Chris Soghoian has responded to my recent post lauding his Targeted Advertising Cookie Opt-Out (or “TACO” – documented and downloadable here). We’re agreed in the main on user empowerment. The interesting stuff is on the margin: He disagrees with me that blocking third party cookies as I do (and he does too) is a satisfactory approach to suppressing tracking by advertisers.
There are a couple of points worth making about the discussion.
The first has to do with our slightly differing objectives. Chris is deeply focused on advertisers and his dislike of being tracked by advertisers. Though it is not absolute, I have a preference against tracking by anyone other than sites that I know, like, and trust. I’m no more worried about advertisers than any entity that would track my surfing – and there are many.
Again, TLF readers, I ask you to try setting your browser to query you before setting cookies. It’s a real insight into the dozens of entities getting a look at you as you surf, including a bunch of social networks and news sites.
If “advertisers” are what you seek to harness, that seems like a group that can be captured through some kind of centralized control mechanism. (I don’t think it actually is.) But if your goal is privacy as against all comers, you don’t attempt to centrally plan or decide who is good and who is bad. Responsibility rests with the end user.
Let the goal be “advertisers,” though. And I ask: Those social networks and news aggregators – are they “advertisers”? If you’re going to require a subset of Web communicators to obey opt-out cookies, you have to be able to define that subset – a problem Chris doesn’t seem to have thought about yet.
Lots of different publishers, sites, and networks have data that is entirely fungible with the tracking data advertisers collect. What do you get if you push down on the “officially advertisers” part of the balloon? Workarounds.
But I’ve backed into the second point – the means to these ends. Chris soft-pedals how he would get at tracking, but as far as I can tell it’s a law that says “advertisers” have to obey opt-out cookies.
Unlike all of the previous anti-advertising technologies, the opt-out mechanism provides users with a way to positively affirm that they do not wish to be tracked and targeted. This opt-out cookie is something that advertisers cannot ignore.
Is it by magic that they “cannot ignore” opt-out cookies? No, it’s by law.
With the right law in place, Chris appears to believe, “[t]he Federal Trade Commission and Congress would likely take an interest” when advertisers tried to skirt opt-out cookies, using other technologies to glean information about Web surfers’ interests.
His hope is to end the “arms race” in which users have to constantly chase the shifting tactics advertisers use to track them. It’s a fair point: There is a constant, rolling change in how the Web is used by publishers, advertisers, and consumers to interact and trade the data each produces.
That is an “arms race” only if you’ve adopted the rigid, war-like stance that tracking by advertisers is inherently wrong. It’s not. Berin and Adam, who have done a lot more work than me on this lately, have done a good write-up of the subtleties. What Chris calls an “arms race” is better thought of as a constantly unfolding negotiation among all parties about the terms of the content-for-advertising bargain.
I believe, as a person who dislikes third-party cookies, that offering them to my computer in the hopes of gleaning some information is not wrong. Some people think it’s horribly wrong. Most people are indifferent.
Who’s right? Everyone and nobody. There doesn’t have to be one answer.
Now that would be wrong – regulating cookies to force “protection” on a public that could seek it for itself, but won’t. That would deprive “advertisers” – we still don’t know who they are – of freedom and communications channels, it would deny publishers revenues, and it would deny consumers content they want and enjoy.
But let’s talk about arms races. Chris seeks exit from the so-called arms race on the technical and user side in favor of an arms race in the legislative and regulatory world. The law he imagines – so perfect as it resides there in his head – would have to be passed by Congress and implemented by a regulatory agency like the Federal Trade Commission.
Each of these regulatory bodies is under constant, well, “siege” by phalanxes of lobbyists, paid to advocate the views of their clients, including “advertisers.” There is no realistic hope that Chris’ opt-out cookie law would make it through that in the form he wants. Defining what one means by “advertisers” is a gruesome task, with likely First Amendment problems. Instead of the clean bill Chris imagines, it would be perverted (from Chris’ perspective) by lobbying and special-interest influence. Remember when Congress passed a law alleging it would prevent spam?
Chris would transfer the arms race we’re in now – where consumers are in control, if apathetic – to a field where consumers are not in control and very apathetic, believing that they are protected by the government. This is the approach preferred by victims of the fatal conceit, who think that they can design society better than society can design itself. (Berin has done a terrific job of lambasting the Center for Democracy and Technology for its similarly conceited, blindly pro-regulatory armchair quarterbacking on the online advertising issue.)
Plenty of people dream about regulation that works, of course. The SEC’s failure to protect investors in the Madoff case provides one more example among many where law and regulation failed utterly to protect consumers – and by its existence encouraged their irresponsibility.
It is damaging folly to try protecting consumers from the tracking advertisers do when consumers can just as well protect themselves.