“We value your privacy,” begin approximately 187 billion website privacy policies. Then they go on to say how they’ll give away data to any “partner” for any number of vague reasons. Then they make further mockery of that “value” thing by plugging in all manner of user-tracking technology.
Let me put that even more bluntly.
Any website owner that claims to value user privacy and then plugs in a third-party widget is a hypocrite. They don’t value privacy at all. They have, in fact, proven the exact opposite. They’re a willing accomplice, letting that third party track users’ online activities in any way they like.
Back in the distant days of Web 1.0, if you fancied fancy functionality on your website then it was usually provided by code running directly on your web server. The only place user interactions were logged was on that one website. Well, barring the activities of three-letter agencies and their SEKRIT monitoring along the wire.
Now, though, vast numbers of websites provide all manner of functions using widgets supplied by third parties and deployed from those third parties’ servers. And that’s where the problem begins.
Let’s take Disqus as an example, because it’s the tool that set my train of thought in motion.
Disqus provides benefits for both website owner and commenter, sure. But the problem is that if I, as a user, want to comment on a website that uses Disqus, I have no alternative but to have a relationship not only with that website but with Disqus too.
As soon as I log in to post a comment, Disqus is tracking me. Then, thanks to the magic of cookies, they can track me across every other website that uses Disqus, compiling a wonderfully saleable profile of my interests as I go.
I don’t know whether Disqus uses any of these tricks. Chances are they don’t. But that’s irrelevant.
The real issue is the tradeoff that Disqus-using websites have made on my behalf. Rather than paying for web development with their own money, they’re paying for it with my personal data.
OK, so I’m a hypocrite too. If you visit my website I’ll give tracking power to Google in exchange for Google Analytics, Doppr for a widget that lists my travel dates, Automattic for each commenter’s avatar, Google again to embed a YouTube video, PayPal to include a give-me-money button, Ustream to embed my old live video show… and on and on…
And I don’t even run advertising. Don’t get me started on that!
The currency of Web 2.0 is our own users’ privacy, and we spend it like water.
Looking a little further ahead, what happens when the world is awash with vast databases of personal data? When every pissant little web service is trying to flog its list of 30 million names, addresses and browsing habits? Supply, demand etc.
There’s only so much analytics that advertisers will pay for. The bubble will burst. But personal information can’t be put back into the bottle. Then what?
Stilgherrian is a writer, broadcaster and consultant covering the intersection of technology, politics and the media. He majored in computing science, has used online services heavily since the mid-1980s, and has worked as a network administrator.