or more radically, via ACL's even.

9.) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE - NOT just a single webbrowser type (e.g. FireFox/Mozilla & its addons exemplify this, such as ADBLOCK) and you already own one, and they run on any OS that uses the BSD reference design IP stack (all of them today pretty much if NOT all of them).

10.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - You might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own, & this? This stops that cold, too! Bonus...

Still, it's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock, &/or NoScript!

(Especially the latter one in NoScript: I mention it, because it covers what HOSTS files can't in javascript (which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security").

****

Of course, you also have to note that ADBLOCK IS DETECTABLE ITSELF, AND BLOCKABLE, also! Proof? Ok:

----

ArsTechnica blocking Adblock?

https://adblockplus.org/forum/viewtopic.php?f=2&t=5266 [adblockplus.org]

----

However, they could NOT do that to HOSTS files users though! So, due to that? See the above 10 points in favor of HOSTS files (especially over adblock alone)...

APK

P.S.=> Best part of all is, HOSTS files are 100% FREE, and they work (you already own one) and reliable reputables copies can be obtained from these sources: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] (MVPS version) as a single example thereof... apk

Re:HOSTS files advantages over ADBLOCK (0, Troll)

sexconker (1179573) | more than 3 years ago | (#33522616)

I haven't seen this copy-pasta spam in ages.
It only gets more retarded with time.

Try to disprove those 10++ points then (0)

Anonymous Coward | more than 3 years ago | (#33532560)

"I haven't seen this copy-pasta spam in ages." - by sexconker (1179573) on Thursday September 09, @11:35AM (#33522616)

You're more than welcome to attempt to disprove any of its 10 (actually 11) points, on a technical level, anytime you wish. Good luck, you'll need it on that account of course, because I've seen a lot of trolling fools like yourself state things like you have, but never disprove, the 10++ points in favor of HOSTS files (versus adblock, dns servers, or other methods (for blocking ads, speeding up a system online, and securing it as well in the same single file only)).

----

"It only gets more retarded with time." - by sexconker (1179573) on Thursday September 09, @11:35AM (#33522616)

Funniest part is that BEST a trolling dolt like you or "your kind" has? Is assinine remarks like that which you just stated (however, they're always lacking any technical substance that disproves that 10++ points in favor of HOSTS files I put up vs. other inferior methods for speeding up and securing a personal computer).

APK

P.S.=> Of course, I doubt this trolling waste of life "sexconker" will even bother reply, but it's just satisfying watching trolling scumbags who are "registered lusers" post things like he did, and not have anything technically pertinent to say at the same time that disproves what I wrote. That's when I know I did a decent job of my post vs. the trolling trash that hangs around here unfortunately... apk

Modded down 3 times yesterday sexconker? (0)

Anonymous Coward | more than 3 years ago | (#33559618)

Sexconker, You only get yourself modded down here all week constantly with replies like that one you just gave here in this thread sexconker (no technical merit to your reply at all is why, just off topic ad hominem attack flamebait material) and the 3 others you gave that same day which got you modded down as troll here http://slashdot.org/comments.pl?sid=1783530&cid=33537720 [slashdot.org] , redundant here
http://slashdot.org/comments.pl?sid=1783530&cid=33537680 [slashdot.org] , and flamebait here also http://slashdot.org/comments.pl?sid=1782468&cid=33528218 [slashdot.org] . Grow up sexconker. Of course, to a multiple registered account using troll like you it doesn't matter. You'll just jump to another of your multiple registered user account here on this forums as you do on others too and do more of the same. Once again: Grow up sexconker. Might as well make this point too: On your "copy pasta" crap? The ac apk posts it, it is his own material, so it's only he copying and pasting his own material which apparently is beyond your ability to dispute and disprove. There is a problem with that? I don't see any problems in posting one's own words, other than you being a jack ass in your comment sexconker and your inability to prove any of his points incorrect technically.

Modded down 2 times more, again? (0)

Anonymous Coward | more than 3 years ago | (#33597712)

sexconker, we see you weren't satisfied being modded down 3 times in a row the day after the stupid post you made in this exchange here http://yro.slashdot.org/comments.pl?sid=1781304&cid=33559618 [slashdot.org] , but you also got yourself modded down another 2 times the next day after that as well for being a troll http://slashdot.org/comments.pl?sid=1786126&cid=33579050 [slashdot.org] and for flamebait http://slashdot.org/comments.pl?sid=1786842&cid=33578900 [slashdot.org] (your usual two mod down reasons you usually get no less from those that downrate your posts, and rightfully so).

