Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy Businesses The Internet

Detailed Privacy Study Finds Loopholes Galore 126

BrianWCarver writes "The San Francisco Business Times covers a study by student researchers at UC Berkeley's School of Information pointing up the massive holes in privacy policies and protections of which US companies take advantage. The researchers have released a study and launched a Web site, knowprivacy.org, in which they found that Web bugs from Google and its subsidiaries were placed on 92 of the top 100 Web sites and 88 percent of the approximately 394,000 unique domains examined in the study. This larger data set was provided by the maintainer of the Firefox plugin Ghostery, which shows users which Web bugs are on the sites they visit. The study also found that while the privacy policies of many popular Web sites claim that the sites do not share information with third parties, they do allow third parties to place Web bugs on their sites (which collect this information directly, typically without users' knowledge) and share with corporate 'affiliates.' Bank of America, to take one extreme example, has more than 2,300 affiliates — and users cannot learn their identities. The full report and more findings are available from their Web site."
This discussion has been archived. No new comments can be posted.

Detailed Privacy Study Finds Loopholes Galore

Comments Filter:
  • Guilty as charged (Score:4, Insightful)

    by alain94040 ( 785132 ) * on Tuesday June 02, 2009 @08:40PM (#28190685) Homepage

    Agreed. Trackers such as Google Analytics and more have been around for years. But now it's getting even worse with the flurry of URL shorteners. Not only can't you see what the real URL points to, its main purpose is to track, track, track.

    Personally, I don't believe it makes sense to have a web completely free of "web bugs". I'd rather have some pretty strong laws, along the lines of the presumption of innocence, so that anything collected about you can't possibly be used against you if it was obtained "by chance". That would be a start.

    --
    escape the corporate world, code for fun and profit [fairsoftware.net]

    • by orngjce223 ( 1505655 ) on Tuesday June 02, 2009 @08:53PM (#28190827)

      Here's the thing. People don't *want* to be tracked across websites. (Just like they don't *want* to see ads at all... but I digress.) The equivalent is the local store providing a small button-sticker, without your permission, at the door that not only lets their associates direct you to sections you might actually be interested in, but track you via GPS into other stores to see what you buy. And I mean you can take them off later (delete the cookies and all that), but then every other store provides the exact same sticker and some require you to present the sticker at every counter for service. It's something that a paranoid would probably say already happens, but the fact is, that this is turning us *all* paranoid. I don't like being paranoid.

      On the other hand, Mr. President Obama has kept quiet on privacy, so we don't even know what his stances are on this issue...

      • ...and so what? (Score:3, Insightful)

        by raehl ( 609729 )

        I have Google Analytics on my websites. It gives me lots of useful information about my users in a format that is easy to understand. But, about the only thing it tells me that I couldn't discern from the server logs is where people link in from.

        Now, this does mean that Google gets a record of when an IP address visited my server and what page they looked at. Is this an invasion of privacy? I don't think so. What's the worst that is going to happen? Google sells my browsing habits so that companies I

        • Re: (Score:3, Insightful)

          by jimmyswimmy ( 749153 )

          In my mind it's enough that Google is able to understand how my thought processes develop by tracking search queries - which is an overt and expectable result when I tell them what I'm looking for. And since they present the results to me, they also get to see which ones are appealing, both by me clicking on the result link (and thereby telling them which one I have clicked) as well as by whether I return for a similar search, or a search which takes me down a related tangent.

          But I don't care for the idea

        • Re: (Score:3, Informative)

          by X0563511 ( 793323 )

          ... that I couldn't discern from the server logs is where people link in from.

          Hrm, strange. You would think your server would both be able to read and log the Referer [w3.org] request header.

          • Hrm, strange. You would think your server would both be able to read and log the Referer request header.

            It would, if the client is kind enough to send it, which it may not be. But if a web bug exists on the referring and target pages, that data is obtained regardless of whether the client sends it.

            Regardless, you can only count on your server logs to present you accurate data if it's server-generated data. Number of hits in a given time-frame from a particular IP, yes. Website referrals? No.

        • by Anonymous Coward on Tuesday June 02, 2009 @09:58PM (#28191253)

          Those are excellent points.

          BTW, from your recent purchasing history on one of our affiliate sites we've noticed that you are interested in laxatives. May we suggest "Stool-Max" (tm), the new and improved laxative to provide 24 hours of continuous relief? Many customers who are fans of Bon Jovi like yourself, have benefited from this breakthrough product.

          • 24 hours of continuous relief

            But hold on a second... exactly how continuous is the relief?

            Is there an intermittent-relief version? Maybe every 60 minutes or so?

