Google Caught in Our “Cookie” Jars

Cookie-Monster-Google-doo-001
Google intentionally circumvented the default privacy settings of Apple’s Safari browser, using a backdoor to set cookies on browsers set to reject them, in the latest privacy debacle for the search and advertising giant.

Google immediately disabled the practice after the Wall Street Journal disclosed the practice this week..

Safari, which accounts for about 6% of desktop browsing and more than 50% of mobile browsing, is the only major browser to block so-called third party cookies by default..at least I thought so before the article…

When you visit a website, all browsers, including Safari, allow that site to put a small tracking file on your computer, which allows the site to identify a unique user, track what they have done and remember settings. However, many sites also have Facebook “Like” buttons, ads served by third parties, weather widgets powered by other sites or comment systems run by a third party.

Safari blocks the sites that power those services from setting or reading cookies, so a Facebook widget on a third-party site, for instance, can’t tell if you are logged in, so it can’t load a personalized widget. Google, along with a number of ad servers, were caught by Mayer avoiding this block, using a loophole in Safari that lets third parties set cookies if the browser thinks you are filling out an online form.

Google’s rationale seems to be that Apple’s default settings don’t adhere to standard web practices and don’t actually reflect what users want, since the browser never asks users if that’s the privacy setting they want. Facebook even goes so far as to suggest to outside developers that getting around the block is a best practice! Ha we are all already concerned about privacy and they call this back door approach a best practice?

Google said it used the backdoor so that it could place +1 buttons on ads it places around the web via its Adsense program, so that logged-in Google+ users could press the button to share an ad. Without the work-around, the button wouldn’t be able to tell Google which Google account to link the button to.

Now if Safari weren’t so dominant on mobile to the popularity of the iPhone, it’d hardly be worth the code to get at the 6% of desktop users.

But more to the point, if this is a problem for Google and Facebook, and if the defaults actually do mess with user’s expectations, it would seem that there are better ways to bring attention to the issue than getting busted working around them. What do you guys think? Are we watched every cyber second of the day?

Advertisements

Google+, the next Facebook?

hi-256-0-14d8d8a9217519d1a3c43903a9178a25f281c14c
You have all heard the news that Google is once again entering the social space, this time with an offering called Google+. It’s not the first time. Google’s Orkut social network is a great success — in Brazil. Google Buzz bombed. There was the collaborative system Wave … we waved goodbye to that. You can almost taste the urgency — Facebook is taking over people’s time online and a lot of ad dollars and this is a threat to Google.

But this is the first social launch since Larry Page took over as CEO and declared that social was a major battleground.

Google+ is based around the idea of circles. A circle is a group of friends. Circles can upload and share content, update each other, even participate in a little group texting.

Google is, of course, starting from the relationships it has. Specifically, Google IDs and knowledge that comes from Gmail. It seems obvious that Google Groups will be part of this as well.

Google has finally figured out that an all-out frontal assault on Facebook will always fail. Facebook just has too much of an embedded user base. As Charlene Li has pointed out, Google+ attempts to fix a problem that many have with Facebook — they accumulate 800 friends and then realize they don’t want to share everything with everyone. In other words, it fixes one of the big privacy problems.
f-1024-0
But if people were really all that upset with the privacy problem they would have left already. (Recent reports of “Facebook Fatigue” notwithstanding, there is no mass exodus happening.) People are putting up with it. It’s like a bad habit — you know it’s a problem, but inertia keeps you from leaving.

What will happen? Facebook’s traffic will not suffer. People will keep using Facebook. But when you have a tight little group, you may find Google+ to be just right for sharing with that group. So I think Google+ will catch on with lots of groups — Boy Scout troops, book groups, college cliques, that kind of thing. It may build a nice niche out of these groups, and extend the value of Google Groups in general. It will get people to spend more time on Google.

But it won’t replace or even dent Facebook any time soon.

