Friday, March 13, 2009

Taking a step to resist Google's advertising-based privacy invasions

I run a website that has traditionally run Google's adwords advertisements. I don't get a lot of traffic, but after 5 years of business my adwords account is now up to a handsome $13usd.

Because I run this website, Google emailed me yesterday to let me know that — as an advertiser — my website will need to update it's privacy policy.

Why? Because Google will now be tracking the behavior of individual users via their "interest-based advertisements" in order to better target them with ads. Apparently, this is among the suite of technologies they gained access to by purchasing DoubleClick.

I have to update my privacy policy, now that Google has drafted me to help them invade the privacy of my users. I guess they just don't want me to be caught off-guard and get sued for their actions. Thanks for the head's up there, Google.

So I've researched the matter further. According to this faq item there is no way for a publisher to opt out of this "service". While you might be able to opt out of displaying ads resulting from such collected data, there is no way to opt out of actually helping to collect the data aside from quitting the adwords program entirely. (Well Google, it looks like you'll be cutting me a check for that $13 after all now, doesn't it?)

So, severing that business relationship takes a load off of my mind. Nonetheless, there is still the matter of us consumers. How may we protect ourselves against such behavioral targeting?

Checking Google's FAQ, they recommend that you opt out of their spying with a cookie. Isn't that a clever idea? Use a cookie to ask not to get cookies?

Even this irony is not lost on Google. They know that users like to be able to clear out their cookies, and might find it counter-productive to clear out their anti-cookie cookie. So Google has developed a Firefox plugin to maintain their special cookie, even if you delete all the rest of your cookies.

Of course, this unprecedented insult to the dignity of internet users worldwide begs many questions:

  • Is their plugin secure, or will it mine my computer from an even more tender vantage point?

  • Would it be reasonable to trust Google to maintain this plugin indefinitely? What if it stops working — even by design. How would we even know?

  • Will you be forced to use a browser their plugin is compatible with before you can be protected from their snooping?

  • What if Google can use this one opt-out cookie to perform all of their tracking needs? All it has to be is an identifier keyed against the database in their servers, after all.

  • Should we trust the remedy of our oppression to our very oppressor?

  • Should a user's privacy and dignity be stripped away by default, and only protected voluntarily if we ask nicely enough and jump through some hoops?

I encourage my readers to tip Google's opt-out cup back into their laps. There must be one or many better ways for a user to protect their online privacy. I would like my readers to be able to read what I am saying without fear of being spied upon for example, since Blogger is hosted by Google.. but also because most free blogging platforms presently feature Google or DoubleClick advertisements.

So I will list the counter-options that I am aware of which users can use to defend themselves. I don't have much just now, but I encourage you to post comments (or email me at with better suggestions or clarifications, and I will update this article accordingly.

  • Firefox plugin Ad blocker, blocks most well-known advertising networks, including Google and DoubleClick, and also blocks the dreaded Google Analytics website tracking script.

  • Browser-agnostic proxy-filter Privoxy, you can run this from Windows or Unix based machines. Instruct your browser to use this proxy, and on non-SSL based connections it will actively scrub ad code, scripts, image bugs, and annoyances from web pages.. it also scrubs your outbound HTTP headers for popular personally-trackable data. Unfortunately, from it's vantage point as a proxy it cannot aid with SSL-based connections.

  • Come on guys, help me fill out this list!

So it comes down to us, we must arm ourselves in order to enjoy a relatively non-obtrusive stay on the interwebs. I have never used Ad Block before. I have a firefox bookmarklet that manually squashes visually annoying ads, but aside from that I have not been bothered and I have clicked on advertisements which I have found interesting. That was back when the web was stateless. Now however, it appears as though I'll have to take the step of saying goodbye to advertisements, and tell Google, and every other web-ad provider to take their revenue streams and shove them.

