I thought this was pretty well-written, and I could imagine people that previously said “I have nothing to hide” thinking twice after reading this. Obviously if tracking was done in the physical world like he described, nobody would tolerate it but because it happens so secretively in the digital world, many people don’t know it’s going on so they aren’t really bothered by it.
Perhaps the key to getting many more people to care about privacy is to make this tracking more obvious and visible to them, so they can actually see what is being collected, rather than technical solutions that try to block tracking.
I thought this was pretty well-written, and I could imagine people that
previously said “I have nothing to hide” thinking twice after reading
this.
I suspect it requires a certain level of imagination and knowledge about
human nature, rather than technical skills, to care about privacy.
I had this debate recently with family members who have nothing to hide.
One particular family member loses her mind over pictures of her posted
to social media if she doesn’t like how she looks in them. But she has
nothing to hide, nor will her young kids ever have.
I had to go the John Oliver-vs-Edward Snowden-route of asking for a list
of the medicine they take and a list of the previous 10 orgasms they had
anything to do with. And even then, they weren’t sure privacy was a
general problem: They only had issues with providing that specific
information about them, not understanding what privacy really is.
Ghostery does a good job at this, and his swipe against them is relatively unfounded. From my reading of their settings page, it seems they sell aggregate information about trackers and provide it to website owners (i.e. these are the trackers on your site, and this one is blocked by 100% of your Ghostery visitors).
I was having more subversive thoughts… a whistleblower at or a compromise of a tracking company to disclose this information. Or maybe just regulation forcing these companies to allow the public to request their profile data.
There are quite some challenges to allowing the public to request profile data. Usually the ad tech company doesn’t actually have your name. You’re just a cookie, browser user #32198. Should anyone be able to request the profile for user #32198? The cookie itself could be the identifier, unless forged of course, and again privacy issues with shared browsers.
Consider for a moment that nearly every web site keeps visitor logs for some amount of time, which usually include the requesting IP. These would presumably fall under any profile access law. Should I be able to query every website, “when did my IP last visit your site?”?
Surely if they have some long-lasting profile on you based on cookies, you should be able to visit some site served by that company that recognizes those cookies and shows you what info they have, even if it’s not tied to your name.
Again, I think there are unforeseen privacy implications. Clearing local history is one thing, enabling users to access a remotely backed up history is another. Isn’t the assumption that these companies can reconstitute and combine profiles after the fact? So even if you clear your cookies, anyone you let use your browser would have full access to your history. Anyone who can spoof a similar enough profile to cause merging would also have full access to your profile.
Perhaps the key to getting many more people to care about privacy is to make this tracking more obvious and visible to them, so they can actually see what is being collected, rather than technical solutions that try to block tracking.
I think this would be a good step. Technically, tracking could improve the services we as users get from applications. The information it provides to parties we don’t control (the companies) is, however, very tempting to misuse and sadly very unimaginatively used mostly for ads, which are almost always annoying since very few (if any) have found a way of making them actually useful (otherwise people wouldn’t want to block them).
I personally use EFF’s Privacy Badger, which I like so far. It does sometimes break sites because of not loading some third-party JS or iframe, though.
I thought this was pretty well-written, and I could imagine people that previously said “I have nothing to hide” thinking twice after reading this. Obviously if tracking was done in the physical world like he described, nobody would tolerate it but because it happens so secretively in the digital world, many people don’t know it’s going on so they aren’t really bothered by it.
Perhaps the key to getting many more people to care about privacy is to make this tracking more obvious and visible to them, so they can actually see what is being collected, rather than technical solutions that try to block tracking.
I suspect it requires a certain level of imagination and knowledge about human nature, rather than technical skills, to care about privacy.
I had this debate recently with family members who have nothing to hide. One particular family member loses her mind over pictures of her posted to social media if she doesn’t like how she looks in them. But she has nothing to hide, nor will her young kids ever have.
I had to go the John Oliver-vs-Edward Snowden-route of asking for a list of the medicine they take and a list of the previous 10 orgasms they had anything to do with. And even then, they weren’t sure privacy was a general problem: They only had issues with providing that specific information about them, not understanding what privacy really is.
Finally, I just had another beer.
Ghostery does a good job at this, and his swipe against them is relatively unfounded. From my reading of their settings page, it seems they sell aggregate information about trackers and provide it to website owners (i.e. these are the trackers on your site, and this one is blocked by 100% of your Ghostery visitors).
I was having more subversive thoughts… a whistleblower at or a compromise of a tracking company to disclose this information. Or maybe just regulation forcing these companies to allow the public to request their profile data.
There are quite some challenges to allowing the public to request profile data. Usually the ad tech company doesn’t actually have your name. You’re just a cookie, browser user #32198. Should anyone be able to request the profile for user #32198? The cookie itself could be the identifier, unless forged of course, and again privacy issues with shared browsers.
Consider for a moment that nearly every web site keeps visitor logs for some amount of time, which usually include the requesting IP. These would presumably fall under any profile access law. Should I be able to query every website, “when did my IP last visit your site?”?
Surely if they have some long-lasting profile on you based on cookies, you should be able to visit some site served by that company that recognizes those cookies and shows you what info they have, even if it’s not tied to your name.
Again, I think there are unforeseen privacy implications. Clearing local history is one thing, enabling users to access a remotely backed up history is another. Isn’t the assumption that these companies can reconstitute and combine profiles after the fact? So even if you clear your cookies, anyone you let use your browser would have full access to your history. Anyone who can spoof a similar enough profile to cause merging would also have full access to your profile.
I think this would be a good step. Technically, tracking could improve the services we as users get from applications. The information it provides to parties we don’t control (the companies) is, however, very tempting to misuse and sadly very unimaginatively used mostly for ads, which are almost always annoying since very few (if any) have found a way of making them actually useful (otherwise people wouldn’t want to block them).
Definitely puts a twist on how things are today. Honestly makes me consider using proxies or software like Ghostery.
I personally use EFF’s Privacy Badger, which I like so far. It does sometimes break sites because of not loading some third-party JS or iframe, though.
The author, referring to Ghostery:
Try https://github.com/gorhill/uBlock instead.
Ghostery’s statements disagree with that characterization of them.
Ghostery is created by a tracking company. Would you trust an anti tracking plugin from google to not report on you?