Online Tracking Ramps Up And The New Rules To Slow It Down

Online TrackingTracking on 50 of the most-visited websites has had a dramatic rise since 2010. This increase is driven in part by the rise of online-advertising, according to a new study by data-management company Krux Digital Inc.

On an average visit, 56 instances of data collection are triggered, up from just 10 instances when Krux conducted its initial study in 2010.

The rise in the number of online companies collecting data about Web-surfing behavior is a testament to the power of the $31 billion online-advertising business. This industry increasingly relies on data about users’ Web surfing behavior to target customer specific advertising.

Krux conducted its survey by crawling up to 10 pages on each of the 50 most-visited sites. The study didn’t include sites that require a user to log in, and Krux didn’t identify the sites it surveyed.

Despite rising concerns about online privacy, the online industry’s data-collection efforts have expanded. One reason is the popularity of online auctions, where advertisers buy data about users’ Web browsing. It is estimated that such auctions, known as real-time bidding exchanges, contribute to 40% of online data collection.

In real-time bidding, as soon as a user visits a Web page, the visit is auctioned to the highest bidder, based on attributes such as the type of page visited or previous Web browsing by the user. The bidding is done automatically using computer algorithms. It is estimated that real-time bidding will constitute 18% of the online display-ad market this year, up from 13% last year.

To make the auctions successful, advertising companies are racing to put tracking technology on as many websites as they can. This tracking technology gives them user and Web-page data to sell in the auction.

Krux in its latest study found that more than 300 companies collected data about users, up from 167 companies in 2010. The latest figure easily topped the 131 companies that The Wall Street Journal identified in a 2010 survey of tracking on the 50 most-visited websites.

Krux also found that data collectors were piggybacking on each other more than half the time. For example, when a user visited a website that had code for one tracking technology, the data collection would call out to and trigger other tracking technologies that weren’t embedded on the site. As a result, websites often don’t know how much data are being collected about their users.

Frustrated by a flood of privacy violations, the Federal Trade Commission issued a strong call for commercial-data collectors to adopt better privacy practices and called for Congress to pass comprehensive privacy legislation.

In a 73-page report on privacy in the digital age, the FTC called on U.S. commercial data collectors to implement a “Do Not Track” button in Web browsers by the end of the year.

“Simply put, your computer is your property. No one has the right to put anything on your computer that you don’t want,” said Jon Leibowitz, chairman of the FTC.

The agency also, for the first time, turned its attention to offline data brokers. These brokers buy and sell names, addresses and other personal information. The FTC is calling on them to create a centralized website providing consumers with access to their data, and the right to see and make corrections to their information.

Search Engines and Browsers, Are They Tracking You.

You Are Here
Almost all of us navigate the Internet by using search engines. Search engines have (and use) the ability to track each one of your searches. They can record your IP address, the search terms you used, the time of your search, and other information.

Although it may not seem like you are giving very much information, when you browse the Internet you are relaying personal information to Web sites. Browsers are likely providing your IP address and information about which sites you have visited. As you navigate from website to website, numerous companies are using sophisticated methods to track and identify you.

Most major browsers now offer a “Private Browsing” tool to help increase your privacy. However, it has been found that “Private Browsing” may not remove all traces of online activity. Many popular browser extensions and plugins undermine the security of “Private Browsing”.

Major search engines have said they need to retain personal data, in part, to provide better services, to stop possible security threats, to keep search ranking results accurate and more. Major search engines often have retained this data for over a year, well beyond any time frame needed to address these concerns.

Remember, in today’s day and age it isn’t just “Buyer Beware”… It’s “Browser Beware”!

Are you being tracked? Search Engines and other ways of tracking you online.

It is a common practice to routinely buy Cyber Wormholesell or track your online data. Tracking cookies are the norm on popular websites; tech giants such as Google have a reputation for over collecting and mishandling online users’ personal data.
The Pew Internet & American Life Project found that 73 percent of users said they would not be OK with an online search engine keeping track of their queries even if the data provides personalized results in the future.
While this issue receives most of the attention, corporations and governments may keep an eye on you in other, less known ways.
Is the Government Building a File on You?
The idea that government agents are reading your email messages and listening to your phone calls sounds like a conspiracy theory, but it is possible. According to some former National Security Agency employees, turned whistleblowers, the government is building a dossier on practically every U.S. citizen, drawing on information from e-mails and phone calls.
You can’t opt out of this type of data collection, but you can hope that Congress doesn’t renew the FISA Amendments Act, which would renew a President Bush law that allows the government to collect large amounts of information from the “international communications” of American citizens. The Electronic Freedom Foundation is imploring citizens to write their members of Congress about the issue.
What kind of books do you read? EBooks Know.
In the digital age, your reading habits are an open book to companies like Amazon, Barnes & Noble, and Apple. As reported by the Wall Street Journal, eBook sellers can easily track reading data, like how long you spend reading, how far you get in a book, what text you search for, and what you read next. Not all companies are open about what they collect, but Barnes & Noble has confirmed that they are “in the earliest stages of deep analytics,” and use the data to determine which books to sell on its Nook eBook reader products. There’s no evidence that booksellers use reading data to share your habits with marketers or government agencies.
Wireless Carriers Do Sell User Info for Big Bucks
The wireless carriers have a knack for extracting more and more money out of their subscribers—or, it turns out, from their subscribers’ data. One lucrative gig involves retrieving users’ locations on behalf of law enforcement, in many cases without warrants. AT&T, just one of the participating carriers, reportedly received $8.2 million in 2011 for providing this service, so it works out pretty well for all involved—except those users who don’t want to be followed, that is.
That’s not the only example of wireless carriers profiting from user data. As reported last year, all four of the major wireless carriers use aggregated, anonymous customer data to target ads. Verizon even sells the collected data to third parties. The amount of data each carrier collects varies, but Sprint is the worst offender, using mobile Web browsing and app download history to help its clients target ads.

