Posts tagged as:

My Senate Testimony on Privacy, Data Collection & Do Not Track

by on April 24, 2013 · 3 comments

Today I’ll be testifying at a Senate Commerce Committee hearing on online privacy and commercial data collection issues. In my remarks, I make three primary points:

  1. First, no matter how well-intentioned, restrictions on data collection could negatively impact the competitiveness of America’s digital economy, as well as consumer choice.
  2. Second, it is unwise to place too much faith in any single, silver-bullet solution to privacy, including “Do Not Track,” because such schemes are easily evaded or defeated and often fail to live up to their billing.
  3. Finally, with those two points in mind, we should look to alternative and less costly approaches to protecting privacy that rely on education, empowerment, and targeted enforcement of existing laws. Serious and lasting long-term privacy protection requires a layered, multifaceted approach incorporating many solutions.

The testimony also contains 4 appendices elaborating on some of these themes.

Down below, I’ve embedded my testimony, a list of 10 recent essays I’ve penned on these topics, and a video in which I explain “How I Think about Privacy” (which was taped last summer at an event up at the University of Maine’s Center for Law and Innovation). Finally, the best summary of my work on these issues can be found in this recent Harvard Journal of Law & Public Policy article, “The Pursuit of Privacy in a World Where Information Control is Failing.” (This is the first of two complimentary law review articles I will be releasing this year dealing with privacy policy. The second, which will be published early this summer by the George Mason University Law Review, is entitled, “A Framework for Benefit-Cost Analysis in Digital Privacy Debates.”) Continue reading →

SHARE: 3 comments

Did Google Defeat People’s Privacy Preferences?

by on February 19, 2012 · 3 comments

Given the importance of privacy self-help—that is, setting your browser to control what it reveals about you when you surf the Web—I was concerned to hear that Google, among others, had circumvented third-party cookie blocking that is a default setting of Apple’s Safari browser. Jonathan Mayer of Stanford’s Center for Internet and Society published a thorough and highly technical explanation of the problem on Thursday.

The story starts with a flaw in Safari’s cookie blocking. Mayer notes Safari’s treatment of third-party cookies:

Reading Cookies Safari allows third-party domains to read cookies.
Modifying Cookies If an HTTP request to a third-party domain includes a cookie, Safari allows the response to write cookies.
Form Submission If an HTTP request to a third-party domain is caused by the submission of an HTML form, Safari allows the response to write cookies. This component of the policy was removed from WebKit, the open source browser behind Safari, seven months ago by Google engineers. Their rationale is not public; the bug is marked as a security problem. The change has not yet landed in Safari.

Mayer says Google was exploiting this yet-to-be-closed loophole to install third-party cookies, the domain of which Safari would then allow to write cookies. After describing “(relatively) straightforward” cookie synching, Mayer says:

But we noticed a special response at the last step for Safari browsers. … Instead of responding with the “_drt_” cookie, the server sends back a page that includes a form and JavaScript to submit the form (using POST) to its own URL.

Third-party cookie blocking evaded, and users’ preferences frustrated.

Ars Technica has published Google’s response, which doesn’t seem to have gone up on any of its blogs, in full. Google says they created this functionality to deliver better services to their users, but doing so inadvertently allowed Google advertising cookies to be set on the browser.

I don’t know that I’m technically sophisticated enough to register a firm judgement, but it looks to me like Google was faced with an interesting dilemma: They had visitors who were signed in to their service and who had opted to see personalized ads and other content, such as ‘+1’s but those same visitors had set their browsers contrary to those desires. Google chose the route better for Google, defeating the browser-set preferences. That, I think, was a mistake.

I wonder if there isn’t some Occam’s Razor that a Google engineer might have applied at some point in this process, thinking, “Golly, we are really going to great lengths to get around a browser setting. Are we sure we should be doing this?” Maybe it would have been more straightforward to highlight to Safari users that their settings were reducing their enjoyment of Google’s services and ads, and to invite those users to change their settings. This, and urging Apple to fix the browser, would have been more consistent with the company’s credo of non-evil.

