Surveillance as a Business Model

Google recently announced that it would start including individual users' names and photos in some ads. This means that if you rate some product positively, your friends may see ads for that product with your name and photo attached—without your knowledge or consent. Meanwhile, Facebook is eliminating a feature that allowed people to retain some portions of their anonymity on its website.

These changes come on the heels of Google's move to explore replacing tracking cookies with something that users have even less control over. Microsoft is doing something similar by developing its own tracking technology.

More generally, lots of companies are evading the "Do Not Track" rules, meant to give users a say in whether companies track them. Turns out the whole "Do Not Track" legislation has been a sham.

It shouldn't come as a surprise that big technology companies are tracking us on the Internet even more aggressively than before.

If these features don't sound particularly beneficial to you, it's because you're not the customer of any of these companies. You're the product, and you're being improved for their actual customers: their advertisers.

This is nothing new. For years, these sites and others have systematically improved their "product" by reducing user privacy. This excellent infographic, for example, illustrates how Facebook has done so over the years.

The "Do Not Track" law serves as a sterling example of how bad things are. When it was proposed, it was supposed to give users the right to demand that Internet companies not track them. Internet companies fought hard against the law, and when it was passed, they fought to ensure that it didn't have any benefit to users. Right now, complying is entirely voluntary, meaning that no Internet company has to follow the law. If a company does, because it wants the PR benefit of seeming to take user privacy seriously, it can still track its users.

Really: if you tell a "Do Not Track"-enabled company that you don't want to be tracked, it will stop showing you personalized ads. But your activity will be tracked -- and your personal information collected, sold and used -- just like everyone else's. It's best to think of it as a "track me in secret" law.

Of course, people don't think of it that way. Most people aren't fully aware of how much of their data is collected by these sites. And, as the "Do Not Track" story illustrates, Internet companies are doing their best to keep it that way.

The result is a world where our most intimate personal details are collected and stored. I used to say that Google has a more intimate picture of what I'm thinking of than my wife does. But that's not far enough: Google has a more intimate picture than I do. The company knows exactly what I am thinking about, how much I am thinking about it, and when I stop thinking about it: all from my Google searches. And it remembers all of that forever.

As the Edward Snowden revelations continue to expose the full extent of the National Security Agency's eavesdropping on the Internet, it has become increasingly obvious how much of that has been enabled by the corporate world's existing eavesdropping on the Internet.

The public/private surveillance partnership is fraying, but it's largely alive and well. The NSA didn't build its eavesdropping system from scratch; it got itself a copy of what the corporate world was already collecting.

There are a lot of reasons why Internet surveillance is so prevalent and pervasive.

One, users like free things, and don't realize how much value they're giving away to get it. We know that "free" is a special price that confuses peoples' thinking.

Google's 2013 third quarter profits were nearly $3 billion; that profit is the difference between how much our privacy is worth and the cost of the services we receive in exchange for it.

Two, Internet companies deliberately make privacy not salient. When you log onto Facebook, you don't think about how much personal information you're revealing to the company; you're chatting with your friends. When you wake up in the morning, you don't think about how you're going to allow a bunch of companies to track you throughout the day; you just put your cell phone in your pocket.

And three, the Internet's winner-takes-all market means that privacy-preserving alternatives have trouble getting off the ground. How many of you know that there is a Google alternative called DuckDuckGo that doesn't track you? Or that you can use cut-out sites to anonymize your Google queries? I have opted out of Facebook, and I know it affects my social life.

There are two types of changes that need to happen in order to fix this. First, there's the market change. We need to become actual customers of these sites so we can use purchasing power to force them to take our privacy seriously. But that's not enough. Because of the market failures surrounding privacy, a second change is needed. We need government regulations that protect our privacy by limiting what these sites can do with our data.

Surveillance is the business model of the Internet -- Al Gore recently called it a "stalker economy." All major websites run on advertising, and the more personal and targeted that advertising is, the more revenue the site gets for it. As long as we users remain the product, there is minimal incentive for these companies to provide any real privacy.

This essay previously appeared on CNN.com.

Posted on November 25, 2013 at 6:53 AM • 83 Comments

Comments

WilsonNovember 25, 2013 7:12 AM

It seems to me that the whole "you are the product" thing is deliberately confused: you are a consumer, your thoughts (aka "your data") are the money you pay, so the company can sell them to the other kind of costumers for regular money.

The bad thing is that you don't understand how much you are paying (most of us don't understand they're paying at all), so you can't choose properly.

It's very similar to the mortgage excess we've seen in the past years: people spend willingly more than they can (or will) pay.

HouseNovember 25, 2013 7:38 AM

What's a "cut-out site"? Do we know that DuckDuckGo does not track, or are we just taking their word for it?

kingsnakeNovember 25, 2013 7:50 AM

When was the last time Google claimed to not be evil? They don't even bother with the charade any more ...

Another KevinNovember 25, 2013 8:39 AM

With the rise of the surveillance state, we see the government offering the providers a hidden mandate to track the users. A 'Do Not Track' law with teeth would only force those sites into a conflict between the public law and the secret law. And in the secret courts, the secret law wins. Does anyone seriously think that if a site that truly offered privacy gained any traction, that they wouldn't be co-opted or shut down? The government has become far too addicted to the data to give it up.

Changes to the law are unlikely to help, because, as with the ancient Chinese empire, changes at the top fail to change the system, which is enforced by an endless army of faceless bureaucrats. An entrenched bureaucracy can be toppled only by an external force. In our case, it will resist the external force with its fingers on the thermonuclear trigger.

Dismantling the surveillance state will be very dangerous.

a1November 25, 2013 8:42 AM

Another search engine that says it's not tracking their users: startpage.com

It's doubtful it's 100% so because they are capable of returning google results. One benefit is avoiding the "bubble" that you're in when you're using a tracked search.

vas pupNovember 25, 2013 8:47 AM

@Bruce:
"We need government regulations that protect our privacy by limiting what these sites can do with our data". Yes, we do. And Governement should finally become not part of the problem, but part of the solution. Until some poweful person's (senator, federal judge, etc.) privacy is not compromised, nothing change. In this case they may undrestand through personal experinece/pain/suffering that regulation is required. This may (or may not) counterbalance contributions of kings of stalker economy into their reelection (legislative branch only).

milkshakenNovember 25, 2013 8:50 AM

I have deleted my old Facebook profile three times already. (Every time I re-check, few months later, it comes back - you see, they saved it for me "just in case I wanted it re-instated". The same goes with the Hotmail account.) Google is now plugging in my real name every time I am on Youtube or writing some comment on a web page that recognizes that I am logged in gmail.
A pop-up in LinkedIn recently asked me which organizations I supported. I wrote Al Qaeda, Hezbollah, Islamic Jihad and Boko Haram - just to see what would happen - and sure enough, it appeared in my profile. It was not funny.

kashmarekNovember 25, 2013 9:36 AM

For those of you that followed the U.S. laments about Chinese communications equipment and alleged spying efforts, our government admits guilt (not that they wanted to) in doing EXACTLY the same thing in the far eastern arena:

Singapore & South Korea help NSA tap undersea cables

http://yro.slashdot.org/story/13/11/25/0546240/...

Which begs the question: will documentation of such activities be prohibited such as to avoid this type of disclosure?