Sexconker, "Mellowed Down" to troll? (0)

Anonymous Coward | more than 3 years ago | (#33644988)

Sexconker "mellowed down" (lol, modded down actually), to troll, here too, along with those other urls he's been shown to have been modded down at this week? Man... Utterly priceless.

Very Muddy Waters (4, Insightful)

Swanktastic (109747) | more than 3 years ago | (#33515270)

It's hard to be objective about whether to want to protect my privacy or not given I have zero idea of what Google's profile of me looks like. I imagine everyone has some threshold level where they say "Enough is enough, I'm not willing to sacrifice THAT info for free services." I would guess we all probably fall into two camps- either dramatically underestimating or dramatically overestimating the level of information stored in the profile. Without better specifics in the hands of the populace about the level of personal details, it doesn't seem to me that a fair level of regulation can possibly be drafted by public officials.

Re:Very Muddy Waters (2, Interesting)

Kirijini (214824) | more than 3 years ago | (#33515478)

I would guess we all probably fall into two camps- either dramatically underestimating or dramatically overestimating the level of information stored in the profile. Without better specifics in the hands of the populace about the level of personal details, it doesn't seem to me that a fair level of regulation can possibly be drafted by public officials.

Yes.

An easy regulation that doesn't require google or other online businesses to change their business model (much) would be to simply require them to release all collected data on a user to that user on request (while also making sure that the information is provided securely and confidentially). Attach some kind of civil (rather than criminal, which would probably go to far) penalty, and allow users to sue, either as a class action, or individually. This scheme wouldn't prevent Google from collecting data, but would allow users to understand what data they're giving over, and what kind of uses it can be put to. Google already has the privacy dashboard, but I'm thinking much more granular stuff, including, as others have pointed out, what data about you is collected from your email contacts, etc.

Then, users have the real potential to understand whether or not they want to use the service. It also encourages businesses not to abuse their gathered data. Thus, the market could possibly self-regulate to meet the that magical equilibrium where all parties are as close as possible to maximizing utility. Either no further regulation would be necessary, or the regulation would at least be better informed and more likely to be efficient

Re:Very Muddy Waters (1)

kumanopuusan (698669) | more than 3 years ago | (#33517846)

require them to release all collected data on a user to that user on request (while also making sure that the information is provided securely and confidentially)

I believe I understand the theoretical basis of your proposal, which seems to be that consumers require perfect information to make correct decisions. That seems reasonable.

However, businesses like Google typically have policies forbidding the release of any information to anyone outside the company, with some exceptions. What's more, most user information is probably already somewhat anonymized (For example, there's no need to store specific user information when calculating term frequencies or click-through rates.) and stored in separate databases in different physical locations. Being able to provide user data on request requires the creation of a single, monolithic user database and software designed to retrieve all data related to a specific user and transmit it to a third party. Isn't that a huge leap in the wrong direction?

Providing only meta-data (in this case the scope of the data that is being collected) would be much safer. In database terms, this would mean publishing the definitions of tables that contain user information, but not making the actual user-specific data available. Users would typically know their own personal information anyway. The issue is that they don't know which information is being collected and stored.

Re:Very Muddy Waters (1)

silentcoder (1241496) | more than 3 years ago | (#33518164)

That's a start - but it could be better.

Require any company that does tracking to provide an application to any user which lists ALL information in the profile with a simple button that can delete any entry from it - and a delete all button as well.

This requires all of an hour's coding and one SQL statement in the background. It lets users choose what is tracked and trackable and clear any information they don't want tracked.

Then: some kind of system to prevent at least some deleted entries from being retracked later - perhaps you can't do that with keywords without ending up with storing it somewhere else for the user (which defeats the purpose) but you could at least classify information outside of that - e.g. known full names and such and if a user deletes such an entry mark it for "never collect this again".

