Data Privacy Day is an international celebration of the dignity of the individual expressed through personal information.  In this networked world, in which we are thoroughly digitized, with our identities, locations, actions, purchases, associations, movements, and histories stored as so many bits and bytes, we have to ask – who is collecting all of this – what are they doing with it  – with whom are they sharing it?  Most of all, individuals are asking ‘How can I protect my information from being misused?’  These are reasonable questions to ask – we should all want to know the answers.

To celebrate, I’ve taken some steps to make MichaelZimmer.org even more privacy-friendly:

• I have replaced the commonly used ShareThis widget with Sociable. Both allow readers to easily post and share stories from my blog to various social networking sites, but Sociable does it without the use of web cookies or web bugs. Sociable simply automatically creates the necessary links, that’s it. No one is tracking what you decide to share, or where you do it.
• I have ended my use of StatCounter for basic tracking and measurement of who visits this site, how they got here, and what they do while here. StatCounter’s privacy policy is pretty simple, but the service is dependent on a persistent cookie. While nearly everyone on the planet uses some kind of web analytic tool to track users, until I can find one that doesn’t rely on cookies or web bugs, I can live without it.
• I’ve updated the site’s Privacy Policy to reflect these changes (the old policy is here).

You can validate these changes by installing the Ghostery Firefox extension, which alerts you about the web bugs, ad networks and widgets on every page you visit. Nothing should appear when you visit MichaelZimmer.org, but you’ll be amazed to learn how other sites & advertisers are tracking users.

Enjoy Data Privacy Day, and let me know what you’re doing to get involved.

Of course, if that user visits Google again tomorrow, the cookie will renew for a new 2-year period. So, users who visit Google daily (like many), will continue to receive cookies with a rolling 24-month expiration. In practice, then, regular users of Google will not really benefit from this policy change.

This sounds like a great policy shift in order to protect user privacy, but my hunch is that Google is willing to allow this change because they see little value in having cookies linking data beyond a 2 year window. Google uses cookies to help track individual users’ search & related activities in order to understand who that person is and provide personalized results (and, of course, advertisements). If a user searches for “Paris Hilton,” having tracking cookies helps Google know whether to provide results about hotels in the French capital or video clips of the celebrity debutante. Google can analyze previous searches associated with that cookie to predict what the user really wants to see. My hunch is that the brilliant data-mining minds at Google recognize that if someone hasn’t searched on Google in two years, their past history probably isn’t a good indicator of their current needs. So, if linking to two-year-old data isn’t all that valuable, they might as well just dump the cookie altogether. It doesn’t harm their data-mining needs — and it’s good PR.

Peter Fleischer explains this move as part of Google’s “ongoing plan to continue innovating in the area of privacy to protect our users.” This is a good first step, but far from a complete solution. An easy way to take this announcement a step further would be for Google to announce that not only will the cookie on my computer expire after 24 months of non-use, but that they will also remove any record associated with that cookie from their internal databases. Such a policy would have a much greater impact on user privacy, since even if my cookie vanishes after 24-months, a record of all my activity remains on the servers in Mountain View.

(Thanks to Fred Stutzman — sitting in front of me — for pointing this out to me before Bloglines did)

ClickTale shows you the full story: every mouse movement, every click and every scrolling action. By using ClickTale you will gain insights that will improve your website’s usability, enhance navigation, and increase effectiveness.

Webmasters can add a small piece of javascript code to their web pages which collects browsing data of all their visitors and transmits it to the ClickTale servers for processing & reporting.

ClickTale does not have a privacy policy, but does offer this nugget in their FAQ:

How is user’s privacy affected?

ClickTale provides detailed information about users’ browsing behavior, so that usability of websites can be improved. ClickTale does not record any activity outside of the specific web page or outside the browser (no personal files recorded, no internet history, and no interactions with locally installed software). Also, ClickTale does not track users between websites. Inside the browser, no passwords are recorded.

Rose-colored glasses, eh? No mention about what the folks at ClickTale do with the data themselves (it all is stored on their servers, afterall). No mention of whether users actually consent to such monitoring, or if they can do anything to prevent it.
In the comments of the TechCrunch post, a representative of ClickTale makes this remark in reaction to others’ privacy concerns:

LOL. You might be surprised but most of the users are not concerned by this like you do. This is a personal preference and we respect that. There is an option to install a cookie that will disable the service for you (more on this in our soon to be released privacy policy), or you can use whatever tools that you are familiar with if you don’t like cookies.

That’s real nice. Not only does ClickTale not have a privacy policy (“soon to be released”), they find privacy concerns laughable and a minority position. According to their moral compass, protecting one’s privacy is the burden of user, who must install a special web cookie or some other technical tool to block the service (which, of course, assumes they actually know the tracking service is in place).

I concur fully with Alice’s assessment:

Again, privacy is reduced to a boutique concern of a small number of users. This is unbelievably irresponsible and I have no problem calling ClickTale out on that. There are plenty of ways they could require informed consent from users, but they know that marketers far prefer users not to know about tracking, because users will then opt out. These types of technologies should not be opt-out in the first place, and I am curious how this will fly in the EU where privacy rights are more strict than they are in the United States (which has some of the weakest privacy rights in the world).

