Privacy: Do Not Track & the real Elephant in the room
by Peter
As we continue our discussions on Privacy i’m drawn more and more to thinking about the core problem. Colloquially you’d hear this expressed as either the 800LB Gorilla or the Elephant… in the room.
First lets start with a simple and elegant definition of Privacy.
Selmer and Blekeli in 1977: Privacy is the legitimate interest of a person to control the collection and use of information that relates to him/herself. (Source: “Data og personvern” p. 21, Universitetsforlaget, Oslo))
I really like this. It describes the elephant very elegantly. It’s all about the legitimate interest of a person to control the collection and the use of that information that relates to him or herself. One word immediately jumps out at you… the word “Control”. The user (him or herself) MUST be in control of any information that pertains to them. In other words this is all about “Me” controlling “My Data” and what I’ve looked at online.
This is where the battle lines in the war on Privacy are being drawn.
Let me give you a real world example. I visit Google.com and do a search for something that triggers a keyword that the Govt. tracks. Let’s think of one – “terrorism”, lets think of two more, “bomb making”. Combined, these are three very potent words, and certain Govt. agencies may be very interested in knowing not only who is looking at them, but exactly where they were located when they looked at them.
So the idea behind the Do Not Track header is that if I had this setting turned on in my browser when I visited Google and did a search for those words, then Google would NOT track any of that information. So in essence if the Govt. requested the logs of all the Web visits and search requests in the last few days they would never see that I was searching for “terrorism” or “bomb making”. This is the whole idea behind what Selmer and Blekeli are talking about – I remain in control of my information that relates to Me.
Unfortunately as we’ve already discussed in a previous post “Privacy: Making SSL faster, and why Do Not Track is NOT using it” without even the basics like SSL running there’s very little teeth to the current Do Not Track standard. There’s simply too many ways for the Web servers to say that the user never really sent the header even though they clearly did.
So what’s the solution?
Well actually it’s pretty simple. An audit log that the user controls on the device. Think of it this way. I launch my browser, I go into my Privacy Options and there I set a checkbox that says “Audit Browser”. What this does is to keep a record of everywhere I go, every keystroke I enter, and every Web page that loads. It stores that data “compressed and then encrypted” on my device. In essence it becomes my personal log of everything that I did.
Now imagine if the Govt. pulls up at my door one day and wants to chat about my search requests. Well I would show them that I have my Do Not Track setting on in my browser, and that I have a complete record of everything i’ve done on the Web. So exactly how did you (the Govt.) learn that I was searching for information on those words.
Well there’s only one place it could have come from – Google’s logs. They either did not see my Do Not Track header (because a 3rd party caching engine stripped it off, or because the transaction was not SSL and it was lost) or they did see it, and the chose to give the Govt. access anyway.
So that’s the real Elephant in the room – It’s all boiling down to who has control over my data. Selmer and Blekeli argue (persuasively) that I should have control – the current standard being offered (DNT) is actually out of alignment with that argument. There’s nothing in the standard that extends the control back to the user by way of either additional settings (see my blog on Privacy on the Internet is not binary) or in the ability to audit themselves to see what they did.
For Privacy and Do Not Track to really work there has to be trust. The user (Me) has to trust that the Web server/entity is really protecting my privacy. The only way this will ultimately be determined is by a legal challenge. It’s pretty clear right now that there’s NOTHING in the current standard that will provide either side with the answers they need to “prove beyond a reasonable doubt” that the Web entity and 3rd party tracking sites honored my Privacy.
So the conclusion is now obvious. The Elephant in the room is going to remain in the room, because it’s in the interests of those who wish to know more about you than you’re willing to share.