If people were outraged about Facebook’s ethics violation when they conducted psychological experiments on unsuspecting and unconsenting users, I imagine they’ll be equally unhappy to learn about a new, persistent tracking tool that’s being used to spy on users of millions websites. Aside from this Mashable post and a Forbes article, though, I’m not seeing many people talking about what I personally think is a pretty big deal.
Long story short: researchers at Princeton University and KU Leuven University in Belgium just released a study titled “The Web never forgets: Persistent tracking mechanisms in the wild,” a large-scale study of three advanced web tracking mechanisms, one of which is called canvas fingerprinting. It works by instructing the visitor’s web browser to draw a hidden image, which then allows the websites that user visits to be tracked, over-ruling the person’s browser privacy settings and in spite of anti-tracking tools. Then the data on each users’ web browsing behavior is used to create a profile for that person. And this canvas fingerprinting thing? It was created by social sharing tool creator AddThis.
Of course AddThis is insisting that they would NEVER use this data to exploit users in any way, saying that they are only using this super-advanced, sneaky technology for “internal research and development.” Because no company ever has ever said one thing about users’ privacy and then done another. AddThis also confirms that they did not notify the owners of websites they’re using to experiment with this technology–but it turns out that WhiteHouse.gov is one of them. This is a huge problem for the White House and many other sites, as it conflicts with their privacy policies. Sadly, instead of just removing AddThis from WhiteHouse.gov when the White House learned of this privacy breach that they were unknowingly passing on to all users, they merely modified their cookie policy with the following statement “as of April 18, 2014, content or functionality from the following third parties may be present on some WhiteHouse.gov pages.”
It’s not like AddThis is the only social sharing tool out there–ShareThis, Yoast…those are just two of the tons of sharing tools out there. All WhiteHouse.gov would have to do is remove the code and install a new sharing tool…but instead they just are just fine with this cyber spying thing and throw a “caveat emptor” line into their privacy policy and carry on? That’s just sad and scary, especially in today’s environment of rampant cyber attacks. I know the Federal government can’t use any third-party tool or social site that doesn’t already have a special government-approved agreement, which is what may be the problem with just switching to ShareThis or another sharing tool, but seriously–which is more important–social shares or the privacy of American citizens?
I’m sorry but it’s a sad day when YouPorn immediately removes AddThis from their site once they realize that it contains secret spy software…but the White House doesn’t.
Leave a Reply