Berkeley Law’s first Web Privacy Census is out and it’s troubling

The first report in the University of California, Berkeley Law School’s quarterly Web Privacy Census was released on Tuesday, and it shows that popular Web sites are far more aggressive in their consumer tracking practices than most people suspect, and that consumers are trapped in an escalating privacy crisis with limited control over their personal information.

The main goal of the census “is to define and quantify vectors for tracking consumers on the Internet,” in essence to create a critically needed evaluation component to establish a standard by which to measure the ever-changing and often evasive methods companies use to track visitors.

Not surprisingly, the census saw that all of the top 100 sites use cookies to track users and visitors, though overall cookie use appeared to be on the decline.

What they found instead is that Web sites are increasing their use of HTML5 local storage – objects like tracking software that is placed on a user’s computer – and that use of this tracking method has doubled in the past year.

To conduct the census, Nathan Good, chief scientist of Good Research , and Chris Jay Hoofnagle, director of information privacy programs at the Berkeley Center for Law and Technology worked with privacy company Abine, Inc. to collect data from the top 100, 1,000 and 25,000 most popular Web sites.

The technical collaborator for the census, Abine is a consumer-level privacy company with a suite of tools and products that help individuals take control of their online data privacy. Its specialty is understanding and monitoring how people are tracked online. But Abine is also a company that regularly takes data mining companies to task when they abuse people’s privacy rights, distributes anti-tracking tools (such as browser plug-ins) and prides themselves on privacy activism.

Sarah Downey, lawyer and privacy analyst for Abine told me:

The Web Privacy Census shows that tracking is not just on sketchy websites you’ve never heard of. It’s on ALL of the most popular Web sites in one form or another, sites that consumers know and trust. In fact, there’s an alarming increase in the volume of tracking on the most popular Web sites.

According to the Web Privacy Census:

Google had cookies on 105 of the top 1,000 sites; the company’s ad tracking network,, had cookies on 685. Combined, we detected that Google has a presence on 712 of the top 1,000 websites. Only 285 lacked some type of Google cookie.

Also in the top trackers were BlueKai (often the top tracker, whose clients include six of the Fortune 20 companies), Quantserve (Quantcast, with its stormy privacy track record), ScoreCardResearch (ComScore), and Adnxs (a seeming vector for malware).

Downey explains:

The harms of online tracking are real and growing. This isn’t about targeted advertising, like the ad industry wants everyone to believe. This is about the collection and use of your personal information in ways you can’t even imagine.

Some of the real, demonstrated harms include price discrimination (the WSJ just covered how Orbitz targets Mac users with more expensive hotels), lowered credit scores and limits, denial of insurance coverage/more expensive coverage, lost job opportunities, identity theft, filter bubbles, censorship of speech and association due to fear of later repercussions, and erosion of the 4th Amendment right to privacy (particularly society’s collective understanding of when an expectation of privacy is “reasonable” in the face of all this tracking).

Establishing benchmarks for evaluating online tracking is going to be crucial as law- and policymakers begin to take steps to address internet privacy. The timing of the Web Census’ release is, in fact, just before the first open meeting to begin implementation of President Obama’s Privacy Bill of Rights.

Abine is currently working on further analysis of the Web Privacy Census, and Downey promises it will include “data that will name names.”

Related Links:

First Privacy Bill of Rights meeting: Mobile apps targeted

Seen that privacy chain letter on Facebook? Ignore it

Facebook to require privacy policies in mobile apps

Microsoft ticks off advertisers with IE10 ‘Do Not Track’ policy

Ad networks said to be going around Apple to track iOS users

via CNET Latest News

Lascia un commento