Now, to the ideological stuff, of which I can think of two items:

1) There is a battle for control of earth out there—well, a battle over whether third-party cookie blocking is good or bad. Have your way advocates. I think the consuming public—that is, the market—should decide.

2) There is a battle to make a federal case out of every privacy transgression. An advocacy group called Consumer Watchdog (which has been prone to privacy buffoonery in the past) hustled out a complaint to the Federal Trade Commission. I think the injured parties should be compensated in full for their loss and suffering, of which there wasn’t any. De minimis non curat lex, so this is actually just a learning opportunity for Google, for browser authors, and for the public.

Kudos and thanks are due to Jonathan Mayer, as well as ★★★★★ and Ashkan Soltani, for exposing this issue.

SHARE: 3 comments

Techno-Panic Cycles (and How the Latest Privacy Scare Fits In)

by on February 24, 2011 · 12 comments

[UPDATE Feb. 2012: This little essay eventually led to an 80-page working paper, “Technopanics, Threat Inflation, and the Danger of an Information Technology Precautionary Principle.”]

In this essay, I will suggest that (1) while “moral panics” and “techno-panics” are nothing new, their cycles seem to be accelerating as new communications and information networks and platforms proliferate; (2) new panics often “crowd-out” or displace old ones; and (3) the current scare over online privacy and “tracking” is just the latest episode in this ongoing cycle.

What Counts as a “Techno-Panic”?

First, let’s step back and define our terms. Christopher Ferguson, a professor at Texas A&M’s Department of Behavioral, Applied Sciences and Criminal Justice, offers the following definition: “A moral panic occurs when a segment of society believes that the behavior or moral choices of others within that society poses a significant risk to the society as a whole.” By extension, a “techno-panic” is simply a moral panic that centers around societal fears about a specific contemporary technology (or technological activity) instead of merely the content flowing over that technology or medium. In her brilliant 2008 essay on “The MySpace Moral Panic,” Alice Marwick noted: Continue reading →

SHARE: 12 comments

The New York Times’ Glib Call for Internet and Software Regulation

by on January 30, 2011 · 7 comments

You have to read all the way to the end to get exactly what the New York Times is getting at in its Sunday editorial, “Netizens Gain Some Privacy.”

Congress should require all advertising and tracking companies to offer consumers the choice of whether they want to be followed online to receive tailored ads, and make that option easily chosen on every browser.

That means Congress—or the federal agency it punts to—would tell authors of Internet browsing software how they are allowed to do their jobs. Companies producing browser software that didn’t conform to federal standards would be violating the law.

In addition, any Web site that tailored ads to their users’ interests, or the networks that now generally provide that service, would be subject to federal regulation and enforcement that would of necessity involve investigation of the data they collect and what they do with it.

Along with existing browser capabilities (Tools > Options > Privacy tab > cookie settings), forthcoming amendments to browsers will give users more control over the information they share with the sites they visit. That exercise of control is the ultimate do-not-track. It’s far preferable to the New York Times‘ idea, which has the Web user issuing a request not to be tracked and wondering whether government regulators can produce obedience.

[I got enough push-back to a recent post arguing the existence of market nimbleness in the browser area that I’m unsure of the thesis I expressed there. The better explanation of what’s going on may be that regulatory pressure is moving browser authors and others to meet the peculiar demands of the pro-regulatory community. The reason they have waited to act until now is because they do not perceive consumers’ interests to be met by protections against tailored advertising. The question of what meets consumers’ interests won’t be answered if regulation supplants markets, of course.]

SHARE: 7 comments

Adobe Improves Privacy Controls Before Regulators Can Saddle Up

by on January 14, 2011 · 6 comments

Via @csoghoian (who can be wrathful if you don’t attribute), Adobe buries the lede in its blog post about privacy improvements to the Flash player. They’re working with the most popular browser vendors on integrating control of “local shared objects”—more commonly known as “Flash cookies”—into the interface. Users control of Flash cookies will soon be similar to control of ordinary cookies.

