All the Web privacy you want

Dec 14, 2010 McClatchy-Tribune News Service

Microsoft announced last week that the next version of its Internet Explorer browser will include better privacy controls, giving users more protection against being tracked by advertisers online. Its initiative, which takes a novel approach to counteracting online tracking, illustrates why the government shouldn't rush to regulate in its zeal to address the problem. But it also highlights the scattershot nature of privacy protection, and the need for Washington to give people more say over how information about them is collected, used and shared.

The software giant's announcement came as federal officials are stepping up scrutiny of privacy practices in response to growing public concern. have complained with increasing frequency about the amount of being collected about Internet users, how often data are being shared without users' knowledge, and how aggressively some companies are translating supposedly anonymous information about into profiles of real individuals.

The challenge for is that the Web is built around the collection and sharing of data. Much of that sharing is benign or even welcome. For example, frequent may want their favorite retailers to store their credit-card numbers, or they may want to share their street address with shipping services. And people who watch videos on the Web may prefer to see commercials targeted to their location and interests over ads aimed at the undifferentiated masses.

But other surreptitious uses of data are not so innocent, such as when companies use browsing data to raise or lower the price of goods and services a particular shopper is offered, or to develop profiles that combine supposedly anonymous online behavior with individuals' public records. Such actions are often made possible by the tracking "cookies" used by online advertising networks. These bits of software, which browsers download or update automatically when they reach a website displaying one of the network's ads, quietly record some of the actions the user of that browser takes online.

Microsoft's updated browser will offer users the option of blocking tracking cookies, advertisements and any other form of content from specific Web servers. The company won't suggest sites to block, but privacy groups are expected to supply lists that will be updated regularly. If enough consumers use the feature, it will put pressure on advertisers to abandon tracking in favor of less-intrusive means of targeting their pitches.

The initiative marks a shift for Microsoft, which had declined in the past to take aggressive measures against tracking software. Mozilla, maker of the Firefox browser, has also changed its thinking on the issue. Earlier this year it removed a proposed feature that would have killed tracking cookies not long after they were delivered, but it's now working on ways to give users more control over their privacy. There's been no similar movement yet from the other leading browser developers, but the actions by Microsoft and Mozilla show that the complaints about tracking have gotten loud enough to affect the market.

Naturally, online advertisers aren't entirely pleased with these developments, even as they scramble to respond to consumers' concerns by giving them better notification of tracking ads and a way to opt out of at least some of them. Their trade group, the Interactive Advertising Bureau, argues that encouraging people to block the kind of personalization that tracking enables will make it harder for sites to offer content and services for free, or at least charge those who block ads. But Internet users should be the ones making that choice, rather than having it made for them on terms they don't like.

As welcome as the efforts by browser-makers may be, they address only the concerns related to ad networks' tracking cookies. Still missing are better mechanisms for limiting how personal information is collected and shared by websites and social networks, as well as the data brokers that aggregate information collected by others.

Today, online companies are required to do little more than publish a privacy policy that discloses what personal information they collect and share, and to honor that policy. The result has been a proliferation of privacy policies that are incomprehensibly dense and riddled with loopholes. What's worse, sites' policies don't bind the advertising networks that support them, which may be inundating people's computers with tracking software.

In a report last week, the FTC declared that the approach it has encouraged sites to take - notifying consumers about privacy policies and letting them opt out of practices they don't like - isn't working. The report outlined a good framework for approaching the issue, calling for all companies (not just those online) to give consumers a better view of how they collect and share personal information and a more effective means to control whether to provide that information.

The commission is still collecting feedback from the public on the details of its proposal, and it won't take formal action until next year. Even if it moves ahead with the report's suggestions, though, it's not clear what authority the FTC has to enforce them. So far, its power has been limited to cracking down on sites that don't honor their own privacy policies.

Existing federal law protects only certain types of personal information against improper use or disclosure, including medical records and credit reports. Considering how much information is routinely collected and shared online, and how that information can be used to favor some consumers and disadvantage others, Congress needs to provide more protection.

The solution isn't a special set of rules for the Web, but rather some basic, enforceable principles for personal information privacy. At least four are worth enshrining into law. First, businesses should disclose what forms of personal information they're collecting and sharing, especially when they're doing it behind the scenes. Second, those disclosures should be timely and easy to understand. Third, consumers should be able to choose not to have personal data shared in ways that aren't commonly accepted or that go beyond the limits imposed when the information was initially collected. And fourth, consumers should have the right to correct errors in the information that's compiled about them if it's put to commercial use.

The point is to let companies innovate with technologies and business models while making sure the public is an informed and willing participant. Given the tradeoffs involved, many may choose to let sites collect and share just as much personal information as they do today. But it should be their choice.

Explore further: Digital dilemma: How will US respond to Sony hack?

More information: This editorial appeared in the Los Angeles Times on Monday, Dec. 13.

1.3 /5 (3 votes)
add to favorites email to friend print save as pdf

Related Stories

Microsoft unveils new privacy feature for IE

Dec 07, 2010

An upcoming version of Microsoft Corp.'s Internet Explorer browser will let users add lists of sites that they don't want tracking them, a peace offering amid uproar over the sneaky ways that websites watch ...

Boosting online privacy

Aug 04, 2010

Hardly a month goes by without a new alarm being sounded about privacy online, either because companies are surreptitiously collecting and using data about Web users or because they're releasing information that users thought ...

FTC proposes 'Do Not Track' tool for Web surfers (Update 2)

Dec 01, 2010

(AP) -- Federal regulators are proposing to create a "Do Not Track" tool for the Internet so that consumers could prevent marketers from tracking their Web browsing habits and other online behavior in order to target advertising.

Report: Widespread data sharing, 'Web bugs'

Jun 02, 2009

(PhysOrg.com) -- Researchers at the University of California, Berkeley's School of Information released a report late Monday (June 1) showing that the most popular Web sites in the United States all share ...

Profiling based on mobile, online behavior: A privacy issue

Dec 06, 2010

It's illegal for businesses and law enforcement to profile a person based on their race, gender, or ethnicity, yet millions of Americans are being profiled every day based on their online consumer behavior and demographics.

Congress weighs landmark change in Web ad privacy

Sep 07, 2009

(AP) -- The Web sites we visit, the online links we click, the search queries we conduct, the products we put in virtual shopping carts, the personal details we reveal on social networking pages - all of this can give companies ...

Recommended for you

Digital dilemma: How will US respond to Sony hack?

Dec 18, 2014

The detective work blaming North Korea for the Sony hacker break-in appears so far to be largely circumstantial, The Associated Press has learned. The dramatic conclusion of a Korean role is based on subtle ...

UN General Assembly OKs digital privacy resolution

Dec 18, 2014

The U.N. General Assembly has approved a resolution demanding better digital privacy protections for people around the world, another response to Edward Snowden's revelations about U.S. government spying.

Online privacy to remain thorny issue: survey

Dec 18, 2014

Online privacy will remain a thorny issue over the next decade, without a widely accepted system that balances user rights and personal data collection, a survey of experts showed Thursday.

Spain: Google News vanishes amid 'Google Tax' spat

Dec 16, 2014

Google on Tuesday followed through with a pledge to shut down Google News in Spain in reaction to a Spanish law requiring news publishers to receive payment for content even if they are willing to give it away.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.