Computer Ethics, Summer 2011
LT 412; 6:00-9:00 TTh, June 9, Class 6
Read Baase, chapter 3, on freedom of speech
Theories of privacy
email workplace privacy; Smyth v Pillsbury
Loyola email policy
ECPA
advertising and cookies
RFID
SSN & Government
Price Discrimination
Midterm: coming up this weekend?
After last class, I had an interesting if brief conversation with some
of you regarding privacy issues for celebrities. Note that the biggest
practical privacy issue for celebrities is freedom from intrusion.
Former employees sometimes "cash in" and get paid for an inside story;
that's a category unto itself. Actual release of commercial information
appears rare; most firms working with celebrities quickly lose such
clients if they do not safeguard their privacy. Celebrities, of course, are used to the idea of paying for this privilege.
Theories of Privacy 2
Free-market privacy
[Baase 114] The argument here is that our information is something we
have a right to sell. We are informed consumers, and if we want to sign
up for a Dominick's Preferred Card, we have a right to. Similarly, we
have the ability not to share our personal information with websites
that do not have good privacy policies, and Baase has argued that many
websites have as a result of this become very interested in their
privacy policies [Baase p 77, p 104].
Or is it just that companies don't want the bad publicity that comes
with a bad privacy policy plus
an incident?
This approach to privacy means that we just accept that we can't get the
lowest prices and privacy, or
we can't get certain websites without
advertising, or certain jobs without
waiving our rights to certain private information, or use certain
social-networking sites without sharing some of our private information
with the world.
In terms of protection of our personal data in the hands of
corporations, this approach suggests that businesses will protect our
data because they don't want the liability that comes with accidental
release. Specific regulations are not necessary.
Our right to privacy here is the negative
right, or liberty, not to share our personal information.
Question: is it wrong to offer poor people the option of selling away
their fundamental rights? We do not, for example, allow poor people to
sell their kidneys, and we do not allow them to let their children go
to work at age 14. W e do not allow workers covered by Social Security
to take the money and invest it privately.
But we do allow better-off consumers to "sell" some of their privacy in
exchange for lower grocery prices; why should worse-off consumers be
denied this? Or should everyone
be denied this?
Consumer protection and privacy
[Baase 115] The alternative approach is that we need lots of government
regulations to protect ourselves, because we just can't keep track of
all the implications of revealing each data item about us. There should
be rules against keeping certain data, even
with our consent, because society can't be sure such consent is
freely given.
A central idea of regulations is that we are denied
the right to do certain things (eg sell some of our private
information), on the theory that most people will not understand the
full scope of the transaction, and there is no practical way of
separating those who don't from those who do.
Large corporations with our data have an unequal share of the power. We
need fundamental positive rights that say others have an
obligation to us not to do certain things with our data (like share it).
This approach is likely to lead to an "opt-in" requirement for use of private data, rather than an
"opt-out".
Are we hiding something?
Well, are we? If we do not consent to surveillance of everything we're
doing, are we hiding something? The obvious answer is "yes", but are we
hiding something that our neighbors or
the government have a right to know?
Workplace privacy of email
One fairly basic principle the courts have used is whether or not
one has a "reasonable expectation of privacy".
However, this doesn't always mean quite what it seems.
Smyth v Pillsbury, 1996
Summary: Michael Smyth worked for Pillsbury, which had a privacy policy
governing emails that said Pillsbury would NOT
use emails against employees, and that emails "would remain
confidential and privileged". Specifically, Pillsbury promised that
e-mail communications could not be use against its employees as grounds
for termination or reprimand.
Smyth and his boss exchanged emails in which marketing employees
were discussed in an unflattering light. The phrase "kill the
backstabbing bastards" appeared.
Smyth and his boss got fired, based on the contents of their emails to
each other.
Smyth sued for wrongful termination. He
lost.
Circumstances when you CANNOT just fire someone:
- contractual or union protections
- firing for refusal to do illegal acts
- firing for racial, ethnic, & religious discrimination
(civil rights act)
- firing for age discrimination
- whistleblower protection
- Americans with Disabilities Act protections
- employees object to offensive conduct on the part of the employer
- employees were engaging in protected conversation about workplace conditions
Does OWNERSHIP of the email equipment matter? No!!
