For Internet users worried about guarding their privacy, these are troubling times.
There were more reported data breaches last year than ever before, leaking credit card information and health data far and wide. And long after Edward Snowden became a household name, new reports of spying by the National Security Agency, Britain's GCHQ, and other governments continue to come to light. Meanwhile, in the commercial sphere, online advertisers and merchants are armed with sophisticated tools for tracking Internet users' keystrokes and clicks.
In the absence of legal reforms, the pervasiveness of online surveillance and consumer tracking is beginning to turn privacy into a 21st century luxury item. To meet savvy Internet users' demands, a growing number of tech firms offer those with the desire for privacy – and the means to pay – everything from self-destructing e-mail messages to the virtual equivalent of Kleenex: throwaway identities to keep advertisers, merchants, and government snoops at bay.
Consumers are already pushing back against pervasive tracking. Telecommunications giants AT&T and Verizon Wireless were both forced to acknowledge and modify their use of so-called “super cookies” to collect and correlate data on their customers’ online movements – tracking that was taking place without their customers’ explicit consent.
And, in January, the Department of Health and Human Services found itself in hot water when news outlets reported that the Federal Government’s health exchange, Healthcare.gov, was collecting and transmitting sensitive health information about visitors to third party tracking firms.
At long last, policymakers have started to take notice. In January, President Obama made the first presidential visit to the Federal Trade Commission since the Teddy Roosevelt administration to propose laws for protecting consumer privacy. But legislation may be slow, and tracking tools are developing fast.
“In terms of the technology that is used to track people, there is an arms race," says Jeremy Gillula, a staff technologist at the Electronic Frontier Foundation. “It started with [Web browser] cookies. Then we blocked those. Then the tracking companies moved to browser fingerprinting and then super cookies and HTML headers inserted into Web traffic."
The Problem: Eyes (and ears) everywhere
Abine cofounder Eugene Kuznetsov said that spirited debates about specific tracking tools, like the “super cookies” miss the point. “To me the ‘super cookies’ thing is interesting, but its just one of many, smaller battles in a much bigger war,” says Mr. Kuznetsov.
That war is over consumers’ basic protections: their right to privacy and their right of "ownership" of their own information. Mr. Gillula of the EFF points to incidents such as the widely reported case of Target determining, based on purchasing patterns, that a teenage customer was pregnant and sending her coupons – all before she had a chance to inform her parents.
With online tracking via websites, the opportunity for violations of individuals’ privacy are even greater. “It could be that I’m on a shared computer and looked up a health condition. Maybe I cleared the [webpage] cookies, but because someone placed a super cookie into my session, the next person who sits down at that computer sees an ad about that health condition,” he says.
Andrea Matwyshyn, a law professor at Princeton University and former senior policy advisor at the FTC, says that mobile devices – including smartphones – have greatly increased the amount and intimacy of data that can be harvested from individuals. At the same time, their small size and limited interfaces make it harder for consumers to know when they’re being tracked. "You have all the same concerns about transparency and consumers knowing what they're consenting to – just heightened," she says.
Kuznetsov agrees. “Being tracked by a unique number across web sessions may not be bad. But when that data is tied to an e-mail or phone number or physical address and name, all of a sudden you have a situation where you have a composite profile built,” Mr. Kuznetsov says.
In the absence of a clear policy from the federal government, there have been industry-led efforts to create privacy protections – from The Online Trust Alliance to DoNotTrack. But companies have shown a willingness to ignore or narrowly interpret voluntary codes of conduct that try to give consumers a choice about whether or not to consent to tracking.
“Some of the major Web players take the position that they don't know that users want privacy," says Kuznetsov. "You had five percent of Firefox users sign up for DoNotTrack. That’s between 25 and 50 million people. That clearly shows people care."
More and more, experts worry that the mushrooming population of connected devices that make up the Internet of Things will exacerbate the situation. Just last week, the electronics giant Samsung was forced to respond to consumer – and media – complaints that it recorded the living room conversations of owners of its SmartTV sets, transmitting the harvested voice data to unnamed “third parties.” This wasn’t the first time a smart TV maker had been caught doing so, but Samsung was forced to modify and clarify its Smart TV voice collection policy all the same.