We now have known rogue agencies performing know rogue activities (not all is know yet). One can expect to have stealth agencies (multiples to disperse the chance of discovery) performing stealth (illegal) activities leaving no trail for discovery, except perhaps by each other. The disaster of this is when one of those agencies falls under control of a foreign government or organization that wants to change our existing national foundation to something inappropriate for the country. This will not be the rise of the machines (or SkyNet so to speak; a distraction), but the rise of the behind the scenes mechanism for totalitariun control.

Also posted on another story, but is seems appropriate here. As the "known" organizations become too familiar, they will eventually be displaced by "stealth" organizations in order to return to the days of old when they were unknown, and these groups won't have to obey any laws.

AlanSNovember 25, 2013 10:01 AM

Startpage also has a companion search engine called IXQuick. I believe Startpage returns Google results and IXQuick is a metasearch engine that doesn't use Google. The Dutch company that owns both also appears to be working on a privacy-oriented alternative to Gmail etc.

Nick PNovember 25, 2013 10:03 AM

@ Bruce

correction to article: Google's profit was $2.97 bil on actual revenue of $11.9 billion. source

Your point is still valid. They're just making *way* less money than that.

kashmarekNovember 25, 2013 10:14 AM

All of this is a spin-off on a badly translated line from a computer game:

“all of your bases now belong to us” (CATS in Zero Wing)

which came out as:

“All your base are belong to us” (which even has a Wiki page)

And, eventually became:

“All your data are belong to us”

in the meme put forth by Apple, Microsoft, Google, Facebook and others, with regard to items you post to the web, your activities while on the web, and what you say, do or think anytime and everywhere else.

Ultimately, electronic gadgets (including radio & TV), computers, and the Internet, has become the full implementation of Skinner’s Box, an operant conditioning chamber, used in the principal of reinforcement. The book Spy TV reveals the intent of such activity (TV spies on users; changes their behavior). While marketing is the cover story, I believe that control is the undercover objective. And, for the current cover story, the cost of such data collection and tracking, paid by advertisers, adds to the cost of products, which when such things are no longer affordable, will begin the spiral of being unsupportable, and eventually continued use will be for control only.

By the way, in the realm of criminal intent, this becomes: "all your money are belong to us"

disagree123November 25, 2013 10:31 AM

> We need to become actual customers of these sites so we can use purchasing power to force them to take our privacy seriously.

Bruce, I don't think this would be a good change. Let's use Google as an example. Right now I can search on Google anonymously. Maybe they set a tracking cookie or use something else, but so far it's an anonymous identifier. The privacy policy gives them a lot of leeway to do whatever they want with information they log and maybe they can figure out it's me, but it'll be some statistical model (i.e., not 100% certainty). The system is limited by what it can observe and infer.

In order to have a real customer relationship, Google would need my billing information and establish a chain of evidence for billing (no searches without login and password). Then they would know 100% who I am so they can bill me the 25c or so per query. And they would know 100% who (which billing ids) were searching for midget porn, because there will be folks disputing their bills.

Targeted ads can be served without knowing identifying details about the users. While nobody knows how their advertising system works in detail it seems to me that it /could/ at least be implemented in a way that keeps users anonymous. Nobody knows if it is and maybe some audit or something could help ensure that things don't get too creepy.

Peter GalbavyNovember 25, 2013 10:33 AM

vap pup: pretty much as per the Will Smith vehicle, Enemy of the State, at the end where the security-committee senator (was it?) apparently gets rather surveilled / compromised by his own people. And I am sure in many other works of fiction. Just needs to happen in real life a few more times, to people who matter.

kashmarekNovember 25, 2013 10:39 AM

On "opting out" of Facebook affecting your social life, I agree with Ed...REALLY?

If Facebook contact, which is hardly face to face and certainly not person to person, is your social life, then you may have no life at all.

While there are risks in face to face and person to person contact with other human beings, the rewards are much greater. Facebook et al, reminds me of something I have observed in the schools of America today, called the "liars club". In the liars club, the student members are non-judgemental and everything they say about anybody outside the club, is a lie. If a member becomes judgemental, they lose membership and become one of the targets of the lies. The members of the liars club survive on their own filtered image of the world.

Marketing is essentially a liars club, as are many other organizations including politics, religion and governments (especially organizations that operate under a banner labeled "top secret", "eyes only", or "confidential information"). These groups want to know everything about YOU but refuse to let you know anything about THEM.

squarooticusNovember 25, 2013 10:56 AM

Calling for more government regulation when the government is a big part of the problem with ubiquitous surveillance seems counterproductive. Companies having the ability to traffic in our personal information when there *are* ways to opt out seems far less bad than giving the big monopoly with guns even more power, without any ability on our part to opt out of that.

GarfieldNovember 25, 2013 11:05 AM

@kashmarek
Marketing is essentially a liars club
This is why we have all the stories about how indispensable corporations like FB are.

@Bruce Schneier
These changes come on the heels of Google's move to explore replacing tracking cookies with something that users have even less control over.
Google has been using various tricks to bypass users cookie settings for some years now. Besides that they seem to have been one of the companies using the font-based identification mechanism (research on this was commented on this blog by someone recently) So this is not much new.

Google is likely supported by US government interests. Thus the fact that bulk of their revenue is from advertizement does not seem to have much effect on their stock valuation.

GarfieldNovember 25, 2013 11:17 AM

Extract of an interview involving Wikileaks and Google...

Julian Assange on Meeting with Google, Responds to Anti-WikiLeaks Attacks from New Film to Finances
http://www.democracynow.org/2013/5/29/julian_assange_on_meeting_with_google

JULIAN ASSANGE: It’s quite interesting to speculate as to the surface excuse for the meeting being about a book versus was there another side to it, as well. If we look at the way that Eric Schmidt and Jared Cohen have been going to North Korea and meeting with some other thieves, and how that information very rapidly goes back to the State Department—we know that the results of that meeting with Eric Schmidt and Jared Cohen went very, very quickly back to the top levels of the State Department—that they’re, in some ways, becoming informal, deniable foreign ministers for a section of U.S. power. That’s a very interesting thing to see Google resting so heavily on the U.S. State Department.

NERMEEN SHAIKH: I want to turn to an excerpt from the book by Eric Schmidt and Jared Cohen called The New Digital Age: Reshaping the Future of People, Nations and Business. In it, the authors suggest WikiLeaks has endangered lives. They write, quote, "Neither WikiLeaks nor groups like Anonymous are terrorist organizations, although some might claim that hackers who engage in activities like stealing and publishing personal and classified information online might as well be. The information released on WikiLeaks put lives at risk and inflicted serious diplomatic damage," end-quote. The authors don’t cite evidence for their claim, but they do put an asterisk next to the statement saying, quote, "At a minimum, platforms like WikiLeaks and hacker collectives that traffic in stolen classified material from governments enable or encourage espionage." Julian Assange, your comments on that quote taken from Eric Schmidt’s book?

JULIAN ASSANGE: Well, it’s absurd. States that engage in espionage want to keep the information that they gain to themselves in order to get competitive knowledge advantage over other states, and also simply to protect their sourcing operations. There’s a reason why that claim, like all such claims, remains uncited: because it is false. Not even the Pentagon, in fact, no government organization, claims that the activities of WikiLeaks have led even to the loss of life for a single person anywhere in the world.

GadflyNovember 25, 2013 11:18 AM

Its quite interesting that of the 12 links in this post, only 3 don't utilize some sort of tracking software (Google Analytics or Google Tag Services). The three sites deserve attention for their NON-inclusion of tracking software: Schneier.com, DuckDuckGo.com and MIT.edu.

