It’s happened to you just like it happens to everyone else: You do a web search for something unusual, or perhaps shop for it on an Internet vendor’s site. Maybe you were searching for, say, a cage feeder for your pet turtle. You find one; maybe you buy it, maybe you don’t.
Either way, though, within minutes you notice that almost everywhere you go next on the Web you start seeing ads for things related to turtles. Soon you’re bombarded with banners, margin ads, and pop-ups from pet shops, ads for books on reptiles, from companies that sell exotic-pet foods, from a save-the-turtles conservation fund. Ads from vendors and other entities you’ve never heard of suddenly fill half your computer screen. Whether you’re on a page on politics, Hollywood gossip, car repair, or erectile dysfunction, off to the side and popping up in front of your requested page are ads about, or in some way related to, turtles, turtles, turtles.
It’s uncanny, isn’t it? How do they know? How were you outed as a raging reptilophile?
The answer, of course, is ad-tracking cookies and other sneaky little thingies downloaded and embedded in virtually every Web page you receive, their purpose being to gather, record, accumulate, and disseminate to others virtually everything they can learn about you. And that is quite a lot: Not only that you’re interested in whatever the given Web page is about (such as turtle feeders) but also what kind of computer you use, which browser and version, your location, how you’re connected, where on the Web you’ve been before, what path you used to get there, that you’re someone who is awake at 2am, that you surf the Web from your workplace — an amazing amount of info is given to them each time you land on a Web page. By gathering, collating, correlating (“connecting the dots”) all that data each time you land on a new Web page, you and your online life become as exposed and scrutinized as a microbe under a microscope — every detail, every moment, 24×7, without limit. That’s not rhetorical exaggeration or literary hyperbole — that’s the way it is.
Nothing ever forgotten
And because every move you ever make on the Web is stored in a kept-forever database by multiple snooper companies (who in turn make it available to anyone who wants to buy it), your online life going back almost to the dawn of the World Wide Web is available to anyone with an interest in it, along with whatever all that says about you, which is probably most of what can be known about you. Do you suffer from some kind of erectile dysfunction? An unusual vaginal itch? A hankering for kinky sex of a certain type with [fill in type of creature]? Don’t be surprised that you start seeing ads for pills made from whale testicles, finger gloves claimed to be made from mutant porcupines , and travel packages for discreet little places in Thailand. On the modern Internet, nothing is private.
All the foregoing is not news to most Web users. The breadth and detail of it may not be fully realized by most users, but that you are being minutely tracked on the Net should not be news to anyone who’s been paying attention. Yes, it’s creepy; yes, it’s misused; and yes, it’s even abused to profit advantage. Which is why all but the most naïve among us have moved on to thinking about how to counter it — how to protect ourselves from the sneaky snooperism that underpins the business model of much of the Internet.
To the rescue…maybe?
And so it is that some major initiatives have been put forth to protect users from the ubiquitous invasion of privacy. Web browsers started offering ways to block cookies and other “tags” used to mark your path and presence as you move through the Web; that was countered by more sophisticated means of tracking you and, even the very cheeky response from some sites telling you that the site will not allow you to visit if you don’t enable cookies — the online equivalent of telling someone at your door that he or she must agree to be photographed naked before entering your house.
One of the most promising initiatives — and, to most people, still the most promising — was first proposed in 2007, revamped in 2010, and rolled out to great fanfare. What fueled the massive interest was the sheer simplicity of the proposal: Instead of setting up little side rules (such as narrow little rules about cookies) that only fostered an escalating arms race of snoop-vs-countersnoop, it simply set up a rule to which all participants in the game were to be made to subscribe: The DO NOT TRACK rule (“DNT”).
In principle Do Not Track is as simple as can be: When your browser lands on a Web page, it tells the Web server that you do not want to be tracked. The server is then supposed to refrain from all activities to track you, leaving you to land, read, and transit through with no record kept or your presence there not passed on to others. You would be able to speed through the Web like a stealth plane, your path and presence known only to you and noted by no others. (OK, OK — the DNT initiative was not intended to be that comprehensive, but that was the general idea.)
