James O'Neill's Blog

December 8, 2010

One small step for IE9, one giant leap for privacy

Filed under: Internet Explorer,Privacy — jamesone111 @ 3:06 pm

After reading an an announcement from Microsoft , I feel the need to go back to an old draft post I saved 6 weeks or so ago –  parts of which appear in italics here. 

I’ve been playing with the beta of Internet Explorer version 9 and as with most betas there is stuff to like in it, with the occasional “why did they have to change that”. Certainly it is faster, and all the tests show it is a lot more complaint with standards – some of which are still emerging. Dragging a tab to the task bar to make a short-cut to a page (complete with support for jump-lists) is neat… …I expect more accusations that Microsoft is  half hearted over In-Private filtering – streamlining has made it less visible; it still can’t download a block-list from a a central service and still doesn’t stay turned on without going to the registry.

The Microsoft announcement means the last sentence is out of date.  Here’s a quote from  Christopher Soghoian’s blog , which I picked up courtesy of Privacy international. Soghoian needs a bit of convincing: early on he says:

Microsoft today announced that it will be improving the InPrivate Filtering feature in its browser — which would have been a great feature, if the company hadn’t intentionally sabotaged it in response to pressure from people within the company’s advertising division.

That’s the expected charge of being half hearted over In-Private filtering, but after seeing the change to IE he ends:

“This is a great, pro-privacy and strategically savvy move on Microsoft’s part. I am delighted to see companies competing on privacy, and building better features into their products”

Soghoian goes into a lot of detail and his post is worth reading. But I’m aware a lot of people either don’t know about In-Private-Filtering or muddle it up with In-Private Browsing, which is the history-less working sometimes called “porn mode”.  In-Private-Filtering is a system to compile a list of “Bad” third party sites, whose content is embedded on other sites’ pages – with the support of those sites’ owners. “Bad” ranges from ads with attention getting flash that stops me reading the content of a site, to a single invisible pixel which allows someone to track where you have been. In private filtering blocks this stuff – it can build a list of what to block or it can import an allow/block list from XML file. But filtering is off by default and only the registry hack I mentioned above will keep it on between sessions. The XML file is actually formatted as an RSS feed, IE8 can’t to subscribe to the feed; According to the WSJ article Soghoian links to, subscriptions were planned for IE8, then cut at the behest of Microsoft’s own ad business. 

I maintain one of these XML files – which today needs to  imported manually; back in that old draft post I wrote:

The feature I like best is the [F12] developer tools view, this was present in IE8,  [but new in ] IE9 there is a network tracking tool which helps developers spot troublesome pages – those that are slow or fail to load at all.

image_thumb5

No wonder this page is slow – the status bar says 75 items and 600KB , a lot a home page probably less than 10% is content and the rest is advertising slurry. In the middle of the list you can see it’s getting content from SmartAdServer,  which I might want to block. 

IE 9 will allow users to subscribe to a block/allow list – just by clicking on a link as they can in IE8 to add Accelerators, Search providers and Web slices. So now I can publish my XML file of bad sites, so can anyone else. And I expect that good lists – those managed with a degree of professionalism to filter the ever-shifting list of third party content that nobody wants – will be very popular. 

You expect this to be worrying for ad industry: the internet they have know so far has been good to them. If  it becomes easy people to withdraw their consent to be profiled or to have certain ads sent to them, some ad firms will die, and the likes of the Electronic Frontier Foundation will dance on their graves. It’s easy to categorize the EFF as the lunatic fringe – but now they seem to have dance partners in  Wall Street Journal and US government bodies including Federal Trade Commission in the US there is talk of legally enforcing this.  I’ve seen the same quote from the Direct Marketing Association  in multiple places.

“Any ‘do-not’ national list doesn’t work and undermines the basis of the Internet as we know it now, in terms of free content and companies being able to monetize the Internet… Self-regulation is the way to go.”

It doesn’t work, but it is ruinous… they would say that, wouldn’t they?  I’m looking forward to seeing how this one pans out.

Advertisements

Create a free website or blog at WordPress.com.

%d bloggers like this: