I used to be of the mind that ad tech et. al. weren’t really hurting anyone, and that the more extreme examples of privacy offenses were simple edge cases.
That is until I switched to iOS and was given the option to hide my true email address, tell an app not to track me, and otherwise get visibility into just how much my data is getting sniffed for stupid reasons that have nothing to do with the service I’m using.
Progress. What would be neat is to see how much data Apple is collecting about its customers after purchase. Why wouldnt we want to know this. Could Apple provide option to hide true email address, tell app do not track and give visibility into data being sniffed without also collecting vast amounts of user data itself. We cannot answer that question until we see the data they collect. I used to be of the mind that Apple was not really hurting anyone until it became clear they are competing with Google and Facebook. Even Apple competing with Microsoft is unsettling because that company has been aggressively acquiring user data, also trying to compete with Google. On issues of user data, these companies have more similarities than they do differences. They are all hoovering it up, albeit through different channels.
Well, good, but you traded one bad apple for another. Apple is in the process of locking down freedom. And while you might not be tracked by Google, your quality of life in a closed ecosystem is just as bad in other ways. How many people have to contend with iCloud endlessly begging for money because they took a few photos of their child?
Isn't iCloud data backed up on Chinese servers? I'm pretty sure that means you're being spied on.
This is not to mention the waste generated by Apple actively fighting the right to repair.
So, good, Google needs to go. But so do the tech giants.
My tipping point was noticing that about 30% of my DNS traffic on my home network was Android devices calling out to tracking and advertising networks. Moving to iOS has dropped that dramatically, more than an order of magnitude.
The fact that we're now seeing multiple lawsuits, PR campaigns, and lobbying to damage Apple since they put a requirement to disclose privacy details in the App Store shows how much surveillance capitalism has twisted the world.
Ive installed pihole at home and it reports hundreds of thousands of blocked requests a day. And this isn't counting everything the browser adblockers are stopping. We are a family of four, with really only the adults using the network an average amount. It's insane.
Out of curiosity what about having those features changed your opinion? I'm in a similar camp to your original viewpoint and what stood out from your story is that it doesn't seem like you discovered any significant damage so much as just gained new features to limit what others labeled as damage on the off chance they're right. Not trying to be confrontational but I feel like, when I lurk here, my view is the minority and so I think it's interesting to hear the thought process of a convert from my camp.
Where does this option to hide my email address appear? Twice I've tried to use Apple Pay and Apple said they'd share my email address if I continued. There was no option to opt out.
It's easy to mock the pettiness of all parties described here, and it's common for people on this forum to take absolutist stances with regards to privacy/advertising, but it's also important to recognize that these arguments will actually define the future of the internet for the average user.
There are trillion dollar companies on both sides of the argument, and their eventual compromise will establish the defaults for billions of users.
There are also two fundamental components of the Big Tech debate at odds with each other here - privacy and competition. Increasing privacy decreases competition by strengthening the Big Tech companies that engage with users at the platform/browser/OS/hardware level. See: Google's removal of third-party cookies from Chrome in the name of privacy was just blocked by EU competition regulators, because it would cripple competing advertising companies[1].
In regards to your third paragraph, to me none of that matters. Mass surveillance on the Web is wrong, period. Meanwhile, all parties involved in this drama, except for non-profits like the EFF, are instead debating how people ("users") should be best exploited online for profit, while regulators arrive late to the party and focus on other less consequential matters such as antitrust and miss the forest for the trees.
There aren't trillion dollar companies that advocate for privacy. Private data is a market, I think you know that with that username.
Increasing privacy doesn't decrease competition, it would force businesses to not deal with private data. There is no conflict here. There is no net loss here aside for specialized advertisers.
> Google's removal of third-party cookies from Chrome in the name of privacy was just blocked by EU competition regulators, because it would cripple competing advertising companies[1].
That's not what the article is saying. The referenced EC PR[0]: "Antitrust: Commission opens investigation into possible anticompetitive conduct by Google in the online advertising technology sector".