The ubiquity of Google Analytics (and its spawn) caused me to do a little research, and out of curiosity I looked at a few government sites. It seems that most Federal Government sites use Google Analytics: Department of State (State.gov), Department of Commerce (Commerce.gov), Homeland Security (DHS.gov), Department of Energy (Energy.gov) among others too numerous to list here. Even the NSA uses Google Analytics.

The question of course is "why"? Google Analytics is designed to track (and I quote from the Google Analytic page here) "Advertising and Campaign Performance; Audience Characteristics and Behavior; Data Collection and Management; and Sales and Conversions". How can a commercial marketing tool be justified as being relevant to the function of the US Government?

PeterNovember 25, 2013 11:31 AM

Become a customer won't solve the problem. No matter how much they charge, companies will still go after "alternate revenue streams."

A good example is Tivo - you pay for the device, and the service, but they still sell your data.

(Tivo failed in Canada. The main reason was they took so long organizing their "alternate revenue streams" before introducing the product that by the time they showed up, the cable companies had completely occupied the market space. They tried for a year, and then pulled out.)

MartinNovember 25, 2013 12:00 PM

I'm always surprised how many people, even technical people whose area of expertise is not specifically in public web sites, are not aware of tracking cookies. They think that as long as they don't type embarassing search terms into Google, they're relatively safe. Not realising that almost every single web page they visit, will be tracked by at least Google, and probably also Facebook, Twitter and several others.

Another blind spot I've noticed in quite a few people: they're happy and proud that they don't have a gmail address, saying that's at least one less way Google can spy on them. Not realising that if 90% of the people they exchange mail with, *do* use gmail, it doesn't help a lot..

jamesNovember 25, 2013 12:06 PM

@ed
@kashmarek
If Facebook contact, which is hardly face to face and certainly not person to person, is your social life, then you may have no life at all.

You don't get out much. If I want to go on a group ride with my bike club... it's scheduled on facebook. If I want to carpool to a race with the running club... it's planned on facebook. If I want to see the dinner special at a restaurant... it's on facebook. If I want to know what band is playing Saturday night or what verse the preacher is using Sunday morning...

A lot of smaller businesses don't even have web sites, just "like us on fb!" I avoid logging in by having it forward to an email, unless I want more than a one-way flow of information. But fb has done a very good job of inserting themselves between us and the real world.

TrisectangleNovember 25, 2013 12:31 PM

@disagree123

"Maybe they set a tracking cookie or use something else, but so far it's an anonymous identifier. The privacy policy gives them a lot of leeway to do whatever they want with information they log and maybe they can figure out it's me, but it'll be some statistical model (i.e., not 100% certainty). The system is limited by what it can observe and infer."

That's where AdID and Google Analytics comes in. Their aim with that is to tie back your activity across various devices and then make the ID number associated with you profile available to users of Google Analytics who can then cross reference that against their CRM systems and customer database. They can then also check whether you've been cookied by any of their advertising campaigns and associate your ID with those cookies and then change the ads they show to the browser with that cookie. If they are buying information from various data providers they could overlay your credit score and employment history, for example, on top of that. Shared computers are a bit of a hindrance but that is decreasing as people move away from shared devices as more and more browsing occurs on mobiles and as Google, and other companies, start to provide data on a personal ID/per account basis rather than by machine.

Of course most companies don't care about "you", they only care about whether you're in market for a holiday, which websites their big spenders tend to hang out on or whether their customers browse on the mobile first and then purchase on the full website. In general it's not worth marketing to one person. That said, if they wanted to they very soon could market to you, yes you, Mr John Smith from Roseburg, Oregon (or whoever).

Anyway, the other point is that even if marketers aren't interested in you as a person that data and the capabilities of that technology are very much available should someone want to abuse it.

The other huge reason why most advertisers aren't really using this kind of stuff to the fullest yet is that they are generally 5 years behind the cutting edge (which is an eternity in digital terms). Most of them aren't building up their own cookie pools yet for example and many hive out much of that stuff to third parties which puts a barrier between the personal information in their CRM systems and the individualised cookie data sitting with the networks, Facebook, exchanges etc.

jacksonNovember 25, 2013 12:33 PM

"We cannot solve our problems with the same thinking we used when we created them."

- Albert Einstein

And THAT is exactly what you are doing.

SkepticalNovember 25, 2013 12:41 PM


I completely agree that we need government regulation limiting what companies may do with information they've collected from their customers in the course of business.

We also need regulation giving customers a right of access to data held by companies, and regulation giving customers a right of deletion.

As to market solutions, I'm not sure there aren't any in the offing. Google and Facebook, among others, are wary of this possibility.

Bruce, you've previously put forth a generational hypothesis, stating that since younger generations are more familiar with transparency and accustomed to having all information exposed, those generations will also be less likely to preserve confidentiality than were previous generations.

I can see how the need for government regulation, and the failure of the market with respect to privacy, fits neatly with that hypothesis.

However, I continue to suspect that younger generations are actually more, not less, aware of the dangers posed by breaching confidentiality and by the communicative power of the internet. And that awareness may lead to demand for market solutions to privacy problems.

For example, Snapchat recently turned down a 3bn USD offer from Facebook. Reportedly, Facebook is concerned that Snapchat's growing popularity - 5 million active daily users as of a couple months ago, sharing upwards of 200 million photographs a day - will drive traffic away from the Facebook service.

Snapchat's appeal, of course, is that what you share disappears.

And as the job market stays tight, employers continue to run internet searches on prospective hires, and the power of the internet to make or destroy reputations remains vibrant, I would expect such services to continue to proliferate.

One last side note: I'm skeptical that knowledge of Google searches is necessarily as telling as you think. Constant access to the internet also means a stream of trivial search requests that are just as likely to be related to a discussion of a book, a TV show, a conversation with friends, a bit of gossip, an idle thought (how many polar bears are there in the world, anyway?), as to anything meaningful in one's life. Your repeated searches on the symptoms of sarcoidosis may mean that you or a family member or a friend is suffering from such symptoms - or it may mean that you happened to have stumbled upon some episodes of House.

stvsNovember 25, 2013 1:57 PM

It's trivially easy to defeat tracking either by cookies or super cookies. The challenge is to make people care enough to do so.

E.g. on OS X, here's a "Do Not Track" rule for Safari that cannot be evaded:

vi ~/Library/LaunchAgents/org.opensource.flashcookiedelete.plist

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>org.opensource.flashcookiedelete.plist</string>
<key>Program</key>
<string>/bin/bash</string>
<key>ProgramArguments</key>
<array>
<string>/bin/bash</string>
<string>-c</string>
<string>( cd ~/Library/Preferences/Macromedia/Flash\ Player ; find . ! -path ./macromedia.com/support/flashplayer/sys/settings.sol -delete )</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>StartInterval</key>
<integer>1800</integer>
<key>ServiceDescription</key>
<string>Delete Flash Cookies</string>
</dict>
</plist>

launchctl load -w ~/Library/LaunchAgents/org.opensource.flashcookiedelete.plist

This deletes all Flash Cookies every half hour, and leaves your macromedia settings from http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html intact. There are similar solutions on all other browsers/OSs, such as BetterPrivacy on Firefox.

Tim!November 25, 2013 2:30 PM

I note that this setting defaulted to unchecked in my apps for domain account. I imagine that for gmail.com users it defaults to checked?