And so the problem was solved forever, and no one ever complained again. People put their faith in DNT and it worked just as advertised.
Aaaah, well… Actually, if truth be told, it hasn’t quite worked out that way. In fact, even before DNT was formally announced, with the U.S. government stepping in to lend weight to enforcement, there was disagreement about what DNT even meant, what it was supposed to allow and disallow, who was obligated to obey it, and much more. And though most makers of browser and server software have expressed and implemented support for DNT, in real life it’s had little positive effect.
In large measure that’s because the companies most required to implement and live by the limitations of DNT are the ones who would suffer the most from implementing it. DNT would, if nothing else, likely put a big dent in the revenue from selling and putting to work all that knowledge that those companies collect from you. Google, for example, is one of the world’s largest and most profitable companies, and it does it without charging you a dime for anything: It makes all those gazillions of dollars by charging other companies for use of the information Google knows about you. So how eager do you think Google is going to be to implement an initiative that will significantly curtail its ability to gather and use that information?
And so it is that Google explicitly ignores “Do Not Track” requests from your browser. So does Yahoo. So does that paragon of “we will destroy your anonymity,” Facebook. (Facebook seems to behave as if the very concept of privacy doesn’t even exist. To re-use the earlier example, to enter their house you not only have to agree to be photographed naked, you have to agree to a full-on cavity search. Virtually speaking, of course.) And many other data-collection companies follow suit.
(It bears noting that a number of those other companies that follow Google’s lead are in fact owned by Google, so that even if you don’t see the name “Google” in the names or URLs of the tracking thingies on your Web page, it may still be Google that is tracking you.)
But don’t despair!
Ach, who am I kidding. Never mind — go ahead and despair. Get it out of your system. Mourn your loss of anonymity, privacy, and peace of mind. Use up a whole box of Kleenex.
Once you’re done with that, however, consider a few positive things you can do:
- Download and start using Mozilla’s Firefox Web browser. It’s not that Firefox is the be-all and end-all of Web browsers or that it will end all your woes about preserving privacy, but it’s the best of the bunch in that regard. It explicitly embodies as one of its prime directives the preservation of your anonymity and privacy, and through both its architecture and the thousands of free add-ons available for it, it gives you a great deal of control over how much information it reveals about you. It’s not as fast a Google Chrome or as slick as Apple Safari, but through its flexibility and the zillion available add-ons it’s probably the most powerful of browsers and — if you take the time to configure it as you want it — the one best able to safeguard your ever-threatened privacy bubble.
- Download and start using TOR. TOR is software that installs in your computer and thereafter routes all your Internet traffic through an anonymous peer-to-peer network that encrypts and hides all your traffic through the Net. In effect it “hides all your tracks” through the Internet. TOR is so effective at this that ever certain government agencies charged with snooping on citizens can have a hard time cracking it. (In fact TOR was originally built for the U.S. Department of Defense to hide some of its own traffic.)
Because it bounces your traffic all over the planet to hide the traffic path, TOR typically has the effect of slowing down your Web surfing to some degree — that’s the necessary price you pay to gain the privacy TOR offers. The other price you can choose to pay — and, in my view, you should choose to pay — is to allow TOR to use your computer as one of its traffic nodes, thereby enabling the TOR system to run faster and more securely. Allowing your computer to be used as such a node has little to no noticeable effect on your own use of the computer (no real performance hit, in my experience) but it’s a real plus for the TOR network and makes you a good TOR netizen.
- Go see and learn from EPIC (the Electronic Privacy and Information Center) and EFF (the Electronic Frontier Foundation). These are two of the most important organizations out there fighting for your rights in this arena and if not for them we would already have lost much more ground. If you’re a conscientious sort (and you are, aren’t you???) you’ll also contribute to them — these are very small organizations fighting against giant adversaries and it’s only your donations and mine that keep them going. A few dollars is a small price to pay to help keep them going.