Posts about cookies

Do-not-track hypocrisy

Sunday’s New York Times editorializes in favor of Do Not Track and other privacy legislation going through Congress and the Federal Trade Commission. Yet The New York Times itself makes much use of personal, private, and tracking information itself. Indeed, it requires tracking.

The editorial (my emphasis): “Congress should act on the F.T.C.’s recommendation to establish a system that would allow consumers to effectively opt out of all tracking of their online activities. There are other worthy proposals, including the administration’s call for limits on the collection of data about consumers online. Lawmakers have proposed about a dozen privacy bills this year alone. But with Congress stuck in a partisan rut, it is reassuring to see the F.T.C. at work.”

Now read The Times’ privacy policy (and highlights):

* If you subscribe to the print New York Times, the company will sell your name *and address* and other unspecified data to others. “If you are a print subscriber to The New York Times newspaper and subscribed either by mail, phone or online, we may exchange or rent your name and mailing address and certain other information, such as when you first subscribed to The New York Times (but not your e-mail address) with other reputable companies that offer marketing information or products through direct mail.” That’s not opt-in; it’s opt-out.

In Public Parts, I argue that privacy policies in old media have long been far worse than online. Magazines, newspapers, and other recipients of your media money have for years sold information about what you read and consume and who you are and where you live to large data-base companies and marketers. If a library or an online site did that, it would be shot. But The New York Times does that. Want to pass a law about that, Times?

* The New York Times requires that you use cookies. It decrees: “You will not be able to access certain areas of our Web sites, including, if your computer does not accept cookies from us.” So what happens when Congress passes Do Not Track, Times?

In its explanation of cookies, The Times says: “Our registration system requires that you accept cookies from in order to log in to our Web site. Cookies are not spyware, viruses or any other kind of malicious program. For best results, set your browser options to accept all cookies from You can use your browser options to clear the cookies later, if necessary.”

Precisely. You have many means now to get rid of cookies: You can turn them off, kill them at the end of every session or whenever you want, or open a private session (an “incognito” window in Chrome) that relays no data about you. Do Not Track is redundant. It’s political cynicism.

Oh, and The Times — which gathers more personally identifiable data about you than most any other newspaper — could not operate its paywall without cookies.

* Just like other online marketers, The Times uses cookies to target advertising. “The New York Times Home Delivery Web site also transmits non-personally identifiable Web site usage information about visitors to the servers of a reputable third party for the purpose of targeting our Internet banner advertisements on other sites. To do this, we use Web Beacons in conjunction with cookies provided by our third-party ad server on this site.” Would The Times outlaw this essential business behavior? This is how The Times earns its premium rates with branding advertisers.

* The Times hires a number of analytics companies to track your behavior, from the creepily named Audience Science to WebTrends for the web and from Localytics to the fluffily named Flurry for mobile.

* The Times logs what pages you see and uses that to recommend content.

* It logs your location if you use mobile applications.

* It allows third-party ad servers to place cookies on your computer and track your behavior.

Note, too, that The Wall Street Journal, which has been on a Reefer Madness high regarding privacy, also collects personally identifiable information and connects it to browsing history without users’ permission. More hypocrisy.

Mind you, I do not object to any of these tracking behaviors. They are, in my opinion, necessary to pay for the content we get from The Times and The Journal and much of the rest of media. They are used to reduce noise, repetition, and irrelevant advertising and content. They are all-in-all harmless and have been demonized by privacy’s regulatory-industrial complex and now even by The Times. If The Times gets its wish and Do Not Track passes, enabling too many consumers “to effectively opt out of all tracking of their online activities,” then I fear we will get less content or more paywalls or both.

I also argue that media and marketing companies have done a godawful job of letting their customers know what information they were gathering and what they were doing with it and how consumers benefited. They long ago should have learned from Amazon, which reveals what it collects and what results and enables customers to see and control and correct that information (which also only gives Amazon yet more valuable data). So it’s their own damned fault they’ve been demonized, opening the door to the cynical pols and bureaucrats who proposed Do Not Track — and to their allies, such as The Times editorialists, who argue on the basis of nonspecific emotions rather than tangible facts about harm and consequences.

Cookie Madness!

I just don’t understand Julia Angwin’s scare story about cookies and ad targeting in the Wall Street Journal. That is, I don’t understand how the Journal could be so breathlessly naive, unsophisticated, and anachronistic about the basics of the modern media business. It is the Reefer Madness of the digital age: Oh my God, Mabel, they’re watching us!

If I were a conspiracy theorist — and I’m not, because I’ve found the world is rarely organized enough to conspire (and I found this to be especially true of News Corp. when I worked there, at TV Guide) — I’d imagine that the Journal ginned up this alleged exposé as a way to attack everyone else’s advertising business just as its parent company skulks behind its pay wall and surrenders its own ad business. But I’m not a conspiracy theorist. That’s why I’m confused.