What does this mean for marketers? First, you should keep a close eye on this, and consider advertising on it to the groups that matter to you. If Google+ makes it easy for companies to create brand groups, that’s worth a look.

iPhone tracking function…is our privacy all but gone?

steve-jobs-is-watching-you
When I first saw the MacIntosh 1984 Super Bowl spot I had really no idea that big brother would be placing a tracking device right in the palm of my hand…well it is 2011 and by now you have probably all heard the stories about the iPhone tracking function.

If you’re worried about privacy, you can turn off the function on your smartphone that tracks where you go. But that means giving up the services that probably made you want a smartphone in the first place. After all, how smart is an iPhone or an Android if you can’t use it to map your car trip or scan reviews of nearby restaurants?

The debate over digital privacy flamed higher this week with news that Apple’s popular iPhones and iPads store users’ GPS coordinates for a year or more. Phones that run Google’s Android software also store users’ location data. And not only is the data stored — allowing anyone who can get their hands on the device to piece together a chillingly accurate profile of where you’ve been — but it’s also transmitted back to the companies to use for their own research.

Now, cellphone service providers have had customers’ location data for almost as long as there have been cellphones. That’s how they make sure to route calls and Internet traffic to the right place. Law enforcement analyzes location data on iPhones for criminal evidence — a practice that Alex Levinson, technical lead for firm Katana Forensics, said has helped lead to convictions. And both Apple and Google have said that the location data that they collect from the phones is anonymous and not able to be tied back to specific users. But hey remember that movie Eagle Eye? I don’t trust anyone these days…do you?
eagle-eye-movie-29
But lawmakers and many users say storing the data creates an opportunity for one’s private information to be misused. Levinson, who raised the iPhone tracking issue last year, agrees that people should start thinking about location data as just as valuable and worth protecting as a wallet or bank account number.

“We don’t know what they’re going to do with that information,” said Dawn Anderson, a creative director and Web developer in Glen Mills, Pa., who turned off the GPS feature on her Android-based phone even before the latest debate about location data. She said she doesn’t miss any of the location-based services in the phone. She uses the GPS unit in her car instead.

“With any technology, there are security risks and breaches,” she added. “How do we know that it can’t be compromised in some way and used for criminal things?”

Privacy watchdogs note that location data opens a big window into very private details of a person’s life, including the doctors they see, the friends they have and the places where they like to spend their time. Besides hackers, databases filled with such information could become inviting targets for stalkers, even divorce lawyers.

Do you sync your iPhone to your computer? Well, all it would take to find out where you’ve been is simple, free software that pulls information from the computer. Carumba! Your comings and goings, clandestine or otherwise, helpfully pinpointed on a map.

One could make the case that privacy isn’t all that prized these days. People knowingly trade it away each day, checking in to restaurants and stores via social media sites like Foursquare, uploading party photos to Facebook to be seen by friends of friends of friends, and freely tweeting the minutiae of their lives on Twitter.
googlespy-768450
More than 500 million people have shared their personal information with Facebook to connect with friends on the social networking service. Billions of people search Google and Yahoo each month, accepting their tracking “cookies” in exchange for access to the world’s digital information. And with about 5 billion people now using cellphones, a person’s location has become just another data point to be used for marketing, the same way that advertisers now use records of Web searches to show you online ads tailored to your interest in the Red Sox, or dancing, or certain stores.

The very fact that your location is a moving target makes it that much more alluring for advertisers. Every new place you go represents a new selling opportunity. In that sense, smartphone technology is the ultimate matchmaker for marketers looking to assemble profiles on prospective customers.

What do you guys think?

Your private data pays for ‘free’ Facebook and Google

f27895fe8e1eca987fcc75219aaaf944
Free isn’t free. In fact while you read my blog some brand team is probably making notes about the type of materials you have been reading! Yes perhaps Xanga too has some type of tracking.

“The cost of reading the New York Times for free is being tracked. The cost of being on Facebook is being Data Mined,” Peter Eckersley from the Electronic Frontier Foundation, comments came at an event organized by Google at its Washington, D.C., office to mark Data Privacy Day — an international effort by governments and businesses to draw attention to the issues surrounding individuals’ online privacy.