- ownership of a phone
- ownership of stationery
- ownership of an apartment building
Bourke v. Nissan:
California
similar case: Bourke worked for Nissan; email was reviewed, it was
highly personal,
she got low evaluation. The email probably but not definitively
contributed.
Shoars v. Epson: California
Alana Shoars was involved in email training at Epson. She found
supervisor Hillseth had been printing and reading employee emails. She
objected, and removed some of the printouts from Hillseth's office. She
also reported the incident to Epson's general manager. Hillseth then
had Shoars fired, allegedly because she had asked for a private email
account that was not accessible by Hillseth. Epson had informed
employees that email was "private and confidential". California had a
law prohibiting tapping of telephone lines. The law may have covered
other communications, but that part was dismissed on a technicality:
tapping alone didn't constitute eavesdropping, and the eavesdropping
issue was never brought up.
One fairly basic principle the courts have used is whether or not
one has a "reasonable expectation of privacy".
However, this doesn't always mean quite what it seems.
Smyth v Pillsbury, 1996
Summary: Michael Smyth worked for Pillsbury, which had a privacy policy
governing emails that said Pillsbury would NOT
use emails against employees, and that emails "would remain
confidential and privileged". Specifically, Pillsbury promised that
e-mail communications could not be use against its employees as grounds
for termination or reprimand. Smyth was, however, fired for the contents of his email. He sued for wrongful discharge, and lost.
Federal District Court within Pennsylvania, 1996. Case was dismissed
after a preliminary hearing (not a trial).
The District Court opinion is at http://cs.luc.edu/pld/ethics/smyth_v_pillsbury.html.
Judge: Charles Weiner
Whatever happened to the CONTRACTUAL issue?
Hint: there is a long history of cases upholding "employment at
will" doctrine.
How would the case have been different if:
- Pillsbury had an email policy allowing such access?
- Pillsbury had no policy at all?
Discussion of Smyth v Pillsbury:
Contract v Tort:
Judge held that corporate eavesdropping is not offensive. Duh.
(Could it be offensive because
the company had promised not to??)
Judge says Smyth lost because email was "utilized by entire
company"
and Smyth's emails were "voluntary".
Were they? What does this have to do with anything? The use of the
word "voluntary" is in contrast to mandatory urinalysis cases.
From the decision:
we do not find a reasonable expectation
of privacy in e-mail
communications voluntarily made
by an employee to his supervisor over
the company e-mail system notwithstanding any assurances that such
communications would not be intercepted by management.
...
even if we found that an employee had a reasonable expectation of
privacy in the contents of his e-mail communications over the company
e-mail system, we do not find that a reasonable person would consider
the defendant's interception of these communications to be a substantial
and highly offensive invasion of his privacy.
"Reasonable expectation of privacy" does not mean the search is
"offensive".
Only searches that are "offensive" would allow legal action
regarding
firing of an "at-will" employee.
Judge: Pillsbury's actions did not "tortuously" (that is, in
violation of some tort, or
general non-contractual duty) invade privacy.
unstated by judge: prevention of sexual harassment as
justification. This provides a legitimate "motive" for corporations to
read all employee email. The judge did state
Moreover, the company's interest in
preventing inappropriate and
unprofessional comments or even illegal activity over its e-mail system
outweighs any privacy interest the employee may have in those comments.
Arguably, though, the Smyth kind of talk between "buddies", with
the
self-image projected to fit that context, is EXACTLY what some
interpretations
of privacy are about. Not all context is "professional".
What if Pillsbury recorded spoken water-cooler or bathroom
conversation?
What the heck is a
"reasonable expectation of privacy"???
"In the absence of a reasonable expectation of privacy,
there can be no violation of the right to privacy."
Could Smyth have sued for DAMAGES, instead of reinstatement?
Could Smyth have sued for contractual
obligations?
Footnote to judge's ruling: ["estoppel" is eh-STOP-uhl]
FN2. Although plaintiff does not
affirmatively allege so in his Complaint ...
the allegations in the Complaint might suggest that plaintiff is
alleging
an exception to the at-will employment rule based on estoppel,
i.e. that
defendant repeatedly assured plaintiff and others that it would
not intercept
e-mail communications and reprimand or terminate based on the
contents thereof
and plaintiff relied on these assurances to his detriment when
he made the
"inappropriate and unprofessional" e-mail communications in
October 1994.
