IE8 and privacy , part 1

I wanted to talk about the privacy enhancements in IE8, and to save you from reading something of epic length this is only part 1. First, I do know there are some poor souls out there who work for benighted organizations which can’t get off IE6 - so the idea of working efficiently with a multi-tabbed browser like IE7 or IE8 is denied to them unless they get creative and install a second browser [Given a choice between the 8 year old IE 6 and the current Firefox, I would take the current product] but that is another story for another day. If you’re on IE7, then moving up to 8 is nothing like the step of getting off 6 so there really is no reason not to move from 7 to 8. Even if you’re on 8 already you may have missed the enhancements

I guess there is a decent chance that you know about “in private browsing.” which people laughingly call “porn mode”: the idea is it leaves no trace behind. In one of my more memorably titled posts “Pigs and Drugs and Naked Dwarves” I mentioned that “for the last five years or so a prescription drug has helped me lead a bit more normal life than would otherwise be the case.”. Two years on and I’m still taking it, and last time I saw the doctor he said he preferred on-line requests for repeat prescriptions. It’s easier for me too, but I don’t want my request lurking in IE’s history. It’s a model use for in private browsing. I was telling someone recently that the specialist who first suggested this drug told me “I won’t tell you about it because I know you’ll read about it on the internet anyway” which is what I did. Today I would have turned on in private browsing for that too.

imageI’m a lot less worried by what’s in my browser history than I am by the behaviour of those who sell internet advertising, who want to gather the maximum amount of information about what you and your interests. I don’t want to target Google but as the biggest they select themselves and their CEO Eric Schmidt* famously said he wanted Google to know everything about people - which produced some interesting press. There are things I don’t want Google et al to know about me (like which drugs I’ve shown an interest in) and I can’t really say where those things stop and the things I don’t care about begin. Google’s users are not its customers - its customers are its advertisers, so when advertisers’ desire to target ads comes into conflict with users desire for privacy, I’ve no idea how Google (or any of the others) would go about resolving the conflict. Even on this blog there is potential for someone to see what you’re interested in because links out of the site go via so we can see what links people follow. My view (for what it’s worth) is if you can see before you click the link it goes via a central service and if you don’t like having that information you can choose not to click the link. I like the fact that my projects on display in large friendly letters whose analytics are used by the site. I’m not so happy about organizations quietly siphoning up personal information, but that can be stopped by IE8. Since this paragraph is peppered with “My view” , “I like”, “I’m not so happy with”, this might be a good point to remind you that this the personal view of one Microsoft employee (see the in Private feature section of the IE8 Readiness kit for a more rounded view of the issues) but the important point is that we do like to give people choices. For me exercising  choice meant using IE7 pro for the last couple of years, it works nicely on IE8; there are other dedicated blockers though the ones for Firefox seem to be better known.  IE 8 has “In private filtering” lurking quietly on the status bar: this removes undesirable embedded content – so  it can also filter out servers of Ads, which is where the blockers focus their attention, and something I will come back to.  In Private filtering identifies those bits of content which come from one provider but are embedded in pages of multiple others, as you can see from the screen shot below.

Click for a larger version

I went through the sites which IE had picked up: here are what some of them say about themselves:

What is STATCOUNTER? A free yet reliable invisible web tracker
Quantcast says. “We show you who is clicking your ads, browsing your website, and purchasing your products... Once you know, it's easy to buy an audience of millions -- even tens of millions -- who look like them”
Media6°claims it ‘ provides major brand marketers with targeted audiences using the power of social graph data.’
Site meter says with theirdetailed reporting you'll have a clear picture of who is visiting your site, how they found you, where they came from, what interests them and much more”
Kontera says “patented technology performs real-time semantic analysis of content and other information to dynamically hyper-link the terms that most accurately represent and predict user-intent and engagement”
ScorecardResearch is a domain used by Full Circle Studies, Inc. to help with the collection of Internet web browsing data on specific websites that have enrolled in a broad market research effort to create reports on Internet behavior and trends.
YieldManager turns out to be part of the “Right Media Exchange” which calls itself the first largest market place for all buyers and sellers [of ads]

Underneath the list of sites there is a link to find out more about the organizations sending you content – only two of follow the standard (Google Analytics, and Audience Sciences [] ) . The others needed me to go digging to find out who they were, and what they wanted my information for; reason enough in my mind NOT to trust them. What was interesting was that Audience Sciences is a member of the Network Advertising Initiative who have an Opt out page . I recommend you visit that page it shows you how many NAI members have got their cookies onto your computer (a staggering number in my case), and allows you to say that you don’t want those organizations to put the information they have about you to use. To me that’s solving the wrong problem. Blocking with In-private browsing stops them getting the information in the first place.

I said I would come back to the question of blocking adverts. Some people will tell you that visitors to a web site somehow have a duty to look at the ads it serves up. Did anyone ever argue that you should must stay in the room when ads appear on TV ?  And whilst such arguments might have merit if talking about universal blocking, they look staggeringly weak when its a personal, one-off decision. Remember that ads are usually paid by click-through, not by views. I am never going going to click through any of the ads in question, so I am not costing the sites any revenue. Secondly I’ve written here and here about my “aspergers-like” reactions to distracting (Flash) content on web sites – the impetus for this piece was using a machine with out IE7 pro and hitting a one site where an ad for Windows Server bounces up and down in the margin as you scroll the site, oh the shame of it. I am less likely to buy the product of an advertiser who shows me an ad like that, so I am doing them a favour by not filtering out the ad, as well as saving everyone’s bandwidth.

Next up – how to configure it:


*Two thoughts on Eric Schmidt (1) He ran Novell for a time so I think of him as “The man who turned Novell into the company it is today.” (2) He famously talked about Microsoft having an evil room. In all the real-estate Microsoft owns it is comforting to know he thinks our evil is confined to one room. Actually I’m sorely tempted to propose that we rename one of rooms from, say, “Great Ouse” to “Evil”, and hang a picture of Eric and some of his sayings on the wall.