Finally - make it compulsory that this delete action must also delete entries when backups are updated etc. Essentially the delete must be: permanent, non-reversible and complete.
Failure to delete as such would be fraud (a criminal offense already) - so conveniently we have no need for a new criminal law, simply a reasonable regulation that if a company collects information on you they should give you the opportunity to review this information and remove from it anything they don't want you to have.
The sheer scale of the internet and the user-base means that this is enough. You don't have to worry about an employee remembering the detail.

Re:Very Muddy Waters (1, Informative)

Anonymous Coward | more than 3 years ago | (#33515782)

I would guess we all probably fall into two camps- either dramatically underestimating or dramatically overestimating the level of information stored in the profile.

There's a lot of data stored, but I imagine it would be completely uninteresting to look at. You can see a summary of it here: https://www.google.com/dashboard/ [google.com]

Google looks at all sorts of information about you personally, but when it comes down to it, it all just ends up as a bunch of meaningless (except to computers) numbers used to classify your preferences so they can show you better search results, or ads which you'll like better than non-targeted ads (and if you like them better, you're more likely to click on them). There isn't some grand evil privacy-invading plot with a Googler specifically looking at your profile and laughing about what you clicked on. The data they have about you is used specifically so you like their product more.

Further than that, they use data in aggregate rather than on a personal level for all sorts of other things, but normally, people are fine with aggregated data.

Re:Very Muddy Waters (1, Informative)

Anonymous Coward | more than 3 years ago | (#33515922)

It's hard to be objective about whether to want to protect my privacy or not given I have zero idea of what Google's profile of me looks like.

You might want to look at Google Ads Preferences: http://www.google.com/ads/preferences/

It gives you insight into your profile, lets you opt out, and also provides a browser-based tool to allow that opt-out to persist after you clear your cookies.

Re:Very Muddy Waters (0)

Anonymous Coward | more than 3 years ago | (#33516150)

Swanktastic Profile
Male
Between the ages of 15 - 45
Favorite websites: Slashdot.org, Google.com, Swankmag.com
Politics: Libertarian
Pron Fetishes: Furry, Balloons, Food, Feet, Carpet, Spanking, and Nylon.
Shops at amazon.com, overstock.com, bn.com, and j-list.com
Constantly accesses bash.org and searches for "bloodninja".

Assessment: Typical geek.

How's this different from a do-not-call list? (5, Insightful)

lavagolemking (1352431) | more than 3 years ago | (#33515300)

Advertisers didn't like the idea of a do-not-call list to restrict telemarketers from calling/harassing consumers who didn't want to be bothered either, but people are still pretty happy with it. Now advertising companies are collecting (and even selling) a lot of personal data about consumers who don't even know such data exists, and advertisers are upset that the government might give them a way to opt out of their system. How is this any different? Also, I know this isn't how things are done in Washington, but in a democracy shouldn't the government be answering to its concerned citizens instead of just focusing on what makes things easy/profitable/convenient/one-sided for large corporations?

Re:How's this different from a do-not-call list? (0, Troll)

sexconker (1179573) | more than 3 years ago | (#33515528)

I know this isn't how things are done in Washington, but in a democracy shouldn't the government be answering to its concerned citizens instead of just focusing on what makes things easy/profitable/convenient/one-sided for large corporations?

You mentioned "Washington" and "democracy" (affirmatively) in the same sentence.
Why?

The United States is a republic, and it's system of government is a representative democracy. The citizen's do not matter until they care enough to take up arms against their government. See 1776 and 1861.

Re:How's this different from a do-not-call list? (1)

Sulphur (1548251) | more than 3 years ago | (#33516030)

If by taking up arms you mean voting them out.

Re:How's this different from a do-not-call list? (0, Redundant)

sexconker (1179573) | more than 3 years ago | (#33522500)

If by taking up arms you mean voting them out.

Obviously not, because that has never worked.

Re:How's this different from a do-not-call list? (1)

theaceoffire (1053556) | more than 3 years ago | (#33521034)

My older employer loved it.

They were telemarketers... technically "Non-Profit", although 95% of the donated money went to overhead.

^_^ And yes, we are allowed to call the Do Not Call List.

//Would not be surprised if that is where we get our call list

Don't accept cookies? (4, Interesting)

ynohoo (234463) | more than 3 years ago | (#33515372)

I only accept cookies from sites I trust. Yes this sometimes causes problems on untrusted sites - which gives me further reason to not trust them! If a web designer does not anticipate "no cookie" users, their intention is to give your privacy a good shafting.