AnuraNovember 25, 2013 2:34 PM

The thing that saddens me is the absolute reluctance of the people to want to address this. You would think that the libertarians would see this as a problem, and to some it is, but from most of them I hear that because it's not government, we shouldn't do anything about it since "Well, you can just not use a cell phone or the internet if you want to protect your privacy."

There are options like Tor, but it still isn't that simple, it requires knowing how to use it properly to stay anonymous. Privacy should be the default, not something that it takes education and effort to achieve.

Tim!November 25, 2013 2:36 PM

@Gadfly:

You've answered your own question: "Audience Characteristics and Behavior; Data Collection and Management"

Have you ever used google analytics? It is a powerful tool for determining how a web site is actually used: which pages are popular, which pages are hard to find, which links are broken, what kind of people are visiting your site, where they came from, etc.

NobodySpecialNovember 25, 2013 3:39 PM

@vas pup - we have government regulation on what companies can do with your data (at least in europe)

Of course it doesn't apply to forieng companies, so if you choose to share your data with Facebook GrandCaymen Inc or Linkedin Liberia SA then that's your choice - and it's upto those countries to enforce their own rules

BrianNovember 25, 2013 4:04 PM

First and foremost, Google did not make anywhere near $15bn in profits in a single quarter. That was their REVENUE. There's a pretty massive distinction to be made there.

Second, if anyone commenting doesn't understand how deleting your facebook would affect your social life, then I've got to assume you're at least 40+ years old? My friends and I use Facebook collaboration to plan all our events/parties/etc. This whole "socializing face to face is the only socializing there is" attitude is so dated and hilariously wrong that I don't even know where to start. Listen to some of the ridiculous rhetoric these people are spewing. Pure silliness.

name.withheld.for.obvious.reasonsNovember 25, 2013 4:50 PM

Just last week, on a subscription site, the service application failed to perform some basic functions. I contacted their personnel from their blog site and detailed the conditions and state of operable components (I strip all java and script tags). I indicated that three analytics sites might cause the service app to fail. This week I get a notice about a change to the terms of use. Post facto bullshit.

name.withheld.for.obvious.reasonsNovember 25, 2013 5:12 PM

@ skeptical

Bruce, you've previously put forth a generational hypothesis, stating that since younger generations are more familiar with transparency and accustomed to having all information exposed, those generations will also be less likely to preserve confidentiality than were previous generations.

I did that too, like me you must have written game console software in the 80's.

Scott FergusonNovember 25, 2013 7:04 PM

@House


Do we know that DuckDuckGo does not track, or are we just taking their word for it?


Does it even matter?

Your ISP tracks your traffic.
If your ISP is just a reseller then you have two companies whose open business model includes tracking all your traffic.

Many ISPs have invested heavily in the magic of big data and collect a whole lot more than data on your internal network, devices, and software.
Additionally they often use third-party content delivery networks and/or "compression" technology - either of which provides more data on your traffic (and devices and software) to other parties. It's the data warehouses that combine and resell all that data that should be major concerns - especially when part of their business is "data transcription" for things like "medical practices".

Worrying about what your search engines "sees" is like worrying about what the barman at the local pub sees and overlooking everyone else in the pub and the security cameras. It's a small part of the problem IMO.

name.withheld.for.obvious.reasonsNovember 25, 2013 7:58 PM

Must be 14 months ago, posted detailed information about the workings of fbconnect, XML, and image GUID's. How Bing, Google, and Yahoo make us their bitches. Also mentioned how fourth parties like shopping shadow, shopping.com access analytics and aggregate multiple sources. Most people don't know it (there's very little in the way of anonymous Internet activity--except unplugging), but that's Internet toilet paper stuck to your shoe!

AnuraNovember 25, 2013 8:50 PM

@Scott Ferguson

Since DuckDuckGo forces SSL, your ISP can neither cache results nor tell what you are searching for if you are using it.

Scott FergusonNovember 25, 2013 9:20 PM

@Anura

Since DuckDuckGo forces SSL, your ISP can neither cache results nor tell what you are searching for if you are using it.

A. I'd trust DuckDuckGo as much as I trusted Hushmail and Lavabit - which is not at all. Even if the people concerned were dedicated altruists their system can't deliver the goods their marketing promises.

B. I don't trust Geotrust certificates. Or Verisign, or [insert notary here].

C. Maybe It's Too Much to trust any site that doesn't use DNSSEC.

To trust DuckDuckGo or any search engine requires (blind and dumb) faith. I'd rather trust in what I can verify and load the databases of those I can't verify with false positives than cast my fates with some invisible being in the sky (or some marketing pitch).

Scott FergusonNovember 25, 2013 9:23 PM

@Anura


Since DuckDuckGo forces SSL, your ISP can neither cache results nor tell what you are searching for if you are using it.

Your ISP certainly knows when you go to any SSL "secured" site. It probably isn't rocket science to connect the pages you go to from there with the search terms you used.


AnuraNovember 25, 2013 9:41 PM

Just to be clear, I'm not endorsing any search engines, just saying that they are limited in what they can do. Search terms don't matter to them so much, but what sites you visit definitely do. I don't suspect they are using fake certificates to perform MITM attacks, so if the ISP is a concern, SSL is enough to stop them from seeing exactly what content you are viewing.

I don't disagree with your point.

The current CA system is horrible if you want to protect against either governments or hackers. I used to work for a company that resold certificates. It was an automated process, with absolutely no validation of information (except for a valid credit card and a fraud checking service) there was nothing to ensure they owned the domain name. We submitted a CSR to the issuing CA, within minutes we received a signed certificate just like that. However, I still think it's sufficient to protect against mass surveillance.

Scott WileyNovember 25, 2013 10:40 PM

I have a question I would like ask folks here.

(This is from the perspective of a web surfer stumbling upon some site and checking its CA certificate)

The question is:

Does a CA certificate fulfill any other purpose than that of tying a human-readable domain name with the IP-address of the domain?

I mean because often if there is some organization name in such a cert, it may not correspond to the public company name known to the surfer. So from a practical point of view the only thing that the surfer can "confirm" from it (assuming it is real and no spoofing is going on) is that the IP xxx.xxx.xxx.xxx belongs to www.yyy.zzz.

Or is there some other benefit that a surfer (without a malicious intent) could gain from checking such a cert?

Thanks in advance

Scott FergusonNovember 25, 2013 11:08 PM

@Anura


I don't suspect they are using fake certificates to perform MITM attacks,

That a site doesn't use DNSSEC means that you cannot verify it's identity - hence the the comment about MITM.

so if the ISP is a concern, SSL is enough to stop them from seeing exactly what content you are viewing.

I'd be very surprised if any of the major ISPs were not compromised. I can't think of many companies that compete for government contracts that would require actual legislation to force them to retain all customer activity records - and I know for a fact at least one major ISP in Australia has already been doing that (ostensibly for their own privacy-respecting data mining projects).



The current CA system is horrible if you want to protect against either governments or hackers. I used to work for a company that resold certificates. It was an automated process, with absolutely no validation of information (except for a valid credit card and a fraud checking service) there was nothing to ensure they owned the domain name. We submitted a CSR to the issuing CA, within minutes we received a signed certificate just like that. However, I still think it's sufficient to protect against mass surveillance.

Any CA system, even one from a provider we know hadn't been compromised (yet), if it was possible to prove such a thing, is just butter for those without bread. If you can't match the key to the location it's as trustworthy as a password without a username, an eyeball without a head, or a finger without a hand.