Nothing has been blocked. Restriction of third-party cookies is only one of 6 points that will be particularly looked at. This investigation may rightly so have launched at this or a later point regardless of third-party cookie restrictions in Chrome.
> Increasing privacy decreases competitions, strengthening the Big Tech companies that engage with users at the platform/browser/OS/hardware level.
What about products that people actually pay for directly instead of products that are "free" but funded under the table through surveillance and manipulation? Why can't those compete just fine?
> There are also two fundamental components of the Big Tech debate at odds with each other here - privacy and competition.
The article explicitly talks about how this is a false dichotomy.
> Regulators in the U.K., he said, had bought the ad industry's argument that privacy and competition are on a collision course. That, he said, is a false choice. "They could have required everyone to not access that data, Google included, which would have been a net benefit for competition and privacy," Soltani said.
Funny how there is no (meaningful) user representation at W3C. Perhaps Wendy Seltzer is the closest to a user representative. A lawyer who is a Perl programmer, according to her Wikipedia profile.
The arguments against Big Tech the smaller ad tech folks are raising sound legit, but obviously they are not being made in good faith. Big Tech has no more respect for user privacy than companies like Rosewell's. They are all a threat to user privacy. Companies that make browsers should not also be taking in online ad services revenue. It is a clear conflict of interest.
51degrees provides the public with a CSV list of user-agents, e.g., for use in browser fingerprinting (or perhaps user defence against browser fingerprinting). What does Google provide. We know they are fingerpringing on a mass scale. There is zero transparency.
Just for fun, I periodically compile w3c-libwww. It still compiles and it still works today. I use it through a TLS-enabled proxy. It reminds me of all the potential for experimetation the www once had. Today the web just looks like a Big Tech-led surveillance dystopia slowly coming together. Unless someone stops it. Lina Khan, godspeed.
The disputes described in the article with lawyers from W3C and IAPP looking on reminds me a little of the formation of ICANN back in the 1990's and the disputes over domain names versus trademarks.
> What does Google provide. We know they are fingerpringing on a mass scale. There is zero transparency.
Interesting. I work at Google ads and I am not aware of fingerprinting on a mass scale. AFAIK, all the tracking is done with cookies. Not a lawyer and purely my opinion but IIUC, DoubleClick acquisition made it practically impossible to do fingerprinting since Google is not allowed to join first party and third party cookies and fingerprinting imposes significant risks to violate that condition.
> What does Google provide. We know they are fingerpringing on a mass scale.
Why do you say that? I'm not aware of any situations where Google targets ads based on fingerprinting, and if they did I probably would have come across it. And in March, Google Ads committed that "once third-party cookies are phased out, we will not build alternate identifiers to track individuals as they browse across the web, nor will we use them in our products" -- https://blog.google/products/ads-commerce/a-more-privacy-fir...
s/defence against browser fingerprinting/control over "UI" selection/
A simple example of where Google uses device detection is Gmail. However the process is non-transparent as Google does not share the list of user-agent strings utilised, like the sample list provided by 51degrees.
I was sloppy with the terminology in the original comment and I apologise for that. I meant "device detection" not necessarily "fingerprinting".
I thought Korean soap operas were good until I read this article. What a whole bunch of unnecessary drama. The W3C always appeared to be one of the most dysfunctional entities in existence, and now the article leaves no question as to why.
Funny this Rosewell guy. "Should web browsers really become implementation mechanisms of specific government regulation?" -- Isn't everything a mechanism of specific government regulation? We seem to have an autocrat in the making here who would prefer the Web existed in isolation of civilization and where he could squeeze out that ad cash unhindered by government regulations. Given that he likes to ask philosophical questions, perhaps he could ask himself why the Web is being regulated in the first place.
It's also funny how in the article, the only people who seem to actually care about privacy are the non-profits advocating for it and the government regulators fighting antitrust.
"I thought Korean soap operas were good until I read this article. What a whole bunch of unnecessary drama. The W3C always appeared to be one of the most dysfunctional entities in existence, and now the article leaves no question as to why."
