Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Fwd: [New post] The Curse of Our Time – Tracking, Tracking Everywhere

Yishay Mor yishaym at
Wed Sep 18 11:06:05 PDT 2013

---------- Forwarded message ----------
From: OUseful.Info, the blog... <comment-reply at>
Date: 18 September 2013 18:55
Subject: [New post] The Curse of Our Time – Tracking, Tracking Everywhere
To: yishaym at

  Tony Hirst posted: "You probably can't help but have noticed (in the EU
at least), that website operators seem keen to gain your permission to pop
"cookies" into your browser. Cookies are tiny computer files that a website
can use to store information about you on your own b"    Respond to this
post by replying above this line
      New post on *OUseful.Info, the blog...*
<>  The Curse of Our Time –
Tracking, Tracking
Tony Hirst <>

You probably can't help but have noticed (in the EU at least), that website
operators seem keen to gain your permission to pop "cookies" into your
browser. Cookies are tiny computer files that a website can use to store
information about you on your own browser. To prevent nasty people doing
nasty things, the security policies operated by your browser try to ensure
that only websites that write a cookie can read them back.

Because of the way that web pages are constructed, it might well be that
third parties appear to write cookies to your computer when you land on a
particular website from that website, but that isn't the case. Instead, web
page publishers allows other sites to write cookies to your browser by
including third party scripts in their pages. For example, reading the ITV
cookie policy <>, I notice that they declare
that third party advertising services may deploy cookies when you visit the
ITV website. In this case, those third parties will almost certainly use
the cookie as part of a recipe that records the fact that you went to the
ITV website. If the same third party is used by Channel 4, that third party
will be able to add information to the cookie it set when you visited the
ITV website so that it knows you visited both those sites.

If enough people adopt a particular third party service, that service may
be able to pick up quite a good idea about the range of sites you visit.
Google's various ad'n'analytics services in principle allow it to track you
across a wide range of sites, because those services are so widely used,
though the extent to which Google does or does not fuse data from the
cookies associated with those various services may be moot...

One thing I hadn't realised (or maybe, hadn't really thought about) before
was brought to my attention when something else that was new to me crossed
my radar the other day: *real time
web adverts, the architecture for which is broadly descibed by Shuai
Yuan, Jun Wang, Xiaoxue Zhao in their paper Real-time Bidding for Online
Advertising: Measurement and

[image: realtime

The model is broadly this: when you visit a web site, the publisher alerts
the advertisers that someone has landed on the webpage. Through various
cookie machinations, the publisher (and/or the advertiser) may be able to
identify you, or certain things about you, from the various cookies on your
machine. The advertisers decide what you're worth and bid to place the
advert. The publisher accepts a bid from one of the advertisers and pops
the ad into the page you're visiting. Sort of. (The publisher in this case
is more likely to be an ad marketplace/broker, rather than the webpage

So that was new to me - realtime bidding. The world's gone mad. Anyway. As
a result of that, I suddenly appreciated the creepy bit in the image above,
in step 4: "advertisers choose to buy 3rd party data optionally". That is,
advertisers - in real time - may buy cookie mediated information about
people who are in the process of loading a particular web page - in order
to work out a bid price for placing an ad within that page to present to
that person. Personal advertising, in real time. If data from other
(non-web) sources can be added into the mix, perhaps because someone has
been uniquely identified, then presumably all the better... for

To help create a better picture of the person who is actually opening up a
web page, and to piece together all those fractional bits of information
that separate web domains can place into your browser through cookies they
- and only they - can read and write - "cookie matching" services, such as
the cookie matching service run by Google's DoubleClick Ad
a means by which various parties can pool together, or sell between
each other, what they know about an individual from the cookies they have
independently set on that individual's webpage. (For a description of one
recipe for matching cookies, see SSP to DSP Cookie-Synching

I guess I knew this happened anyway (it's part of the basis for ad
retargeting - aka ads that follow you round the web), but I hadn't realised
quite how sharey-sharey, selly-selly and real time it all was.

So we're being tracked and info about us being sold in real-time as we
traipse around the web. But we know that anyway, and we don't seem to let
it bother us.

How about real world tracking, though? Are we as happy being tracked as we
walk around in physical space too? It seems so - and the technology appears
to be getting so mundane... Through my feeds yesterday I was lead to MFlow
Journey <>, a product of a company not so
subtly called Human Recognition Systems, that uses video surveillance to
capture and follow "anonymous" faces to track human traffic flows through
airports. Human tracking is nothing new of course - your mobile operator
can track your phone as easy as peasy can be, and if you have wifi enabled
on any of the devices you're carrying around with you, anyone who cares to
can track you too. With the click of a
apparently. (See also: New York Times, Attention, Shoppers: Store Is
Tracking Your Cell<>).
Apple seems to be doing it's bit to make retail centre tracking

So that's faces and phones... number plates can be trivially tracked too of
course. Here's a recent (January 2013) ACPO report on The police use of
Automatic Number Plate
vignettes at the start of the report are illustrative of just what the
millions of rows of data (see also the ACPO 2009 Practice Advice on the
management and Use of Automatic Number Plate
A recent bollocking from the ICO (Police use of ‘Ring of Steel’ is
disproportionate and must be
suggests that popping ANPR cameras on all roads in and out of a town is
just not on, but I guess this is limited to police deployed cameras, and
doesn't necessarily address mosaic pictures that you can build up from
piecing together ANPR hits wherever you can pick them up from...

...because as well as ANPR systems operated by the police, ANPR is widely
used by private companies (though I'm not sure about the extent to which
they do, or may be obliged to, share they're logs or data collection
facilities with the police?) For an idea of what sorts of ANPR "solutions"
are available, here's a list of approved car parking
operators<>with some
handy metadata that shows whether they use ANPR or not.

Camera surveillance is just not limited to ANPR systems of course, as any
precinct bench loitering yoofs will be able to tell you. Just what is and
isn't deemed acceptable generally is described by the recent (August
2013) surveillance
camera code of practice<>(press

Hey ho - it's got me wondering now what other pieces of the panopticon are
already in place?

See also: The Loss of Obscurity – A Round-Up of Recent Reports Relating to
Privacy and Personal Consumer
  *Tony Hirst <>* | September
18, 2013 at 3:55 pm | Tags: paranoia<>,
surveillance <> |
Categories: Anything
you want <> | URL:

   See all comments<>

     Unsubscribe or change your email settings at Manage

*Trouble clicking?* Copy and paste this URL into your browser:
         Thanks for flying with <>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list