And CA's like service providers that market privacy are, at best, liabilities (targets we come to rely on). i.e. that you (and others) think it's sufficient to protect against mass surveillance means that sooner or later it won't be - simply because the certificate can be copied or stolen and visitors re-directed. If DuckDuckGo were serious about privacy they'd trivially implement DNSSEC and encourage visitors to install extensions to check it - much the same as Lavabit and Hushmail would have implemented systems that wouldn't be so simple for the NSA to rape (or HideMyAss would use a system that did just that).

That DuckDuckGo don't use DNSSEC to provide actual privacy by assuring you of who is serving the certificate - despite the great marketing it would provide, does make me question their competence and trustworthiness.

And no - I didn't think you were shilling for DuckDuckGo

Scott FergusonNovember 25, 2013 11:17 PM

@Scott Wiley

Does a CA certificate fulfill any other purpose than that of tying a human-readable domain name with the IP-address of the domain?

It identifies the key, and that belongs to the domain. The more expensive certs also verify the identity of the organization that owns the cert and the domain (they'll say that in the actual cert).

http://en.wikipedia.org/wiki/Certificate_authority

CA certs don't 'prove' the DNS record though (see my other posts in this thread).

Jim PhilipsNovember 25, 2013 11:25 PM

I do not agree with the recommendation for more government regulation. I don't need to be protected from Google. Like you said, I can switch to DuckDuckGo (as I have) or another competitor. Regulation will only reduce competition and slow innovation. Unlike the government, Google cannot force me to do anything.

ob1knbNovember 26, 2013 12:11 AM

Bruce - Regarding legal solutions -

The treatment of PII presumes shows the originating data source (the person) is not respected as an owner should be. So, how about PATENTing ourselves as uniquely original works to reclaim ourselves?

Follow me for a minute: "Data Owner" in PII standards - doesn't acknowledge the PII-originating person as the owner. Why? It is opposite of any other legal ownership attribution.

All PII has an obvious data derivation to a uniquely identifiable person, and value. Just like licensing and royalities from the original, use/copies require owner authorization and compensation.

The automated credential consolidations, replication, and remote reuse "convenience features" that allow PII to be farmed, has taken it too far. No one says it's OK to copy someone's house and car keys, use them whenever we like, and disregard the privacy and security within our home or car. It shouldn't be any different on devices we own; just because it's easily done and harder to prove a chain of custody - doesn't mean it's legal.

Finally - the counter argument against a patent-type claim is revealing: If we are not able to own our natural selves or have ownership rights for valuable PII data we generate - then we are already treated as slaves - without rights to control our own property or obtain value from derivative data works without compensation. Slavery, stealing, and pirating are clearly ... illegal.

An "opt-out" presumes that PII can be taken first without asking. If basic self-ownership was respected from the start as community members, we really wouldn't have to go there. But established anti-slavery and physical property title/ownership laws are respected. We should have the ownership of ourselves returned and all derivative data by default. Our PII has value, so it should require authorization to use and resell, accountability for accuracy, and compensation to the owner.

Michael MoserNovember 26, 2013 2:47 AM

Google, facebook and friends are all on NASDAQ; that means that each quarter they have to show off with some growth + profits

Now they have a problem: peak advertising - http://peakads.org/images/Peak_Ads.pdf - people just don't seem to click on those adds, so adds must be personalized and data must be gathered.

Is there any way out of this? I like how amazon is pushing stuff: People who bought this book also bought x,y,z. If they find a way of merging contents and adds then this might lead to less snooping.

I have written a blog post on this: http://mosermichael.github.io/cstuff/all/blogg/2013/10/14/post-1.html

Mike the goatNovember 26, 2013 3:02 AM

Stvs: unfortunately the big tracking companies have moved way beyond cookies and are now fingerprinting you based on browser quriks and loaded fonts, etc.

Sophie SchmiegNovember 26, 2013 3:54 AM

If these features don't sound particularly beneficial to you, it's because you're not the customer of any of these companies. You're the product, and you're being improved for their actual customers: their advertisers.

I think this statement oversimplifies the situation. Selling ads is not a zero sum game, so just because someone pays for the display of an ad does not necessarily skew the incentives. Just think of classified ads in a local newspaper for apartment rental. People searching for an apartment will actively seek out these ads and want further informations even though the newspaper is paid for the display.

Let's analyze the situation step by step. First, look at recommendations themselves. If Alice reads a book and enjoys it, she might recommend this book to Bob. If Bob follows the recommendation and also likes the book his view of Alice rises, otherwise it falls. So Alice is putting her reputation on the line. If Alice is paid by the author, Bob will most likely adjust his view of Alice to accommodate for this fact, maybe even disregarding her recommendation entirely. If she gets paid in secret and Bob only finds out later, her reputation is pretty much wrecked. So recommending something is never without risk to the person giving the recommendation, who will in turn want to control to whom she gives said recommendation.

The situation becomes even more complicated if a third person enters. Let's say Alice recommended something to Bob, and Bob and Charly are chatting about this topic. Bob can not mention Alices recommendation, he can pass it along anonymously or he can say what Alice has told him. But now, Bobs reputation towards both Alice and Charly is on the line as well. If Alice did not want him to tell Charly, she might be mad at him no matter how Charly reacts. This might be the case if Bob mixed to social circles that Alice did not want to mix. If Charly does not like the recommendation, her view of Bob and Alice will sink, of course only if she knows that it was Alice, who recommended something in the first place. So Bob is clearly an actor in this case and has his reputation for several things, among them his social skills, on the line.

A recommendation on the internet is usually regarded as public under pseudonym, even if your name is used. This means that you can build up reputation by having online recommendations, but only to people, who a interested in your recommendations in the first place. Slapping your face on an ad and displaying that to a friend of yours basically changes this to the situation discussed in the last paragraph. But neither Google nor Facebook have any reputation for their social skills to speak of (Just look at the "People you may know" list). Worse than that, they try to take their own reputation out of the whole game by not being a visibly active part of the advertisement. This backslash has most of its roots in them doing something that we don't trust them with. Disregarding explicit wishes about tracking even furthers our distrust in their social skills.

If Google or Facebook want to use personalized ads, the high road would be to prove that they know and understand our social circles and that they will not breach our trust put into them by revealing information to third parties indiscriminately. They need to show, that their advertisements are honest recommendations, not trying to trick us into buying something. The latter one can be achieved by transparency and by using non intrusive ad format and display, while the former is much harder. When it comes to government overreach, the situation is trickier. Usually, if our livelihood or even our lives are at stake we ask for something of similar magnitude to be on the line for every other party in order to trust them. Google and Facebook will have to prove that they will fight unwarranted surveillance by consistently challenging them in court and doing their best to protect the data. As a cooperation, they adhere to some different social norms than usual persons and communicating that and proving that they uphold their promises will be key here. Failing to take said high road may be more lucrative in the short term, but may also fail horribly in the long run.

Marcus AureliusNovember 26, 2013 4:46 AM

Is there any absolute way how to prevent an ISP from tracking one's traffic? Would they also store the data indefinitely or would they just analyze it and store results only?

WinterNovember 26, 2013 4:56 AM

I am wondering how much it helps to use things like StartPage, Ghostery, Noscript, and SecretAgent? Do they make a dent in the tracking?

Also, I do use Google Gmail, Calendar et al. Always assuming that these are unsafe. But I never browse or search when logged into any account. Here too, I have no grasp on how much this helps.

