The Privacy Competition Myth

In his non-book-review of Garret Keizer’s new book, Privacy, “Reason” Magazine correspondent includes this ill-informed quip on privacy:

With regard to modern commerce, Mr. Keizer grumps: “We would do well to ask if the capitalist economy and its obsessions with smart marketing and technological innovation cannot become as intrusive as any authoritarian state.” Actually, no. If consumers become sufficiently annoyed with mercantile snooping and excessive marketing, they can take their business to competitors who are more respectful of privacy. Not so with the citizens of an intrusive state.

There is almost no market for privacy among merchants. Companies learned long ago that raising privacy as an issue backfires–it causes consumers to worry about it rather than feel safe about an alternative product. Whether online or offline, going to a competitor doesn’t increase your privacy, in real or perceived terms. It’s simply too easy to hide invasive practices from consumers.

Our work at Berkeley shows the folly of simply going to a different site in order to have more privacy. Here’s just one example, in our Web Privacy Census, we did a large-scale survey of popular websites in order to assess mercantile snooping and excessive tracking. Of the most popular 1,000 websites, Google trackers are present on 712 of them. Good luck finding a competitor who is more respectful of your privacy.

Comments

  1. #1 Kevin Bonham
    August 16, 2012

    ” Of the most popular 1,000 websites, Google trackers are present on 712 of them. Good luck finding a competitor who is more respectful of your privacy.”

    Depends on what you mean by privacy. Google’s tracking cookies don’t do much to violate privacy as far as I’m concerned – the data isn’t linked to me except in my own browser (or my google account if I’m signed in), and their privacy policy is quite clear.

    On the other hand, when I give money to a political campaign, my e-mail address is then sent around to every other campaign on the same side and my inbox starts getting flooded – I see that as a far more intrusive violation of my privacy.

    The whole rhetoric around internet “tracking” generally strikes me as hyperbolic and uninformed.

  2. #2 Dunc
    August 16, 2012

    Indeed. Here in the EU we now have legislation in force which requires web sites to gain explicit “opt in” for the use of cookies (with some exceptions), which has at least made the matter slightly more visible (for sites and businesses based in the EU). But what’s really interesting about it is that I have yet to encounter anybody offering an “opt out” option – the approach has universally been “opt in or GTFO”, rather than “opt in or lose these features”.

  3. #3 Chris Hoofnagle
    August 16, 2012

    @Kevin, what do you mean by privacy here? The point I’m making is that on the most popular websites on the internet (and most traffic is pretty highly concentrated among the top 500 or so sites) a single company can track you on 2/3 of them. This same company often has your email, documents, etc. If that does not implicate privacy, what does?

  4. #4 Marc Guldimann
    Brooklyn, NY
    August 17, 2012

    @Chris I think what Kevin means is that all trackers are not equal. Beyond the fact that your presence is known on a site, there’s other things to consider:

    – what data is gathered
    – how the data will be used
    – will the data be shared
    – how long will it be kept for

    All of these are factors influence how privacy “friendly” a site is. Just because a site is firing a Google analytics pixel doesn’t mean they are sharing your shopping preferences, demographic information or any other information besides the URL that you viewed with third parties.

    It’s a very likely possibility that sites will compete on privacy practices in the future – see the recent outlook.com positioning that they won’t data mine personal emails as an example.

  5. #5 Chris Hoofnagle
    August 17, 2012

    @Marc, I think the recent outlook.com development is good, but it’s only good in the sense that Gmail is a terribly bad development. If a new email service is offered that says, “hey, we won’t scan your email content,” it’s not exactly a revolution in consumer privacy.

  6. […] The Privacy Competition Myth […]

  7. #7 Matt Schneider
    Westland,Mi
    August 17, 2012

    @chris – I agree on the issue of privacy with regards to most email providers. That’s why I created ThreadThat. Now you can communicate in an anonymous, secure, encrypted manner for free. All you need to use the service is an email address for authentication and notifications. All communications are encrypted end-to-end and are stored on TT servers. For maximum privacy, TT users can control the pass phrases used to encrypt their messages and files.

The site is currently under maintenance and will be back shortly. New comments have been disabled during this time, please check back soon.