Metz0
Chance Metz
Internet Policy and Ethics
Professor Golden
Ethical Dilemma Paper
February 11, 2013

Metz1
Internet tracking on sites like Facebook is very common place these days. It goes on behind the scenes and is rarely noticed by anyone. Advertisers use this info to sell you products. The concern is this an ethical thing to do and what can do the user do about it. That is the point of this paper to understand how internet tracking works and if it is an ethical thing for companies to be doing. If understanding how tracking works has made you uneasy, what can you do about it? Well, if this makes you drastically paranoid, you can disable cookies completely in your browser's settings and avoid the sites listed in the Wall Street Journal's web tracking investigation materials (there's more on that in my previous post, by the way). If you just want a clean slate, you can clear out your existing cookies. But, here's the really bad news: Some of the third-party trackers (including those from
Dictionary.com) use a newer technology called a "Flash cookie," which was initially created to enable media players to remember unique user settings, like your preferred volume, to regenerate a tracker after you've deleted it. You just can't win with those. It's this kind of tracking practice, above all others, this has truly crossed the line from questionable to straight up wrong. If the intrusion of Flash cookies wasn't problematic enough, more particular and troubling privacy issues like what trackers do with information gathered while a user is viewing or inquiring for information about sensitive health topics—are beginning to emerge. According to Healthline Networks,
Inc., another third-party ad network that uses beacon trackers, it does not allow advertisers to track users who have viewed information on conditions like HIV/AIDS, STD's, eating disorders, or impotence, but does let them track users who have viewed information on other health-related topics. The concern that web users could be discriminated against, in a variety of ways, due to the availability of information linking them with certain medical conditions, is very real. The same concern exists with other kinds of potential discrimination based upon race, religion, nationality, gender, income, marital status, creditworthiness, and the like. While redlining and other financial discrimination is already illegal, the law is very fuzzy when it comes to discrimination based
Metz2
upon web-browsing history, or the sequestering of demographically-determined groups into unique price lists.
That's just the tip of the iceberg of concerns that privacy advocates have about unlimited tracking. Unfortunately, we're going to have to wait for legal experts to sort things out before official policy catches up with what is intuitively ethical. In the meantime, I believe that a mid-sized business has very little to gain from engaging with ad networks that collect data far beyond the scope of user activity specific to their website. However, some limited tracking could be helpful to users and marketers alike. Let's say you operate a website for a business services firm, and as part of your marketing you send out a monthly email newsletter dealing in depth with issues related to your firm's core expertise. After the introductory portion of the newsletter, you have a link that readers can follow to read the rest of the article on your website. Knowing the number of readers that click that link is the best way that you can begin to measure the success of your campaign. Most email newsletter tools make those links traceable, so the click through data is easily gathered and reliable. That is limited tracking in its basic form, and is quite acceptable, provided that the recipients of the newsletter have
Opted in.
An additional step in sophistication would be to begin tracking readers that click through from the email to your site, so that you can match their session with other goals you might be interested in measuring, such as completion of contact forms, registration for events, or downloading of assets on your website. Being able to segment those goal completions by unique sessions enables you to more accurately measure the success of your web content strategy and can all be done using very basic, cookie-based, limited tracking. Another example of this type of tracking can help you to match prospects with their initial search engine queries that began their sessions on your site. A tracker that initiates when a user comes to your site from, say, a Google search results page (this could be done for any search
Metz3
engine), would assign that user a unique identification number within a cookie that stores the query they submitted that led them to click the link from Google to your page. From there, the cookie can track their session on your website , noting which pages they view and how long you have been on.
At best, having rich session data can enable you to better serve that prospect if they enter into your lead cycle. At something a little less than best, it can help you to evaluate whether individual pages and calls to action are doing their job effectively. But if the distinction between limited and unlimited tracking is still unclear, ask yourself this:
What question are you trying to answer? Do you need to know more about your site's visitors, or do you need to know more about how your visitors are using your site? Your answer to that question will determine whether you can preserve the trust of your site's visitors. Ask them only what you need to know to serve them better and no more. And above all, don't follow them out the door!
European advertisers fear they will face a huge new obstacle this May when the European Union's
Privacy and Electronic Communications Directive takes effect.