I assume that if I decide I need to do sensitive stuff, I will do them using Tor (browser bundle) with NoScript or VPNgate (depending on the "attack model"), using special webmail services. But the need hardly arises, I must admit.

WinterNovember 26, 2013 4:59 AM

@Marcus Aurelius
"Is there any absolute way how to prevent an ISP from tracking one's traffic? Would they also store the data indefinitely or would they just analyze it and store results only?"

Maybe you can try:
http://www.vpngate.net/en/

The 4168 Public VPN Relay Servers by volunteers around the world.
You may connect to any of these VPN servers with: Username: 'vpn', Password: 'vpn'.

Not sure how these track you, though.

Tom T.November 26, 2013 6:19 AM

To become a internet customer it would be trivial to add a yearly $200 +/- Content Fee to the ISP fee to be disbursed according to hit counts (or something) to content providers.

Except, the cable TV provider, which does that already, STILL bombs us with ads, still spies on us and are proposing TVs that literally watch us as we watch.

I think it's beyond monetization any more. It's simple tyranny and a police state mindset by those in charge.

Even the STASI realized tangible violence on the populace was not the best control method. They saw psychological harassment was far more likely to be unrecognized for what it was to victims and their supporters and thus they were less likely to be provoked into active resistance.

65535November 26, 2013 6:23 AM

I am at the bottom of the thread. I’ll keep my observations short.

“As long as we users remain the product, there is minimal incentive for these companies to provide any real privacy… you can use cut-out sites to anonymize your Google queries... I have opted out of Facebook, and I know it affects my social life…. Al Gore recently called it a "stalker economy…” – Bruce S

I am using DDG. I like it. But, I have reservations about it being a company subject to American jurisdiction (the ability of the NSA to drop malware, various FISA rulings and equipment under CALEA).

The stalker economy is a good description. How do we avoid becoming the “product” of big companies with ties to the government such as Google and Facebook?

I know dumping Facebook is a start (and it is a social cost/benefit decision). But, Google with its vast resources is another story.

@Garfield

I believe it is hypocritical for the NSA to hire hackers to plant malware, damage equipment and endanger civilian’s lives with drone strikes - yet smear Julian Assange for hiring hackers and releasing reports.

The government has its mouth pieces like Schmidt and Cohen criticize Assange with leaks “that put lives at risk and inflict serious diplomatic damage” and then it spies on heads of states causing exactly the same damage (not to mention making American companies less desirable in the market place). That is governmental hypocrisy.

@ Jackson

The government is throwing $75,000,000 down the drain for “damage control” which will lead to more damage and less control.

@ BP

This is a classic case of the President securing his own blackberry mobile phone – but not securing his citizen's mobile phones. It’s a two class system.

I will say that SecurVoice backend servers probably hold the crypto keys and are probably under the control of the Whitehouse. So, if the SecurVoice solution were nationwide for Joe Pubic I would guess the NSA would have access to those keys (the CALEA problem).

@ Winter

The VPN Gate looks interesting. Anybody tried the system?

WinterNovember 26, 2013 6:45 AM

@65535
"@ Winter The VPN Gate looks interesting. Anybody tried the system?"

For what it is worth, I have. You have to update the access server quite often. They seem to drop out after a few days. In all other respects, it seems to work. I used it to post this through a server in India.

Furthermore, the aim of VPN Gate is to supply tunnels through the Great Firewall and equivalent firewalls in other countries. Anonymity is not the goal. It is entirely possible that someone copies the log files before they are deleted after two weeks (the default store time?). Also, I have no idea what the access servers see.

RomerNovember 26, 2013 7:01 AM

"As long as we users remain the product, there is minimal incentive for these companies to provide any real privacy."

Bruce -- "Users = product" isn't anything new. It is and has been the business model of the entire publishing industry for many decades. The Web has simply enabled "demographic targeting" on steroids.

And yes, ever penny of profit made by Google et al derives from monetizing our identities and activities, just as the publishing giants of the last century monetized their readers in a much cruder fashion.

Someday - maybe not far off - the model will be disrupted again, simply because there's a lot of money in it. Enabling users to monetize their own identities might be one way that will happen.

BryanNovember 26, 2013 8:34 AM

Your ISP certainly knows when you go to any SSL "secured" site. It probably isn't rocket science to connect the pages you go to from there with the search terms you used.
Especially considering your browser happily passes along the referring URL. ;) Yeah, you can turn it off, but will you always remember to turn it off?

vas pupNovember 26, 2013 8:43 AM

@NobodySpecial.
Thank you for your input. Looks like European government cares more about privacy of their citizens than profits of their cyber stalker/big companies. By the way, same applies to health care - just observation. One of the possible expalnation (put aside stupid acusation in socialism) is that money play smaller part in the election process.

stvsNovember 26, 2013 8:45 AM

unfortunately the big tracking companies have moved way beyond cookies and are now fingerprinting you based on browser quriks and loaded fonts, etc.

It's also easy to proxy all your traffic through squid and privoxy, which will scrub/forge all this information, and filter out ads to boot. This is possible with https if you're willing to set up your own SSL interception proxy on the LAN.

But I haven't seen anything in the press that says that tracking companies now use more sophisticated browser-information-based attacks like the EFF's panopticlick, https://panopticlick.eff.org.

Are you able to provide a reliable link? If so, it may be time to set up whitehat SSL interception. Anyone yet released any easier tools to data pollute browser information and undermine panopticlick-like tracking?

stvsNovember 26, 2013 8:56 AM

There are a set of tools at http://fixtracking.com . These don't stop highly specific browser plugin and font details from being presented to https://panopticlick.eff.org , but they presumably block them from being presented to the major tracking sites. If effective, installing these is a lot easier than building an SSL intercepting proxy.

PaeniteoNovember 26, 2013 2:23 PM

"This means that if you rate some product positively, your friends may see ads for that product with your name and photo attached—without your knowledge or consent."

Am I the only one who received an email from Google that actively informed me about these upcoming changes with respect to my account there along with quite a number of other notifications on their portal pages?
=> Cannot complain about lacking knowledge.
And am I the only one who found the corresponding checkbox on the Google account settings page *disabled* by default, effectively requiring *opt-in* into this new 'feature'?
=> Cannot complain about lacking consent (I didn't opt in, btw).

Scott WileyNovember 26, 2013 2:32 PM

@Scott Ferguson
It identifies the key, and that belongs to the domain

Thanks Scott.

Sorry a follow-up question: can that key be used from the certificate or is it just for display/verification purposes?

Scott

BryanNovember 26, 2013 3:08 PM

@Paeniteo

Am I the only one who received an email from Google that actively informed me about these upcoming changes with respect to my account there along with quite a number of other notifications on their portal pages?
I got an email, but it went to my gmail account which I rarely visit. I also saw notifications when I logged into Google+.

Scott FergusonNovember 26, 2013 5:25 PM

@Scott Wiley


can that key be used from the certificate or is it just for display/verification purposes?

It is the key that's used. The certificate confirms that the key is signed by the CA. It also tells you whether the key is for an entire domain (*.domain.com) or just a specific sub-domain (blog.domain.com) - and whether the CA has also "certified" the identity (received money from and done magic hand-waving over) of the organisation that operates the domain.
What it doesn't do is "prove" that domain is the domain that the (easily compromised) DNS records say it is. Same problem with email DKIM and SPF records.

