I’ve been blowing the whistle on both Google and Facebook recently for their customer-unfriendly approaches to tracking our activities and the activities of our friends. (I don’t plan to stop there. Next, I’ll take a look at Apple’s privacy practices and Microsoft’s.)
I AM complaining about the routine collection of very detailed information about each of us—logs that are not anonymous but connected to our identity, our computers/phones and our physical location, and the actual activities we’re doing online. These are logs that are not only able to be used by Google and Facebook for ad placement, but they can also be used by any entity that claims it has the legal right to spy on any of us.
I am ALSO complaining about how difficult it is for customers to:
a) Know exactly what is being tracked
b) Understand how to turn off tracking
c) Keep the people in our social network from inadvertently violating our privacy
d) Keep applications and other websites that are “in” these companies’ networks from compounding the problem by adding their own tracking and aggregation on top of what is already being tracked about us
On March 8th, in my article entitled, The Unintended Risks of Using Facebook, I provided detailed instructions for how adjust your privacy settings and how to turn off the ability for your friends to share your profile information with the applications they use.
On March 22nd, I told you about the dangers of using Facebook-aware applications and Facebook’s new Timeline platform in the article called Facebook's Timeline: Seductive and Dangerous?
The bottom line: In an era in which customers are supposed to be in control, we feel very much out of control! And it’s too hard to turn everything off that needs to be turned off!
Disconnect.Me to the Rescue!
Here’s a link to a YouTube video you really need to watch. It’s Brian Kennish, the founder of Disconnect, talking about “Tracking the Trackers: How Our Browsing History Is Leaking into the Cloud.”
Brian worked at DoubleClick and then at Google and became intrigued by how much of our real-time and browsing history is being tracked and stored, not only by Facebook and Google, but also by hundreds of other application providers in each of their respective networks. He also realized that, although each of these entities turns your identity into an alphanumeric sequence for tracking purposes, that ID can actually be easily reconnected to your name and your identity. Once that happens, not only will Google and its network of application developers and advertisers know who you are and what you’re doing. They (and Big Brother) will be able to access your complete browsing history since the beginning of time (or since you started using the Web)!
Brian Kennish created a simple tool called Disconnect Facebook, which he and his team then followed with similar Disconnects for Google and Twitter. These are Firefox, Chrome, and Safari plug-ins that let you use these services, take advantage of most of their features, but not be tracked. Disconnect is available for free from the Disconnect.Me website.
“We think your personal info should be treated with respect, that you should be the steward of your digital self, that you should own your own data.
But today, you’re getting a bum deal. Thousands of companies and organizations are taking, analyzing, and auctioning off things like the history of the webpages you go to and searches you do, without even telling you.
So we’re building a platform to put you back in charge and let you decide who does what with your online data.”
So I immediately downloaded and began using Disconnect.Me in both my Firefox and Safari browsers, and so far, so good. (At first, the tabs with my pre-logged-in Facebook pages didn’t work, but when I refreshed, they worked fine). I noticed some glitches using my Safari browser. I wasn’t able to launch a YouTube video from within Facebook. But it worked OK on Firefox. So Disconnect.Me is doing things that may break some previously seamless transitions (transitions that took place while your identity tokens were being handed off).
The other thing I noticed that the Disconnect.Me folks are doing, in conjunction with Mozilla and the open source community, is coming up with a set of icons for each site that will tell us very simply exactly what privacies we have on that site or when using that application. There seem to be a couple of different approaches to what icons should be used (pictorial only or letters), but the options seem, at first blush, to be quite self-explanatory. Here is a set of proposed privacy characteristics (as of Sept. 29, 2011), each of which would have it’s own icon (which could be a letter – as the ones in bold – or a more language-agnostic symbol:
N Non-Personal Information Data is aggregated, anonymized, or purely technical.
P Personal Information Data is moderately sensitive and individually linkable.
S Sensitive Information Data is highly sensitive or linkable (ex: SSN, CC#, health).
E Encrypted All data transmission and storage is encrypted.
A Advertising Data is used for advertising or marketing purposes.
G Geolocation Location data is collected or used.
3rd Third Parties Other entities have access to your data.
F Friends' Information Data about your friends or social graph.
O Opt-In Consent Whenever data is collected, you're asked for permission first.
30 30-Day Retention All data is destroyed after 30 days.
90 90-Day Retention All data is destroyed after 90 days.
% Unlimited Retention There is no schedule for the destruction of data.
L Law Enforcement Data is only provided under a court order, or to prevent imminent danger to the user.
C Certified An independent party has certified the privacy practices of this app.
I like the idea of having Creative Commons-like icons that tell us exactly what we’re signing up for when we start to use a site or an app. And I like the idea of having a consistent vocabulary and easy to parse icons for all sites and apps. So I hope that the idea of privacy icons catches on.