          • by AmiMoJo ( 196126 )

            The parent jests, but this sort of thing has been happening for years. The example I always remember is Tesco (biggest supermarket chain in the UK):

            Tesco noticed that men who bought baby products often also bought beer or wine in certain stores. Turns out young fathers could be tempted rather easily into buying alcohol if you just put it next to the baby products. Well done for encouraging responsible parenting.

            Maybe the /. crowd is immune to that kind of manipulation, but clearly large sections of the popu

            • "Tesco noticed that men who bought baby products often also bought beer or wine in certain stores. Turns out young fathers could be tempted rather easily into buying alcohol if you just put it next to the baby products. Well done for encouraging responsible parenting."

              I don't get your point.

              Isn't alcohol pretty much a requirement if you have kids to raise?

              God knows..when I've been to people's homes that have kids, I can't take it too long without a drink or two, and I don't have to live with it 24/7.

              :

              • by h4rm0ny ( 722443 )

                Isn't alcohol pretty much a requirement if you have kids to raise?

                Yep. That's how my parents kept me quiet as a baby, too. ;)

        • Re:...and so what? (Score:5, Insightful)

          by martin-boundary ( 547041 ) on Tuesday June 02, 2009 @10:31PM (#28191479)

          Is this an invasion of privacy? I don't think so.

          See, the problem is that my privacy is none of your business. I don't care what you think is acceptable to me. Speak for yourself.

          If a surfer visits your site, they have a certain expectation of viewing your content. Now you've decided to share that two-way communication with a hidden third party, who offers you a service (so far so good) in exchange for access to the visitors (that's the problem). Your visitors have not entered into any relationship with the third party, and are not getting any service from them. So why are you letting them get milked?

          Think of it this way: Do you carry a hidden tape recorder in your pocket so that you can record all your conversations with your friends and colleagues, just because the weird guy down the street is paying you 10 bucks a week to let him listen in on anything he likes? Would you consider that acceptable behaviour from any of your friends and colleagues?

          • You're exactly right, your privacy is none of my business. So don't expect me to take care of your privacy!

            If a surfer visits your site, they have a certain expectation of viewing your content.

            Indeed. And they will get the content.

            Now you've decided to share that two-way communication with a hidden third party,

            I did no such thing. I placed a link in my page to the third party. Your web browser, running on your computer, executed the link to the 3rd party and provided the data.

            who offers you a service (s

            • by h4rm0ny ( 722443 )

              You're exactly right, your privacy is none of my business. So don't expect me to take care of your privacy!

              The site is the one that is breaking people's privacy, therefore your reasoning is flawed: "don't expect me to take care of your privacy" implies that it is mere inaction on the site's part and that they thus aren't obliged to help. But it is actually active behaviour on their part - the referring of information on you - that violates privacy.

              As to whether code is running on the client PC, just how

            • Re: (Score:3, Insightful)

              Now you've decided to share that two-way communication with a hidden third party,

              I did no such thing. I placed a link in my page to the third party. Your web browser, running on your computer, executed the link to the 3rd party and provided the data.

              Next time someone complains about legalese, think of this sort of shmuck.

            • Now you've decided to share that two-way communication with a hidden third party,

              I did no such thing. I placed a link in my page to the third party. Your web browser, running on your computer, executed the link to the 3rd party and provided the data.

              This is splitting hairs. By placing a google analytics web bug on your page, Google becomes your agent from the user perspective. They go to Your page, they expect, and accept, everything there as Yours. If you have a privacy policy that says you don't share any information with 3rd parties, you may feel secure with the legal nicety that you don't actively send any information to google, but your visitors will be confused as to how a 3rd party comes to know all about their visit to your site.

              If I can use

            • Now you've decided to share that two-way communication with a hidden third party,

              I did no such thing. I placed a link in my page to the third party. Your web browser, running on your computer, executed the link to the 3rd party and provided the data.

              By that logic, your website can link to a drive-by virus install (it can even host the virus itself), and it is not your responsibility in any way if the user becomes infected as a result -- after all, it was the user's web browser which downloaded the virus code, and the user's web browser/OS that allowed the virus to execute. I, and I think most people, would say that logic is pure garbage. Here's my take:

              I would say you *are* responsible for the content/expected behavior of your website, including t

            • You're exactly right, your privacy is none of my business. So don't expect me to take care of your privacy!

              You misunderstand. You are in a (third party) business relationship (ie with GA) that happens to be exploiting my privacy. It isn't that you're expected to take care of my privacy, you're expected to not exploit it by selling it to someone else without my knowledge or consent.

              I placed a link in my page to the third party. Your web browser, running on your computer, executed the link to the 3rd

          • See, the problem is that my privacy is none of your business.

            ...

