call +44 20 7096 1079
January 31, 2012 | Jim Killock

Protecting Internet users from tracking and profiling

For three days last week, a group of technicians and lawyers at W3C – the World Wide Web Consortium, headed by Sir Tim Berners-Lee – has debated how to protect user privacy from ‘third party’ tracking websites.

The meetings started with an introduction from European Commission Neelie Kroes, emphasizing the need for companies to sort this out and imposing a deadline of June; and the Federal Trade Commissioner making similar demands. Clearly the stakes are high, and governments are losing patience. Europe wants users to be able to consent if they are tracked: the FTC wants meaningful choice (see their white paper).

Data protection authorities were represented throughout by the presence of the Article 29 Working Group, and the Chief Technology Officer of the FTC stayed in the meetings throughout. There was a clear message: we are watching you and want you to negotiate something that protect end user privacy.

The technicians came from browser manufacturers, like Opera, Mozilla, Apple and Microsoft; and from advertising companies, including Yahoo! and Google. The Internet Advertising Bureau and other organizations were also there.

The basic problem comes from the way that web pages today often place adverts, cookies, widgets, like buttons and iframes from “third parties”. The result is that you, as a user, ask for these pieces of content, who then gain information about you. They discover that you visited that page, and your IP address, browser, and lots more besides.

Through unique identifiers, like cookies, they can build a picture of the websites you visit. This happens to the vast majority – millions – of web users everyday, without them really knowing what is going on.

Two technologies are under discussion at W3C to address this outrage. The first, proposed by Microsoft, is the “Tracking Protection List”: a list of domains that you, the user, choose to block or allow. This means you, with a little guidance, can completely block companies’ web content and stop them hovering up information about you. The disadvantage, though, is that lists are rarely comprehensive, need updating, and need to be chosen by the user. Privacy International backed TPLs this week by publishing lists of sites you might wish to block.

The second technology, proposed by Mozilla and supported by EFF, is called “Do Not Track”. It is a signal that you can send to all websites. They are then meant to tell you that they will respect your wishes, and third party sites should stop their tracking, and perhaps minimize the data logs they keep.

This has the advantage of being easier to set, and could easily be much more widely used than “Tracking Protection Lists”. The disadvantage is twofold. Firstly, you must trust the “third party” website to respect your wishes. Secondly, W3C must agree to a meaningful specification for “Do Not Track”, which does more than ban them companies from using data for profiling individual users while collection continues uninterrupted. After all, if someone can still track you from the raw data files, how useful a protection would a “DNT” signal be?

A big difficulty lies is current company practice, which many of the companies at the table will wish to preserve, to avoid high costs, both in re-engineering and potentially in being forced to serve lower value, non-targeted advertising to a significant percentage of users.

The second, more nuanced difficulty, is the need to log user requests sent to a web server for genuinely unavoidable reasons such as security or performance.

W3C need to consider very carefully what information might be retained, why, and what it might be used for. Otherwise a DNT could be more or less redundant: the information could be retained, and while you may not be actively tracked, all your web habits could easily be re-identified with you. Although the information may not be processed and used, many of the risks would remain, such as leaks, law enforcement misuse through future re-identification.

However, if a balance can be created, then perhaps DNT can satisfy users with meaningful, if not absolute, privacy. Combined with audits and tracking protection lists, it could provide much greater control and protection than users currently have today.

Jonathan Mayer from Stanford and Tom Lowenthal from Mozilla deserve particular mention for leading the fight for DNT and meaningful privacy. They have plenty of allies, especially among the browser manufacturers, and civil society folk. But the battle is far from won: the devil really does lie in the detail.

google plusdeliciousdiggfacebookgooglelinkedinstumbleupontwitteremail


Comments (1)

  1. Mark (ISPreview):
    Jan 31, 2012 at 01:53 PM

    I've always considered myself to be broadly pro-privacy but some of the recent EU measures do seem to go a bit too far and often fail to recognise the complicated reality of how websites function and their economic reliance upon advertising /related revenue to deliver all that "free" information that we do so love.

    For example, under the cookie law, it seems like web hosts should apparently no longer be allowed to collect basic statistical access data about what connections (IP's) visit the site. But sites need that data to see which pages are popular and what browser / screen resolutions are being used etc. so that they can adapt their content and be more productive.

    There's no easy way for them to provide visitors a choice in this as it's often collected at the root level, which most won't control; like nearly all web hosts in the world. Likewise many web masters won't have the technical know-how to adapt. For example, installing a Wordpress blog and doing basic HTML is a million miles apart from writing your own online apps; it's unreasonable to expect that everybody will have the skills.

    Surely, so long as the control of this data is kept tight and not exchanged externally without permission, then there should be no problem. But in using websites we must all accept that some information will always be shared. For example, it would be impossible to use the internet without exchanging your connection's IP address with remote servers and services.

    Free tools already exists to prevent cookie and related data from being shared if the user so chooses (most browsers now offer this as a simple feature), although this might prevent some aspects of a site from working when enabled.



This thread has been closed from taking new comments.