"who would prefer the Web existed in isolation of civilization"
Honestly the internet was a better place when THAT was the situation sorry if I sound like a deluded man but the internet being so close to the world, or at least as much as it is now, is part of the problem.
And even if I do not agree with this guy and his pretensions, at least we would have better ways to combat guys like him in the old internet, but company owners like him at the end of the day have much more power thanks to the internet being so prevalescent and hyperreal, as the same authorities and entities that protect unbalanced power holders, can arrest you and fight you because of things that happen on the internet.
>companies that use cross-site tracking for things like website optimization
OK, I was hoping someone already addressed this, but apparently not. What "website optimization" requires cross-site tracking? Is there any real application for cross-site tracking besides advertising? I honestly would like to know.
Yes, when one website relies on the fact that you're logged in somewhere else.
Thing easily being able to add embedded Youtube videos to your watchlist, adding favorite articles to Pocket, being able to pay with 1 click using a payment method saved somewhere else, and so on.
CDNs maybe? Back when people used jQuery, an enormous amount of traffic went to Google, ripe for tracking, and you got the small benefit of not having to download the same version of jQuery so often.
> One of Google's proposed standards — Federated Learning of Cohorts, or FLoC for short — would eliminate the ability for advertisers to track specific users' web behavior with cookies.
No, Floc will not "eliminate the ability for advertisers to track specific users with cookies", the phase out of third party cookies on Chrome will do that, Google needs something to replace the current tracking method for his ad business and is trying to push Floc to do that. But this are two separate things that OP seems to mix up, Google needs something to keep tracking and is painting the notion that third party cookies can not be phased out without implement Floc before, and is not the case.
> On the other side are companies that use cross-site tracking for things like website optimization and advertising, and are fighting for their industry's very survival. That includes small firms like Rosewell's, but also giants of the industry, like Facebook.
The Rosewell guy may not be a saint, but omitting Google from the list as the ones standing to win from privacy features, through ga and the usage they have over the Web via Chrome anyway is completely missing the point of a single party having monopolistic control over click data.
Can't also agree with the characterization of the W3C in TFA.
How does Google win? Their business is search -- advertising on other sites is more of a side gig for them, and from their own description of their privacy sandbox, even they would not be able to track people across sites.
The changes to the web platform necessary to protect user privacy will require reinventing the industry (which will naturally pick winners and losers).
I expect that Google will come out in the end doing well, but that's not because they have a competitive advantage here, but instead because these changes don't really affect their core business (at least no where near as much as the proliferation of paywalls and app-ification have).
‘Perhaps it should have been a clear sign Do Not Track was doomed when, Tene wrote, the group tried to settle its dispute over the definition of tracking by seeing which side could hum loudest. "Addressing this method, one participant complained, 'There are billions of dollars at stake and the future of the Internet, and we're trying to decide if one third-party is covered or didn't hum louder!'" Tene wrote.’
I thought this had to have been a joke or some sort of analogy, but no they were literally humming.
I recently bought my first Android device and found Google Play infested with apps that want my location, access to network, list all my apps AND send adverts.
Google is assisting them by adding extra steps to find out what permissions app requests. Also, it appears, that Android is opting you in, unless permissions are configured before starting the app. Because of that, there are apps with sole purpose of tricking you into installing it so it can get your data.
I found that many Android apps, that are also available on IOS, insist on location data and refuse to run, whereas they run fine w/o it enabled on IOS.
The so called small players abused their power, and the users had enough of being exploited.
Now that the big players are mitigating this with the old American tradition of self regulation and kicking away the ladder, the same small players who abused our freedom to choose who to share our information with, are whining about freedom of choice.
One thing that was a surprise to me when I looked into this was that these changes to promote privacy (which seem pretty good to me) will also affect federated identity on the web.
Things like single sign-on are done with the same tech (cookies, redirects) that are used by advertisers, and in some cases are indistinguishable. This is a common use case, though of course small fry compared to the privacy vs ad tracking folks.
