Hey Ian, Thanks for your thoughts!
On 06/24/2013 03:53 PM, Ian Thomas wrote:
Other than the posts by Bil Corey, the recent discussion on this thread seems to be about the details of the technical implementation. Have we even agreed that this is a good move for the eco system of the web, and especially for people who are privacy sensitive?
I don't think we all agree it's the best route, but it's worth trying out. At least as initially conceived (in a way that blocks all unvisited sites) it has user-expectation and accuracy problems. Brendan has written up some of his concerns.
https://brendaneich.com/2013/05/c-is-for-cookie/
In my opinion it is impossible to prevent a user being tracked from one website to another as there are just too many ways of passing data, each of them serving a useful purpose. If we were to block all of them then the web wouldn't be anything like as powerful as it is today.
I wouldn't write it off as impossible, but yeah, it's incredibly hard and would probably greatly degrade the web experience.
That's not to say we should give up on privacy, but we should concentrate on the areas where we might succeed: initiatives such as Do Not Track and other more political and educational approaches.
Why not try both? DNT is not exactly quick to solve the problem, but it's still promising and may eventually be a better solution. Can we make cookies more useful *and* more transparent? Can we drive the fair players away from cookies onto some tech that's more useful for their purposes and also in better control of the users? I think there's lots of room for innovation here.
You should also not assume that users do not want to be tracked. Millions of people opt-in to having their grocery shopping habits tracked in return for a 1% discount and the occasional money-off coupon.
I don't want to assume users hate tracking, but the opt-in rate to DNT is staggering -- higher than any off-by-default feature in Firefox. This means quite a few people want tracking control of some sort. So we should make the choice a fair one. People should have an opportunity to see what's happening and decide what they want for themselves before it has a major impact on their privacy. This behind-the-tech-and-hard-to-explain nature of the problem doesn't really make it fair.
Not sure where you're shopping, but my frequent shopper card gives me more like 10%, the card doesn't automatically present itself and I know when the card is used and that it is used by only the grocery store (not the library or parking meters). So it's already far less subtle than cookies. If you track my purchases via swiped credit card without telling me it's for more than payments -- that's more like cookies. [0]
Either way, I'm not sure people would be quite as excited about the loyalty cards if they knew more about how the data was used. I believe many people are under the impression that the card is just a reusable coupon with no side-effects ... which is not even close to the whole story.
[0] http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/
-Sid _______________________________________________ dev-privacy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-privacy
