Privacy Option Proposed To Control Behavioral Ads 81
techinsider sends this quote from Security Week:
"A group of media and marketing trade associations, with support from the Council of Better Business Bureaus, today announced the details of a self-regulatory program designed to give consumers enhanced control over the collection and use of data regarding their Web viewing for online behavioral advertising purposes. The program promotes the use of the 'Advertising Option Icon' and accompanying language, to be displayed within or near online advertisements or on Web pages where data is collected and used for behavioral advertising. The Advertising Option Icon indicates a company's use of online behavioral advertising and adherence to the Principles guiding the program. Similar to a Web site’s privacy policy, consumers will be able to link to a clear disclosure statement regarding the company's online behavioral advertising data collection and use practices as well as an easy-to-use opt-out option."
I would take a wild guess that (Score:5, Insightful)
Re: (Score:3, Insightful)
Re:I would take a wild guess that (Score:4, Insightful)
I think it's almost time that we start looking at and designing GUIs the way we look at firewalls. Which apps have a legitimate need to receive which UI events? Does an app really have a right to know where the mouse is, or even whether its window happens to be minimized at the moment?
There are definitely some apps which would behave much better on my desktop if I could put a 'default drop all inbound' policy on them and just enable specific input events.
let me just reply to myself and invite a downmod (Score:3, Interesting)
As another example, I can recall a couple IM programs with an "auto-away" feature, which activates after a certain period of idleness, but automatically deactivates as soon as you move the mouse, regardless of which window has focus. I would choke that program down to receiving mouseclick and keyboard events only. No mouseover, no GetFocus(or whatever the damn API calls it), just the facts.
Re:I would take a wild guess that (Score:5, Insightful)
We learned it damn well that opting out means just "hey, there's someone who not only doesn't have ads blocked but also doesn't ignore them!". In other words, you can be damn sure other sites in that advertising network will try to advertise to you more aggressively.
Re: (Score:2, Insightful)
Funny, I have them opted out and blocked (more or less --- I never enable third-party advertising domains in NoScript). Does that mean I'm managing to waste even more of their resources than ordinary blockers?
Re: (Score:3, Insightful)
I would imagine (Score:3, Insightful)
Re:I would imagine (Score:5, Insightful)
I see, on this page, a notice that says "As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable advertising." You know what I do in response? I let them show me ads. Because I like slashdot. I don't want it to start to become targeted at the audience that is not tech-savvy enough to know how to install an ad blocker -- I want it to be targeted at people like me.
Abuse (Score:3, Funny)
I'm sure this won't be abused at all by the more unscrupulous types of advertisers. You know, those who get paid by the click or the ones trying to distribute malware.
Re: (Score:2)
I'm sure this won't be abused at all by the more unscrupulous types of advertisers. You know, those who get paid by the click or the ones trying to distribute malware.
"abused"? That might literally be the only time these things are actually used, at all...
Re:Abuse (Score:5, Insightful)
Sure, this will be abused by the most unscrupulous types of advertisers. They're unscrupulous for a reason.
However, like the wildly popular Do Not Call registry and a voluntary program for direct mail, these do reduce the annoyance level a bit, because there are advertisers with scruples. The equivalent in the world of phone marketing is that the almost nightly "Do you want to change your long distance carrier?" calls have been replaced by maybe monthly calls from "Cardholder Services" and other obvious scam artists. While not perfect, it's definitely an improvement.
Re: (Score:3, Interesting)
I've more or less been forced to conclude that anybody still calling me here in Canada (we have slightly different rules) is either fraudulent, too stupid to look up the registry, or has been given an exemption (ie they're a charity or something). I even see a lot of bogus caller IDs -- a very high percentage of them actually.
B
Re:Abuse (Score:4, Informative)
well if they are not stupid (Score:3, Informative)
47CFR64.1200 (thats the Code of Federal Regulations Volumne 47 section 64 subsection 1200)
or as it is formally known
TITLE 47--TELECOMMUNICATION
CHAPTER I--FEDERAL COMMUNICATIONS COMMISSION (CONTINUED)
PART 64_MISCELLANEOUS RULES RELATING TO COMMON CARRIERS--
Table of Contents
Subpart L_Restrictions on Telemarketing, Telephone Solicitation, and
Re: (Score:2)
However, like the wildly popular Do Not Call registry and a voluntary program for direct mail, these do reduce the annoyance level a bit, because there are advertisers with scruples. The equivalent in the world of phone marketing is that the almost nightly "Do you want to change your long distance carrier?" calls have been replaced by maybe monthly calls from "Cardholder Services" and other obvious scam artists. While not perfect, it's definitely an improvement.