…The argument “privacy is dead anyway” is a straw man. Privacy rights have diminished greatly in the United States because people don’t know that most privacy violations are going on, people don’t know what their rights are, and because the government has not legislated any sort of privacy protections. If these things changed, we could have a greater expectation of privacy. To say “there’s nothing we can do” ignores the fact that we are going to see more technologies like this which are increasingly intrusive and problematic.

My solution would be legislative, since neither marketers nor technology companies seem to be able to follow an internal code of ethics. Similar to anti-spam laws, technologies which track user data should a) notify the user and b) require consent to proceed. I also believe that tracking cookies (like DoubleClick) violate privacy, and this type of requirement would cover those as well.

CALL FOR PAPERS

Identity and Identification in a Networked World:
A Multidisciplinary Graduate Student Symposium

When: September 29-30, 2006
Where: New York University
Submission deadline: July 5, 2006

Increasingly, who we are is represented by key bits of information scattered throughout the data-intensive, networked world. Online and off, these core identifiers mediate our sense of self, social interactions, movements through space, and access to goods and services. There is much at stake in designing systems of identification and identity management, deciding who or what will be in control of them, and building in adequate protection for our bits of identity permeating the network.

The symposium will examine critical and controversial issues surrounding the socio-technical systems of identity, identifiability and identification. The goal is to showcase emerging scholarship of graduate students at the cutting edge of humanities, social sciences, artists, systems design & engineering, philosophy, law, and policy to work towards a clearer understanding of these complex problems, and build foundations for future collaborative work.

In addition to presenting and discussing their work, students will have the opportunity to interact with prominent scholars and professionals related to their fields of interest. The symposium will feature a keynote talk by Ian Kerr, Canada Research Chair in Ethics, Law & Technology at the University of Ottawa.

Submission Information:

We invite submissions on the function of identity, identifiability and identification in the following general areas:

• Media & communication: DRM systems, e-mail & instant messaging, discussion forums

• Online: Identity 2.0, web cookies, IP logging, firewalls, personal encryption

• Social interaction: online social networks, blogging, meetups

• Consumer culture: RFID product tags, reputational systems, commercial data aggregation

• Mobility: electronic tolls, auto black boxes, RFID passports, SecureFlight, V-ID cards

• Security: video surveillance, facial recognition, biometric identification systems, national ID cards

Please submit abstracts, position pieces, demos or full papers for a 10-15 minute presentation to michael.zimmer@nyu.edu by July 5, 2006. Include contact and brief biographical information with your submission. Notification of submission acceptance will be given by July 17, 2006. Limited travel stipends will be available for presenters. Students in need of travel funds should indicate so with their submission.

Program chairs:

- Tim Schneider, JD Student, NYU School of Law
- Michael Zimmer, PhD Candidate, Dept. of Culture & Communication, NYU

Faculty advisor:

- Helen Nissenbaum, Dept. of Culture & Communication, NYU

Sponsors:

- Coordinating Council for Culture and Communications, Journalism, and Media Studies, New York University
- Department of Culture and Communication, New York University
- Information Law Institute, New York University School of Law

(download PDF version here)

This was a difficult decision, being that StatCounter utilizes web cookies to help provide information about what IP addresses access this site and how. I’ve tried to address this concern in the official Privacy Policy for michaelzimmer.org:

michaelzimmer.org strongly believes that you have the right to control the use of your personal information, and that your privacy must be respected.

michaelzimmer.org collects no personally identifiable information, but it does utilize StatCounter.com [privacy policy] to help measure & optimize usage of the site. The Statcounter service makes use of cookies to help determine things like (1) whether you are a new or returning visitor, (2) what web sites or search engines have been used to navigate to michaelzimmer.org, (3) the IP address of visitors, and (4) other information about your computer (resoultion, operating system, etc.) to help optimize the site’s performance. Such data is used only to get a general idea of the make-up of our visitors, and will not be stored, sold, aggregated or mined. [Lean how to block cookies here.]

If you choose to participate in this blog by posting a comment to entries, you can decide whether or not you wish to leave information that could identify you to us and to others who access this site. If you choose to leave identifying information, it is collected and stored for the purpose of recognizing your contribution and enabling others to contact you directly.

Personal information that you provide to michaelzimmer.org will be used only for the purposes you have authorized. michaelzimmer.org does not sell, rent or lease personal data. We do not purchase or otherwise obtain data from other sources.

Any subpoena or attempts by government agencies or private sector organizations to gain access to any information that you give us will be vigorously challenged to the best of our abilities.

I will quite understand if you decline to allow our cookies on your machine. I have read StatCounter’s privacy policy statement, and am comfortable with their assurances that they will not pass stats data to any third party, and with their anti-SPAM policy. My StatCounter account information is password protected, and I add my assurance that I will take such steps as I am able to ensure that it stays confidential (I have declined the option to allow others to access the stats data for michaelzimmer.org).

If I become concerned that too much identifiable data is being stored in the stats logs, I will take such steps as I can to reduce and/or dispose of it. If I get substantial feedback from you about data privacy concerns in this regard, I will consider cancelling my use of the StatCounter service.

I hope you find this acceptable; please let me know if you have any comments, questions or protests!

-michael zimmer