“I think you’re seeing a merger of traditional privacy concerns left over from earlier generations of data collection and the current generation of security concerns about the impact of all this [tracking] code that allows for unintended repurposing of consumer information,” says Ms. Matwyshyn.
One solution: A throw-away identity
That shift is fueling investment in a new generation of privacy-protecting products and services, as consumer concerns about discrete problems like Web tracking or identity theft merge to encompass an individual’s entire online identity.
Abine’s Blur is one example. The Web browser plug-in started life as a product called DoNotTrackMe that blocked website cookies and the great variety of other technologies used to track visitor activity on websites, says Mr. Sudbury.
But blocking trackers is only so useful, Abine’s founders realized. Advertisers today have access to many different pieces of information about any user from countless sources: e-mail newsletters, credit card transactions, and mobile applications. Those allow them to build composite profiles – Web browser cookies or no.
As its name suggests, Blur does much more than just blocking website trackers. It lets users create “masks” for vital information including e-mail addresses, credit cards numbers, and phone numbers. Blur users navigating purchase or sign-up forms on their Web browser are prompted to create a masked e-mail and phone number. They can even set up a one-time credit card in the amount of the transaction.
The disposable identities link back to accounts controlled by the user, but can’t be traced back to the user’s actual accounts. They can also be disposed of with the click of a mouse button should any of the data be compromised by hackers or abused by online advertisers and retailers.
Other firms are following suit, with products that do everything from hiding e-mail addresses to erasing social media posts.
DSTRUX, a New York firm, said earlier this month that it was extending its cloud-based platform from documents like spreadsheets and Microsoft Word documents to social media platforms such as Facebook. Among other things, DSTRUX enables "Mission Impossible" style document “self destruct” policies for messages left on Facebook. “It basically comes down to ownership,” said DSTRUX chief executive officer Nathan Hecht in a statement. “Do you own your content or does the social network?”
Another is Ekko.net, a privacy-focused service that is currently invite-only. It gives users the ability to create policies that govern specific accounts or even communications, explains Ekko.net founder Rick Peters. For example, a user might decide to assign a password to protect a specific e-mail thread, text message, or social media communication. Or they might set a “self destruct” date for a message, causing it to be erased at a predetermined time.
Peters said the service is targeted at a subset of consumers who care about privacy online. “These are people who don’t want to be scanned, or tracked, or profiled. We’re offering them the ability to still use these services without exposing their personal data,” he says.
Like Abine’s Blur, Ekko.net, won’t be free. Users will be asked to pay $5 a month to use it (or $50 for a one year subscription). “What you’re paying for is privacy and no tracking,” he said. “Companies have to make money, so I think people understand that if you don’t pay for something that, essentially, you are the product,” Peters says.
Matwyshyn of Princeton recognizes that security and privacy are becoming premium items. “I think that – now – as the average consumer becomes more aware of the risk of identity theft, or the fact that cars are just computers on wheels, I think you’ll see that consumers are willing to pay for having privacy and security."
Limits to new privacy tools
Will tools such as Blur and Ekko.net tilt the playing field in favor of consumers and their privacy?
Privacy experts say: Probably not.
While masking technologies are useful in preventing some kinds of online tracking, Gillula says many transactions such as purchases must necessarily be traced back to individuals. Without broader protections built into Web browsers and other online platforms, the advantage goes to advertisers, merchants, and governments, he says.
And having the tools to manage your privacy in a granular fashion isn’t the same as having the time or the wherewithal to do so.
“Consumers really don’t have a fighting chance,” says Matwyshyn. “Technology moves entirely too fast ... . To expect a consumer who spends all day working as a math teacher or something to become a computer security and privacy expert in his spare time is absurd.”
She and others see the need for both bigger fixes and the level of Internet infrastructure, and for a larger conversation about the need for privacy and security that both protects consumers and girds consumer trust in online merchants and services.
“As a consumer protection matter, there needs to be a floor,” she said. Just as there are laws protecting renters from substandard housing, or car buyers from “lemons,” there need to be regulations that create a buffer between consumers and companies.
"Innovation is only as successful if consumers have faith in it and are willing to engage with new products,” Matwyshyn says. “We need safety nets so consumers feel like they can engage with new products reasonably without getting hurt.”