Internet privacy conflicts
'Net Insider By Scott Bradner,
September 20, 2010 01:14 PM ET
The Wall Street Journal just published the sixth article in its excellent series about Internet privacy, or the lack of it.
This latest article focuses on Web sites and ad companies tracking kids online and shows that kids are tracked even more extensively than adults, if that is possible. Meanwhile, over in Europe things are about.
The previous Journal article on third-party tracking of Internet users was scary enough. (See "The price of free Internet: a piece of your soul".) The latest article will strike fear, and cause feelings of revolution, in the hearts of parents all over the United States. The Journal research showed that the top 50 kid-centric Web sites installed an average of 30% more tracking cookies, beacons and other pieces of tracking technology than did the top 50 adult-targeted sites. The Journal also found that some companies were openly selling the information they got from this tracking. One was shamed into stopping when the Journal came calling, but the article paints a very sad picture of the aggressive lack of concern these companies.
Meanwhile, the New York Times published a related article titled "Cloud Computing Hits Snag in Europe."
The gist of this story is that European companies have been slow to move to cloud computing, at least in part because of European data privacy laws. Europe has some quite strong laws that block the movement of data gathered about identifiable individuals to anyplace outside the European Union (EU) unless that place protects such information at least as well as does the EU. The United States explicitly is seen in Europe as not having any useful data privacy laws.
Google seems to have figured out a way to limit where data can go, at least for the U.S. government, but I have not seen any indication that Google will offer the same assurance to its other customers here or in Europe.
Since many of the sellers of cloud computing services will not, or cannot, provide guarantees about where in the world data might wind up, European companies are not legally able to use such cloud services for employee or customer data. That limits the usefulness of the services in Europe. The Times quotes Gartner as estimating that $8.3 billion will be spent in the United States this year on cloud services while all of Europe will only spend $18 billion.
At this point European law is scheduled to get even tougher. For example, over the next few months the EU countries are supposed to pass laws requiring opt-in for Web cookies, the very sort of tracking technology the Journal article shows to be running amuck in the United States.
That could put quite a dent in the legal ability of those companies to track anyone in Europe.
The Times article says that Microsoft has called for "a comprehensive, workable global privacy framework that is consistent, flexible, transparent and principles-based." A lot of nice words there -- but arranged in a way that makes it clear that Microsoft thinks that the framework should just trust companies to do the right thing rather than make any actual rules. For what it's worth, I sort of trust Microsoft to see any private information it has about me as a company resource and thus something to be exploited by Microsoft itself rather than being sold to others. I do not feel that way about any of the many ad companies that the Journal has been writing about.
Disclaimer: As far as I know the main thing Harvard exploits is the good will of its alums, so the above privacy lament is mine, not the university's.