The story uses the ominous passive voice of newspaper scare stories: “…a Wall Street Journal investigation has found…” As if this knowledge were hiding. Cookies have been around as long as the commercial browser, since October 1994. Or was that 1984?

The piece uses lots of scare words: “surveillance technology” … “tracking technology” … “intrusive” … “no warning” … “surreptitiously re-spawn” … “rich databases” … “so powerful and ubiquitous” … and my favorite: “targeted ads can get personal” (well, yeah, that’s the damned point).

The Journal acts as if it has discovered a conspiracy of its own: “Marketers are spying on Internet users — observing and remembering people’s clicks, and building and selling detailed dossiers of their activities and interests.” Gasp! Mabel, hide the kids, the Romans Huns Krauts Commies Marketers are coming!

There is absolutely nothing new — thus nothing newsworthy — in what the Journal promises threatens to be a series.

The Journal does measure its own cookies, finding its site moderate (I count 34 Journal cookies on my new Mac and I don’t use the site often) in what it ominously calls an “exposure index.” Mabel: Bring the Geiger counter!

Well, except the Journal is unique because unlike the other sites the story writes about, the Journal has my personally identifiable information! It has my friggin’ credit card number and name and address and phone number as well as my web behavior and it allows me to be tracked by third parties. The Journal has more information about me than ANY of the sites it warns about. And the Journal is owned by a company some people don’t trust. Hmmm.

It’s a fine thing that the Journal also tells readers how to “avoid prying eyes.” And if enough people do that, then the value of the advertising-supported web falls. Without cookies, the effectiveness and price of advertising would plummet as ads everywhere turn into remnant junk (smack the money), reducing revenue for media sites and reducing their content to junk. Hmmmm….

A story like this might also affect policy as the FTC is looking at regulating online advertising and marketing; its chairman, Jon Leibowitz testified before Congress on the topic this very week. Hmmm.

I think the Journal should have told exactly how it places and uses every one of its cookies and beacons and ominous tracking surveillance spying technology. It doesn’t. The story doesn’t even link to the paper’s privacy policy, which says that cookies and beacons and all that scary surveillance/tracking/spying technologies are used at and its affiliates and also by third parties over which the Journal has no control. Opportunity lost.

If I were an advertising-supported site, I’d be aggressively transparent. I’d tell you exactly what we track and what impact that has on what we serve in advertising and content. I’d create an app to read the cookies placed just for you and explain them. I’d give you the chance to correct information. I’d give you the chance to select your own advertising (now that would be valuable). I’d treat this with radical openness.

Otherwise the scare mongers like those regulation-loving, anticapitalist commies at News Corp. will win the day.

: Oh, and I neglected to point out that it was the very same Journal that had the wingnutty story about privacy and RFID tags on our pants, quoting as an expert a woman who thinks that RFIDs are — and I exaggerate not — the work of the devil. What the hell is happening there? Are they going out for drinks too often with their new neighbors at the Post?

: Oh and here’s more scaremongering from the commie Telegraph in London, which equates Wikileaks’ Julian Assange with Facebook’s Mark Zuckerberg. Man, we are in silly season.

: MONDAY: The Journal campaign against digital advertising continues today with a shocking exposé revealing that Microsoft is a business-friendly business that chose not to release its browser with a default that would have killed ad tracking and targeting. Horrors!

Now if the Journal were really a business newspaper still, there’d be no news there. The news would be if Microsoft did not do what was good for revenue.

Here’s a too-metered Microsoft response to the weekend’s follies from the browser team.

Cookie monsters

I feared this: When AOL fucked up — is there any other word for it? — and released what turned out to be personally identifiable information with its data base of search results, I was afraid that the next thing we’d see would be a story once again raising the spectre of privacy with ad cookies. Here’s one. I’m a strong defender of ad cookies because without them and the targeting and efficiency they enable, advertisers would advertise less or pay less or both on the internet, pulling the rug and big out money out from under our beloved new world. And we’d all be getting crappier ads with dancing monkeys. Cookies are good. Search is good. But sometimes, an idiot does something stupid that ruins a good thing. AOL is just such an idiot.

: Fred Wilson’s take here.

Yes companies need to have privacy policies. And yes they need to adhere to them. And yes, they shouldn’t be making public people’s search queries. And yes, consumers should be able to easily opt out of these targeting approaches.
But cookies and stored search queries are good things. They make it possible for web services to deliver relevancy in advertising, something no other media has been able to deliver efficiently and reliably.

The reality is that these targeting approaches, whether they be searched based, behavioral, contextual, or whatever is next, are giving us more relevant ads.

Cookie monsters

The government cookie story is getting stupider by the day. The AP — having naively believed they had some investigative scoop when they discovered that the NSA site, like most every site on earth, sets cookies — now finds that the White House has “bugs”: gifs that let stats software count visitors (like the garish, multicolored thing on the very bottom right of this page). All it does is measure traffic. It is an issue only with the tin-hat society. This is a nonstory born of ignorance and paranoia and now hype.