The law of Pennsylvania is clear, however, that an employer may
not be estopped
from firing an employee based upon a promise, even when reliance is demonstrated.
[emphasis by pld] Paul v. Lankenau Hospital, 524 Pa. 90, 569
A.2d 346 (1990).
In other words, there is legal precedent for rejecting a lawsuit for
reinstatement that hinged on the fact that Pillsbury had promised not
to examine employee email. Smyth
was careful to phrase his argument in terms of invasion of privacy, but
perhaps the judge thought that was really just trying an end run around
this estoppel rule.
Jurisdiction problems: what if one party to an email lives in a
state
that grants statutory privacy protections? This problem comes up
all
the time with phone calls:
Worldcom case: Plaintiffs were Kelly Kearney and Mark Levy;
they worked for a company acquired by Worldcom. Their calls were
recorded in Georgia, but plaintiffs were calling from California, which
forbids recording without notification of ALL parties. They sued the
Georgia company that made the recordings, in California. They lost at
the trial-court and appellate-court levels, but the California Supreme
Court found in their favor, in principle.
The court found that recording of calls involving Californians that
violated California law could be prosecuted in California no matter
where the recording took place, but also declared that, because this
was a close issue, it would only apply to future cases.
Illinois law similarly makes it illegal to record a phone conversation (or any conversation) without the consent of all parties.
Massachusetts case: jurisdiction depends on where wiretapping
physically took place, not where the speakers were.
How does telephony relate to email?
What is our
expectation of privacy?
What about use of, say, a personal gmail account while at work?
If employer monitors transactions with gmail.com?
If employer obtains email from google directly?
Loyola policy: luc.edu/its/policy_email_general.shtml
(discussed below)
Persistence: email sticks around, although people USE it as if it
were like the phone.
Paul v Lankenau Hospital
524 Pa. 90, 93, 569 A.2d 346,348 (1990)
(PA court Atlantic Reporter
reference 2nd Series, vol 569
Starts page 346, actual reference on page 348)
Dr Parle Paul, MD, would take home discarded hospital equipment.
He would sell it or send it to clinics in Yugoslavia, his homeland.
He got permission to take five discarded refrigerators.
Unfortunately, he apparently did not have the RIGHT permission.
Oops.
He was fired, and filed suit in state court for reinstatement and for
defamation.
A jury trial resulted in a verdict in Paul's favor, both for damages and
reinstatement.
Superior court affirmed. The appellate court reversed the reinstatement
order.
From the appellate decision:
Equitable estoppel is not an exception to employment at-will.
The law does not prohibit firing of an employee for relying on
an employer's promise.
Exceptions to the [at-will firing] rule have been recognized
in only the most limited circumstances, where discharges of
at-will employees would threaten clear mandates of public policy. [some
such: racial/ethnic discrimination, whistleblowing,
refusal to commit illegal acts, unionizing, ...]
Look at this another way. Smyth and his lawyers knew that he could
be fired for any reason, regardless of Pillsbury's promises to the
contrary.
Smyth was asking for application of the TORT of invasion of privacy
to be applied. A "tort" is essentially a common-law right that has
been breached, as opposed to a contractual right.
Tortuous invasion of privacy exists, but the standards
are high and privacy must be a reasonable expectation.
In court cases, you can't add 30% of an argument for equitable estoppel
and 70% of an argument for tortuous invasion of privacy
to get 100% of a case.
ONE argument must be 100% sound.
Who decides when we have a "reasonable
expectation of privacy"?
If most people think email privacy is easy to breach, does it lose
protection? Is this case about the judge not "getting it" that email
privacy is not about "whoever
owns the equipment can do what they want"? Is email any easier to spy on
than the phone?
Bottom line, there is "no reasonable expectation of privacy for work
email"
and they can read it even if they promise not to. Or, if you want to read the decision that way, such a privacy invasion is not offensive enough to warrant interference with the employment-at-will doctrine.
