Should There Be A "Do Not Track" List For Internet Users?

Several consumer groups have joined together to request that the FTC implement a “Do Not Track” list for online use, which would allow Internet users to request that they be told in advance any time their online patterns are being tracked for advertising purposes. They submitted a formal request today, before the FTC’s 2-day workshop begins tomorrow where it will “study the increasing use of tracking technology to target online ads.”

Computer users should be notified when their Web surfing is tracked by online advertisers and Web publishers, argue the Consumer Federation of America, the World Privacy Forum and the Center for Democracy and Technology, among other groups in a coalition promoting the idea.

Rather than burying privacy policies in fine print, companies should also disclose them more fully and provide easier ways to opt out, the groups said.

Advertising groups have countered that tracking is beneficial to the consumer because it helps advertisers target appropriate messages to web users—but that’s a little like saying putting bells on deer is beneficial to the deer because it makes them easier to shoot.

On the other hand, argue the privacy advocates, such vast collections of personal data make for attractive targets to hackers and identity thieves, not to mention the government, and could lead to unsavory practices like price discrimination—”for example, lower-income Web surfers might receive higher interest-rate mortgage or other loan offers than what higher-income consumers receive.”

We think there’s a fundamental difference between intrusive practices—like telemarketing and physical junk mail—and invisible practices like collecting usage data in the background. However, what’s more important is that the usage data has a clear value, and too often we give it away largely for free to businesses like DoubleClick. We’d like to see more stringent privacy policies that would give consumers the ability to derive higher value from their personal data.

“Privacy Groups Target Online Advertising” [Associated Press]
(Photo: Getty)

Comments

Edit Your Comment

  1. HeartBurnKid says:

    No, there shouldn’t be a “do not track” list, simply because you have to be aware of the tracking in order to opt out.

    If anything, they should force the companies to keep an opt-IN list for tracking, and not track anybody who’s not on their list. But that’d require lawmakers to support the average Joes over big business, so it’ll never happen.

  2. medic78 says:

    Given the global nature of the internet though, this would only affect a very tiny portion of websites.

    Even among the sites it affects, just how do you police that many sites?

    It has a good intent, but just isn’t practical.

  3. DojiStar says:

    And how do you opt-in or out. What is going to be the mechanism for identification, email, IP address…? IP addresses renew every so often, so do you need to opt out every time your IP renews?

    This will never work. THe internet is international and US law doesn’t go beyond our borders so it is unenforceable. Plus we all know how spyware manufacturers are all so upstanding and never skirt the law.

  4. cristiana says:

    There are many problems with having a ‘Do not track list’.
    First you would have to define tracking. Is the default configuration of most webservers, were it records the ip address and piece of content accessed considered tracking? Or, does tracking come into play when the site knows some information about a user, such as an email address?
    Second, this list would have to either be pushed out to every website, or stored on a world accessible server that can be queried. Both of those techniques have their own problems. Having the list pushed out to every website would be a huge task, and each site would have to store the info in a database. Since there are tons of sites that rely on static content, how are those sites going to be able to comply? Also, if each site was responsible for keeping the list available, there is no way to prevent tampering with the list because each site would have to develop it’s own implementation. If the information was stored on a publicly available server, how would it be secured? Would each site have it’s own login, and then use that information to query the server? Forcing a website to make calls to the net in order to serve a page would significantly slow down page generation. Also, allowing the webserver to communicate with the internet as a whole could become a security problem.
    Thirdly, unlike junk mail and unsolicited phone calls, a user can easily prevent most forms of tracking by disabling cookies, or only allowing cookies for certain trusted sites. But disabling cookies would not prevent anonymous tracking by IP address, however, using that information for tracking purposes is flawed, since most users do not own a particular IP address.
    There are a lot more issues at hand, but implementing a do not track list would be costly, and involve huge overhead. Since most forms of tracking can be prevented by using a little knowledge on the user’s part, the list seems to be a huge and complicated solution to an easily solved problem.

  5. CurbRunner says:

    Opt out or opt in, I doesn’t really matter anymore. They already know your web surfing and buying habits for just about every website you’ve ever visited.
    Your profile is already well documented.
    Also, I believe that some aspect of the Patriot Act requires that ISPs keep tracking records of all customers available for scrutiny by the government for a certain period of time in order to support the slide towards fascism for all citizens.

  6. AndyMan1 says:

    I already “opt out” by blocking any and all advertising and tracking cookies/scripts that i find.

    There are still a few holes, namely sites I leave alone for functionality (newegg, amazon, etc.) but doubleclick and adbrite ain’t seeing squat about me.

    As for one of the last sentences in the article, it would be an interesting hypothetical proposition to find a way to charge these companies for the information they acquire. If they’re in business, then my habits are worth something. Shouldn’t my behavior be considered my intellectual property?

  7. Her Grace says:

    I just read a very good Cory Doctrow short story, dealing with this issue:

    [www.radaronline.com]

  8. iamme99 says:

    Do you seriously believe that you would be able (or would want) to read through and parse all the fine print before buying something anyway? Not me.

    Firefox blocks ads nicely using the adblock plus add-in. Spywareblaster & Spybot block all tracking cookies and prevent spyware.

    I also use disposable email addresses when buying anything, replying to anything, signing up for forums, etc. VERY few people have my actual real email address. With a disposable email address, if I get spammed, I know where they got the email address from and I don’t buy from that company any longer. I’ve been using disposable’s for years and I’ve actually found almost no selling/trading of my email addresses.

    I use http://www.spamex.com which starts at $10/year for up to 500 email addresses at any point in time.

  9. brew400 says:

    dam the man

  10. cheesyfru says:

    *headdesk*

    1. What would the list consist of? IP addresses? For most people, this change often, if not every page (AOL).

    2. Most tracking is done through cookies. If you honestly care that you’re being tracked, disable cookies or install a blocking plugin. There, you’re on the list.

    3. What is tracking? What are “advertising purposes”? And how do you prove this?

    4. Would this kill things like keyword advertising (Google AdWords)? That’d be a good way to put anyone out of business who’s not big enough to be able to afford untargeted advertising.

    This is another feel-good legislation proposal from people who have no idea what they’re talking about.

  11. Jaysyn was banned for: http://consumerist.com/5032912/the-subprime-meltdown-will-be-nothing-compared-to-the-prime-meltdown#c7042646 says:

    @iamme99:

    You can also used “Plussed” email addresses for a similar thing. I.e. say your email address is jaybug@gmail.com (Gmail supports plussed email). Then when you buy something say at Amazon you supply them with the email jaybug+amazon@gmail.com. The confirmation emails will still come to you, but if you start getting spam that is sent to jaybug+amazon@gmail.com, you know that Amazon resold your email address.

  12. astrochimp says:

    Yes, there very much should be a do-not-track list.

    However, it is all too likely that it would function quite well as a do-track-these-people-in-particular list for the powers that be.

  13. Michael Belisle says:

    A do-not-track list is preposterous. Everyone keeps logs (with some exceptions, like a few torrents sites). It’s just a question of whether or not they look at them. If they don’t, they might as flip a coin when guessing what their visitors are doing there.

    Tracking might a little like putting a bell on a deer, but only if you’re talking about spammers targeting Valium to pain-killer addicts. Otherwise, it makes perfect sense to target ads to people who might be interested. I don’t see the problem. Amazon, for example, advertises books that I find interesting. So what?

  14. Michael Belisle says:

    Even The Consumerist tracks you without explaining how or why: [www.sitemeter.com]
    I’d like to know why there are 13 cookies from The Consumerist on my computer.

    We might as well tell salespeople that they aren’t allowed to look customers in the eye.