Criminalizing mistakes (1)

blair1q (305137) | more than 3 years ago | (#33515442)

I'm not sure what that means in this context.

If I tell you not to put any cookies on my machine, then DON'T.

And don't sneak around to other websites to find my IP address, either.

Just forget I ever visit more than one site.

No mistake about that.

Stop Following Me Around, Club Med (4, Interesting)

speedlaw (878924) | more than 3 years ago | (#33515456)

I got a taste of this when I went looking online for vacations. I saw "club med" ads on every page I went to for a good two weeks. It got really creepy after a while. I went away but NOT to Club Med.

What about OFFLINE advertising? (1)

dave562 (969951) | more than 3 years ago | (#33515506)

I'm all for the FTC cracking down on online advertising and tracking. Who are we kidding though? Have you seen some of the stuff that happens offline? Has anyone taken a look at what Nielsen is up to? They have insane levels of demographic data available on EVERYONE. Every single one of us has already been pigeon holed and stereotyped based on our buying habits, where we live, what kind of car we drive, etc.

Take a look at this.

http://en-us.nielsen.com/content/nielsen/en_us/product_families/nielsen_claritas/prizm.html [nielsen.com]

Emphasis mine.

"PRIZM defines every U.S. household in terms of 66 demographically and behaviorally distinct types, or "segments," to help marketers discern consumer behavior: their likes, dislikes, lifestyles, purchase behaviors and media preferences. Used by thousands of marketers within Fortune 500 companies, PRIZM provides the "lingua franca" for marketing in an increasingly diverse and complex American marketplace. Because PRIZM is linked to the surveys and panels of most major marketing databases in the U.S., the segmentation system enables you to target on virtually any purchase and media behavior."

How would a Do-Not-Track system work? (4, Interesting)

scdeimos (632778) | more than 3 years ago | (#33515646)

I'm all for the FTC/government cracking down on behavioural tracking, but how would such a system work and how could it even be policed?

In the case of the Do-Not-Call system:

  • Individuals must register their telephone number with the government (in Australia, at least, you have to repeat this registration every 12 months)
  • The government then exports the list to the advertisers/marketers on a regular basis.
  • Advertisers/marketers are expected to integrate the list with their systems and honour its content.
  • If advertisers/marketers call a number on the Do-Not-Call list it's still up to the individual to complain to the government about it, and the government is expected to pounce on the advertiser/marketer if the number was registered more than 30 days ago.

How would such a system translate to the web? (And I say the web as opposed to the internet as a whole, since the web seems to be where the battlefront is at the moment.)

Possiblities:

  • Individuals have to register their IP addresses: fails because of dynamic IP address assignment at most ISP's.
  • Individuals have to create a special Cookie: fails because Cookies are only sent to their origin domain - you can't set one for *.com, *.edu, etc.
  • Special "X-Do-Not-Track: Yes" HTTP header: this could work but may be stripped by certain proxy servers enroute, rendering it useless. All browsers would have to be updated to include a UI preference that turns this on and off as well.

What about enforcement? How can you tell if someone is tracking you? How can you provably report it to the government so that they can do something about it?

Unfortunately it sounds like a bit of a pipe dream to me.

Re:How would a Do-Not-Track system work? (1, Interesting)

Anonymous Coward | more than 3 years ago | (#33517304)

It's so simple: no cross-site anything, period, all content displayed must be local to that site only.

That means no cross-site CSS, no clear gifs/beacons from any other site, scripts cannot pull any content from other sites, if a domain owner has ownership over more than one domain then their site on one domain cannot pull content from another of their domains. Whatever else, if it comes from another site it must be clearly linked to that site, but that content cannot be pulled, included, or otherwise force-downloaded to the user without their specific action to access that other site content.

But, but... what if an ad provider wants to serve an ad? Instead of site A pulling from ad-server B, the ad provider provides the full copy of the ad to be hosted on site A only. If and only if the ad is clicked on from within site A, and then only after a clear warning that clicking on the ad will go to another site B has been confirmed, only then can the advertiser do all their click-through and tracking stuff since the intent was clear to navigate away from site A to site B.

Same goes for the widgets, instead of pulling from the widget provider's site, the widget provider will have to provide a way for those widgets to be hosted local to the site that is using those widgets.

