A View from Tom Simonite
Online Tracking Bill of Rights Meets Wave of Gripes
A senate bill that aims to protect you online has many shortcomings.
“The bill, labeled the Commercial Privacy Bill of Rights Act of 2011, would impose new rules on companies that gather personal data, including offering people access to data about them, or the ability to block the information from being used or distributed. Companies would have to seek permission before collecting and sharing sensitive religious, medical and financial data with outside entities.”
The response to those plans shows the complexity of trying to make sense of what companies and users think is acceptable online. In short, the bill seems full of holes.
One of the bill’s main proposals is that any online entity targeting users based on their behavior offer an opt out. That may seem reasonable, but campaign group the Electronic Freedom Foundation (EFF) pointed out that doing so doesn’t prevent data being gathered, only its use for targetting:
“[T]he bill would allow a user to opt out of third-party ad targeting based on tracking - but not third-party tracking.”
Once data has been collected, it can be hard to know where it will end up, as evidenced by the news this week that Texas accidentally made the personal details and SSNs of 3.5 million state residents available online.
That Bill of Rights also exempts government agencies from its control, CNET reported, noting that:
“[T]he Obama Justice Department is lobbying for broader surveillance powers and trying to head off pro-privacy reforms. In January, the Justice Department announced that investigations “are being frustrated” because no law currently exists to force Internet providers to keep track of what their customers are doing. A month later, the FBI outlined its push for expanded Internet wiretapping authority.”
When such agencies do request data, the companies being asked often expend little effort to ensure there is good reason for them to hand it over, said Forbes’ Andy Greenberg, summarizing another EFF publication that appeared this week:
“[S]ome companies like Google and Twitter come off relatively well by [the EFF’s] measures, five companies flunked altogether: Apple, Skype, Verizon, MySpace, and Comcast.”
However, even if tough restrictions on gathering and using personal data are made, they will be made meaningless by sophisticated math techniques, wrote media theorist Doug Rushkoff for for CNN:
“Kerry and McCain might do well to research how their own presidential campaigns use data-mining and factor analysis in communicating with potential voters. If the statistical modeling programs have enough data to crunch, they should be able to infer our sensitive data from the less sensitive sort.”
Yet there’s a danger that those calling for tighter control will be over zealous in their call for purging of their information pointed out Fahrad Manjoo for Slate. Google search, for example, gets its ability to correct spelling from mining records of what people searched and clicked on in the past.
“[W]e all reflexively hate the thought of a company analyzing our digital lives, we also benefit from this practice in many ways that we don’t appreciate,” wrote Manjoo.
Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.Subscribe today