A very cool feature in Microsoft’s Internet Explorer 9 (IE9) is its support for Tracking Protection Lists (TPL). TPLs are a mechanism for reducing how tracking of your activities on the web can be done by advertisers (and others). I want to explore why you might want to use a TPL, and then in Part 2 I’ll go into a little about how they work, and then make recommendation of what TPLs you should use under various circumstances.
There are a couple of things to realize about “tracking” before getting into TPLs. The first is that tracking is not necessarily bad. Take Amazon.com as an example. Amazon has long been known for tracking what its customers do on their site and then using that information to customize the user’s experience. It is one of the things that people love about Amazon. Many other web sites do the same. The key here is that the tracking information stays within the site. It is not shared with third parties. And that is the key differentiator we are talking about here, so-called “first party” vs “third-party” tracking. TPLs, and most privacy (though not all) concerns, are around third-party tracking. The basic problem with third-party tracking is that it allows your behavior to be tracked across many web sites, allowing for these third parties to know more about you then anyone on the planet besides yourself. And doing so without your permission. And potentially selling that information to anyone they desire, again without your permission.
If I know what books you bought, what medical conditions you researched, that you looked at adult toy websites, what health products you ordered, which political web sites you read, etc. I could draw an amazing number of conclusions about you. Advertisers want to use this for seemingly innocuous purposes. For example, you are sitting at a news site and they have to display an ad. Should it be for “Cancer Centers”, “Baby Diapers”, “Sports Cars”, or “Dating Services”? If “they” have enough information about your web surfing habits to suspect you have cancer then guess which ad they display. So what’s the problem? Take a simple example, what if one of your co-workers notices that you are always getting ads for cancer-related products and services. Did you really want them to know about your health situation? Or what if a potential employer could get this profile information. Information you are neither required to disclose, nor that they might be permitted to ask, could impact whether you are hired.
How about a concrete example from a slightly different domain. When you use a supermarket loyalty card the supermarket tracks every one of your purchases. A lawyer friend was once telling me why she registered her card as “Mrs. Denzel Washington” rather than her actual name. She knew of a case where a prosecutor in a drunk driving trial had subpoenaed the supermarket’s tracking information and used it to show that the defendant had purchased beer earlier in the day. They might not have been able to prove the defendant drank the beer, but it was still a way for the prosecutor to sway the jury. Your tracking information on the web could be similarly obtained in criminal cases, civil lawsuits, or just government witch hunts (recall the FBI trying to get their hands on library records looking for those reading books that might suggest they are potential terrorists). Imagine the fact that you were surfing the web trying to understand Islam, and at the same time researching US weapons that they keep talking about on the news, making you a target for investigation as a terrorist. It sounds far-fetched, but if you think back to those first few months and years after 9/11 you know it is all too possible.
Hopefully I’ve made third-party tracking sound really awful, and thus you are wondering why it is even legal. Well, lets talk about the good side of tracking. I’ve already mentioned the Amazon.com example of first party tracking leading to great site personalization. And I’ve given the bad side of how third-party tracking could disclose private information via advertising. But what about a good use of this same data? It is buried in my bad example. If you are going to display an ad for me, and have me take any interest in it, then please display the “Sports Car” ad. Some of my single friends and cousins really could use that “Dating Service”. And I know a few people with newborns who are no doubt in the market for lots of diapers. The third-party tracking is generally the only way that the right ad is going to get to each audience. Some very large sites may have their own ad inventory and be able to use the profile from first party tracking to choose which ad to display. But most web sites call on a third-party service to display an ad, and that service of course relies on the tracking data it has acquired in deciding what ad to display.
There are three other important things for you to think about before we get to TPLs specifically. The first is that most web sites are supported by advertising, and thus anything that degrades the advertising experience reduces their revenue stream. As a result web sites are investigating blocking the display of some of their content when a user who has disabled tracking visits that website.
The second is a sea-change that is taking place in how advertising is personalized. Think about the analog world for a minute and you realize that most media is targeted at a broad demographic. For example, Men’s Health magazine has a demographic that is primarily health conscious males in their 20s and 30s. If you are an advertiser looking for this demographic then you place an ad, tuned for that demographic, in Men’s Health. The fact that I subscribe to Men’s Health means I’ve opted into the demographic, even if it doesn’t exactly fit me. And sure enough both the articles and advertising in Men’s Health is slightly off for me because I don’t fit the age demographic. But since they can’t print a Men’s Health magazine specifically for me, I (and the advertisers) live with a suboptimal match. Of course, in the digital world you can do much more specific targeting. And so it is easy for a web site to dynamically build web pages that are tuned for multiple fine-grained demographics. Men’s Health could in fact customize both editorial content and advertising so that it became “Middle Age Men’s Health” or “Senior Men’s Health”. And if all this third-party tracking did was flag you as hitting a broad demographic such as “Married, No Kids, Middle Age” and then the tracking data was thrown away, it might not be that threatening. But instead we are going in the opposite direction. The web lets us do things like offer up coupons, and so it becomes important to know answers to very detailed questions such as “Likes Steak” or “Vegetarian” so the right offers go to the right people. Thus simply gathering data and then throwing away the details is becoming less and less attractive to advertisers.
The third point is that we can probably break the actors involved in tracking into three broad categories:
1) Those who are both trying to use the tracking data in a way that benefits the consumer (as well as their own economics) and is very conscientious about trying to protect the consumer’s privacy. They will subscribe to some industry set of best practices for doing so, and may offer some means of at least partially opting out of tracking.
2) Those whose intent is benign, but who really aren’t that careful about taking reasonable measure to protect your privacy
3) Those who either don’t display much concern about protecting privacy as long as they don’t violate the letter of the law, are negligent, or have outright malicious intent
What IE9’s Tracking Protection Lists do is let you choose how much you are willing to be tracked, and by which of the three kinds of actors. So those seriously concerned about anyone tracking their activities on the web, and willing to give up having a personalized browsing experience and potentially access to some web pages, can do so. While those interested in still having a personalized experience and full access to web pages, but wanting to limit tracking to only those parties who take reasonable measures to protect privacy, also have that choice. In Part 2 I’ll describe how to achieve this.
Pingback: Deepsec 2011: Are Companies “Evil” When it Comes to Privacy? | Hal's (Im)Perfect Vision