It doesn’t end there:

Still, we know the Flash Player Settings Manager could be easier to use, and we’re working on a redesign coming in a future release of Flash Player, which will bring together feedback from our users and external privacy advocates. Focused on usability, this redesign will make it simpler for users to understand and manage their Flash Player settings and privacy preferences. In addition, we’ll enable you to access the Flash Player Settings Manager directly from your computer’s Control Panels or System Preferences on Windows, Mac and Linux, so that they’re even easier to locate and use. We expect users will see these enhancements in the first half of the year and we look forward to getting feedback as we continue to improve the Flash Player Settings Manager.

Mysterious, sinister “Flash cookies” were Exhibit A in the argument for a Do Not Track regulation. There is no way that people can cope with the endless array of tracking technologies advertisers are willing to deploy, the argument went, so the government must step in, define what it means to be “tracked,” and require it to stop—without kneecapping the free Internet. (Good luck with that!)

But Flash cookies are now quickly taking their place as a feature that users can control from the browser (or OS), customizing their experience of the Web to meet their individual privacy preferences. This is not a panacea, of course: People must still be made aware of the importance of controlling Flash cookies, as well as regular cookies. New tracking technologies will emerge, and consumer-friendly information controls meeting those challenges will be required in response.

But if this is what the drawn-out “war” against tracking technologies looks like, color me pro-war!

In a few short months, Adobe has begun work on the controls needed to put Flash cookies under peoples’ control. The Federal Trade Commission—prospective imposer of peace through complex, top-down regulation—took more than a year to produce a report querying whether a Do Not Track regulation might be a good idea. This problem will essentially be solved (and we’ll be on to the next one) before the FTC would have gotten saddled up.

Yes, Adobe may have acted because of the threat of damaging government regulation. That seems always to be what gets these companies moving. Of course it does, when the primary modus operandi of privacy advocacy is to push for government regulation. Were the privacy community to work as assiduously on boycotts as acting through intermediary government regulators, change might come even faster.

We could do without the standing army of regulators. Having a government sector powerful enough to cow the business sector is costly, both in terms of freedom and tax dollars.

With the failure of Do Not Track, the vision of a free and open Internet—populated by aware, empowered individuals—lives on.

SHARE: 6 comments

Privacy Isn’t Dead, It’s Evolving

by on August 19, 2010 · 0 comments

Recent revelations about Microsoft’s internal debate over Internet Explorer’s handling of tracking cookies, as chronicled by The Wall Street Journal earlier this month, have prompted harsh criticism from self-described privacy groups, who’ve called on Congress to investigate Microsoft’s actions. But as Jim Harper pointed out in an excellent WSJ essay, Web users stand to lose a great deal if online tracking is squelched by the hand of government. Data gathering on the Internet is largely harmless, and individually targeted advertising coexists with robust privacy safeguards.

Over on AOLNews.com, my colleague Carolyn Homer discusses these privacy tradeoffs, arguing that Microsoft and other Internet firms have a strong incentive to set privacy defaults that align with their users’ preferences. She points out that most consumers are, in practice, quite willing to live with allegedly “pervasive” tracking in exchange for the enormous benefits that targeted advertising makes possible. While many surveys and polls indicate consumers are very worried about their privacy, the actual decisions that consumers make every day tell a very different story (as documented extensively by Berin Szoka). From Carolyn’s piece:

A body of research reveals a sizable disparity between how much people say they value privacy and how willing they are to actually protect it. In a 2003 Duke Law Journal article, Michael Staten and Fred Cate found that fewer than 10 percent of users exercise their right to opt out and share less. Conversely, if given the opposite choice, fewer than 10 percent of users elect to opt in and share more. The vast middle is apparently indifferent. If consumers were required to affirmatively opt in before sharing data, the Internet’s prevailing advertising-based business model would be decimated. The effectiveness of online advertising in Europe, for example, fell 65 percent after the European Union in 2002 required a blanket opt-in system. For more than a decade, the Internet has thrived on the assumption that most people believe it is a fair trade to receive free content in exchange for viewing ads. Mere advertisements shouldn’t be equated with gross privacy violations.