I'd suggest you read these pages Certificate authority TLS and SSL DNSSEC

Not only does DNSSEC make it possible for SSL/TLS to be used to "prove" the identity of the site we are encrypting our communications with, it also has the potential of removing our dependency on the current, highly untrustworthy, CA system.


@Paeniteo


Am I the only one who received an email from Google that actively informed me about these upcoming changes with respect to my account there along with quite a number of other notifications on their portal pages?

No. Everyone got one, and the constant notifications. But the illusion prevails.... (possibly aided by the attention Henny Penny loves).

@Guy in a diner


Time to get distributed. Google is not your friend.

Wake up call - no business is your friend. Ever. (cue King Canute and head for the beach?)

“It is not from the benevolence of the butcher, the brewer, or the baker, that we expect our dinner, but from their regard to their own interest.”

“People of the same trade seldom meet together ... but the conversation ends in a conspiracy against the public.”

~ some dead guy writing not of rights, but of facts.

Scott FergusonNovember 26, 2013 6:04 PM

@disagree123


Bruce, I don't think this would be a good change.

I believe Bruce is correct - vote with your wallet. Your argument supposes that your vote is irrelevant unless you (your spending) isn't linked to you (identified). You ignore the competition. As a business I'm not going to throw money at an advertiser who has no reach with my customer - and if I do I won't prosper. If a business "sucks" that "suck" is a niche that some other business will exploit to their profit.

It's less the money you with-hold from companies that invest in business you disapprove of that has effect than it is the money you spend feeding their competitors.

You're also incorrect about your customer relationship with Google - unless you buy their advertising or products you ain't their customer any more than you are the customer of some town where you stop to take a drink of water or go fishing - but don't reside and pay rates.

Where I disagree with Bruce is when he believes that legislation is the answer.


  • Creating more bureaucracy with more invasive powers won't make the problem go away (or the bureauracy would become redundant).

  • Established players can bear the bureaucratic weight - newcomers (game changers) not so much (so it'll stifle consumer driven change).

  • The NSA, FBI and everyone of their ilk would support this legislation of course - which is why it shouldn't be done.
  • .

Let the market decide. To do so the market must be educated. The market doesn't care about the gains - it cares about losses. The market is not individuals (your wallets don't influence Google or M$) - it's businesses, often driven by morons (technically called shareholders).

Business is about profit, and while there is some profit in morality/ethics it's mostly about marketing appearances and avoiding looking bad rather than looking good. What's of far greater influence is losses - a business will be quicker to stop a particular investment if it has a poor return than if it's ethically dodgy (greed and altuism are mutually exclusive).
The solution is to demonstrate that the detailed marketing information gathered by privacy intruders is considerably more inaccurate than the marketing pitch and there is little profit in using it. Broad demographic data is usable - individuals very rarely so.
The buyers of your privacy only hear the pitch from the data mining salepeople - they don't get to hear any negatives. "It's bad" is not a negative - "It's bullshit" is.

Scott FergusonNovember 26, 2013 6:23 PM

@ Sophie Schmieg

Excellent! Many points on which I agree - though I don't believe ethics is a significant factor. Just authority and profit.
As long as Joe Six-pack endorsements are novel and don't have a reputation for being untrue they'll have value. Neither of those situations are likely to remain true for long. I suspect like the original Ivory soap model (the first celebrity endorsement) the marketing power will rapidly diminish.

Dirk PraetNovember 26, 2013 8:15 PM

@ Jim Philips

Unlike the government, Google cannot force me to do anything.

They can however pass on data they collected about you to other parties who can and will use it against you to do their bidding.

@ 65335, @ Winter

The VPN Gate looks interesting. Anybody tried the system?

I (think I) have referenced it a couple of times on this forum as "Tsukuba gates". Works really well, but you may run into trouble sometimes with certain sites - especially for banking, e-commerce and the like - barfing up over the fact that you are not logging in from your usual location.

How do we avoid becoming the product of big companies with ties to the government such as Google and Facebook?

By minimising your exposure to them, but it will always remain a trade-off. Although all traffic from and to Facebook is blocked from my LAN and by condom firewalls, I cannot prevent others from posting pictures, video or other stuff about me. I also regularly miss out on interesting parties, gigs and other events because people have dumped more traditional communication methods such as email, IM, paper or telephone and just announce whatever is going on on FB.

Google is even harder to avoid, even when you use DuckDuckGo, block their ads and trackers in your browser and don't sign up for Gmail, Google+, Google Drive and the like. Not to mention the fact that everybody considers you either retarded or an oddball when you tell them that you don't have a Facebook or Gmail account. It really is an uphill battle, both from a legal and a sociological point of view. However much I would like to believe that legislation and regulation is the answer, I cannot help but wondering how this can work in a context where the interests of governments and corporations are so closely intertwined that the rights to privacy (and other civil liberties) of the man in the street for all practical purposes has become an outdated and irrelevant concept to them.

AnuraNovember 26, 2013 10:25 PM

@Jim Philips

I do not agree with the recommendation for more government regulation. I don't need to be protected from Google. Like you said, I can switch to DuckDuckGo (as I have) or another competitor. Regulation will only reduce competition and slow innovation. Unlike the government, Google cannot force me to do anything.

You can expect everyone to spend time researching how to stay anonymous on the web. Privacy should be the default, not something that requires a great degree of effort and hassle. It's not just Google vs DuckDuckGo, it's about hiding your IP address, preventing browser fingerprinting, it's about realizing that logging into just one site can leak your information to an advertiser on that site. Privacy is a lot of work and it's not as simple as choosing a search engine.

Innovation and competition are just two things, they aren't everything. The economy is one part of society, it's not every part of it. Society is about collectively prioritizing and deciding what we want as a society; that's what government is about, it's what democracy is about.

Scott FergusonNovember 27, 2013 12:36 AM

@Anura (please don't take this as an attack, you raise some interesting issues).

You can expect everyone to spend time researching how to stay anonymous on the web. Privacy should be the default...

Sure. Let's start with spam, junk mail and telemarketing. Oh wait....
Then let's examine why it's not the case - I propose it's because it's profitable for companies not to do so. Not because of a lack of bureaucracy and legislation, but because voters don't fund elections, business does - so business sets the agenda. Bigger government, more taxes, and more legislation is just the triumph of optimism over experience.
If you didn't subscribe to Reader's Digest and let their advertisers know you wouldn't buy their products because Reader's Digest filled your letterbox with crap then Reader's Digest would either adopt another marketing method or die. Simple - unless outsourcing the problem is the objective.

...Privacy is a lot of work and it's not as simple as choosing a search engine.
That's not privacy. That's about secrecy. The web is somewhere you send an agent (browser). Secrecy on the web is hard. Privacy is just curtains at home, talking quietly and wearing pants in public. What you're referring to is the tactics required to secretly use the web so those actions don't come home to invade your privacy. The main problem there is (I'm assuming you aren't planning mass murder) that you can be held accountable for those actions i.e. your web searches about night sweats, cheap tobacco and back pain don't get (mis)-used to deny you employment or hike up your insurance rates. So an employer reduces the pool of useful employees and an insurance company loses a customer - the long term effect? Some other company will hire you (and do better) and another insurance company with better actuarians and lower premiums can start up (maybe). Mostly it's just concern that I will be judged or misjudged with no actual effect (snickering doesn't really hurt me). Not much different from going to the supermarket (honest - I buy 'em for the girlfriend).

