The World Doesn't Revolve Around Washington Privacy Groups
from the nutty-approaches dept
A few months back we covered Ask.com’s AskEraser feature, which was touted as a way of enhancing user privacy by allowing them to opt out of personalization features that involve collecting personal information about users. We praised Ask for focusing on privacy, but questioned whether the feature was more marketing gimmick than serious privacy enhancement. Still, we apparently weren’t nearly as incensed as the Electronic Privacy Information Center, which went so far as to file a complaint with the FTC alleging that the service failed to adequately protect user privacy, because it set a cookie that included a down-to-the-second timestamp that could conceivably be used as a unique identifier. The only problem is that Ask fixed the problem weeks ago, replacing the timestamp-based cookie with a simple “yes” or “no” setting indicating whether the feature was activated. EPIC apparently didn’t notice this, and plowed ahead with its complaint to the FTC. Ask.com even says that it “tried to engage in a constructive dialogue with the group last week, and was rebuffed.” I found the response of EPIC Executive Director Marc Rotenberg particularly striking. He says the snafu is Ask’s fault for not responding promptly to EPIC’s threatening letters. And he says that AskEraser is “a nutty approach that does not scale.” Rotenberg, in other words, seems to feel entitled to second-guess the details of how companies implement their products. Rotenberg certainly knows more about privacy law than I do, but I highly doubt that “nutty” or non-scalable privacy features are against the law. And I certainly don’t think we want to get the FTC involved in second-guessing every detail of how websites are implemented.
Comments on “The World Doesn't Revolve Around Washington Privacy Groups”
How do you expect these groups to NOT think the world revolves around them?
It seems like they think they are all saving us from ourselves and our enemies and without them, we would have all had our identities stolen by now.
Their Opt Out consists of them putting a cookie on your machine.
And … they removed the time stamp – How very thoughtful of them. I should be grateful that they are bending over backwards on my behalf.
But, no. I still think it should be Opt In.
Hasn’t anyone heard of sessions and server logs. All this information is and can be recorded. Then there is also java script which any one that uses google analytics needs to embed there code on all page you want stats from. That java script records way more information then a simple timestamp.