            Your visitors have not entered into any relationship with the third party, and are not getting any service from them. So why are you letting them get milked?

            You are quite correct, your privacy is none of his business, so why are you bitching at him for taking advantage of your lack of due diligence and responsibility for your own privacy?

            Your privacy is not his responsibility.

            • You are quite correct, your privacy is none of his business, so why are you bitching at him for taking advantage of your lack of due diligence and responsibility for your own privacy?

              Yeah, because that would be like criticising confidence tricksters for taking advantage of a person's trusting nature. Or condemning muggers for taking advantage of people who never studied the martial arts. What sort of word would we live in if we gave people a hard time, just because they don't give a wet slap about anyone

              • If you walk around naked, you can't complain when people look at you.
                • If you walk around naked, you can't complain when people look at you.

                  On the other hand, just because someone is naked, that doesn't necessarily mean that staring at them is acceptable behaviour.

                  And, to be fair, this isn't just looking. This is more like taking photographs of the naked, without their knowledge or consent, and then to sell those photos to third parties.

                  I think that probably would be cause for complaint in anyone's book. Well, anyone not involved in the porn industry, anyway.

                • One more thing - the "naked" argument works (to the extent that it does) because people who choose to go naked in public are stepping outside the social norms.

                  The trouble is that the people who are "naked" to web bugs are the norm. And they have a reasonable expectation not to be spied upon.

          • See, the problem is that my privacy is none of your business.

            Ah, but you make it their business when you come into their store/visit their website. If you don't like it, don't patronize those places.

        • the only thing it tells me that I couldn't discern from the server logs is where people link in from.

          Let me guess, you forgot to turn on your referrer logging?

        • Now, this does mean that Google gets a record of when an IP address visited my server and what page they looked at. Is this an invasion of privacy? I don't think so. What's the worst that is going to happen? Google sells my browsing habits so that companies I already have a business relationship with send me targeted advertising? OH NO

          Google doesn't sell that info. They use it internally to improve their advertising services, which in turn raises its value, and allows them to charge more for their services.

          Microsoft and Yahoo sell stuff to the highest bidder. And I'm sure most other companies doing this are as well.

          Thankfully privacy is one issue Google seems to be respecting. Thus far they haven't done anything nefarious with the info they collect. They even refused to turn tons of it over to the government.

          • Re: (Score:2, Insightful)

            by nitroyogi ( 1471601 )

            Google doesn't sell that info.

            Thus far they haven't done anything nefarious with the info they collect. They even refused to turn tons of it over to the government.

            Can you prove what you say? As authoritatively as you say it?

            Google has brainwashed many people with its strangely inscrutable "Don't be evil" campaign. So much so that those folks start dreaming divine fantasies about Google's impeccable loyalty to its dear beta customers' rights online. And start making statements that make remote business sense but none too practical. Keep an open eye on both sides of Google. Its not a saintly or charitable venture. Its just lesser of the evils.

        • by seramar ( 655396 )
          If I write an email to you, out of the blue, but it is personalized, it is allowed. I can not spam you - that is illegal and pertains to mass mailing using mailing lists and form letters. But if I sit down and take the time to write an email to you there is absolutely nothing wrong with that, nor illegal, even if we do not have a prior business or personal relationship.
      • by BitZtream ( 692029 ) on Tuesday June 02, 2009 @11:26PM (#28191817)

        You do realize this already happens right? And stupid people play into it. Those retarded 'club' cards for every freaking grocery store, sporting goods store, (insert store type here) store. The price you see on the label is always the 'club' price, which you pay more if you don't use their 'club' card. They send you directed advertisements in the mail and design the store displays and advertisements to direct you to the place in the store where they think they can upsell you the most.

        The only people turning paranoid are geeks too stupid to realize they have been able to do this for years and it doesn't just happen on the Internet. 'Web bugs' are nothing new, you've just been too dumb to notice them in the past.

        'People' don't CARE if they are tracked. Slashdotters freak out about it. If people gave a damn they wouldn't be so happy to sign up for those cards. They KNOW they are being tracked cause most of them happily send you reports regularly telling you what you've spent your money on.

        You guys need to pull your eyes off the monitor for a few minutes and stop thinking that everything on the Internet is new. Most of it isn't, not be a long shot, its just a variation on some scam from else where.

        If you actually were worried about being tracked you'd use cash and never buy anything off the Internet.

        • by Jurily ( 900488 )

          If you actually were worried about being tracked you'd use cash and never buy anything off the Internet.

          I do. My bank account is waaaay overdrawn to be of any use :)

        • Stupidity... (Score:2, Insightful)

          by Velska1 ( 1435341 )

          'People' don't CARE if they are tracked.

