Do not track, online ads, and the end of anonymity
At present, the only way to prevent your activities from being tracked on the Internet is to block ads, but without ad revenue, your favorite sites will have to charge for content. How can online ads and privacy coexist?
Much has been made of the "do not track" features built into the latest versions of Internet Explorer, Firefox, and Safari (the setting for Firefox is shown below). A do-not-track option is available in Google Chrome only as an add-in from Google called Keep My Opt-Outs.
As Wired.com's Ryan Singel reported last April on the Epicenter blog, Google's wait-and-see attitude toward do-not-track features reflects the uncertainty about what kind of tracking is prohibited.
(In a Privacy Inc. post earlier this month, Declan McCullagh examined the approach to Web tracking being taken by the Federal Trade Commission and the World Wide Web Consortium.)
At the same time, Google and other Web services stand to lose a considerable amount of money if they're no longer allowed to track their users.
At present, the track-me-not setting in browsers is merely window dressing. Compliance is strictly voluntary. In fact, most ad networks will still track your Web activities despite your having this option enabled, although they may not serve up ads based on your past activities.
The only way to prevent third parties from knowing where you go and what you do on the Web is to block any content on a site you're visiting that's provided by sources other than the site itself. This third-party content is primarily, but not entirely, advertisements. Right now, we can have either ads and tracking, or no ads and no tracking, but we can't have the ads and no tracking.
Ads served up based on your past Web activity are more effective, which translates into more money for advertisers.
If you block ads, you deprive the site of ad revenue. The only way for the site to recoup lost ad revenue is to charge users for content.
Most Web users would likely be willing to trade a level of tracking that they can trust won't be used against them--either by the Web sites themselves or by bad guys who somehow got their hands on the data--in exchange for free services. But this is true only if we can be confident that the tracking is truly anonymous, and right now that's anything but certain.
Privacy threat: Personal information in URLs and page titles
Chances are the first thing you do after you turn your computer on is sign in. And the first thing you do after opening your e-mail program is sign in. And before you can use your favorite Web services, you have to sign in. Goodbye, anonymity.
Even if you've chosen a user ID that doesn't give a clue to your identity, your username and e-mail address are public information. Many well-known sites include usernames, e-mail addresses, and other identifiable data in page URLs and titles. Online advertisers and other third parties can record and tie this information to everything else they know about you.
Stanford graduate student Jonathan Mayer of the Center for Internet and Society (CIS) tested the "leakage" of usernames and e-mail addresses by 185 high-traffic sites. Mayer's tests found that 61 percent of the sites exposed personal information to third parties.
After Mayer created accounts at the sites, the account name, e-mail address, and other personal information associated with it were frequently distributed to third parties, often in violation of the site's own privacy policy. For example, he reported, NBC's site sent the e-mail address to 7 companies, Weather Underground sent the address to 22 companies, and Bleacher Report sent the user's first and last names to 15 companies.
In a post last month, Mayer examined the effectiveness of various antitracking tools and techniques, most of which work by blocking ads, scripts, or both.
User IDs can be associated with 'anonymized' data
Stanford postdoctoral fellow Arvind Narayanan explains on the CIS site that what Web services describe as anonymized personal information is actually pseudonymous, meaning a username, e-mail address, or both can be associated with so-called anonymized data to identify the user. You then have a detailed look at the person's past activities that you can link to a name, address, telephone number, and other information.
While it's theoretically possible to determine a person's identity based on username and other public data, such as the geolocation of that person's IP address, it's uncertain whether anyone is doing this. Still, if a user ID can be associated with anonymized user data, and if there's a way for someone to make money by doing it, such deanonymizing is inevitable.
The first step in securing our privacy is knowing who to trust with our personal data. The Internet can be used anonymously, but doing so requires a considerable effort. Few people are willing to sacrifice free and easy access to Web mail, social networks, entertainment, and information for the sake of anonymity.
Personal information has become the currency of the Web. Unless people are willing to shell out for most Web content--which doesn't appear likely--we have to find a way to pay for free Web services with data about ourselves, but in a way that doesn't jeopardize our privacy and security.