I am sorry, I truly am.. but when you exploit your position in the industry to grind the little guy like so much wheat, I simply cannot defend or support you any more. I will continue to bilk free services from you, Yar Har Fiddle Dee Dee, but I will actively do what I can to protect my privacy. I will junk your advertisements and I will encourage others to do so. I will take, and take pains not to give back. If this attitude is burdensome to you Google, then you ought to change your policies and apologize to your public.. bind yourself procedurally to be kept honest.. or else we will abide until the day that someone who can accomplish that will replace you.


Anonymous said...

Very cogent and passionate post, nicely done!

I'm still making up my mind about this. I share many of the concerns you listed, but I was also impressed with the idea that their plug-in is open source, and hopefully auditable.

Nevertheless, someone will have the watch the watchers, and no doubt they will be volunteers.

Jesse said...

I agree that the plug-in being open source is step in the right direction, however it remains a huge conflict of interest.

It also reminds me of the announced plans to demolish Arthur Dent's house: on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign outside the door saying "Beware of the Leopard."

But, as long as they tried to give us options; isn't that right? ;P

Unknown said...

I agree privacy is a big issue but I think we have to remember that Google is in the business of data mining.

That's not to say that I condone their behavior as it becomes quite overwhelming and staggering to think about everything they DO track. Every product they release is tracking usage data. From the toolbar, Google Apps, Blogger (*wink*), Gmail, iGoogle on down to the personalized search history and Search Wiki. Everything you do is being tracked in some manner and not just by Google. So at the end of the day it begs the question "Does it even matter anymore?" I mean, what are we hiding?

Every savvy webmaster that runs a website is doing a watered down version of the same thing with analytics.

Larger networks target ads to visitors from other "similar" sites based on their previous browsing habits. Isn't that simply higher-targeted ads for the right audience? AdSense is built upon the foundation of serving suitable ad content based on the theme of the website. That theme attracts suitable visitors for those ads. The visitors still, ultimately, hold the keys. They have the choice to click on an ad or not.

I think most browsers of the internet are either too un-savvy to care or even know it's happening OR have gotten to the point of acceptance.

I also think most advertising is much less invasive today than it was in the early days of internet advertising. Those early days caused me to be much more skeptical about what I click on and have impacted my browsing habits overall.

I'm not entirely sure how I feel about the issue. There's definitely arguments for both sides of the room.

Jesse said...

Hey there Mike, good to see you again! :D

I want to thank for your comment, but understand that I will now argue against it: nothing personal; I simply enjoy honest debate :3

First, allow me set the stage regarding a user's privacy expectations online. While it is true that website owners have a wealth of data at their disposal regarding your behavior on their website, they normally draft up privacy policies which act as a disclaimer for how they will dispose of said personally identifiable information and how they keep this information confidential.

This is basically the same as when you buy goods with your credit card number, or when your insurance company stores your SSN on file. They use contracts of various strength and are oft times governed by regulations regarding how they can use said information, who they can share it with, and how it must be secured against hacking and data theft.

With website traffic analysis, the security level is unquestionably lower — but the privacy policy still exists and customers may raise a PR stink or possibly file suit against the website operators for egregious, demonstrable variance from the privacy policy. Also, surfers may choose to avoid websites that are known to have terrible track records with privacy (Facebook, anyone?). Finally, end-users can choose to use tools like ad-block, cookie culler, privoxy, even onion routing to resist unwanted profiling entirely.

Now, modern advertisements run javascript and profile you on display, not on click. You cannot choose whether you are profiled or not by what ads you click on, the very fact that they are displaying means that the ad provider is tracking your every move. Googles advertisements and urchin-based analytics engine take this even a step farther. Google is not simply the operator of the most used website on the planet, but through these services they have ears on the wall of a very large number of other websites as well. More than even a run of the mill advertising network like TribalFusion. They can watch you browse from one website to another website and theoretically can build a very detailed history of nearly everything you do online.

I have known about all of this for years and it has not bothered me. You see, that is not the complaint mentioned in my post.

