Collecting Digital Fingerprints

Not long ago, if you were looking for a new car and suddenly started seeing auto ads everywhere, you might have thought this was a coincidence, or maybe the product of your own increased attention.

But, in the online realm, ad placement is based on pretty much everything except coincidence. Cookies and a variety of other tracking mechanisms allow advertisers, merchants, news services and non-profits to follow individuals’ activities so they can deliver specifically targeted content.

We often know about these mechanisms and appreciate the convenience they provide. Few people are likely to be surprised that Netflix keeps track of what movies they watch (if they watch them through Netflix, that is). Netflix also knows, if I fill out the ratings form, which movies I like best. It uses the information to suggest other titles I might enjoy. I benefit from that service.

Frequently, however, Internet users have no idea that they are being tracked. We browse in ignorant bliss while third parties take note of our viewing proclivities and buying habits, which can then be put to use to sell us sports memorabilia, hype a new restaurant or solicit our donations.

If you are unnerved by this, fear not: The government is preparing to step in. Last month the House Subcommittee on Commerce, Trade and Consumer Protection met to discuss the idea of a data privacy law, a concept championed by the committee’s former chairman, Rep. Bobby Rush, D.-Ill. At around the same time, the Department of Commerce and the Federal Trade Commission both released reports examining ways to regulate data collection on the Web. Both reports discuss the possibility of a “do not track” mechanism, which would allow Internet users to indicate to websites they visit that they want their information to remain private.

Most browsers are already equipped with a privacy mode that temporarily stops them from accepting cookies, caching web pages, or recording the user’s history. But browser-based privacy screens can interfere with websites that need to keep track of users’ activities in order to function fully. Many of the conveniences we take for granted, like forms that fill themselves in, disappear once the privacy shield goes up.

This is why most users enter privacy mode only when they’re doing something, well, private. It’s not altogether surprising that privacy mode is also commonly called “porn mode.” A “do not track” mode could selectively allow information to be tracked to improve the functionality of websites, without allowing that information to be entered into marketing databases – assuming website operators here and abroad respect regulators’ rules.

Privacy modes also fail when it comes to defending against new methods of data mining, including “fingerprinting.” Fingerprinting, a technique being developed by BlueCava Inc., is poised to emerge as a new industry standard. When computers interact with one another – for example, when one computer accesses a website hosted on another – they broadcast a wide array of information about their configurations, including what fonts are installed and what time zones their clocks are set to. This is necessary to ensure that websites display correctly. In fingerprinting, digital surveillance companies use all of this identifying information to distinguish individual computers and other devices as they roam the Web. The surveillance companies can then create profiles of these devices and, by extension, their users. BlueCava has even figured out how to use fingerprinting to link separate devices owned by the same person.

Since fingerprinting doesn’t rely on cookies, existing browser privacy modes don’t work. A “do not track” setting, on the other hand, could potentially be used to indicate to surveillance companies that certain computers’ “fingerprints” should not be kept on file. In fact, BlueCava has said that it intends to build in such an opt-out mechanism. However, despite this stated intention, it has not yet offered an opt-out to the owners of the 200 million devices whose fingerprints it says it has collected so far. There lies the problem with the “do not track” concept: It only works if the companies doing the tracking are willing to cooperate.

Rep. Rush, who introduced a data privacy bill last July and plans to do so again this year, said he is considering including a mandatory “do not track” mechanism. “Through such a mechanism, consumers could advise would-be trackers unambiguously and persistently that they do not wish to be followed by digital snoopers and spies across websites and their various fixed and mobile computing devices,” he said.

Regulation may be neither the only answer, nor the best one. Outlawing certain methods of data collection may simply inspire other, more covert means of surveillance, or drive the surveillance companies offshore and out of the reach of American enforcement. Mozilla Corp., the maker of the popular Firefox browser, recently decided against including a new anti-tracking device with its next version of the browser precisely because it realized the device would prompt data miners to turn to more sophisticated, and potentially more deceptive, means.

Mozilla and other software companies are fairly agile, and able to make changes to their products as needed to anticipate and respond to advances in technology. The government is a bit slower on its feet.

As with many technological problems, the best solution may be technical rather than legal. One possibility might be for some company that is widely trusted by the public to act as an intermediary between users and the sites they visit, preventing users’ “fingerprints” from being lifted. Already, many web-surfers in China and Iran use proxy servers to disguise their online activities and gain access to blocked sites. Similar techniques could be developed to combat marketers’ snooping.

In the meantime, we will have to remember that the only guaranteed way to turn on “privacy mode” is to turn off the computer.

About Larry M. Elkin 525 Articles

Affiliation: Palisades Hudson Financial Group

Larry M. Elkin, CPA, CFP®, has provided personal financial and tax counseling to a sophisticated client base since 1986. After six years with Arthur Andersen, where he was a senior manager for personal financial planning and family wealth planning, he founded his own firm in Hastings on Hudson, New York in 1992. That firm grew steadily and became the Palisades Hudson organization, which moved to Scarsdale, New York in 2002. The firm expanded to Fort Lauderdale, Florida, in 2005, and to Atlanta, Georgia, in 2008.

Larry received his B.A. in journalism from the University of Montana in 1978, and his M.B.A. in accounting from New York University in 1986. Larry was a reporter and editor for The Associated Press from 1978 to 1986. He covered government, business and legal affairs for the wire service, with assignments in Helena, Montana; Albany, New York; Washington, D.C.; and New York City’s federal courts in Brooklyn and Manhattan.

Larry established the organization’s investment advisory business, which now manages more than $800 million, in 1997. As president of Palisades Hudson, Larry maintains individual professional relationships with many of the firm’s clients, who reside in more than 25 states from Maine to California as well as in several foreign countries. He is the author of Financial Self-Defense for Unmarried Couples (Currency Doubleday, 1995), which was the first comprehensive financial planning guide for unmarried couples. He also is the editor and publisher of Sentinel, a quarterly newsletter on personal financial planning.

Larry has written many Sentinel articles, including several that anticipated future events. In “The Economic Case Against Tobacco Stocks” (February 1995), he forecast that litigation losses would eventually undermine cigarette manufacturers’ financial position. He concluded in “Is This the Beginning Of The End?” (May 1998) that there was a better-than-even chance that estate taxes would be repealed by 2010, three years before Congress enacted legislation to repeal the tax in 2010. In “IRS Takes A Shot At Split-Dollar Life” (June 1996), Larry predicted that the IRS would be able to treat split dollar arrangements as below-market loans, which came to pass with new rules issued by the Service in 2001 and 2002.

More recently, Larry has addressed the causes and consequences of the “Panic of 2008″ in his Sentinel articles. In “Have We Learned Our Lending Lesson At Last” (October 2007) and “Mortgage Lending Lessons Remain Unlearned” (October 2008), Larry questioned whether or not America has learned any lessons from the savings and loan crisis of the 1980s. In addition, he offered some practical changes that should have been made to amend the situation. In “Take Advantage Of The Panic Of 2008” (January 2009), Larry offered ways to capitalize on the wealth of opportunity that the panic presented.

Larry served as president of the Estate Planning Council of New York City, Inc., in 2005-2006. In 2009 the Council presented Larry with its first-ever Lifetime Achievement Award, citing his service to the organization and “his tireless efforts in promoting our industry by word and by personal example as a consummate estate planning professional.” He is regularly interviewed by national and regional publications, and has made nearly 100 radio and television appearances.

Visit: Palisades Hudson

Be the first to comment

Leave a Reply

Your email address will not be published.