Terrible analogy. What you're proposing is much more like giving your CC information to the "cardholder services" scammers, and if it turns out they're legit, they'll leave you alone.
TRUSTe all over again? (Score:5, Interesting)
Didn't we go through this before with the TRUSTe logo of showing if the site only used the information in-house versus sharing with others?
This just seems like more feel good PR fluff, like the P3P stuff about a decade ago. We don't need more "assurances" about privacy. We need the data not to be collected in the first place. No Flash shared objects. No shared objects in Quicktime or other add-ons. No using tricks in a browser to "personalize/individualize" content.
Re: (Score:3, Informative)
yes, and it the same attorney who has been doing this for years. he has been representing the DMA for decades. Every time there are proposed regulations they form a new org that does nothing. Like TRUSTe, complaints will be useless and they will never take action against their members (who pay the bills!)
Re:TRUSTe all over again? (Score:5, Interesting)
I agree. I think if anyone wants information from me they should have to ask me for it. They should not be able to collect any more information on me anymore than I should be able to collect information on whoever is interested and using the data. And if that's an advertising firm with 200+ employees than I want the browsing habits of all 200+ employees. I'd probably settle for just the CEO. Just a simple exchange of information, right? No different than sharing our names. But like I said earlier, they should have to ask, and I should have the right to refuse. Simple as that. Why should browsing habits be considered any less private than how I put on my pants in the morning, yet if someone wanted to sit outside my window and take readings on that - I could get them arrested.
Re: (Score:3, Informative)
Expectations of privacy. Ad companies want people to think that anything on the Web is public for any to see. This way, in court cases, the judge just finds the ad company not guilty because the plaintiff has no reasonable expectation of privacy on the Web, as per what other people think.
The only good thing is that there are so many sheep out there that ad companies are not reacting to people who use AdBlock or other means of security. However, I'm sure it will only be a matter of time before most sites
Re:TRUSTe all over again? (Score:4, Interesting)
Online is a bit trickier, but it's largely private, people don't know where the data is going between them and the server, but those parties in the middle shouldn't be allowed to collect data beyond what's necessary to keep their infrastructure running. And definitely no personal information.
Ads are more like stalking than they are like other people in a public space. While you don't have any right to privacy in a public area, it is still illegal to follow people around and make note of where they're going without consent. Generally it comes under stalking prohibitions.
Re: (Score:3, Interesting)
This is only going to get worse. Even if the website has a privacy guarantee, there are plenty of other parties that can steal private info and sling ads with potential browser exploits:
The ad serving company. If it pays them to have blackhats put on exploits randomly, they will do it, assuming they don't get caught.
Ad clients who have their own servers.
ISPs using Phorm-esque MITM appliances to modify the connection in flight. This is a very lucrative thing for ISPs, because they can not just replace ads
Re:TRUSTe all over again? (Score:4, Insightful)
While I do agree with you in spirit, there is a problem. You put your pants on in your own private property. You search Google by using a semi-public service. Instead of comparing it to how you put your pants on, compare it to someone watching and noting which parking spots you prefer at the supermarket or at work. Creepy but not illegal.
Sometimes the information is used for statistical purposes (people from 9 county prefer the east side of the lot, 22 county prefers the west side). For targeted ads, it's more like having a free parking space downtown, provided you give your name, address, and license plate number. Then they take that and say 'hey, Bob likes to park downtown on Wednesdays, so I'll print up a few flyers with his name and leave them with the attendant to deliver when he gets there.' Then they take the next step and start charging the local shops, as well as exchanging info. Now they can say 'hey, Bob's probably coming back this Wednesday to stop in at the hardware store and the theatre, so I'll print up ads with his name on it for those stores.'
As with many great ideas, this is very easy to misuse. If I work for the parking lot, I know Bob will be at the theatre for two hours once a week, so I know exactly when to ransack his car. If I've bought this behavioral information, now I know when Bob is away from home and where he is at certain times. Now it's getting pretty creepy. From an advertiser's perspective, I can harm them by buying the info and placing my own flyers under his window with better offers. If I'm an unscrupulous advertiser, now I know where bob lives and I can junk-mail and flyer him unto a psychotic break.
To get away from that rampantly over-developed example, let's consider what could be done. If the major players were to offer a search engine that specifically advertised privacy, would you or I bother to use it? It would be a nice step but probably an empty gesture if it came to a court case. Some government org could try to regulate or legislate, make a mess of it, and make it both easier for scams and harder for legitimate advertisers. An industry group could form and try to self-regulate, which is what we see here. Individual users could use the tools available (like firefox and noscript), while the less tech-savvy get bombarded to make up the lost clicks. This already happens. What could possibly be done to stop the avalanche while still making it possible to run an ad-supported site? It is similar to the email spam problem in many ways, and while progress is made against both crapfests, it will never really go away.
