Good Fences Make Good Neighbors

A few days ago, I discussed the idea of the future smartphone/connected device as a companion to an active and mobile lifestyle. One of the topics I also broached was that of online privacy, and people’s need for it (or at least the illusion thereof). While I maintain that the majority of folks who have any sort of online presence are sacrificing their anonymity and a great deal of their privacy, I also agree that this situation should not be the only available option. People should have the right to privacy. It’s a terrible thing when folks simply have little to no knowledge of a) how they are divulging their private knowledge, and b) how to protect themselves from divulging too much. Recent developments in this space have made it much easier for people to protect their identities and ensure at least some degree of privacy in their lives.

The first development which has the potential to set a precedent for further privacy advocates to build off of is a recent ruling in European courts that requires any site desiring to track online behaviors obtain explicit consent from site visitors to track them using cookies.

As part of its work to comply with the directive, the IAB – an industry body that represents web ad firms – created a site that explains how behavioural advertising works and lets people opt out of it.

From 25 May, European laws dictate that “explicit consent” must be gathered from web users who are being tracked via text files called “cookies”.

This is great news for anyone who is looking to push for greater laws or regulations protecting individual privacy online. The efforts for privacy protection in the desktop browsing space are making significant headway, as well. Both Google and Mozilla have released extensions for their respective browsers that keep users protected from websites desiring to track their behaviors.

The two approaches are part of a larger move resisting the efforts of web advertisers to profile people’s online activities in ever more detail. Typically this tracking is accomplished through cookies, small text files many sites use to customise sites for regular visitors.

It’s important to note that websites that track your behavior aren’t necessarily evil. The overwhelming majority of the websites that feed your browser some sort of behavior tracking cookies aren’t looking to ruin your life. They’re not malware, phishing, or scam sites, they’re the same sites that you visit every day looking for your news, videos, media, and shopping. Many cookies are designed just to make your life easier. The same cookies that tell Facebook that you were active yesterday, or your online email site to keep you logged in for a week instead of logging you out after each session, or tell your banking site that your computer is trusted as opposed to foreign.

All these cookies perform functions that most people rely on every day. The problem is that there are people wishing to sow fear, uncertainty, and doubt (FUD) in order to push their agenda. Sometimes these people are anti-technology, sometimes they’re just untrusting, but their message is typically uninformed. They hear the word “tracking” and envision cloak-and-dagger operations going on in your cable modem or cell phone, when the reality is more akin to your local big-box retailer reviewing their security camera footage and attempting to developable better marketing plans for a specific demographic. These folks most likely wouldn’t like the camera idea, either, but it’s something they have turned a blind eye to in order to feel more in control of their buying habits.

Mozilla is really working hard to try to provide people with options when it comes to tracking their online presence. A recent proposal by Mozilla (referenced in the link above) will change the way that future browsers work with tracking cookies. Basically, instead of having cookies to disable tracking (which, despite telling websites that you don’t want to be tracked, can still be deleted when a person closes his or her browser), the browser will include a built-in switch that allows customers to opt-out of tracking (theoretically) with one button press.

Some important things to note about this proposal:

There is no “list” that consumers need to sign up for. Early discussion of Do Not Track included proposals about a list-based registry of users, similar to the Do Not Call Registry. This proposal does not collect data on consumers in a central list. (Security and privacy researcher Christopher Soghoian has more about the history of Do Not Track.)

Consumers won’t need to update software for Do Not Track regularly. Early versions of Do Not Track proposed installing software on an individual’s computer that listed all the known tracking companies. As more companies were identified, the list would need to be updated. The current proposal does not store a list of companies on your computer and so does not need to be repeatedly updated.

You can still clear your cookies without fear of disrupting the header-based Do Not Track.
The header-based Do Not Track model won’t threaten ad-supported businesses.

The final battle over online privacy has yet to be fought, but as people begin spending more and more time online, they will begin to demand greater control over their privacy. Our governments haven’t always made the best decisions regarding technology, but a more informed population will demand greater rights over the evolving online landscape.