Privacy News of the Week

small__8008932498Verizon Wireless placing ‘supercookies’ on customer devices

Verizon Wireless, the nation’s largest provider of cell service, is using a unique form of tracking to help advertisers target Verizon customers with ads.

And the technology – dubbed a ‘supercookie’ in reference to the cookies that websites place in web browsers to identify unique users – was being used to track Verizon customers who had deleted one ad broker’s ordinary cookies.

That broker, Turn, has since ceased the practice. But, privacy experts say, the use of Verizon’s device-based tracking tech to replace regular cookies could hint at how tracking will look in the not-too-distant future. Read More



Do Not Track – Does It Work?

small__2962354098The last time we wrote about the browser technology known as Do Not Track – over four years ago! – the online privacy space was much simpler. The hope was that DNT, once it was ‘baked in’ to every major browser, would enable internet users to turn off invasive tracking quickly and easily.

But that hasn’t happened. Why not?

To answer, let’s take a look at how DNT works, identify who doesn’t want to see it succeed and determine what you can do to protect your privacy on the web – with or without DNT.

What Is DNT?

To understand DNT, it’s important to grasp the fundamental technology that “runs” the web: Hypertext Transfer Protocol, or HTTP. HTTP is what determines how your web browser communicates with web servers. It also dictates the terms by which that communication happens – whether it should be encrypted, for example.

An important piece of HTTP are headers, which contain the client’s (i.e., browser’s) requests and the server’s responses. Servers and browsers can make specific requests of each other using HTTP headers: e.g., to disable caching of web objects. Other header types can make browsing more secure by filtering for malicious activity or requiring an encrypted connection.

DNT, as originally conceived, would be a header that would tell servers, “Please don’t record any information about my web history, place cookies, etc.” Sounds pretty good in theory… so what happened?

DNT’s Obstacles

It should come as no surprise to anyone that there’s a lot of money in online data collection. Some of the largest internet companies specialize in building detailed profiles of users and making those profiles available to advertisers.

It should, therefore, also come as little surprise that big internet companies represent the main opposition to a robust DNT standard. If Facebook, Google, Yahoo et al. had to comply with users’ DNT requests, their business models could be placed in serious jeopardy.

The Federal Communications Commission hasn’t helped matters – it could require internet companies to respect DNT, but instead has delegated its design and implementation to an industry-backed standards group, W3C.

As a result, DNT has been all but defanged. It does exist in modern web browsers – in Chrome, you can go to the hamburger button > Settings > Advanced to turn it on or off – but on most websites, it won’t actually do anything. Yahoo initially committed to respecting DNT requests but backtracked last year, citing concerns about its lack of adoption “by the broader tech industry”. With Yahoo having pulled its support, DNT is effectively dead in the water.

So What Can You Do?

For now, it’s probably best not to put too much faith in DNT. The big internet companies – who, remember, have historically been resistant to respecting DNT – have proposed a DNT standard that would block tracking by third-party ad tech firms but allow it for companies that have a ‘direct relationship’ with users. By this definition, having a Facebook account – which would count as being engaged in a ‘direct relationship’ with Facebook – would allow the company to track your browsing on and off Facebook, even if you’d turned DNT on.

Under this proposed standard, activating DNT wouldn’t ultimately do much. Many tech companies would be able to argue that they have a ‘direct relationship’ with their users and would, therefore, be able to track even those of them who had enabled DNT.

So is all hope lost for online privacy? No – you’ll just have to turn to a third-party tool to ensure you won’t be tracked.

We humbly suggest that you use Blur for this purpose. In addition to blocking hundreds of trackers and social media tools (which can link your browsing activity to your social profiles), Blur helps you shield your email address, credit card number and phone number on the web.

The Blur browser extension, available for every popular browser, blocks tracking automatically. Just install it from your browser’s extension store and you’ll have world-class tracker blocking ready to go.

Blur also includes auto-fill and a password manager, helping you fly through website logins and navigate the web faster. Speed and privacy – Blur delivers both, even in a world without browser-based DNT tech.

Photo courtesy of Roadrunner38124 via photopin cc.



Privacy News of the Week

small__15764585775Yet another phone data collection program revealed

Another federal government data-mining program was being used to track the phone habits of American citizens, reports this week indicate.

The Drug Enforcement Administration was behind the data-collection program, which sought to gather phone records for calls between the US and nations where the drug trade is active. The program ended in September 2013.

The DEA has not made clear how many call records were collected. The ACLU has filed a Freedom of Information Act request to learn more about the agency’s activities. Read More