What bothers me is that, until now, Google's privacy policy (and the policies of the websites they provide services through) have not given them licence to mine that personal data. Perhaps they are mining it internally, perhaps they know a ton of things behind closed doors, but they could not make a return on investment to finance the direct stalking of individual users until this month. They could not legally share data gleaned from such human rights abuse with their advertisers and partners until they went ahead and announced that they are now going to do so.

That is the action that I protest. They are now overtly tracking the behavior of every user who walks through their expanded empire of affiliate websites "in order to better target advertisements". Furthermore, this change invalidates virtually every privacy policy extant, and Google washes their hands of that effect with a quick email disclaimer to all of their affiliates.

Understand that just because "Google is in the business of data mining" does not give them licence to "mine" the activity of individal users. That is an example of a dataset that is not meant to be publicly available. It ought not be searchable or exploitable. The same holds true of any company "in the business" of mining for gold. That industry gives them no right to summarily topple my house and go mining my property too.

I understand that the technology to do this is inevitable and unavoidable, but we are awash in technologies nobody should ideally ever use — nuclear warheads, chemical weapons, biological weapons — just because an organization is armed with a certain technology does not mean we should expect them or tolerate them to utilize it indiscriminately.

You also ask in your comment "Does it matter anymore? What are we trying to hide?" The answers to this are staggeringly varied, but you can easily happen upon them all yourself if you imagine the following hyperbolic hypothetical: Let's say tomorrow you suddenly become famous. A movie star or something, who cares. You're a good egg, you don't do drugs or have wild parties, but now you have to fight through a sea of flash photographers just to get to your car in the morning. You think you have nothing to hide until the tabloids invent a scandal and sprinkle in real facts, until your own family has to question your values and whether the allegations are true since they are now so credible. As humans, we infer the truth of new data from it's consistency with existing well known data. Thus, allowing arbitrary parties to profile you eats away at your ability to demonstrate your identity and trustworthiness to others.

Alternately, imagine you gain superpowers and choose to become a vigilante hero. Do you use a secret identity, or do you allow unsavory people to figure out your mom's home address? As you can see, your personal information overlaps with the personal information of others who trust you to keep it safe from ne'erdowells.

Next, imagine living in a transparent house and walking everywhere nude. Even if you are so secure in your own skin as to not be embarased by this level of openness, you would be arrested for exposure and immodesty. Our social contracts actually require you to keep certain things to yourself.

Finally, what if you publish your SSN, birthday, mother's maiden name, bank account and CC numbers, all of your passwords with detailed instructions of how to log in and all of your employers passwords onto your blog. This covers the first two points over again: you have relinquished most realistic control over your own financial and online identity to people who will abuse it for their own gain. You have also defiled your relationship to your employer who will now be abused similarly, and/or have to invalidate all of your credentials before it's too late.

Most of us don't have to worry about hiding corrupt aspects of our lives against honest people, instead we must hide honest parts of our lives from corrupt people who would exploit them.

Now, is Google honest? I would certainly like to think so, but I do not wish to bet my personal data nor the data I hold in confidence with my friends, employers and clients on that supposition. My philosophy is that even honest people (and companies) should be kept honest by policy and by circumstance. When your peers have no avenue by which to harm you, you are no longer pressured to audit their motives or sew visceral distrust.

Google has crossed that line for me and so now I must operate as though they are my enemy. I use the tools mentioned above to severely hamper their ability to accurately profile me, and probably to cut into the profit they can make from my traffic. I openly encourage others to do the same. I have evicted their services from my personal site, so browsing there does not expose the privacy of my more naive visitors (not that there is much there to profile). I cannot evict them from this weblog, but I can encourage my visitors to at least defend themselves against the profiling that is unavoidably carried out here. I will continue to draw maximal value from their services while providing minimal or inaccurate personal data in return. Sun Zi teaches us to feed our marching armies from our enemies' land as we campaign against them.

So that, in short, is my argument. I simply don't believe there is any argument to be had "from the other side of the room". Companies have no right to break into your home (the analogy of malware and trojans) so too should no company or government have the blanket right to monitor people as they travel and do business outdoors. Why should that be any different online?