That "even if they promised not to" part fits in with longstanding law regarding
employment-at-will.
Judge Weiner spelled out that exceptions to the employment-at-will
doctrine may only be made for compelling public-policy reasons. Smyth
had claimed that preventing violations of privacy would be a sufficient
public-policy reason. Pennsylvania law defined a tort of "intrusion
upon seclusion" (not exactly the form of privacy Smyth was concerned
with, but close enough), but defined it to mean "intrusion [that] would
be highly offensive to a reasonable person".
The judge then felt that Smyth's situation simply did not rise to
this level. In fact, the judge did not feel that Smyth even had a
"reasonable expectation of privacy".
Judge Weiner did make two somewhat unusual points. First, that "once
[Smyth] communicated the alleged unprofessional comments to a second
person (his supervisor),... any reasonable expectation of privacy was
lost." In other words, something is private only if you keep it
entirely to yourself; no transaction or communication with another
person can ever be private. That theory would appear to strip all phone conversations of
privacy protection. The second point was that the email was voluntary: "we
find no privacy interests in such communications." Again, that would
seem to strip email and telephone conversations of privacy rights.
Do you think this is an example of a case where the judge did not "get it"? Or was Judge Weiner onto something?
Loyola's policy on email
Privacy on University electronic mail systems [1997-1998]
http://www.luc.edu/its/policy_email_general.shtml
In the section subtitled "Privacy on University electronic mail
systems",
seven reasons are given why someone else might read your email:
The University community must recognize that electronic
communications
are hardly secure and the University cannot guarantee privacy.
The University will not monitor electronic mail messages as a
routine matter.
But the University reserves the right to inspect, access, view,
read and/or disclose an individual's computer files and e-mail
that may be stored or archived on University computing networks
or systems, for purposes it deems appropriate. There may arise
situations in which an individual's computer files and e-mail
may be inspected, accessed, viewed, read and/or the contents
may be revealed or disclosed. These situations include but are
not limited to:
- During ordinary management and maintenance of computing
and networking services,
- During an investigation of indications of illegal activity or
misuse,
system and network administrators may view an individual's
computer
files including electronic mail,
- During the course of carrying out the University's work, to
locate
substantive information required for University business, e.g.,
supervisors may be need to view an employee's computer files
including electronic mail,
- If an individual is suspected of violations of the
responsibilities
as stated in this document or other University policies,
- To protect and maintain the University computing network's
integrity
and the rights of others authorized to access the University
network.
- The University may review and disclose contents of electronic
mail
messages in its discretion in cooperating with investigations
by outside parties, or in response to legal process, e.g.,
subpoenas,
- Should the security of a computer or network system be
threatened
Some possible protections (not actually implemented):
Protection against items 5,7:
If your email is examined because we believe your account has been
compromised, any contents implicating you on other matters and
associated
with your legitimate use of your account will NOT be held against you
(except in cases of ????)
Protection against 1:
If your email is examined accidentally or as part of routine system
maintenance, any contents implicating you on any matters will not be
held against you
(exceptions???)
While these would not be enforceable for staff, as at-will employees,
they would be for
- students: really customers
- faculty: if tenured (that is a contract)
Legit: 2, 3 [maybe], 4 [but what grounds for suspicion?]
Item 6 could be clearer that outside investigations must be part of law
enforcement;
Electronic Communications Privacy Act, 1986
The ECPA
was
intended to extend the existing restrictions on government wiretaps to
other electronic communication, in particular email. However, it also
applies to private organizations. It has three exceptions that serve to
limit its applicability to employer monitoring (§2511(2)(a))
- The provider exception (except that a provider .. shall not
utilize service-observing or random monitoring except for ...quality
control checks)
- The ordinary course of business exception
- The consent exception. (c)
Generally, most employer monitoring falls under one of these. Note that
the "provider" exception is a specific feature of ECPA; ownership of
the hardware does not create a general right of access and in
particular ownership of a telephone
system does not create a right to eavesdrop.
Phone surveillance in the workplace
Keystroke monitoring
Location monitoring
Do computers empower workers, or shackle them?