I am surprised something like this is not already a law, and yet it is not, how stupid is that?

Re:How would a Do-Not-Track system work? (1)

uigrad_2000 (398500) | more than 3 years ago | (#33526602)

Unfortunately it sounds like a bit of a pipe dream to me.

Unfortunately, it's far worse than that. We've all heard the phrase "When they outlaw xxxx, only outlaws will have xxxx". And of course, that exact logic applies here. Even once yahoo and google spend millions to comply with whatever craptastic regulation Washington makes, all the non-legit sites will continue to do whatever they feel like doing, and the average individual browsing the web will be just vulnerable as before.

For people concerned with being tracked, relying on the government for safety while browsing seedy sites is like counting on your life insurance policy to protect you while swimming with sharks. The only way to really protect yourself is to learn how tracking systems work, and implement your own safety. In this case, it's pretty easy, just turn off cookies...lol.

Re:How would a Do-Not-Track system work? (1)

drcheap (1897540) | more than 3 years ago | (#33528086)

The only way to really protect yourself is to learn how tracking systems work, and implement your own safety. In this case, it's pretty easy, just turn off cookies...lol.

Yes, just turn them off, breaking legit functionality of many sites you frequent.

It's okay though, because your healthy, no-cookie diet still won't make you thin because there is the cake that is being secretly injected right into your stomach [arstechnica.com] .

Mandate use of Firefox and... (0)

Anonymous Coward | more than 3 years ago | (#33515664)

...the following extensions: BetterPrivacy, Ghostery, NoScript, Ad Block Plus, TrackMeNot, RequestPolicy into Private Browsing mode. Flash cookies are the evilest as they persist, learn to destroy these in any OS or browser you use.

Am I alone when I say I don't mind it? (1)

mykos (1627575) | more than 3 years ago | (#33515730)

This is the least of my privacy concerns on the internet. Seeing ads for things I'm interested in is better than seeing ads for things I'm not interested in, right?

I'd certainly change my mind in some unspeakable horror was revealed, but my default stance is not to hang too much importance on it.

Re:Am I alone when I say I don't mind it? (0)

Anonymous Coward | more than 3 years ago | (#33515882)

Yes.

Re:Am I alone when I say I don't mind it? (1)

Sarten-X (1102295) | more than 3 years ago | (#33516112)

Not alone at all. So what if the advertisers track me? If I'm doing something I don't want to be connected to me, I can use Tor and a different browser, and consider myself sufficiently clear. Any ties to my normal habits will be sufficiently remote to not greatly affect my normal experience.

I, for one, welcome tracking and targeted advertising. As a true example, I recently realized that an uncomfortable number of my family games ended in arguments because of certain players screwing over other certain players. Not being much into non-video games, I started looking for things like "player-vs-world games" and "games like dungeons and dragons" (since that's the only not-usually-player-vs-player game I knew). After a few rounds of fruitless searches, a targeted ad showed me the magic term "cooperative game", and helped me in my quest.

Targeted ads aren't any different from having a friend who tells you about every new thing they try that they think you'll like. Yeah, they're a little creepy at times, but once in a while they're useful. I think that's worth having someone know that I'm looking for a new game.

Re:Am I alone when I say I don't mind it? (2, Interesting)

jpapon (1877296) | more than 3 years ago | (#33516138)

I agree completely. Besides, it's just a good practice to assume that anything you do involving the interwebz is tracked and stored. If I'm up to shenanigans, or I need my activities to be secure, I make sure they're anonymous/secure to the best of my abilities. The Internet is a public arena, I find the claim that you should be anonymous all the time dubious at best. Besides, from my experience, anonymity tends to bring out the worst in people.

Equality (1)

b4upoo (166390) | more than 3 years ago | (#33516152)

As long as individuals have the same right to spy as companies I have no issue at all with data collection. It is only when government of groups with privilege have powers that the public does not that there is a problem.

Firefox Addons Already Provide Customized Blocking (3, Informative)

CodeBuster (516420) | more than 3 years ago | (#33516284)

I use and recommend Adblock Plus [mozilla.org] , Better Privacy [mozilla.org] , CustomizeGoogle [mozilla.org] , Flashblock [mozilla.org] , NoScript [mozilla.org] and RequestPolicy [mozilla.org] . This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

Re:Firefox Addons Already Provide Customized Block (1)

arkenian (1560563) | more than 3 years ago | (#33516818)

but if you are logging in with a named account then you probably already knew that.