I'm glad we're finally humanizing the metaphorical David in the online privacy debate. The guy who built his business on [checks notes] tracking your online behavior.
Where would we be if not for this stick-it-to-em person, who wants to defend his life's work of fingerprinting our web browsing to assist in targeted advertising?
Does the W3C even matter anymore? I thought WHAT-WG did most of the standardization nowadays, and W3C was left deciding what to rubber stamp and what not to.
"one one side is google, apple, microsoft" on the other side "companies that use cross-site tracking for things like ... advertising" .. I had to stop reading at this point.
I don't care how big this man's business is, Rosewell is a parasite bent on preserving the established order of datamining the shit out of everyone for his own personal profit. He is gumming up the works with pointless philosophical bloviating, using the anti-big-tech argument as a cudgel of convenience for bludgeoning a nascent privacy movement that has taken decades to get off the ground.
I've sat in a large audience hall listening to assholes like these guys talk about their businesses, and when they are called out publicly for not caring about individual privacy and desire not to be tracked, and they shrug their shoulders.
He and the rest of this datamining gold rush needs to be stopped.
[+] [-] lumost|4 years ago|reply
That is until I switched to iOS and was given the option to hide my true email address, tell an app not to track me, and otherwise get visibility into just how much my data is getting sniffed for stupid reasons that have nothing to do with the service I’m using.
[+] [-] o8r3oFTZPE|4 years ago|reply
[+] [-] fartcannon|4 years ago|reply
Isn't iCloud data backed up on Chinese servers? I'm pretty sure that means you're being spied on.
This is not to mention the waste generated by Apple actively fighting the right to repair.
So, good, Google needs to go. But so do the tech giants.
[+] [-] rodgerd|4 years ago|reply
The fact that we're now seeing multiple lawsuits, PR campaigns, and lobbying to damage Apple since they put a requirement to disclose privacy details in the App Store shows how much surveillance capitalism has twisted the world.
[+] [-] colordrops|4 years ago|reply
[+] [-] iee77e73y|4 years ago|reply
[+] [-] greggman3|4 years ago|reply
[+] [-] deregulateMed|4 years ago|reply
You don't actually know if your data is given away. We only learn after Apple is caught.
[+] [-] unknown|4 years ago|reply
[deleted]
[+] [-] runawaybottle|4 years ago|reply
https://youtu.be/8w4qPUSG17Y
[+] [-] marketingtech|4 years ago|reply
There are trillion dollar companies on both sides of the argument, and their eventual compromise will establish the defaults for billions of users.
There are also two fundamental components of the Big Tech debate at odds with each other here - privacy and competition. Increasing privacy decreases competition by strengthening the Big Tech companies that engage with users at the platform/browser/OS/hardware level. See: Google's removal of third-party cookies from Chrome in the name of privacy was just blocked by EU competition regulators, because it would cripple competing advertising companies[1].
[1] https://arstechnica.com/tech-policy/2021/06/eu-antitrust-reg...
[+] [-] 3gg|4 years ago|reply
[+] [-] raxxorrax|4 years ago|reply
Increasing privacy doesn't decrease competition, it would force businesses to not deal with private data. There is no conflict here. There is no net loss here aside for specialized advertisers.
[+] [-] 3np|4 years ago|reply
That's not what the article is saying. The referenced EC PR[0]: "Antitrust: Commission opens investigation into possible anticompetitive conduct by Google in the online advertising technology sector".
Nothing has been blocked. Restriction of third-party cookies is only one of 6 points that will be particularly looked at. This investigation may rightly so have launched at this or a later point regardless of third-party cookie restrictions in Chrome.
[0]: https://ec.europa.eu/commission/presscorner/detail/en/IP_21_...
[+] [-] api|4 years ago|reply
What about products that people actually pay for directly instead of products that are "free" but funded under the table through surveillance and manipulation? Why can't those compete just fine?
[+] [-] jarofgreen|4 years ago|reply
The article explicitly talks about how this is a false dichotomy.