While we're on the topic of ECPA, there is:
Title I, covering electronic communications in transit (USC
Title18 Chapter 119)
Title II, the Stored
Communications Act. (USC
Title 18 Chapter 121)
The latter has much less stringent restrictions. Debate continues as to
the appropriate category for email messages.
ECPA amended the Wiretap Act of 1968.
US v Councilman
Bradford Councilman ran a website that listed rare books; he also
gave email accounts (actually aliases) to booksellers within the domain
"interloc.com" (this might be comparable to amazon.com giving email
aliases to their associated private sellers, or even ebay). However,
Councilman examined these dealer emails in order to develop a
competitive strategy (these emails would show what rare books were in
demand, for example; apparently the real target was amazon.com).
In the case US v Councilman, the government prosecuted
Councilman for interception of email in violation of the EPCA/Wiretap
Act. Councilman argued that he only examined the email as it was stored
on servers temporarily while being
routed to its final destination, and that accessing stored documents
did not constitute
"interception" for the
purposes of the Wiretap Act. The District Court and a 3-judge panel of
the Appellate Court agreed with Councilman's theory. In 2005, however,
the First Circuit court ruled en banc
that, yes, EPCA in-transit rules did apply to data stored temporarily
on disks
(filesystems) as well.
Note that the issue here is not
government access to electronic communications.
Note also that the status of email as it sits in storage remains
contentious.
Email differs technically from voice in that as email is forwarded
to its destination the full message sits briefly on various
intermediate servers. Phone servers store at most a few bits of a voice
stream at a time. The First Circuit ruled very definitively that,
despite the appearance that email was being stored, the practical
understanding was that it was in
transit,
and as such was protected. This is a good example of the courts
rejecting a "technical" argument for the "big picture"; note, however,
that the first two courts to hear the case agreed with the technical
argument.
The full First Circuit decision is at http://www.ca1.uscourts.gov/pdf.opinions/03-1383EB-01A.pdf
United
States v Warshak, 6th circuit
decided June 2007, redecided July 2008
This was a case involving government
compliance with EPCA. Warshak was a spammer promoting "Enzyte" for
"natural male enhancement."
He was a suspect in a (different) fraud case. The government got an
order from a
US Magistrate asking for his email records. The emails were turned
over to him.
Eventually Warshak found out about this:
Warshak: get a search warrant!
US: all we need is
subpoena (much weaker)
- subpoena v search warrant: latter is stronger
- warrant for unopened email,
subpoena for opened?? (stored-document doctrine)
- Subpoenas give you a few days to comply. Warrants do not.
- Subpoenas may or may not be issued by a court!
But for search warrants must
be court-issued
- Search warrants are supposed to describe precisely what is
being sought.
- Phone calls: need warrant
(supreme court Katz v US
case, 1967)
[Patriot Act created some new classes of search warrant,
but the basic principle remained.]
Are subpoena rules for email overly broad?
US argument: users of ISPs don't have a reasonable expectation of
privacy.
This is clear for employer-provided email, though there's no reason to
suppose loss of privacy extends to the government.
But what about commercial email? Here's an imaginary Yahoo Terms-of-service
by Mark Rasch, from securityfocus.com/columnists/456/3
:
Because a customer acknowledges that Yahoo! has unlimited access
to her e-mail, and because she consents to Yahoo! disclosing her
e-mail in response to legal process, compelled disclosure of e-mail
from a Yahoo! account does not violate the Fourth Amendment.
The point here is that because Yahoo has access to your email, the gov't
thinks that all your email should be treated just like any other
commercial records. You have no "expectation of privacy".
The government argued that this case was like the 1976 US v Miller
case, where bank
records were found NOT to be protected. However, bank records are
pretty clearly different from email. For one thing, under the
"transaction" theory of privacy, bank records belong to the bank, as well as to you. Email does not belong, in any sense, to your
ISP.
Stored Communications Act, part of ECPA
email stored 180 days or less: gov't needs a warrant
more than 180 days: warrant, subpoena, or court order
See http://www.usdoj.gov/criminal/cybercrime/ECPA2701_2712.htm
§2703 (a): less than 180 days (b): more than 180 days
Warshak was arguing that the government should need a warrant for ANY of
his email.
