Posts

Protecting your privacy from Google with Squid and FoxyProxy

There is no doubt about it; this has definitely been Google’s Privacy Week. Relevant news:

The infamous Privacy International’s report (it basically says that Google sucks in privacy, far more than Microsoft)

Privacy International’s open letter to Google

Danny Sullivan defending Google

Matt Cutts defending his employer

Google’s official response (PDF letter)

Google Video flaw exposes user credentials

It’s only human nature to defend ourselves (and those close to us) when we are under public scrutiny. I am not surprised to see Matt or Danny stand behind Google on this matter. I do think it is far more wise and beneficial to look into criticism and determine for ourselves what we can do to remedy it. I am glad to see that Google took this approach on their official response:

After considering the Working Party’s concerns, we are announcing a new policy: to anonymize our search server logs after 18 months, rather than the previously-established period of 18 to 24 months. We believe that we can still address our legitimate interests in security, innovation and anti-fraud efforts with this shorter period … We are considering the Working Party’s concerns regarding cookie expiration periods, and we are exploring ways to redesign cookies and to reduce their expiration without artificially forcing users to re-enter basic preferences such as language preference. We plan to make an announcement about privacy improvements for our cookies in the coming months.

You can take any side you want. But, I feel that none of the people covering this topic has addressed two critical issues:

1) How do you opt-out of data collection by Google or other search engines at will?

2) And, do you want to wait 18 months for your data to be anonymized? Read more

Competitive research or privacy attack?

I found an interesting tool via Seobook.com. It exploits a “feature” of current browsers that do not properly partition persistent client-side state information (visited links and caching information) on a per site basis.

The tool can identify URLs in your visitor’s browsing history. Aaron suggests this be used to check if your visitors come from competing sites and adjust your marketing strategy accordingly.

This might not work as Aaron might expect. You can only tell that the visitor visited those URLs in the last n days (n the number of days the user keeps in his or her browsing history). You won’t be able to tell when, how often or how recently those URLs where visited. Read more