          You may be right that most people don't. Most non-geeks I know have a hard time figuring how much their groceries are going to cost when our VAT rate goes down (now why is there VAT on groceries in the first place? Don't get me started...) or how much their paycheck is going to grow when the employer withholding tax goes down. They care what reality shows are most popular or who wins Idols or whatever.

          But that doesn't change the fact that they should. It's one thing to be a member of a consumer co-op and bu

          • Furthermore, imagine if a perfectly legal hobby were to be criminalized -- retroactively -- say, by a new government elected in a wave of frenzy about national security (totally hypothetical, I know but bear with me). Now if that had been my hobby, I would be a sitting duck for the newly created national security cop unit. I may be a perfectly law-abiding citizen perfectly willing to forgo a hobby if my government tells me it endangers the national security, but I would already be a criminal.

            That law would be unconstitutional. The hypothetical situation you suggested would require a coup d'état in the US.

            "No bill of attainder or ex post facto Law shall be passed. "

            see: http://en.wikipedia.org/wiki/Ex_post_facto_law#United_States [wikipedia.org]

            or: Article 1: Section 9 of US constitution - http://www.law.cornell.edu/constitution/constitution.articlei.html [cornell.edu]

        • by h4rm0ny ( 722443 )

          We get it - we're a bunch of Cassandras.

          Cassandra was also right.
        • 'Web bugs' are nothing new, you've just been too dumb to notice them in the pst.

          Actually, I noticed them in the past and I didn't like them then, either. Nice to see the bad news reaching a new set of surfers though.

          'People' don't CARE if they are tracked

          Actually, by your own argument, most people don't know they're being tracked. And in my experience, when they find out, a lot of them freak out. Which is more of less what you're seeing here.

          Incidentally, why the quotes around "people"? Do you feel t

        • by skeeto ( 1138903 )

          They send you directed advertisements in the mail

          If one was foolish enough to give them a real address, or any address at all.

          I once moved into an apartment where they had the grocery store club card attached to the keys, left behind from the previous tenant. That card may have even passed through the hands of many different tenants, blurring their data collection. From the store's point of view, the owner of the card was severely changing purchase habits frequently.

          Maybe we should all swap grocery store cards regularly to keep the benefits while anonymiz

        • You do realize this already happens right? And stupid people play into it. Those retarded 'club' cards for every freaking grocery store, sporting goods store, (insert store type here) store.

          Every place I know uses a phone number optionally. Just make one up until it works.

      • by Jurily ( 900488 )

        And I mean you can take them off later (delete the cookies and all that), but then every other store provides the exact same sticker and some require you to present the sticker at every counter for service. It's something that a paranoid would probably say already happens, but the fact is, that this is turning us *all* paranoid. I don't like being paranoid.

        Sounds just like my credit card. Except it's not mandatory yet.

      • On the other hand, Mr. President Obama has kept quiet on privacy, so we don't even know what his stances are on this issue...

        What the fuck does Mr. Obama's stance on privacy have to do with this? He's the president, not king. He doesn't really have any say in the matter, believe it or not.

      • People don't *want* to be tracked across websites. (Just like they don't *want* to see ads at all... but I digress.) The equivalent is the local store [...]

        And what if the local store was doing something like that? How would you respond? I imagine, by very simply not going to that store again. Well, same thing with websites.

    • Yeah, it's one thing if they stick a cookie on your computer saying "He logs in as lavacano201014, and he gets the password right", or "I've been here before, don't count me as a new visitor". It's like those events where they stamp your hand to show "You've paid, you just went outside for a smoke". It's another thing if they record personal information that you'd rather keep to yourself. It's like forcing them to tattoo your name and Social Security Number to your forehead and both arms. Do you really wanna wander around with "I'm John Johnson, my SSN is 555-55-5555"? That's my stance. Of course, if you really DO want to wander around like that, none of my business.
      • If you'd rather keep your SSN to yourself, then... don't enter your SSN on any websites?

        Exploits aside, cookies can't be used to share information between websites, so even if a site you trust decides to do something retarded like store your SSN in a cookie, other sites can't access it.

        Or was the reference to your Social Security Number just a bad example and you were really thinking of other things that can be automatically collected? Most of that isn't particularly private though, and can be altered if yo

      • Re: (Score:3, Informative)

        by Aram Fingal ( 576822 )
        You're right but storing personal info in the cookie itself isn't the way it's normally done. More often, they store something like visitor#42383645934568125 which is a database key. Your personal info is in their database and not in the cookie. Part of the problem with web beacons is that they effectively allow different sites to share the same database key. This wasn't supposed to happen with cookies which are restricted to being read back only by the same site that set them in the first place. Web beacon
    • Re: (Score:3, Insightful)

      by Aram Fingal ( 576822 )

      Personally, I don't believe it makes sense to have a web completely free of "web bugs"...