> Regulators in the U.K., he said, had bought the ad industry's argument that privacy and competition are on a collision course. That, he said, is a false choice. "They could have required everyone to not access that data, Google included, which would have been a net benefit for competition and privacy," Soltani said.
[+] [-] wbl|4 years ago|reply
[+] [-] unknown|4 years ago|reply
[deleted]
[+] [-] 1vuio0pswjnm7|4 years ago|reply
The arguments against Big Tech the smaller ad tech folks are raising sound legit, but obviously they are not being made in good faith. Big Tech has no more respect for user privacy than companies like Rosewell's. They are all a threat to user privacy. Companies that make browsers should not also be taking in online ad services revenue. It is a clear conflict of interest.
51degrees provides the public with a CSV list of user-agents, e.g., for use in browser fingerprinting (or perhaps user defence against browser fingerprinting). What does Google provide. We know they are fingerpringing on a mass scale. There is zero transparency.
https://raw.githubusercontent.com/51Degrees/Device-Detection...
Just for fun, I periodically compile w3c-libwww. It still compiles and it still works today. I use it through a TLS-enabled proxy. It reminds me of all the potential for experimetation the www once had. Today the web just looks like a Big Tech-led surveillance dystopia slowly coming together. Unless someone stops it. Lina Khan, godspeed.
The disputes described in the article with lawyers from W3C and IAPP looking on reminds me a little of the formation of ICANN back in the 1990's and the disputes over domain names versus trademarks.
[+] [-] summerlight|4 years ago|reply
Interesting. I work at Google ads and I am not aware of fingerprinting on a mass scale. AFAIK, all the tracking is done with cookies. Not a lawyer and purely my opinion but IIUC, DoubleClick acquisition made it practically impossible to do fingerprinting since Google is not allowed to join first party and third party cookies and fingerprinting imposes significant risks to violate that condition.
[+] [-] jefftk|4 years ago|reply
Why do you say that? I'm not aware of any situations where Google targets ads based on fingerprinting, and if they did I probably would have come across it. And in March, Google Ads committed that "once third-party cookies are phased out, we will not build alternate identifiers to track individuals as they browse across the web, nor will we use them in our products" -- https://blog.google/products/ads-commerce/a-more-privacy-fir...
(Speaking only for myself)
[+] [-] 1vuio0pswjnm7|4 years ago|reply
s/device fingerprinting/device detection/
s/defence against browser fingerprinting/control over "UI" selection/
A simple example of where Google uses device detection is Gmail. However the process is non-transparent as Google does not share the list of user-agent strings utilised, like the sample list provided by 51degrees.
I was sloppy with the terminology in the original comment and I apologise for that. I meant "device detection" not necessarily "fingerprinting".
[+] [-] _1gwx|4 years ago|reply
Funny this Rosewell guy. "Should web browsers really become implementation mechanisms of specific government regulation?" -- Isn't everything a mechanism of specific government regulation? We seem to have an autocrat in the making here who would prefer the Web existed in isolation of civilization and where he could squeeze out that ad cash unhindered by government regulations. Given that he likes to ask philosophical questions, perhaps he could ask himself why the Web is being regulated in the first place.
It's also funny how in the article, the only people who seem to actually care about privacy are the non-profits advocating for it and the government regulators fighting antitrust.
[+] [-] pdonis|4 years ago|reply
Um, no?
[+] [-] mcguire|4 years ago|reply
Can I introduce you to the IETF (https://www.ietf.org/)? :-)
[+] [-] rodgerd|4 years ago|reply
We already have autocrats in Facebook and Google. What they're fighting is an attempt to put them back under civil oversight.
[+] [-] TheTester|4 years ago|reply
Honestly the internet was a better place when THAT was the situation sorry if I sound like a deluded man but the internet being so close to the world, or at least as much as it is now, is part of the problem.
And even if I do not agree with this guy and his pretensions, at least we would have better ways to combat guys like him in the old internet, but company owners like him at the end of the day have much more power thanks to the internet being so prevalescent and hyperreal, as the same authorities and entities that protect unbalanced power holders, can arrest you and fight you because of things that happen on the internet.