She goes on to discuss how privacy settings are evolving as consumer preferences adapt to new technologies and firms experiment with new ways to use and collect data. You can read the rest over at the AOL News website.

SHARE: 0 comments

The Great Privacy Debate on WSJ

by on August 7, 2010 · 16 comments

I have a piece on Internet privacy in the Wall Street Journal today. It’s one side of a “debate” on Internet privacy and tracking. I say be careful what you give up if you thwart online tracking—personalization, free content, and other goodies may go by the wayside.

My “opponent” is Nicholas Carr, whose identity and arguments I didn’t know as I wrote, nor likely did he mine. His is a good piece that lays out the many legitimate concerns with online tracking. Must be nice to be the maximal-privacy “good guy”!

For the sake of making it interesting I’ll pick out one important point that highlights the nub of the issue.

Privacy tradeoffs have always been a part of life, Carr says, “But now, thanks to the Net, we’re losing our ability to understand and control those tradeoffs—to choose, consciously and with awareness of the consequences, what information about ourselves we disclose and what we don’t.”

This sentence brought back to me a memorable moment from law school. In a seminar course, the professor called upon a fellow student who rather dopily apologized, “Sorry, I didn’t have time to do the reading.”

“In fact you did have time to do the reading,” replied the teacher, “but you just didn’t take it. Isn’t that correct?”

It was funny, if embarrassing for my colleague, and a great illustration of precision with language.

Holding to that standard of precision, I’ll disagree with Carr’s statement: The Net is not affecting our ability to understand and control privacy tradeoffs. Its development has outstripped that capacity. Developing consumers’ understanding of information flows, information uses, and consequences will position them to restore privacy.

I don’t think Carr would disagree with that sentiment in the main. Later he says, agreeably to me, “We need to take personal responsibility for the information we share whenever we log on.”

And I do think that’s the heart of the problem: “Education is the hard way, and it is the only way, to get consumers’ privacy interests balanced with their other interests.”

SHARE: 16 comments

Abandoning the Dumb Federal Cookie Policy

by on August 11, 2009 · 10 comments

Today’s Washington Post has a story entitled U.S. Web-Tracking Plan Stirs Privacy Fears. It’s about the reversal of an ill-conceived policy adopted nine years ago to limit the use of cookies on federal Web sites.

In case you don’t already know this, a cookie is a short string of text that a server sends a browser when the browser accesses a Web page. Cookies allow servers to recognize returning users so they can serve up customized, relevant content, including tailored ads. Think of a cookie as an eyeball – who do you want to be able to see that you visited a Web site?

Your browser lets you control what happens with the cookies offered by the sites you visit. You can issue a blanket refusal of all cookies, you can accept all cookies, and you can decide which cookies to accept based on who is offering them. Here’s how:

  • Internet Explorer: Tools > Internet Options > “Privacy” tab > “Advanced” button: Select “Override automatic cookie handling” and choose among the options, then hit “OK,” and next “Apply.”

I recommend accepting first-party cookies – offered by the sites you visit – and blocking third-party cookies – offered by the content embedded in those sites, like ad networks. (I suspect Berin disagrees!) Or ask to be prompted about third-party cookies just to see how many there are on the sites you visit. If you want to block or allow specific sites, select the “Sites” button to do so. If you selected “Prompt” in cookie handling, your choices will populate the “Sites” list.

  • Firefox: Tools > Options > “Privacy” tab: In the “cookies” box, choose among the options, then hit “OK.”

I recommend checking “Accept cookies from sites” and leaving unchecked “Accept third party cookies.” Click the “Exceptions” button to give site-by-site instructions.

There are many other things you can do to protect your online privacy, of course. Because you can control cookies, a government regulation restricting cookies is needless nannying. It may marginally protect you from government tracking – they have plenty of other methods, both legitimate and illegitimate – but it won’t protect you from tracking by others, including entities who may share data with the government.