Which is an interesting point. As the web has more and more 'big players' how often are people 'logged in' without really paying attention to the fact because they're logged in for a different function and forget that the two functions are connected?

I'm embarassed to admit that I'd forgotten how often I'm logged into gmail in another tab while using google search...

Re:Firefox Addons Already Provide Customized Block (1)

CodeBuster (516420) | more than 3 years ago | (#33516866)

I'm embarassed to admit that I'd forgotten how often I'm logged into gmail in another tab while using google search...

The precise source of said embarrassment is left up to the imagination of the reader...

more (0)

Anonymous Coward | more than 3 years ago | (#33518352)

Here are some more data that leaks when surfing.
http://web.comhem.se/u79/Privacy.php
But also a several solutions.

Re:Firefox Addons Already Provide Customized Block (1)

whitesea (1811570) | more than 3 years ago | (#33518872)

I use and recommend Adblock Plus [mozilla.org] , Better Privacy [mozilla.org] , CustomizeGoogle [mozilla.org] , Flashblock [mozilla.org] , NoScript [mozilla.org] and RequestPolicy [mozilla.org] . This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I also use TACO. Why do we need government action, when all the tools are already here?

HOSTS and 10 advantages they have over adblock (0)

Anonymous Coward | more than 3 years ago | (#33521016)

10 ADVANTAGES OF HOSTS FILES OVER BROWSER ADDONS ALONE, & EVEN DNS SERVERS:

1.) HOSTS files eat A LOT LESS CPU cycles than browser addons do no less (since browser addons have to parse each HTML page & tag content in them)!

2.) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons, are. HOSTS files cover & protect (for security) and speed up (all apps that are webbound) any app you have that goes to the internet (specifically the web).

3.) HOSTS files allow you to bypass DNS Server requests logs (via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server, but also for avoiding those logs OR a DNS server that has been compromised (see Dan Kaminsky online, on that note)).

4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

5.) HOSTS files also allow you to not worry about a DNS server being compromised, or downed (if either occurs, you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case).

6.) HOSTS files are EASILY user controlled, updated and obtained (for reliable ones see mvps.org ) & edited too, via texteditors like Windows notepad.exe or Linux nano or kate (etc.)

7.) HOSTS files aren't as vulnerable to "bugs" either like programs/libs/extensions of that nature are, OR even DNS servers, as they are NOT code, & because of what's next too

8.) HOSTS files are also EASILY secured well, via write-protection "read-only" attributes set on them, or more radically, via ACL's even.

9.) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE - NOT just a single webbrowser type (e.g. FireFox/Mozilla & its addons exemplify this, such as ADBLOCK) and you already own one, and they run on any OS that uses the BSD reference design IP stack (all of them today pretty much if NOT all of them).

10.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - You might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own, & this? This stops that cold, too! Bonus...

Still, it's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock, &/or NoScript!

(Especially the latter one in NoScript: I mention it, because it covers what HOSTS files can't in javascript (which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security").

****

Of course, you also have to note that ADBLOCK IS DETECTABLE ITSELF, AND BLOCKABLE, also! Proof? Ok:

----

ArsTechnica blocking Adblock?

https://adblockplus.org/forum/viewtopic.php?f=2&t=5266 [adblockplus.org]

----

However, they could NOT do that to HOSTS files users though! So, due to that? See the above 10 points in favor of HOSTS files (especially over adblock alone)...

APK

Re:Firefox Addons Already Provide Customized Block (1)

assantisz (881107) | more than 3 years ago | (#33523698)

I am confused about the FTC requiring opt-out tools. They already exist. You can go to the Network Advertising Initiative's website [networkadvertising.org] and opt-out. Sure, only members of this organization will recognize the opt-out cookie but most advertising and tracking services are members of the NAI. Then there are tools as OP mentioned. I'd like to add Bynamite [bynamite.com] as well.

ghostery (0)

Anonymous Coward | more than 3 years ago | (#33520282)

I use ghostery firefox plugin to block some tracking javascript tools. Seems pretty useful but I'm sure there is more that can be done.

http://www.ghostery.com/

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...