Microsoft Adopts Do Not Track

Do Not Track
Recently Microsoft announced a change in how DNT (Do Not Track) will be implemented in Internet Explorer. In a new pre-release version of IE 10 Microsoft will automatically start sending a DNT header for the user so that they will not be tracked by third parties across the web.

We think it is absolutely great to see Microsoft put its full support into DNT. It is important to note that only a year ago Firefox was the only browser that supported DNT. This push on Microsoft’s part will move DNT more into the main stream and bring issues of user control and privacy into the light.

We are eagerly awaiting more information about Microsoft’s new DNT implementation. Such a big name taking this on should mean a lot towards setting standards in regards to DNT. At the core of DNT, and indeed the reason for its existence, is the ability to allow users a choice as to whether they wished to be tracked or not. Believe it or not this is a big deal as up until now the user has not had this choice presented to them. It was simply not put in their hands.

The WC3 group, made up of leading consumer privacy groups and industry representatives including Microsoft , states: “Key to that notion of expression is that it must reflect the user’s preference, not the preference of some institutional or network-imposed mechanism outside the user’s control.”

DNT is exciting because it is not an off switch for a form of technology, rather it is users choice reflected in code. That is what makes this great. DNT goes beyond specific technologies and goes to the heart of the matter: how user browsing habits are used.

Currently there are three different signals to consider when delivering the users tracking preferences. The user can accept tracking, decline tracking, or not have a choice. Firefox defaults to the third option and handles it as if the user says it declines tracking. Ultimately it will be up to the company on how they wish to handle the third option, but we commend Mozilla Firefox for protecting its users by default.

All of this is extremely interesting and a great relief to the end user. There is no reason it could have gone the other way, and we are simply ecstatic that a company like Microsoft is running with DNT in order to protect user choice.

Users Vote for Facebook Policy Changes

The founder of Europe vs. Facebook, Max Schrems, has forced Facebook to put proposed policy changes up for a vote to all of its users by motivating his privacy group to flood Facebook’s Site Governance page with messages. Facebook received many more than 7,000 comments needed to trigger a vote. Europe vs. Facebook is demanding sweeping changes to Facebook’s product rather than the small policy changes in the proposal.

The one-week voting period opened on a set of a relatively benign changes and Facebook will notify users by web and mobile. If over 30% of Facebook’s active users (roughly 230 million people), voted for the changes that will go into effect, and if they vote against them they’ll be scrapped. Otherwise Facebook will take the changes “under advisement”. Facebook’s Chief Privacy Officer for Policy Erin Egan stated that Facebook will consider changing its site governance voting system to discourage votes being triggered by low-quality comments and adapt to the growing size of Facebook’s user base.

Egan follows “I really don’t think any of our changes were controversial. [Max Schrems] is interested in us changing our product, but these revisions are about our policy. We can’t please everyone. We did reach the threshold because a viral meme was created [by Schrems asking users to blindly paste in the comment "I oppose the changes and want a vote about the demands on"], and unfortunately the result is a vote.” When the feedback period ended on May 18th, we noticed over 42,000 comments, most without any actual qualitative feedback had been filed and a vote was inevitable.”

In all of Facebook’s history this is only the second governance vote. The voting system was set up in 2009 when it had 200 million users, so the 7,000 comment threshold and the 30% required to make a vote binding seemed more appropriate for the total amount of users. Facebook is now considering upping the comment threshold, or even possibly doing away with the voting procedure.

Egan stated “Max is a user of ours and we appreciate his feedback, but we worry the voting threshold number may be incentivizing quantity over quality”. A new system would seek to get users actually reviewing the changes themselves and giving their own opinion, rather than being used as pawns by privacy activists.

The demands include “We want Facebook to implement an ‘Opt-In’ instead of an “Opt-Out” system for all data use and all features” and “We want Facebook to limit the use of our data for advertisement“. These are much grander changes that would seriously hamper Facebook’s ability to launch new features and make money, and are unlikely to be adopted. There’s simply no way all 900 million+ users would be willing to constantly approve every little change Facebook makes.

By creating the “I oppose the changes” meme, Europe Vs. Facebook showed it would rather obstruct progress, even progress it had lobbied for, than provide real constructive criticism. While its allegiance to strict privacy could be viewed as admirable, its tampering with the commenting system cannot.

It’s still important to note that despite flaws in the system, Facebook offers its users much, much more control of site governance that any other major website. When asked if it would like to see other sites adopt a policy feedback system, Schnitt said “Absolutely, we think users should demand this kind of thing, and they deserve it too.” When asked if Twitter and Google+ were giving people enough control, Schnitt replied “That’s for their users to decide.”

Facebook’s users will have until June 8th to vote on the Statement of Rights and Responsibilities and Data Use Policy changes. Users will be directed to the voting page from ads in the sidebar of Facebook’s website, and a banner at the top of its mobile interfaces. The most significant changes users will be voting on are:

A clarification regarding Facebook’s existing policy that it may use your data to serve you ads outside of while you’re on other websites
A detailed new chart of how Facebook uses cookies to improve Facebook but not track you across the web
A more detailed explanation of how in some cases Facebook will “retain [your] data as long as necessary to provide you services” whether that’s less or more time