FTC Bars Ad Firm From Snooping Browser History 21
itwbennett writes "Score 1 for online privacy. The Federal Trade Commission and online ad firm Epic Marketplace have reached a settlement that will bar Epic from using browser history sniffing technology. According to the news report, 'The history sniffing allowed Epic to determine whether a consumer had visited more than 54,000 domains, including pages relating to fertility issues, impotence, menopause, incontinence, disability insurance, credit repair, debt relief, and personal bankruptcy. Epic used the tracking to send targeted ads related to several health issues, the FTC said.'"
NSA/FBI/CIA - Worse than an ad agency (Score:5, Interesting)
Re:Needs to be both illegal and impossible (Score:4, Interesting)
Law of unintended consequences without an easy fix.
For example, browsers have long used vlink highlighting to show previously visited links, which are really handy if users have a tendency to wander. E.g., if you're just browsing Wikipedia, it's awfully nice to know if you've already seen the article it links to ahead of time. Or if it's a list of files, if you've already downloaded it before (perhaps if you're showing someone how to get said file or what file you actually used).
The question becomes though is should scripts be able to get at the DOM properties? Setting it is useful (to highlight new options for example), but getting it? Might be useful for some effects I suppose. And then once gotten, it's really just a simple XmlHttpRequest away from passing that information back to the server.
It's really nothing special other than the clever combination of several innocent features in a nefarious way. (And no one had the gal to patent it... )