Re: (Score:2)
Sometimes the information is used for statistical purposes (people from 9 county prefer the east side of the lot, 22 county prefers the west side). For targeted ads, it's more like having a free parking space downtown, provided you give your name, address, and license plate number. Then they take that and say 'hey, Bob likes to park downtown on Wednesdays, so I'll print up a few flyers with his name and leave them with the attendant to deliver when he gets there.' Then they take the next step and start charging the local shops, as well as exchanging info.
And THIS is where it should be illegal. I have no issues with Google collecting my information and using it for their advertising purposes because thats basically what I signed onto when I signed up for their services. If I don't like it, there is competition. I don't think of the internet as a strictly public space - I can't just wander around it like a park, anytime I do my ISP calls up and goes "WHAT ARE YOU DOING? Port Scanning our Equipment is against the TOS" or some racket like that. Those kinds of s
Re: (Score:3, Informative)
a search engine that specifically advertised privacy
You mean like startpage [startpage.com], a search engine powered by Ixquick that doesn't record your IP address [startpage.com]?
Re: (Score:2)
Meh, just use Tor [eff.org]
Re: (Score:1)
Re: (Score:3, Insightful)
I think if anyone wants information from me they should have to ask me for it.
But the protocol does ask you for it, and your computer answers. The solution is to train your computer to not give out the answers. There is no expectation of privacy when you freely answer nosy questions.
Re: (Score:2)
Would also be nice if cotton candy rained from the sky. But that last one is probably a lot to ask. Let's just go with the "everyone be unselfish" thing.
Thank you.
Re: (Score:1)
I'm a pilot. Give me a clear stretch of unpopulated land in uncontrolled airspace and a few bucks for some special equipment and I could undoubtedly make it rain cotton candy.
Changing human nature? Sorry, there's only one entity I've heard of that could possibly manage that, and he flies at somewhat higher altitudes than I do. I also strongly suspect he's a work of fiction.
Devient behavior is the answer! (Score:3, Funny)
Re: (Score:2)
Just generate a history of horrifically devient behavior and they'll take you out of the system out of sheer shame by association. Start by googling zucchini and lubrication.
Marketing people are much dumber that us computer people, and generally don't even know it.
I tried something similar a decade ago with a relative and one of those "free dialup internet email" providers, you know, you fill out a questionnaire, they let you dial in for free for email and also spam the unholy hell out of you. They spammed her with the union of the sets of her interests, not the intersection of the sets of her interests.
You'll almost certainly end up with zucchini cookbooks, and ten cent off c
I really don't care. (Score:2, Insightful)
Re: (Score:2)
Agree. And because of such tracking, spam, malware, viruses, and other such cruft, I don't click on ads when I see them and generally don't see them due to adblock (occasionally one will pop up; literally). And noscript does help against the same payloads.
[John]
Re:No thanks. (Score:4, Interesting)
You must not use any sites that have been forced to host and embed ads because their readership blocks the advertisers. I would much rather be able to allow or deny ads not just by advertiser (doubleclick can burn in hell), but by site as well. Then I could block all the ads on various slashdot links while still allowing ads at sites I like. Wish someone would do that with adblock/noscript.
Re:No thanks. (Score:5, Insightful)
"Opt-out" indeed (Score:2)
Re:"Opt-out" indeed (Score:5, Insightful)
Re: (Score:1, Insightful)
The opt-out option is very easy to find. In your e-mail client it says something along the lines of "filter messages like these", and for your web browser it's called Adblock Plus.
Re: (Score:2)
Then don't send your data out on the web.
Re: (Score:2)
Then don't send your data out on the web.
Wouldn't that make the web a lot less useful? The idea is that I conduct a transaction and have a reasonable expectation that just because someone does business with me does not allow them to sell everything they know about me to anyone they choose.
Re: (Score:2)
Re: (Score:1)
Yes, your password and SSN want to be free, which is why you must keep them carefully cooped up and restrained.
"Information wants to be free" does not say whether it's good or bad that it gets free. My pit bull puppy wants to be free also -- free to roam the house, tearing up shoes and books and anything else he can his jaws on. So he is carefully restricted or supervised. But unlike my puppy, once information gets out, you can't put
Re: (Score:2)
All I know is that 99% of the mass emails that actually reach my inbox have an easy to use unsubscribe option on them. (those are typically from people that I've given my email address for some reason or another) So I'm going to assume those "schemes" are good things.
Re: (Score:3, Interesting)
Re: (Score:2)
Re: (Score:2)
I have gmail, so I get almost no "real" spam. I get several spam's per hour in my spam folder, but I never look there --and as much as it may bother me that spam is costing ISP's and Google money, I can't say I lose a lot of sleep over it.