[+] [-] dhosek|4 years ago|reply
OK, I was hoping someone already addressed this, but apparently not. What "website optimization" requires cross-site tracking? Is there any real application for cross-site tracking besides advertising? I honestly would like to know.
[+] [-] sdflhasjd|4 years ago|reply
Optimisation as in conversion optimisation.
Imo, a lot of this stuff ends up being just as bad.
[+] [-] miki123211|4 years ago|reply
Thing easily being able to add embedded Youtube videos to your watchlist, adding favorite articles to Pocket, being able to pay with 1 click using a payment method saved somewhere else, and so on.
[+] [-] haecceity|4 years ago|reply
[+] [-] xdennis|4 years ago|reply
[+] [-] pentagrama|4 years ago|reply
No, Floc will not "eliminate the ability for advertisers to track specific users with cookies", the phase out of third party cookies on Chrome will do that, Google needs something to replace the current tracking method for his ad business and is trying to push Floc to do that. But this are two separate things that OP seems to mix up, Google needs something to keep tracking and is painting the notion that third party cookies can not be phased out without implement Floc before, and is not the case.
[+] [-] MeteorMarc|4 years ago|reply
[+] [-] tannhaeuser|4 years ago|reply
The Rosewell guy may not be a saint, but omitting Google from the list as the ones standing to win from privacy features, through ga and the usage they have over the Web via Chrome anyway is completely missing the point of a single party having monopolistic control over click data.
Can't also agree with the characterization of the W3C in TFA.
[+] [-] IX-103|4 years ago|reply
The changes to the web platform necessary to protect user privacy will require reinventing the industry (which will naturally pick winners and losers).
I expect that Google will come out in the end doing well, but that's not because they have a competitive advantage here, but instead because these changes don't really affect their core business (at least no where near as much as the proliferation of paywalls and app-ification have).
[+] [-] evancox100|4 years ago|reply
I thought this had to have been a joke or some sort of analogy, but no they were literally humming.
[+] [-] edent|4 years ago|reply
[+] [-] antattack|4 years ago|reply
Google is assisting them by adding extra steps to find out what permissions app requests. Also, it appears, that Android is opting you in, unless permissions are configured before starting the app. Because of that, there are apps with sole purpose of tricking you into installing it so it can get your data.
I found that many Android apps, that are also available on IOS, insist on location data and refuse to run, whereas they run fine w/o it enabled on IOS.
[+] [-] otterley|4 years ago|reply
[+] [-] favorited|4 years ago|reply
https://i.imgur.com/eIzXgaL.png
[+] [-] mola|4 years ago|reply
Bah
[+] [-] ricopags|4 years ago|reply
[+] [-] the-dude|4 years ago|reply
[+] [-] mooreds|4 years ago|reply
Things like single sign-on are done with the same tech (cookies, redirects) that are used by advertisers, and in some cases are indistinguishable. This is a common use case, though of course small fry compared to the privacy vs ad tracking folks.
If you'd like to learn more about this aspect, here's a video from one of the Auth0 folks: https://identiverse.gallery.video/detail/videos/architecture...
(The video is from 2020. He gave an update at the same conference in 2021, but they haven't posted those videos yet.)
There's also a Federated ID Community Group at the W3C on the same issue: https://www.w3.org/community/fed-id/
[+] [-] hboon|4 years ago|reply
[+] [-] favorited|4 years ago|reply
Where would we be if not for this stick-it-to-em person, who wants to defend his life's work of fingerprinting our web browsing to assist in targeted advertising?
[+] [-] trothamel|4 years ago|reply
[+] [-] totetsu|4 years ago|reply
[+] [-] tomc1985|4 years ago|reply
I've sat in a large audience hall listening to assholes like these guys talk about their businesses, and when they are called out publicly for not caring about individual privacy and desire not to be tracked, and they shrug their shoulders.
He and the rest of this datamining gold rush needs to be stopped.