I worry about the 3 letter agencies who are 70% private companies penetrating my secrecy to interfere with my business or piggy-back on me to interfere with some one else's business (I don't buy the terrorist bullshit). There are very real risks of this happening.

Privacy != Secrecy. When your webcam is backdoored so companies or agencies can see what you do at home that's an invasion of your privacy.

When Bing "knows" what you like to look at on NineMSN you failed to keep your secrets.

When the government knows what books you read at night - that's a breach of your privacy.

When the librarian knows what books you borrowed it's not a breach of your privacy - it's not your library.


Innovation and competition are just two things, they aren't everything. The economy is one part of society, it's not every part of it.

If it has a value it's part of the economy. Which part of society doesn't have an economic value? (if there is one I suggest you keep quiet about it before Megacorp(TM) cashes in on it).

Society is about collectively prioritizing and deciding what we want as a society

Huh? Society is just people living together whether it's in a concentration camp, Oceana, or Utopia. No decisions or prioritization required.

...that's what government is about, it's what democracy is about.

Which country's government is that?

When [insert evil company] gathers information on you so they can profit from what you do using their resources - and you want to use government (violent constabulary) to force them not to, and you still want to use their resources.... you are doomed to failure. Worse, you impinge your own freedom because the follow through restricts your own trade which is the basis of all liberties. Even if the ever growing government did pass legislation to stop business misusing data (like we don't have enough Privacy legislation) as long as it's profitable to gather it then people will - an eternal war with lawyers on both sides.
Let's say your browsing habits could be made to sound so easy to convert into sales that the data is valuable... then some low-life company run by people whose daily mantra is the Yuppy Nuremburg defence (just paying the mortage) will create Crocodile and load it into your browser. The data they gather isn't the gold their sales people promise while raking in the cash - but because their only detractors all cry "legislate" instead of "embargo" the lawyers quibble and the director gets a job with Household Security. You get your browsing secrecy breached, Crocodile gets rich, anti-spyware companies get rich, politicians get fatter,and the companies that buy that data lose money. And it's all your money.

There's a time for legislation and there's a time for consumer action. Any time legislation against profit is proposed it will fail with cries of "protect the jobs" - whether it's exporting guns and land mines or investing in tobacco. May as well pass laws against bad weather and sharp corners on furniture (the latter is frequently done and is very good for lawyers, politicians and bureaucracies). I suspect the bigger crime is the abrogation of responsibility by the parties that fund and feed the same malfeasance they complain about. I've seen the culprit and he is me.

By all means make it hard for business to sell shonky products based on your habits (that you believe should be private) - by muddying the data and obscuring your identity. But voting with your wallet (which requires effort) is the only effective way to take the profit out of selling that data. Make it unprofitable to sell and it's unprofitable to gather. Make it unprofitable for business to gather and the 3 letter agencies will have to do their own dirty work.

Sure - many, if not most, people are such attention whores they'll pay to have their secrecy breached. But that's all the more reason why coercion (legislation) is a bad thing. Vote 0 Pol Pot.

When agencies and/or companies weaken security products and/or break into computers they should be tried under the existing laws. If those laws aren't enforced fix 'em.

FPNovember 27, 2013 3:31 AM

I try to reduce my privacy exposure by e.g. deleting cookies after every browser session, and by using independent sessions for services like Facebook or Google Mail, so that their personalized cookies don't go to third party sites.

So in essence I am a parasite on the free services.

I am waiting for the time when Facebook, Google, Microsoft etc. begin to penalize me for that. E.g., Google could stop offering searches or Maps unless you are logged into your profile.

Scott FergusonNovember 27, 2013 3:47 AM

@FP


So in essence I am a parasite on the free services.

If so it's a symbiotic relationship.



I am waiting for the time when Facebook, Google, Microsoft etc. begin to penalize me for that. E.g., Google could stop offering searches or Maps unless you are logged into your profile.

When that happens you should immediately sell all your shares in those companies. If you don't use their services you won't see as many ads. Your browsing preferences are just icing on their advertising revenue cake. It's a smart business model.

Except M$, you should have dumped those shares already.

I wasn't addressing Ffffacebook, I can't find any excuse for using that service or removing the hosts entry that maps them to oblivion. Buying stock in Ffffacebook is like investing in BAT. Using it is like smoking two packs a day so you can hang out with cool people (who are smoking 2 packs a day so they can...).

vas pupNovember 27, 2013 9:19 AM

My vision on government envolvement in privacy protection based of separate branches of the government. Legislature (Congress) should establish general purposes/framework meaning that interests of the person is going first, interest of the 'stalkers'/big business second and government enforce such balance of interests except when real crime is committed or attempt of crime is discovered on person's side then no privacy - full and detailed disclosure by request approved by judiciary; means of protection (e.g. access to court could not be forced to waive by person under pressure of stalkers); delegation of power for detailed rules/regulations preparation to executive branch (FCC, FTC, DOJ, etc.), executive branch is acting with preliminary consultation with business side ('stalkers'), EFF, consumer protection groups, experts like Bruce, etc.;
judiciary: verifyied that legislature is not violate Constitution, regulations not violate Constitution, Law, International agreements signed by US, resolved all disputes related.

parserNovember 27, 2013 11:56 AM

Question is: how much is enough? Haven't we passed that point yet?

If the product is "selling me" and my online fingerprints - how do I increase the price of my private data short of boycotting everything?

Steven C.November 27, 2013 3:19 PM

DuckDuckGo was brought to you by Gabriel Weinberg, who pioneered the concept of "rat out your schoolfriends' full names, email addresses and year of birth to our social network" with his Names Database. I hope he's grown up since then.

For me, the domain name resolves to servers operated by Amazon Web Services (a US corporation) but which are not located in the US. Based on recent disclosures about US companies providing overseas IP transit, I imagine that makes DuckDuckGo, Inc. fair game for US government requests to access data in real-time, or they could otherwise ask the cloud provider to acquire it without their knowledge.

Maybe it is safer to use a decentralised search engine with the assumption that everyone's searches *are* public. Or if participants do some of the web crawling themselves, they may be able to carry out truly private 'local' searches within their own index. Tor could be used for some crawling and/or browsing. Or, though technically difficult, one could aim to make crawling hard to distinguish from real web browsing, thus creating a lot of false positives for attempted surveillance by third parties or perhaps by the websites' own operators.

Scott FergusonNovember 27, 2013 9:42 PM

@Steven C


DuckDuckGo was brought to you by Gabriel Weinberg, who pioneered the concept of "rat out your schoolfriends' full names, email addresses and year of birth to our social network" with his Names Database. I hope he's grown up since then.

No one is listening, no one cares (sigh). They've all made a big emotional investment in the belief that a claim that large and that attractive must be true - despite a total lack of technical commitment to the sales pitch (no audit, no DNSSEC), and shill for it with out doing a background check on the people behind it.

onearmedspartanNovember 29, 2013 7:14 PM

Bruce,
I do IT security and I did not know about Duckduckgo. Once again you have helped give the public back their power.
Could you provide any more details about it? Who owns it? Where it is administered from? Who do you trust more, Google or Bing? (feel free to add your own, like Yahoo, or Altavista).
Cheers!

all natural health care productsJanuary 16, 2014 5:02 AM

You realize so appreciably dedicated to this disorder, forced me to be independently ponder over it from the wide range of assorted aspects. It's for instance both males and females are not engaged except if it's something related Pixie lott! Your own things terrific. Often cope with it up!

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..