I do get a fair number of mass emails from various
Re: (Score:2)
So... what? (Score:2, Insightful)
I suppose it does help cover a business' rear a bit in the legal department.
Re: (Score:3, Insightful)
It is just advertising PR. It also is a wakeup call to the more technologically adept people that they are far better served by using products like AdBlock, NoScript, Sandboxie, BetterPrivacy, and other items as opposed to thinking that the website or its advertisers will do anything else but sell any and every bit of info they get to the highest bidder.
Of course, the opt out button is there, but is the private info still present on their servers? Even in saved database snapshots? All this information ca
Re:So... what? (Score:4, Insightful)
No, it's an attempt to head off legislation. By making a voluntary "self-policing" system, they get to point at it and say "See, we're doing something" in an attempt to block legislative efforts that would likely be more strict.
Re: (Score:2)
I don't actually much care about their "data mining". I just don't want to see their asinine ads. And I don't. They don't get much data either, but that's really a side-effect.
Re: (Score:1)
I suppose it does help cover a business' rear a bit in the legal department.
Yes, I always hate it when my legal department is showing. ;)
My way of fighting against advertisement: (Score:1, Interesting)
Here's how I fight against advertisement:
I never buy anything that has been advertised to me, period.
Advertising is not only annoying, but often it's rather immoral with it's use of "behavior modification" techniques.
Everyone should boycott any product that's advertised in annoying ways.
Re: (Score:2)
Re:My way of fighting against advertisement: (Score:4, Interesting)
Here's how I fight against advertisement:
I never buy anything that has been advertised to me, period.
Advertising is not only annoying, but often it's rather immoral with it's use of "behavior modification" techniques.
Everyone should boycott any product that's advertised in annoying ways.
How do you buy food?
The bakery in your local grocery store wafts the smell of fresh bread for a reason and the sugary cereals sitting on the lower shelves are decorated brightly so the little ones can pick them out more easily. Even at the less devious end of the scale, like a farmer's market, you still need to be advertised to to know the product exists, right?
Re: (Score:3, Insightful)
Boycotts don't work. "Everyone" is not a single individual with a single shared interest. It is a lot of separate people, each with their own interests, acting independently. Expecting anything different is doomed to failure.
Unless you can convince people that their individual interest will be served by participating in your boycott (regardless of whether or not other's participate), you can expect the boycot to fail.
Re: (Score:1)
How do you buy food?
The bakery in your local grocery store wafts the smell of fresh bread for a reason and the sugary cereals sitting on the lower shelves are decorated brightly so the little ones can pick them out more easily. Even at the less devious end of the scale, like a farmer's market, you still need to be advertised to to know the product exists, right?
Fair enough, passive advertising is, to some degree, necessary, and possibly even desirable (I can't even believe I'm saying that...)
OTOH, my local baker doesn't jump out at me as I walk by, waving a Mario-shaped carrot cake in my face, all thanks to their inference of what I would be most likely to buy based on the T-Shirt I was wearing each day for the last week when I walked past their storefront, my gender, apparent age bracket, and what I glanced at in their display window...all automatically compiled
"easy-to-use opt-out option" (Score:3, Insightful)
I've already got one of those. It's called Privoxy.
It's a trap! (Score:4, Funny)
Let me guess: The Advertising Option Icon will be a 1x1 transparent gif? :-)
Re: (Score:2, Informative)
Opt Out? Shouldn't that be Opt IN? (Score:2, Insightful)
I would much rather opt in for stuff I am interested in with Opt Out being the default.
Why should a consumer need to opt out of something they didn't ask for.
Re: (Score:1)
The right of self-determination over personal data (Score:4, Insightful)
Screw this voluntary self-regulation slap-on-the-wrist-at-worst bullshit.
What we really need is legal backing for the right of self-determination over personal data. [europa.eu]
A simple technical solution to a social problem (Score:1, Insightful)
Just filter out the ads.
AdBlock Plus is a good Firefox plugin.
You can set it to filter anything you don't like. Such as Facebook: htp://api.ak.facebook.com/*, http://www.facebook.com/plugins/*, http://static.ak.fbcdn.net/*, etc.
That's it, no problems. No more crap!
Easy to find opt out... (Score:4, Insightful)
A:I eventually had to go down to the cellar.
P: That's the display department.
A: I had to take a torch.
P: The lights must have been out.
A: So were the stairs.
P: But you did find the plans^H^H^H^H^H opt out button?
A: Yes, I found them. In a locked filing cabinet in a disused lavatory behind a door that said "Beware of the tiger".
P: That's our display department.
--The HitchhIker's Guide to the Galaxy
Trust (Score:1)