District court:
Warshak won. (Quote from full 6th circuit decision)
The court reasoned that Warshak likely
would succeed on his
Fourth Amendment claim because internet users have a reasonable
expectation of privacy in e-mails, and because the orders authorized
warrantless searches on less than probable cause.
3-judge panel of 6th circuit appellate court: Warshak won, June 2007.
The decision was far-reaching, not specific to
the facts at hand. The decision was by a 3-judge panel. From the ruling:
[W]e have little difficulty agreeing
with the district court that
individuals maintain a reasonable expectation of privacy in e-mails
that are stored with, or sent or received through, a commercial ISP.
The content of e-mail is something that the user "seeks to preserve
as private," and therefore "may be constitutionally protected."
October 2007: 6th circuit agrees to en
banc review (whole court)
July 2008: full court ruled that the case was not "ripe": broad question
was not ready to be addressed.
The ripeness doctrine serves to "avoid[] . . . premature
adjudication"
of legal questions and to prevent courts from "entangling themselves
in abstract" debates that may turn out differently in different
settings.
Conventional wisdom as to why the supreme court is not likely to hear
the case:
they would have to find that the case was
"ripe", and they are much more
likely to wait for a case where "ripeness" is more evident.
(See Eugene Volokh, volokh.com/posts/1176832897.shtml)
Traditionally, the courts consider 4th-amendment cases "after the fact".
SMS messages ("text messages")
1. They are often transmitted as cleartext.
2. The government is likely to argue that the 4th amendment does not apply.
3. They are not 'wire communications', and thus escape the Wiretap
Act rule that illegally intercepted messages cannot be used against you.
4. Your local police are not likely to be intercepting SMS messages, but it's always a risk. The ECPA does require a court order.
More at https://ssd.eff.org/book/export/html/23
Online Privacy and Advertising
Standard browser cookies consist of ⟨name,value⟩ pairs, each associated
with a domain (eg luc.edu). Both name and value are provided by the website; cookies do not contain your own personal information.
Cookies may also have an expiration date. If there is no date then the
cookies are deleted when you exit your browser and are called session cookies; cookies with expiration dates are thus persistent cookies.
Secure cookies have a bit set that limits access to secure (https) connections.
All these are forms of HTTP cookies. A specialized form of cookie is
the HttpOnly cookie; these can be requested by the server but not
accessed through javascript. This reduces the threat from so-called
cross-site scripting.
Accessing cookies: in theory a
page from domain foo.org can only access cookies sent from a host
matching *.foo.org. Mostly this is correct, though there are some
peculiarities of domain naming that make this not completely secure.
For example, a host under the control of foo.org may have name bar.com;
alternatively, DNS cache poisoning may make host bad.com appear to be good.foo.org.
Another threat is top-level-domain cookies. Browsers disallow
the use of .com or .org as a cookie's domain, because then bad.com
could set one that might interfere with cookies from good.com. However,
the list of top-level-domains keeps growing, and only the most
up-to-date browsers will recognize all of them.
Cookies were introduced to provide stateful browser sessions,
eg for a shopping cart or an authenticated login. Every time the server
sends you a page, it can first retrieve its cookies, which identify you
and thus identify your shopping cart or the fact that you are logged
in. Alternatives to cookies for stateful browsing include long dynamic
URLs.
Another use for cookies support of site personalization. If you make some settings and expect them to be present the next time you return, it is cookies that make this possible.
Persistent cookies also enable automatic login, eg to facebook.com
after you restart your browser. Persistent cookies, however, also
enable support for tracking.
Originally this meant tracking you as you returned to the site, so that
the site managers could tell how many people returned multiple times;
the original argument that cookies couldn't be used to track you across
multiple sites was based on the idea that site foo.com could not
request the cookies set by site bar.com. However, nothing prevents
sites foo.com and bar.com from sharing information about visitors.
Browsers have allowed users from the late 1990s to refuse to accept
cookies, or to accept them selectively. Generally, however, this makes
sites either completely unusable (eg shopping sites) or practically
unusable (eg because of the need to click OK incessantly).
Third-party cookies are cookies
from a site other than the one in the location bar (either typed by you
or from a link). They arise from some embedded component (image or
frame) from the third-party domain, or simply because the site (eg
loyolaramblers.com) had an affliated or parent corporation (eg luc.edu)
send a cookie. When the third party is advertising.com, or
doubleclick.net, or google.com, they may be on a lot of other pages as
well.
