Discussion on:

Do Not Track Plus: A tool to protect your online privacy

New post

Most online privacy tools are not easy to follow. Do Not Track Plus helps in that regard.

Load the Abine list in IE9's tracking list protection feature. It is the easiest way to go. My hope is that enough people do this that organic search becomes useful again.

I installed DNT+ on IE9 and did a quick check of sites that I normally visit. I found the range of tracking going from 0 - 24 with most being around 3 - 5. I noticed if I refreshed a page sometimes the count would go up much more. As I type this the number shows as 12 on this page. I find this product quite interesting, I'll do some additional testing and see how it goes.

Update: I could not see the other posts or post this responce with DNT+ turned on. I tried unblocking just CNET however that didn't seem to work. I turned off DNT+, refreshed and now I can see and post here.

upon trying to comment. I turned it off long enough to enter my comment, then turned it on again. It is still pretty cool! I really thank Michael for pointing this out, I've been avoiding these things up and till now.

(edited) I'm using Chrome.

Interesting results. I'm seeing the same results on TR.

I don't have the problem with the comments. I will pass that information along.

Most sites don't want you to control your privacy. They make money off ads and selling private information. Why would I want you to use my "Free" service if you block the tracking LSO that lets me get paid for your traffic.

This process is measure/countermeasure as people use more privacy tools, more interference and obfuscation will be used by the site operators to circumvent it.
If I was running a site I'd start to give adblock and noscript the run around by proxy routing external elements through a ssl.

On a side note I prefer still the white list format. If a website is broken by not allowing offsite scripts, i don't need to use it.

The solution is out there but it only lasts for a generation. And internet generations are fast and furious.

DNT+ uses the same white lists, and updates automatically. That might be an advantage.

All sites should have an easy to find, read and understand policy about what they do. Really this should be something like go to a site press F12 (or some standard key, click, etc.) that brought up a standard form (like a food label) on what they do and what they are doing with your data.
Made up Example:
Site: www.techrepublic.com
About: Articles, Blogs and Community covering Technology
Membership: Free - requires registration
Tracking: Use several companies that track you to serve up targeted ads, this may also gather location data. Link to companies used.
Opt In/Out: Opt Out

If all sites had something along these lines then as a user of the site you can easily see if the cost to you (tracking, privacy, etc.) is worth the benefit of accessing the site. You can make an informed decision. Right now most sites if they have a policy it's lost in a sea of other documents, written in legalize and changed without real notification. This makes some people automatically distrust sites, even "free" ones, so they start trying to hide information from the site using DNT+ or other tools and we get into the *** for tat process you mention. (Note: Funny how TR blocked one of my words, I guess I should have used mammary gland for tat as it allows that)

Especially since they are "so concerned" about out privacy?

If you look at their website they have one app called DeleteMe and they are soon releasing an app called PrivacySuite

Have you had experience with this company, J?

Thank you Michael for a great article, a topkc that I constantly remain very interested in. My question is this; Did you happen to ask about anonamizer tools and sites, with regards to making ones attempts to remain "clean" or a good way to double up with and such?
Thanks in advance.
Best regards,
Eric

I'm a big fan of NoScript for Firefox. Do you know if DNT+ would replace something like NoScript as well or would it be something one would use in tandem?

just the cookies I suspect. However, I'm sure I'm wrong because it takes a pretty good trick to allow social buttons and do that at the same time. I'm pretty sure I read that this extension works well with many others like No Script. If you have to give script permission on a page to use the content, DNT+ will still block the tracking. This is how I understood the CNET article.

I am running several tools at the same time. I would not replace NoScript with DNT+, but augment it.

Thanks for the recommendation.

This is a hot topic and will lead to chaos. Too many sites like Excite, Iwon, etc., count on cookies to gather information to sell, trade, or both to insure their livelihood, just like many businesses used to do and some still do in the real world by having people gather information from phone books mostly and pay them $.50 per person usually. Sites like Excite block your access if you don't accept their cookies and java scripts. Some or most browsers now offer Private Browsing.

Firefox also offers other tools and Add-ons to help with add blocking and better privacy. I personally now also use a Keystroke Scrambler. This issue will be a bitter battle and those who don't support our need for privacy will try to use the Government to help them by passing laws and regulations to favor them and their privacy pirating. And it will get ugly.

As for keyScrambler, I use it as well -- even wrote about it:

http://www.techrepublic.com/blog/security/keyscrambler-how-keystroke-encryption-works-to-thwart-keylogging-threats/4648

I like my privacy as well as the next person, but while I feel protection of passwords, accounting details and personal information that is specific to me is of paramount importance, do I care if Amazon knows what I like to look at and targets me with advertising while I'm on their site? Nope.

Advertising - as in my PC starts offering me random advertising because my O/S is loaded with spy-ware - is obviously undesirable. A mechanism that loads my machine with virus that will damage my reputation, my data, or use my PC resources for someone else's nefarious ends is something I want to avoid for sure. Having spy-ware that's creating security holes in my system with back door entry opportunities as provided by any number of free-ware browser tool bars and the like? That kind of intrusion I don't want.