The answer to the cookie problem is personal responsibility. Did you skip over the instructions above? The nation’s cookie problem is your fault.

If society lacks awareness of cookies, Microsoft (Internet Explorer), the Mozilla Foundation (Firefox), and producers of other browsers (Apple/Safari, Google/Chrome) might consider building cookie education into new browser downloads and updates. Perhaps they should set privacy-protective defaults. That’s all up to the community of Internet users, publishers, and programmers to decide, using their influence in the marketplace. (I suspect Berin is against it!)

Artificially restricting cookies on federal Web sites needlessly hamstrings federal Web sites. When the policy was instituted it threatened to set a precedent for broader regulation of cookie use on the Web. Hopefully, the debate about whether to regulate cookies is over, but further ‘Net nannying is a constant offering of the federal government (and other elitists).

By moving away from the stultifying limitation on federal cookies, the federal government acknowledges that American grown-ups can and should look out for their own privacy.

SHARE: 10 comments

Ends, Means, and One Man’s War on Advertising

by on March 24, 2009 · 8 comments

Chris Soghoian has responded to my recent post lauding his Targeted Advertising Cookie Opt-Out (or “TACO” – documented and downloadable here). We’re agreed in the main on user empowerment. The interesting stuff is on the margin: He disagrees with me that blocking third party cookies as I do (and he does too) is a satisfactory approach to suppressing tracking by advertisers.

There are a couple of points worth making about the discussion.

The first has to do with our slightly differing objectives. Chris is deeply focused on advertisers and his dislike of being tracked by advertisers. Though it is not absolute, I have a preference against tracking by anyone other than sites that I know, like, and trust. I’m no more worried about advertisers than any entity that would track my surfing – and there are many.

Again, TLF readers, I ask you to try setting your browser to query you before setting cookies. It’s a real insight into the dozens of entities getting a look at you as you surf, including a bunch of social networks and news sites.

If “advertisers” are what you seek to harness, that seems like a group that can be captured through some kind of centralized control mechanism. (I don’t think it actually is.) But if your goal is privacy as against all comers, you don’t attempt to centrally plan or decide who is good and who is bad. Responsibility rests with the end user.

Let the goal be “advertisers,” though. And I ask: Those social networks and news aggregators – are they “advertisers”? If you’re going to require a subset of Web communicators to obey opt-out cookies, you have to be able to define that subset – a problem Chris doesn’t seem to have thought about yet.

Lots of different publishers, sites, and networks have data that is entirely fungible with the tracking data advertisers collect. What do you get if you push down on the “officially advertisers” part of the balloon? Workarounds.

But I’ve backed into the second point – the means to these ends. Chris soft-pedals how he would get at tracking, but as far as I can tell it’s a law that says “advertisers” have to obey opt-out cookies. Continue reading →

SHARE: 8 comments

Chris Soghoian’s Cool Opt-Out Plugin

by on March 19, 2009 · 31 comments

What a victory for privacy and personal responsibility is Chris Soghoian’s Targeted Advertising Cookie Opt-Out (or “TACO” – documented and downloadable here). It signals to the 27 ad networks with well-configured opt-out cookies that you don’t want them to track you.

It’s a technical solution that empowers (and places responsibility with) the user to exercise dominion over his or her personal information. No need for law and regulation. No need to go pleading to politicians and bureaucrats for help.

It’s also a little more efficient than my method of controlling tracking, which is to take a glance at cookies as Web sites ask to set them on my computer.

(The answer is usually “no,” but it’s very interesting to see who all wants to get a glance at me when I visit any site. It’s a lot more than just ad networks, btw. I have no idea why people think ad-network tracking is bad and tracking by others is a matter of indifference.)

Now, Chris and I always find something to disagree about, so for good measure I’ll note that I disagree with his goal of switching targeted advertising from opt-out to opt-in. Continue reading →

SHARE: 31 comments

← Previous Entries