Last week’s online privacy fracas-of-the-week was about the revelation that Google (and other advertisers) had learned to circumvent Safari’s settings to let third-party cookies track users more easily. Apple’s browser’s default setting messes with the way advertisers track users.
The gist is this: Cookies are set by the site you’re on, but some allow third-party sites to set a tracking cookie through them. That’s how advertisers (like Google) personalize ads for you all around the Web. By default, Safari allows cookies from the site you’re on, but it blocks third-party cookies. Google and others found a way around that. That sucks… I guess.
For the most part, I’m with my colleague, Dan Rowinski: track me all you want, just don’t think we won’t catch you if you do something wrong. I don’t think Google’s new privacy policy is a big deal. All browsers worth their salt make it very easy to either block cookies or go totally incognito, and Google lets you dump your entire Web history if you so desire. So while I’m public, track me. I’d rather have personalized ads than totally irrelevant ones.
I don’t have a problem with the idea of ad tracking. But this end-run around Safari’s settings has wider implications. I just read a post by Jonathan Mayer at Web Policy about this topic, and he makes some excellent points. There’s a slippery slope here. Even if Google’s tracking is innocuous now, cracking other companies’ preferences sets some bad precedents for users.
“No account, login, or user preference was required for circumvention. The circumvention behaviors affected all users, independent of whether they had a Google account, were logged into a Google account, or had made a choice about social advertising.”
Users who have a Google account can change their Google privacy settings. They can tell Google not to track them, and they can delete their histories. But Google tracks users without accounts, too, and there’s nothing they can do about it.
“Circumvention is not a commonly accepted business practice. We only identified four advertising companies that deployed technology for circumventing Safari’s cookie blocking, and all have since stopped the practice.”
That doesn’t look good.
“Furthermore, a self-regulatory organization for the online advertising industry cites Safari’s cookie blocking feature as a way to stop cookies from advertising companies: ‘[Safari’s] default setting will block all third-party cookies, including those of our member ad networks and those of other, non-member ad networks.'”
And, as Mayer points out, Apple makes it prettyclear that this setting is intended to block ad tracking. Whether or not Google’s tracking is inherently bad, it’s messing with Apple’s user experience without regard for Apple or its users.
But, importantly, Safari has worked this way since long before Google was advertising this way. Apple just wants its users to have this privacy when they’re browsing the Web.
Google argues that its users had “opted to see personalized ads” in their Google preferences, so it thought it was fine to honor those preferences over Safari’s. But first of all, what about people who didn’t have Google accounts? Secondly, why do Google’s Web preferences get to overrule the user’s browser preferences? Google used to say Safari’s default preference “effectively accomplishes the same thing” as opting out of its tracking. As of last Tuesday, that’s gone.
Again, it’s my opinion that Web ad tracking, in and of itself, is not a big deal. But Mayer’s points are important. Google and the three other advertisers who did this (and stopped when caught) were breaking into the agreement between Apple and its users, even when they had made no agreement whatsoever with Google or the others. That’s not kosher.
Lead image courtesy of Shutterstock