      Why? Why can't advertising work on the web without tracking? Advertising in newspapers, television and radio doesn't track people and that has worked just fine for many many years.

  • by Torodung ( 31985 ) on Tuesday June 02, 2009 @08:43PM (#28190717) Journal

    The law: this is the thing that really deserves this tag.

    Defective by design, my friends. You have no privacy from the powerful.

    --
    Toro

  • by Anonymous Coward on Tuesday June 02, 2009 @08:46PM (#28190755)

    What the fuck did you expect? If you want "privacy", stay home. Oh, wait.

  • by Krneki ( 1192201 ) on Tuesday June 02, 2009 @09:07PM (#28190925)
    NoScript can stop most of the scripts running in the background when you visit a web page.
    https://addons.mozilla.org/en-US/firefox/addon/722
    • by AnalPerfume ( 1356177 ) on Tuesday June 02, 2009 @09:18PM (#28190987)
      A decent cookie policy helps too. CSS Lite along with a "deny all cookies" default works wonders in that regard. Then just like NoScript you van allow them temporarily or permanently on an individual basis when a site you need demands them.
    • by spottedkangaroo ( 451692 ) * on Tuesday June 02, 2009 @09:30PM (#28191047) Homepage

      There are three main strikes against noscript though... 1) it's irritating and doesn't necessarily protect against 1x1 pixel or iframe attacks anyway; 2) it sucks and breaks things like OpenID, which are necessarily cross site scripting; 3) the guy's a total fuck head (see adblock).

      • by drinkypoo ( 153816 ) <drink@hyperlogos.org> on Tuesday June 02, 2009 @09:52PM (#28191185) Homepage Journal

        1) Use adblock pro and it will whack most of those 2) You can enable sites one by one if you need OpenID, ReCAPTCHA, etc 3) This part is true :(

      • Isn't that OpenID crap annoying? That was the deciding factor in me using Wordpress rather than Blogger.

      • "the guy's a total fuck head (see adblock)."

        I see you're the forgiving sort. When someone makes a mistake, owns up to the mistake after the backlash hits, fixes it and apologizes, you do the honorable thing and condemn him as a fuckhead. Well done, do you feel better now? Out of curiosity, did you learn this forgiving compassionate approach from the Church?
    • noscript has lost my trust forever and i won't ever use it again.

    • Yea, thats all fine and good, but contrary to popular belief no script doesn't prevent them from starting, sometimes it does, but not always, it is entirely possible for them to load and have you tracked BEFORE noscript has a chance to stop it.

      You noscript people rant and rave about how awesome it is and have absolutely no clue how it works.

      • Troll forgot to tick Post Anonymously?
      • no script doesn't prevent them from starting, sometimes it does, but not always, it is entirely possible for them to load and have you tracked BEFORE noscript has a chance to stop it.

        Which is one reason most the major offenders are disabled in my hosts file.

        You noscript people rant and rave about how awesome it is and have absolutely no clue how it works.

        What's the matter? Did NoScript steal your lunch money or something?

        • Alright, normally I steer clear of these little fanboi-type fights but was that last bit really necessary? Way to be a mature adult! Sure, the GP could of been a little more diplomatic in saying that a lot of NoScript advocates don't know what they are talking about (just like many fans of many other things, from OS to car analogies). He was abrasive, but he wasn't trolling and he wasn't starting a flame war like your inflammatory comment can be seen as trying to do.

          Back on topic: NoScript is not perfec

          • Alright, normally I steer clear of these little fanboi-type fights but was that last bit really necessary?

            I thought it was reasonable given the tone of the post to which I responded.

            Furthermore, I think its a fair question. This isn't like the endless Mac/Windows/Linux wars where each side slams the others' systems in order to promote their own. This is someone getting angry and bitter and resentful about a piece of software that is by his own admission, mostly very useful.

            So I have to wonder what his

    • by skeeto ( 1138903 )
      Ever since the author of NoScript decided to turn it into malware and attack my computer, I stopped using it. Any alternatives?
      • He turned it into malware and attacked your computer? Wow, you must be speshul.

        Meanwhile back at reality, he overstepped his boundaries and modified ABP to exempt his sites from the blocklist so adverts would show, a furore erupted and he released an update removing that change and apologized. Unless there's some other story you could point to and give us links for, this does NOT constitute either "malware" and it does NOT "attack anyones computer".