Having the world at large knowing that I dig science fiction, that I'm probably in the market for a new camera at the moment, or that I've a passion for remote control helicopters? Why should that bother me?

The issue for me is that you don't have any way to know who is doing what. When you go to a site do you know what they track? what they do with the data who is it shared with? If sites would tell you these things in simple terms you can make an informed decision.
What if your auto insurance company found that people who like science fiction and remote control helicopters are more of a risk and should be charged a higher premium? That type of thing is already happening by companies looking at data.
I'm not really paranoid, I just want full disclosure so I can make informed decisions.

I see where you're coming from with that argument, but I don't think it's valid. There are plenty of criteria that are used for judging risk that's for sure. Lets assume for a minute that such minutiae are being examined, then it could equally be argued that it could be shown that IT guys with a passion for RC helicopters are far less of a risk then IT guys who race boats, lets say. In which case I'm quids in! Don't get me started on the madness that is being acted out in Europe at the moment where insurance companies are no longer allowed to put risk based assessments on gender. Another topic that one ;o)

If someone knows that I (Tommy, who lives at &&&&^%$??, has just bought a book X with credit card number Y) then that's a huge issue of security. As long as there's nothing personal being stored (i.e. nothing that can be directly attributed to me as an individual) then I'm still unconvinced that there's any problem. On the contrary, targeted advertising helps me. If I'm looking at a site that knows that I'm in to Sci-Fi and then acts on it, then I'm more likely to get something pushed at me that I like, and not get bombarded with Mills and Boon novels. Again I would draw the distinction between spyware, which is actively trying to glean information about me as an individual, and simple advertising trending.

Full disclosure? Amazon give a very verbose description of what they're services provide, what data they expose and what use the tracking cookies are used for. How many people have ever read it from start to finish? Having read it, are you now in a position to make a more informed decision? Can't argue with you on the theory, but it's not, I believe, a practical argument against companies tracking usage as long as their doing it ethically: i.e. no personal data.

You've not convinced me I'm afraid Craig. Private information I want private, but someone tracking my spending habits (Tesco knows that an anonymous me likes apples better then pairs) is no more a breech of my privacy then someone else looking at stock figures from fruit sales at the close of play.

They scrape data for the insurance companies to target people individually for rate hikes. This has been in the news. Whether you use Face Book or not, that doesn't mean they won't spread this everywhere on the web.

I agree with Craig, and here are a few more reasons. Amazon, to the best of my knowledge is only dealing with your information at their site. The other ad networks are tracking you throughout your Internet travels.

Also, what happens if someone else uses your computer and thereafter you get ads you really don't want to.

We get bombarded with advertising all the time. Look at the amount of crap on this site ;o) Thing is that without it, we probably wouldn't be having this discussion here, so it's a necessary evil me thinks.

Even on the other sites you mention that are more active outside of a given arena, I'm afraid I still can't see the problem. So there's a company out there that's got a cookie on my machine that's logged my browser as looking at whole gamut of different sites, and has decided that RC heli's are my thing. Result, there's a whole bunch of sites that are now pushing heli' adverts at me. I'm still not bothered, and I would still rather see these then Mills and Boon novels.

Now the next guy comes along and he's seeing more then his fair share of heli' adverts and he would rather be reading Mills and Boon novels (takes all sorts), where's the privacy problem?

If anyone could figure out that me as an individual is looking at a lot of osteopathy adverts and was able to deduce that I (Mr T) had back-ache then that would be a breech of privacy, but if it means that mr anonymous sitting at this terminal gets advetising for cheap med's, then I still can't see the problem I'm afraid.

My last try would be to mention that there is the concern about what the people do with the information once they have it. I've read that the ad networks are reselling information to anyone who wants it. I have no proof, but that would be a bit unnerving.

The reason I say that is from my writing about how gathering bits and pieces of supposedly harmless data from several sources eventually lead to someone knowing a great deal about you. If you are interested my friend, Dr. Arvind Narayanan has done a bunch of research on this:

http://randomwalker.info/

Good discussion ;o)

I'll have a look at the material you've linked to.

I can see that, if I wanted to, then what your suggesting is possible.

Just as a private detective could run through the contents of a dustbin and come up with lots of information, a company could if they chose to, rifle through all of the sites that were visited by an individual and draw up a detailed profile on that person. I quite agree with you that protection against this needs to be in place to ensure an individuals privacy in this respect, but unless you're breaking the law with regards the Data Protection Act (UK) - I'm sure there will be a US equivalent - and the profile thus gained is directly linked to me (Mr T as an individual) then I can't see the harm in a company having a profile of what it is that I like looking at.

I'll have a read of the info that Arvind and Vitaly offer in your link and post later.

