- From: Don Marti <
>
- To: Kevin Cox <
>
- Cc: Doc Searls <
>, ProjectVRM list <
>
- Subject: Re: [projectvrm] W3C vs. adtech
- Date: Fri, 17 Jul 2015 21:55:48 -0700
Related:
lessons from the ad blocker trenches
https://zyan.scripts.mit.edu/blog/lessons-from-the-ad-blocker-trenches/
Third-party cookies are not the only way to track
users anymore, which means that browser features and
extensions that only block/delete third-party cookies
are not as useful as they once were.
...
Detecting whether a domain is performing third-party
tracking is not straightforward. Naively, you could
do this by counting the number of first-party domains
that a domain reads high-entropy cookies from in a
third-party context. However, this doesn’t encompass
reading non-cookie browser state that could be used
to uniquely identify users in aggregate (see table
above).
Read the whole thing (if only for the table)
This is why you block any suspicious third-party
traffic entirely -- cookie scrambling alone provides
just as false a sense of security as element hiding.
(which is why Apple is going from just third-party
cookie blocking to content filtration)
Important to use "part of this complete breakfast"
language when describing tracking protection,
and not brag too much, but also important to get
users on some kind of tracking protection with a
development future, so that you can push updates
to deal with next-generation tracking technologies
instead of waiting to sell tracking protection until
it's perfect.
Bonus link:
More Visible Protection Against Unwanted Software
http://googleonlinesecurity.blogspot.com/2015/07/more-visible-protection-against.html
"We want to be really clear that Google Safe
Browsing’s mandate remains unchanged: we’re
exclusively focused on protecting users from
malware, phishing, unwanted software, and similar
harm. You won’t see Safe Browsing warnings for
any other reasons."
Translation: "the antitrust people will come down
hard on us if we make Chrome keep up on tracking
protection, so, here, Firefox, have a differentiating
advantage we can't touch."
begin Kevin Cox quotation of Sat, Jul 18, 2015 at 12:02:32PM +1000:
>
>
Digital fingerprints, when under the control of the user, are of great
>
benefit to organisations - if the organisations provide useful services.
>
>
If a person is willing to supply a fingerprint then this helps the person
>
protect themselves against fraud and it helps protect the seller from
>
fraud. It is thus in the interests of both parties to use reliable digital
>
fingerprints. Like all data it becomes an issue when the fingerprint is
>
used for purposes over which either party to the transaction is unaware.
>
Organisations do not want you sharing your fingerprints with others if
>
uniqueness of id is important. You do not want organisations using your
>
fingerprints to collate other information about you so that they (or
>
others) can target you for purposes that may not be in your best interests.
>
>
Digital fingerprints are not going to go away and they will flourish - if
>
they are used the VRM way and are made of use to both parties to a
>
transaction.
>
>
Kevin
>
>
>
>
>
>
>
>
On Sat, Jul 18, 2015 at 7:38 AM, Doc Searls
>
<
>
>
wrote:
>
>
> In Mediapost: Supercookies, Digital Fingerprinting Undermine Trust In Web,
>
> W3C Says <
>
> http://www.mediapost.com/publications/article/254275/supercookies-digital-fingerprinting-undermine-tru.html
>
> >.
>
>
>
> Closing paragraphs:
>
>
>
> > The W3C's report comes at a time when the online ad industry appears
>
> increasingly interested in using non-cookie technology for tracking. Just
>
> two months ago, the self-regulatory group Network Advertising Initiative
>
> issued guidance aimed at enabling ad networks to track people with
>
> techniques like digital fingerprinting, without violating the group's
>
> privacy standards.
>
> >
>
> > The NAI's recent guidance requires ad companies to disclose their use of
>
> “non-cookie technology,” in order to inform consumers that rejecting
>
> third-party cookies won't necessarily block tracking and ad targeting.
>
> (The
>
> NAI's longstanding privacy rules require ad companies to inform consumers
>
> about behavioral advertising -- regardless of tracking technology -- and
>
> allow them to opt out of receiving ads targeted based on Web activity.)
>
> >
>
> > The W3C clearly doesn't agree that the self-regulatory group's guidance
>
> will go far enough to protect Web users' privacy. Instead, the W3C is
>
> calling on browser developers to create tools that potentially could help
>
> users defeat fingerprinting efforts.
>
> >
>
> > The group ends its critique by urging policy makers “to be aware that
>
> unsanctioned tracking may introduce privacy, security and consumer
>
> protection concerns within their jurisdiction, and to consider appropriate
>
> action.”
>
>
>
>
>
> If we had full individual agency — in other words, elementary VRM — there
>
> would be no argument here.
>
>
>
> Doc
>
>
>
>
>
--
>
Contact 0413961090
--
Don Marti
<
>
http://zgp.org/~dmarti/
Are you safe from 3rd-party web tracking?
http://www.aloodo.org/test/
Archive powered by MHonArc 2.6.19.