Last week a scad of stories from Reuters to News.com covered the growing push for a “Do Not Track” registry similar to the “Do Not Call” list that serves to protect US households from mid-dinner sales calls. While I understand the concerns expressed by folks like Marc Rotenberg of EPIC and Jeff Chester of the Center for Digital Democracy, who were both cited by Anne Broache in the News.com piece from last week, I think that asking the government to hold a master list of IPs and consumer names is a bad idea, or at least one that won’t do much to really protect consumers.
First, tracking people online is a bit different from calling folks in their homes. Telemarketing, while highly effective in terms of sales produced per dollar of marketing money spent, is still orders of magnitude more expensive than spamming or collecting data online without consent. Both of these activities are illegal today, but they still occur. They occur so much that spam-filtering technology contains some of the most advanced natural language recognition and parsing software created. Cory Doctorow has mused that the first artificial intelligences will emerge from Spam and anti-Spam computer arrays.
So this list wouldn’t be the magic wish that privacy advocates and legislators might dream it to be. It would cause law-abiding companies like Google, AOL, and Microsoft to stop collecting data, but so could privately developed and enforced systems.
Anne Broache notes that cookies are a bad solution for stopping data tracking as many anti-spy-ware programs delete cookies, since cookies are often used for the purpose of data tracking. But why not just create a new variety of cookie? Call it a cake, a brownie, a cupcake–maybe even a muffin. Whatever you call it, just specify that a standards-compliant browser must contain a place for something similar to a cookie to be placed that will opt consumers out of tracking schemes. This isn’t a technological problem at all, it’s just a matter of industry deciding to follow this course.
My other concern is something that fellow TLFer and former CEI staffer James Gattuso pointed out in a 2003 piece in regard to the “Do Not Call” list, namely that the government will likely exempt itself from the rules. In our post-9/11 world (whatever that means) we should expect government–the supposed protector of our rights–to make these sorts of moves. But you don’t have to trust my assertion, look no farther than Declan McCullagh’s Wednesday post at New.com. The FBI is pushing hard for Internet companies to retain data so that they can later sift through it. It’s doubtful that the government will place itself on “Do Not Track” list if they believe they can gain useful intelligence by tracking people online.
So, by and large, this proposed registry seems unnecessary and ineffective. Industry can easily work out a way to allow consumers to opt-out and the two groups I’m most afraid of–the Russian Mob and the U.S. Government–won’t pay heed to any registry anyway.
Instead or wringing our hands over advertisers tracking what duvet covers we buy, can we turn our attention to what our freewheelin’ executive branch is trying to pull-over on us? Seems to me they’re cooking up exemptions to more than just this registry–a few of my favorite Constitutional Amendments spring to mind.
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.