The so-called Cookie Directive will require that users explicitly allow Web sites to leave cookies and other data on their machines, according to Raul Mendez on Chief Privacy Officers.com. It's unclear whether the opt-in requirement will be satisfied by the browser's setting that allows first- and third- party cookies. This uncertainty hasn't prevented some pundits from predicting the end of the world for the European advertising industry, as reported by Tech Crunch Europe's Mike Butcher. Still, the impending deadline makes me wonder what purpose third-party cookies serve for
Web site visitors. First-party cookies have become a necessity. Nearly all major Web services--including
Facebook and Gmail--require them. Most Web users realize that the ads they see on sites are targeted specifically to them based on the knowledge the sites and their advertising partners have collected about them. The companies claim they don't collect personally identifiable information--or at least most of them state so. The success of their ads finances the "free" services on the Web.
Metz4
However I do suggest Web sites shouldn't be allowed to make money. Considering the ads accompanying this post, such a suggestion would be the height of hypocrisy. But there's no law--yet- requiring that individuals help online advertisers maximize their profits at the expense of users' privacy.
Many people will argue that tracking cookies are sufficiently anonymous to pose no serious threat to
Web users' security. Excuse me for distrusting the willingness and ability of any organization to put my need for privacy over their need to meet their goals, which usually entail profits. So if third-party cookies offer no direct benefit to users and can potentially be a threat, why do all the major browser makers default to allowing sites to leave all the cookies they want on your machine? Because the advertisers are their customers and are at least as important to them as users are. A more direct tracker-thwarting approach is to block third-party cookies in the first place. To do so in Internet Explorer 8, click Tools > Internet Options > Privacy > Advanced. Select Block under Third- party Cookies and click OK twice. Turn off third-party cookies in Internet Explorer 8 by clicking Advanced on the Privacy tab of the browser's Internet Options dialog .Firefox 3.6's cookie settings are found under
Tools > Options > Privacy. Uncheck "Accept third-party cookies" and click OK.
Firefox lets you block third-party cookies by unchecking an option on the Privacy tab of the
Options dialog. In Google Chrome, click the wrench icon in the top-right corner of the browser, choose Options, select Under the Hood in the left pane, click the "Content settings" button next to
Privacy, and check "Ignore exceptions and block third-party cookies from being set. "Google Chrome's option to block third-party cookies is accessed via the "Content settings" button in the Under the Hood section of the browser's options.
Note that cookies aren't the only way organizations track the people who visit their sites. The
Wall Street Journal's Julia Angwin took a close look at the various ways Web users are monitored in a series of articles published last summer entitled What They Know. If everyone on the Web blocked third- party cookies, online advertisers' profits might suffer. But just as only a small percentage of people use
Metz5
ad-blocking software when they browse, few Web denizens are likely to bother changing their browser's default cookie settings.
References
1. "HTTP State Management Mechanism – Overview". IETF. April 2011. Retrieved 2-7-2013
2. Penenberg, Adam; Cookie Monsters, Slate, November 7, 2005. "Cookies are not software. They can't be programmed, can't carry viruses, and can't unleash malware to go wilding through your hard drive." Retrieved 2-7-2013 3. "New net rules set to make cookies crumble". BBC. 2011-03-08. Retrieved 2-7-2013 4. "Sen. Rockefeller: Get Ready for a Real Do-Not-Track Bill for Online Advertising". Adage.com. Retrieved 2-8-2013 5. Vamosi, Robert (2008-04-14). "Gmail cookie stolen via Google Spreadsheets". Retrieved 2-7-2013 6. Schwartz, John (2001-09-04). "Giving Web a Memory Cost Its Users Privacy". The New York Times. Retrieved 2-8-2-13 7. Kesan, Jey; and Shah, Rajiv ; Deconstructing Code, SSRN.com, chapter II.B (Netscape's cookies), Yale Journal of Law and Technology, 6, 277–389 Retrieved 2-8-2013 8. Kristol, David; HTTP Cookies: Standards, privacy, and politics, ACM Transactions on Internet Technology, 1(2), 151–198, 2001 doi:10.1145/502152.502153 (an expanded version is freely available at arXiv:cs/0105018v1 [cs.SE]) Retrieved 2-8-2013 9. "Press Release: Netscape Communications Offers New Network Navigator Free On The Internet". Web.archive.org. Archived from the original on 2006-12-07. Retrieved 2-8-2013
10. "Usenet Post by Marc Andreessen: Here it is, world!". Groups.google.com. Retrieved 2-8-2013