        If you're looking for alternatives, first I'd suggest you l
        • by skeeto ( 1138903 )
          He used my trust to secretly (he obfuscated the code in order to hide it) make modifications to cripple/damage another program (ABP) without my consent. He had to apologize because it was perceived by many people as an attack. From Wikipedia,

          Malware, a portmanteau from the words malicious and software, is software designed to infiltrate or damage a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

          According to Wikipedia's definition, which seems pretty good to me, NoScript was briefly malware and so he broke that trust. It fits the definition perfectly. Only naive children would continue to trust someone who did something like that, and grown-ups would think twic

    • NoScript is completely ineffectual against even passably mediocre tracking technologies. I mean, I can think of at least a couple of ways to bypass NoScript without breaking a mental sweat.

      Let's see...

      Request comes to web server. Web server gets IP address, referrer (or referer [wikipedia.org] if you're the W3C). That immediately goes into a database, along with a unique GUID that then gets appended as a variable to every link on my page. This can either be done GET-style as a URL parameter...

      http://slashdot.org/~Civil [slashdot.org]

  • very public spirited of them.
  • How Ironic... (Score:2, Interesting)

    by lag10 ( 667114 )

    How ironic that a school without sufficient knowledge to protect its students from identity theft lectures the world on personal privacy.

    A number of student Social Security numbers were leaked not too long ago.

    Here's the article [yahoo.com]

  • by swb ( 14022 ) on Tuesday June 02, 2009 @09:49PM (#28191155)

    Why do we keep having studies like this? It's like having more studies to prove that gravity will cause a rock to drop on the ground; it's pretty well understood without having to have yet another study remind us that given even the slightest chance to lie, cheat or steal, corporations will willingly and vigorously lie, cheat and steal.

    While I'm not "old" I am, at 42, at the point where I just tune out anything a corporation tells me. It's all bullshit. All of it. And I often ask myself why I don't make every attempt to rip them off as often and as completely as I can -- just fuck off being honest, all you get is ripped off anyway. There is no "fair" or "middle ground", it's just "how badly do you want to get lied to/cheated/ripped off?"

    In spite of this and in spite of my equally strong cynicism that government can "fix" this, why don't we treat these corporate fucks properly?

    For so many of these frauds, jail just isn't good enough, or it doesn't provide the right life lesson. These people need to know just exactly what the shit end of the stick feels like. Here's a suitable punishment for corporate malfeasance:

    1) Corporate thief *and* immediate family, including wives divorced after the initiation of fraud, stripped of ALL personal possessions, property, real estate and financial assets. YOU MAY NOT EVER PROFIT FROM YOUR CRIME NOR ENRICH YOUR FAMILY. YOU HAVE LOST EVERYTHING. FOREVER.

    2) Forced to live a residence in a neighborhood with at least 50% of the population at or below the poverty line. POVERTY SUCKS.

    3) All family members required to work at a job which pays no more than 2x the poverty wage for whatever size family they consist. Any money earned over this amount is forfeited. YOU WILL NEVER GET AHEAD OR EVEN CATCH UP.

    4) No financial or material support of any kind from the outside, including support in-kind (free rent, forgiven debt, etc). AND NOBODY WILL HELP.

    • While I'm not "old" I am, at 42, at the point where I just tune out anything a corporation tells me. It's all bullshit.

      Not trying to out-cynical you or anything, but who really tells you anything that isn't bullshit? Politicians and government? Right. Your friends? Doubt it. Scientists? Sometimes, but only because they know if they lie someone else will repeat their experiment and catch their mistake. It happens.

      Seriously. You're 42. It's time to grow up, be a man and take responsibility for yourself, not depend on dishonest corporations or dishonest other people to take care of you. In this case, figure out how

      • not depend on dishonest corporations or dishonest other people to take care of you

        Wait. Are you suggesting there are HONEST corporations?
        Wow!
        You are green, a bright flourescent green.

        • Just as many as there are honest people. Have no idea what you mean by green, though.
          • OK. Corporations are not human beings. Yes, of course, the law states they are people, blah, blah, but ultimately they are NOT human beings.
            A psychological analysis of a Corporation as revealed in the book by same name states they are pathological liars, cheats and worse criminals who have no sense of honor, truthfulness, and honesty.
            I don't blame them for it. Its their nature.
            Why else would AIG want the money it donated to charity back to pay bonuses to its management? [huffingtonpost.com]
            Why else would Monsanto try to overrid [rense.com]

            • You seem to have a pretty strong anti-corporation bias there. Have you thought of looking for any good things corporations have done? The things you've said could be said for basically any type of group of people.

              As long as Americans are dishonest, you're going to have dishonest corporations. When was the last time you saw an honest person?
              • You are, unfortunately, right in your assertion. Corporate behavior is a reflection of the values of the people with controlling interests in the corporation.