It is third-party cookies that are the dangerous ones, as these can tie multiple web pages together.
Originally, third-party cookies were used to limit popup ads to one per
visit, or to show ads in a particular sequence, or to audit the ads.
But now advertisers use cookies to string together the sequence of
pages you've visited. Or at least that your browser session has visited.
There are also other types of cookies; for example, there are flash cookies sent when you visit sites with embedded flash content, and Document Object Model (DOM) cookies.
Adobe provides an online Settings Manager at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html.
This is, officially, the only way to remove flash cookies, though on my
linux system they are in domain-named subdirectories of
$HOME/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys,
and on winXP they appear to be in C:\Docs&Sets\%USER%\Application
Data\Macromedia\Flash Player\#SharedObjects\*\.
The term zombie cookies
refers to cookies that are recreated (as HTML cookies) from scripts,
based on data found in DOM and Flash cookies. This seems a little
intrusive; zombie cookies are a clear violation of the user's expressed
intent.
Where are your cookies? Where are your flash cookies (*.sol files)? How do you get rid of them?
dictionary.com: famous for
installing flash cookies, but in my own test the site just installed
three or four. Plus some number of regular cookies.
It seems clear that the only reason advertisers use flash and DOM cookies is to get around users who delete cookies regularly.
New trends in advertising
What advertisers really want
is to display ads on your pages that track you (or at least your
interests) across sites. So that if you go to vw.com to look at cards,
and then to cnn.com, the latter will show you ads for VW (hopefully immediately, but at least
eventually). This is so important to advertisers that it has sort of
taken over the industry; clicks may pay twice as much if you can show
the client that the user has clicked previously on related content. Industry wants ads that follow you around as you browse.
For this reason, when you go to a site with forms, or with a search
engine, the site may share with its third-party advertisers some
information about what you have typed in. Generally they do not
share names, addresses, or email addresses, but search content (or what
products you looked at) is generally fair game. For conventional
consumer products this is a no-brainer. If you go to a medical site,
the site may share your interest in arthritis remedies with
advertisers, but perhaps not your interest in herpes or bipolar
disorder. But there are no guarantees.
Google does not share what you enter in the google.com search box with third-party advertisers, but only because there are no third-party advertisers: google is a first-party advertiser.
Here's the question: do you care? In the WSJ article cited below, an ad executive makes the statement
When an ad is targeted properly, it ceases to be an ad, it becomes important information
If the information's use was restricted to
more advertising, would anyamount
of information really matter? Or are there advertising
approaches that, by "knowing what strings to pull to get you to
buy", are
fundamentally unacceptable? Or is it simply that you don't want ads for
alcohol showing up at routine sites, or for ads for a birthday surprise
for another family member showing up when that family member had a turn
on the shared computer?
And is there a special concern if this kind of information became
available directly to interested parties? For example, if employers
could look up your
magazine subscriptions? Or get a general report on your browsing
habits? (This could happen only if the sites were very sure of your
identity.)
The Wall Street Journal ran a series of articles documenting this ads-following-you-around phenomenon; it is at http://online.wsj.com/article/SB10001424052748703940904575395073512989404.html.
With the cooperation of Lotame Solutions, an advertiser, the cookie ID
of Ashley Hayes-Beaty, 4c812db292272995e5416a323e79bd37, describes her
as enjoying
- The Princess Bride
- 50 First Dates
- 10 Things I Hate About You
- Sex and the City
But Lotame did not have Hayes-Beaty's name, apparently, until the WSJ story.
The Journal also makes clear (http://blogs.wsj.com/digits/2010/07/30/analyzing-what-you-have-typed)
that Lotame has website additions ("beacons") that can actually read
what a user types into text fields not "owned" by Lotame. I assume this
is done through javascript. This means that advertisers can harvest
your name, email address, passwords and any credit-card information. No
technical details are provided, but see http://insanesecurity.info/blog/javascriptuserscript-keylogger.
Arguably, keystroke logging is illegal.
Concerned users should consider installing noscript.