Behavioral advert: Target figured out girl was pregnant before parents. This shows what can be done with behavioral targeting:

http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/?utm_source=alertsnewpost&utm_medium=email&utm_campaign=20120216 Show Less -

This shows what can be done with behavioral targeting:

http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/?utm_source=alertsnewpost&utm_medium=email&utm_campaign=20120216

Just tried to post my response, but they're not coming up :o(

Maybe it's a Length thing. I'll break it up.

Nope not a length thing. :o(

Yes it is! :O)

Hmmm. Maybe not. I can't seem to post long links. Never mind :o)

I've had a good read at the info offered on your link http://randomwalker.info/ Michael, and the piece about Target knowing that the daughter was pregnant before her father was pretty funny, if a little creepy.

Personal takes on an embarrassing moment aside however, I can see the point raised that blending together a number of different data sources - micro-data as Arvind and Vitaly put it - offers the opportunity for trend analysis to identify supposedly private aspects of your personal life. I will readily concede now that having this sort of information in the wrong hands would be worrying. Idiot marketing managers aside, I can't think of any outside of the blatantly illegal, but I can see it is a concern.

Thanks to you guys for coming up with the examples and information here. I'm sure you'll be glad to hear that you have changed my stance on this topic as a result. I do now see this as more of an issue then I had originally thought. I don't think you'll like my conclusions though. I'll explain....

In the example of the pregnant daughter, the holder of all of the information used was Target. They make Full Disclosure with regards what they do with the data in no uncertain terms.

I'm a little surprised that the Target marketing department thought that sending that email was a good idea. That's a very silly bit of marketing, which embarrassed all those concerned. We're still talking about advertising, though. It's hardly the end of the world.

On the idea that Full Disclosure will resolve the issue at hand then, I've not changed my mind I'm afraid. Lets assume that everyone is disclosing exactly what they're up to. It won't make a jot of difference to the vast majority of people using the sites in question, or to the extent that this sort of data collation and trend analysis is being performed.

Full Disclosure is no answer.

The conclusion I've drawn from the information offered here with regards the tools being discussed has changed though. I am now a lot more paranoid about this then I was before - thanks guys - but my conclusion is this:

Putting anti-virus software on my machine will actively stop virus infection. Having a good firewall in place to stop random people on the Internet from getting access to my PC is just plain common sense. Putting widgets like this on your computer and expecting them to protect your privacy is simple delusion, however. We are all offering information about ourselves every time we click on something. We're actively giving away information every time we buy something, every time we subscribe to something, every time we get an e-mail and click on the 'show pictures' button, log on to Facebook, make a tweet etc. etc. ARG!

Being concerned about online privacy is a good thing. To help protect yourself you need to be aware of the issue, that's the first step. Thanks to you guys I'm a lot more aware of it now than I was a couple of days ago. However, while the installation of 'privacy' widgets on your computer would seem, and I now agree on reflection, to make perfect sense I would offer that, as demonstrated by the pregnant daughter example, it is a complete waste of effort. Every single jot of information used to find out that she was pregnant wasn't gleaned through the dark passage of cookie driven, nefarious and mysterious data collection. She gave them all the data they needed of her own volition.

The question I'm asking myself now is not "am I paranoid?", it's "am I paranoid enough?".

The Target piece was meant to show what data-mining algorithms are capable of.

My goal for this article was to show the potential problem and possible solutions. I'm more concerned about raising awareness than anything. That way everyone can make an informed decision, like you have done.

I wanted to mention that I enjoyed and appreciated your insight into this issue.

Thanks for your input, sir. Lot's of people on the site, not just this one I hasten to add, just like to slag off an idea or one post and they're gone. I've really enjoyed the discussion about the topic, so many thanks for your thoughts.

is that even when you have legitimate data being gathered legitimately; what is stopping the criminals on your PC from using that same data to profile you for attack. It is nearly impossible now to find the new types of malware on PCs. So damage control is all you can do. Spybot Search and Destroy is the only cookie blocker I know of that works without constant user inputs; so if a client is too lazy for AdBlock Plus, NoScript, or NDT+, I send them to safernetworking to download SS&D - that way, all they have to do is update and immunize. It is definitely better than nothing.

After installing this on my computer and trying it out for a few days, I recomended it to my boss. He asked me,

You are freely installing this on the computer, how do I know that the company that is offering this (and because it's free) is'nt using it for getting informaiton from my computer, they must have the source code protected so others don't copy their program. They make you think they are giving you something great, but they could be getting my bank account info and everything else, and you freely put it in my computer.
Today most everthing is about money and you can't trust most companies."

I felt a little stupid not knowing how to answer this. Any feed back?

For the most part it involves trust; unless you are willing to do some digging. DNT+ is not open source, but you could ask the company for the source code. If they oblige, you could see if there were any quirks.

A second and more accurate option would be to setup a packet sniffer and see what kind of traffic the software is sending home.

To be honest, the question from your boss applies to any software. You could ask the same question of any software he or she has installed.

Start with Windows and Office. They both call home to Mommy so often that I've given up trying to secure any system that they run on.

Col

I've already used your quote multiply times.