                In addition, a corporation -- especially a big, successful one -- has often been built by people, who are especially willing and able to turn the trust other people place in them -- or the urgent need they have for their services -- to their own benefit. And this does not necessarily mean that they have been dishonest.

                Combine this with the fact, that a

                • In addition, a corporation -- especially a big, successful one -- has often been built by people, who are especially willing and able to turn the trust other people place in them -- or the urgent need they have for their services -- to their own benefit. And this does not necessarily mean that they have been dishonest.

                  You know it's weird, you're the second person this week who suggested that rich powerful people are more corrupt. I really don't think it's true. They are more powerful, so their crimes are able to affect more people, but then poor people do things like steal my geranium off my porch. Dishonesty is pretty far reaching, throughout all the social spectrum.

                  • I'm sorry for picking a nit, but I specifically stated that "...this does not necessarily mean that they have been dishonest."

                    The fact still remains, that beyond a great fortune there quite often is a well-hidden crime or at least unethical behavior. Not always; often.

                    Likewise, you are right that poverty is no guarantee of honesty, either. It's not about whether you're rich or poor, but how honestly you acquired what you have.

                    But there are volumes of examples of people, who are more willing to cut corners (

              • As i said earlier, i do NOT have a bias against corporations. Iam just saying as it is as an impartial, disinterested, unemotional observer.
                What am trying to say here is people a.k.a human beings try to evaluate a Corporation based on their own sense of what's right and wrong.
                That IS wrong when you are trying to evaluate a Corporation.
                Its like trying to evaluate a shark on whether it is good or evil. Its meaningless and hell, it is wrong on many, many counts.
                To understand and to evaluate a corporation, you

                • To be honest, the way you write doesn't sound disinterested and unemotional at all. It sounds like you've been reading Noam Chomsky (who is a great guy, but a little too one sided sometimes) and picking up his disdain for corporations or something. He is definitely not an unbiased, unemotional observer.

                  Then you bring Hitler, Stalin, and Gandhi into the picture, saying we need to evaluate them based on their roots. Not sure what that means, usually people are evaluated by what they did (started a world
                  • Green means naive. -:)
                    No, i haven't read Chomsky. He is a nut case who hates everything that is progressive.
                    Non-profits does not mean no profits. Its just that their surplus is not profit in traditional sense.
                    Not many commercial corporates are non-profits.
                    95% of the corporates are for-profits.
                    As you said correctly, a for-profit corporate has a contract with owners. Generating profit.
                    Anything less and it can be sued.
                    Which is exactly why they behave as they do: taking money back from charities, etc.
                    Why i brou

      • by seramar ( 655396 )

        Seriously. You're 42. It's time to grow up, be a man and take responsibility for yourself, not depend on dishonest corporations or dishonest other people to take care of you. In this case, figure out how to block cross-site cookies, or block cookies all together. Learn how to use an anonymizer.

        Only on Slashdot does blocking cross-site cookies and using an anonymizer make you a man.

    • Re: (Score:3, Informative)

      by Jimmy_B ( 129296 )
      Sorry, but the US Constitution expressly prohibits extending punishment for crimes onto family members. The most you could get is forfeiture of assets which a prosecutor could prove constituted stolen goods, and that wouldn't be nearly everything.
    • How in hell did you know so well what my life was like for 15 years? Well, still is, but #4 isn't true for us now...

  • by karl.auerbach ( 157250 ) on Tuesday June 02, 2009 @09:53PM (#28191195) Homepage

    Even the Whitehouse.gov website has a 1x1 pixel web bug that is in violation of their own privacy policy, not to mention 5 USC 552a.

  • This is new?! (Score:4, Insightful)

    by erroneus ( 253617 ) on Tuesday June 02, 2009 @09:57PM (#28191241) Homepage

    ADVERTISERS are Anti-Privacy People!!! They would create massive databases tracking every single man woman and child on the planet if they could and many are still working on that very thing.

    Google is an advertiser. When you break it down, Google's motivation is making money by selling advertisements in various forms and means.

    Here's other news: Advertising WORKS!!! They wouldn't do all this if it didn't yield results. And that will never change. Our consumer culture is so developed that people can't imagine any other way of seeing the world they live in.

    And here's an interesting aside -- according to my younger brother who recently went through law enforcement training informed the family of an interesting bit of trivia. He told us that the code word for "mentally retarded person" is "CONSUMER." He was not joking. Let that settle in... There are so many different areas where "consumer" is used to describe people and it makes you think doesn't it? We're all the brainless pawns in their business strategies and plans.