A seemingly constant stream of breaches have given the issue fresh visibility this year, and prompted lawmakers and regulators to consider new mandates aimed at protecting

Google touted the new “two-step verification” option it will be rolling out to all accounts within the next few weeks.

The new opt-in setting gives users a second security wall. When someone logs into a Google account for first time from a new computer, a code will be sent to the phone (typically a mobile, but a landline will also work) associated with the account. That code is required for access — a step intended to keep out intruders who have obtained the account’s password.

Facebook also launched new data protection tools this week. The biggest was a “safe browsing option” that integrates the HTTPS protocol for secure connections. That technical tweak will help solve a gaping hole that lets hijackers grab control of FB accounts accessed through public Wi-Fi hotspots.

“The thing that you should know about ‘http’ is that it’s fundamentally very hackable,” Eckersley said. “If there’s an ‘s,’ you have a good chance of protection against those kind of threats.”

In this case, though, it was a bit like bolting the barn door after the horses have fled. Facebook posted its new security tool the day after Mark Zuckerberg’s fan page was hacked!

Does Mobile Marketing Infringe on Our Privacy?

Naturally, privacy watchdogs answer the question in this post title with a resounding “Yes!” The answer is so emphatic, in fact, that the Center for Digital Democracy and U.S. Public Interest Research Group are filing a complaint with the FTC alleging that mobile marketers collect so much “non personally identifiable information” that it infringes on users’ privacy—and are “unfair and deceptive.”
spy-vs-spy-without-bombs-775529
Mobile devices, which know our location and other intimate details of our lives, are being turned into portable behavioral tracking and targeting tools that consumers unwittingly take with them wherever they go.

(Shh! Don’t tell them the FBI can remotely turn on the microphone of several cell phone brands and convert your phone into a roving “bug” even when it’s off!)
vladimir_putin_blackberry

But is the Internet really private? Should it be?

Is a profile that states that you are interested in outdoor recreation and currently in the Santa Clara, CA, area an invasion of your privacy? And if so, should we ban all outdoor rec stores and centers in Santa Clara from collecting personally identifiable information like, say, a picture of you when you walk in their lobby?

Should we prohibit all employees from asking your name and if you slip and mention it, make sure they never call you by it?

Naturally, there’s a limit to how much information a mobile phone can give marketers (without some sort of lead generation input or opt-in).

As with PC-based behavioral targeting, mobile marketing companies do not typically collect names, phone numbers, email addresses or other so-called personally identifiable information.

But advocates say the information gathered is so detailed that it poses a threat to privacy.

“They don’t need to know a name to know that Mobile User ‘X’ likes to search for fast food, bought a new car recently, and went on the mobile phone looking for a lower-interest credit card,” said Jeff Chester, executive director of the Center for Digital Democracy.

The complaint says that they want the FTC to look into behavioral and geographic targeting in mobile marketing, and require mobile marketers to use opt-ins and to disclose to users how their information is going to be used.
Presently, text-message (SMS) marketing is opt-in, but other forms of mobile marketing, such as search and display, aren’t.

Ultimately, however, it seems that privacy advocates are hoping for a world where we can be “safely anonymous” online, whether we access the Internet from our computers or our phones. But remember, in this world, advertising is no more targeted or helpful than it is on, say, television.

What do you think—is mobile behavioral and geo-targeting an invasion of your privacy?

Yahoo to purge user data after 90 days

I think this is good news…I don’t want everyone to know where I browse but I am sure marketers do.

With U.S. and European regulators and watchdogs worried that Internet companies are compromising users’ privacy by keeping data about online behavior for long periods, Yahoo Inc. said Wednesday that it would shorten that time from 13 months to 90 days.

The retention policy is the shortest among major U.S. search engines and could pressure rivals Google Inc. and Microsoft Corp. to reduce the time they keep information about their users. In September, Google began to remove portions of personally identifiable information after nine months. Microsoft, which keeps such data 18 months, said last week it would support an industry standard of six months.

This policy if it spreads to other companies will hinder the new movements that create a profile of users’ likes and dislikes. Marketers can then serve the advertising that suits a person’s preferences.