    • While, yes, the "consumer" thing is true, it's taken out of context. It's less of a "code word" than it is general term for anyone who uses mental health services. The full term is "mental health consumer", and refers to an individual who receives mental health services (like counseling, psychiatry, pharmaceuticals, etc., whatever the treatment is that they require). Also, it doesn't only refer to folks who are dealing with a developmental retardation (like Down's, etc.), but it could be clinical depression

  • bad analogy time (Score:1, Interesting)

    by Anonymous Coward

    claim that the sites do not share information with third parties, they do allow third parties to place Web bugs on their sites

    So the hooker has a second customer behind the oneway mirror, and she's not "sharing" information about you because she doesn't supply notes with the second customer later?

    Would this stand in court in the US? Presumably the lawyers who draft these statements base them on some sort of defensible argument.

  • Privacy is Possible (Score:3, Informative)

    by CodeBuster ( 516420 ) on Tuesday June 02, 2009 @11:11PM (#28191725)
    If people are concerned about their privacy then why don't they use Firefox [mozilla.com], AdBlock [mozilla.org], Flashblock [mozilla.org], and NoScript [mozilla.org]? The truly paranoid can download and use Tor [torproject.org] as well. Do people have a right to complain if they aren't willing to lift a finger to protect themselves?
    • by twostix ( 1277166 ) on Wednesday June 03, 2009 @12:18AM (#28192085)

      "Do people have a right to complain if they aren't willing to lift a finger to protect themselves?"

      Why yes, yes they do.

    • As twostix said, yes, we do have the right to complain. It may not help, but we can complain.

      I look at it this way: I do what I can, and then complain with the idea that I may not be the only one, who has noticed the problem. And there is an outside chance that someone will do something if enough people speak up.

      To stay on the subject of doing something, we can add a filter [http://www.google-analytics.com/*] (the square brackets are here just to stop /. from treating that as a link) to Adblock Plus, and th

  • by Anonymous Coward

    Maybe someone mentioned this. But I didn't see it in the threads yet.

    This last week our very host SLASH_dot started REQUIRING JS for slashdot.org and fsdn.com in order to see any threads posted. AND fsdn "transfers information" from Google-Analytics while loading even the headlines page.

    Obviously those of you who protest the slimiest of tactics are giving this site a pass when they do NOT deserve it. Slash-dot must be getting something including $ fro Google for the information they are stealing from us.

  • Privacy policies have been a farce ever since they were introduced (mandated by law?) in the US. I have yet to see one that didn't more or less say the same as Raymond Chen points out in this blog post [msdn.com].

    "We won't do anything illegal... except when we feel like it". There - boiled 99.9% of all privacy policies on the (US part of the) web down to one simple sentence.

  • Google has a very simple mission. They want to know what you and your IP are doing. That's all. Give them that, and they own you and your activity on the internets.

    To get at this simple little piece of info, web sites get cool stuff like googleanalytics (info already available via other tools). You say "Nice". Google says thank you very much for your kind words, we do this because we want to give back to the community. Yeah right.

    Users get to use cool stuff like gmail (unfortunately very good, but lots of a

  • Doubleclick (Score:4, Informative)

    by MrKaos ( 858439 ) on Wednesday June 03, 2009 @07:07AM (#28194001) Journal
    Ghostery found 1 web bug on Slashdot
  • Related (Score:1, Troll)

    by fulldecent ( 598482 )

    For a related discussion of topics of Privacy on the web, including all original research, please see:

    The Privacy Log: http://privacylog.blogspot.com/ [blogspot.com]

  • Web sites ... allow third parties to place Web bugs on their sites ... and share with corporate 'affiliates.' ... Bank of America ... has more than 2,300 affiliates â" and users cannot learn their identities.

    So quit using their web site and go back to paper bill-paying.

    Remember the reason you started paying bills via the web? It was fast and easy. Is it still?

  • Great. A wonderful, in-depth analytical piece. But so what? Not like anything's going to come of it. Anyone who has ever gotten "legitimate" spam (i.e. not Viagra, etc. but from real businesses) or junk snail mail knows this is going on. Hell, politicians know it's going on. But it's not going to change. This isn't an Upton Sinclair piece that will change the meat-packing industry. Let's face facts: This crap won't ever change. And even if, through some magic means, it does, the damage has been done - All
  • What is scarier is that http://knowprivacy.org/ [knowprivacy.org] is doing this to "Recommendations for policymakers to protect consumers and for website operators to avoid stricter regulation." Personally I liked how free the internet was. I like using "Know Privacy" to find these companies and boycott them if need be. I understand that they are trying to help make "good" policy, but isn't any policy a bad one? Can't consumers protect themselves?

Experiments must be reproducible; they should all fail in the same way.

Working...